Skip to content
Snippets Groups Projects
Commit c0d09a00 authored by Gerben Geijteman's avatar Gerben Geijteman
Browse files

Add --sysctl option to gitlab runner

parent 80b12155
No related branches found
No related tags found
No related merge requests found
......@@ -22,6 +22,7 @@ import (
)
type DockerPullPolicy string
type DockerSysCtls map[string]string
const (
PullPolicyAlways = "always"
......@@ -76,6 +77,7 @@ type DockerConfig struct {
PullPolicy DockerPullPolicy `toml:"pull_policy,omitempty" json:"pull_policy" long:"pull-policy" env:"DOCKER_PULL_POLICY" description:"Image pull policy: never, if-not-present, always"`
ShmSize int64 `toml:"shm_size,omitempty" json:"shm_size" long:"shm-size" env:"DOCKER_SHM_SIZE" description:"Shared memory size for docker images (in bytes)"`
ServicesTmpfs map[string]string `toml:"services_tmpfs,omitempty" json:"services_tmpfs" long:"services-tmpfs" env:"DOCKER_SERVICES_TMPFS" description:"A toml table/json object with the format key=values. When set this will mount the specified path in the key as a tmpfs volume in all the service containers, using the options specified as key. For the supported options, see the documentation for the unix 'mount' command"`
SysCtls DockerSysCtls `toml:"sysctls,omitempty" json:"sysctls" long:"sysctls" env:"DOCKER_SYSCTLS" description:"Sysctl options, a toml table/json object of key=value. Value is expected to be a string."`
}
type DockerMachine struct {
......
......@@ -36,6 +36,8 @@ concurrent = 4
privileged = false
disable_cache = false
cache_dir = ""
[runners.docker.sysctls]
"net.ipv4.ip_forward" = "1"
[runners.ssh]
port = "22"
user = "root"
......
......@@ -130,6 +130,7 @@ This defines the Docker Container parameters.
| `allowed_images` | specify wildcard list of images that can be specified in .gitlab-ci.yml. If not present all images are allowed (equivalent to `["*/*:*"]`) |
| `allowed_services` | specify wildcard list of services that can be specified in .gitlab-ci.yml. If not present all images are allowed (equivalent to `["*/*:*"]`) |
| `pull_policy` | specify the image pull policy: `never`, `if-not-present` or `always` (default); read more in the [pull policies documentation](../executors/docker.md#how-pull-policies-work) |
| `sysctls` | specify the sysctl options |
Example:
......@@ -158,6 +159,8 @@ Example:
services = ["mysql", "redis:2.8", "postgres:9"]
allowed_images = ["ruby:*", "python:*", "php:*"]
allowed_services = ["postgres:9.4", "postgres:latest"]
[runners.docker.sysctls]
"net.ipv4.ip_forward" = "1"
```
### Volumes in the [runners.docker] section
......
......@@ -785,6 +785,7 @@ func (s *executor) createContainer(containerType string, imageDefinition common.
LogConfig: container.LogConfig{
Type: "json-file",
},
Sysctls: s.Config.Docker.SysCtls,
}
// this will fail potentially some builds if there's name collision
......
......@@ -951,6 +951,20 @@ func TestDockerUserNSSetting(t *testing.T) {
}
func TestDockerSysctlsSetting(t *testing.T) {
dockerConfig := &common.DockerConfig{
SysCtls: map[string]string{
"net.ipv4.ip_forward": "1",
},
}
cce := func(t *testing.T, config *container.Config, hostConfig *container.HostConfig) {
assert.Equal(t, "1", hostConfig.Sysctls["net.ipv4.ip_forward"])
}
testDockerConfigurationWithJobContainer(t, dockerConfig, cce)
}
func init() {
docker_helpers.HomeDirectory = ""
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment