Skip to content
Snippets Groups Projects
Commit f84c2bc9 authored by Tomasz Maczukin's avatar Tomasz Maczukin
Browse files

Merge branch 'DockerRunnerAddSysctl' into 'master'

Docker runner add sysctl

See merge request !541
parents fa3f93d9 c0d09a00
Branches
Tags
No related merge requests found
...@@ -22,6 +22,7 @@ import ( ...@@ -22,6 +22,7 @@ import (
) )
type DockerPullPolicy string type DockerPullPolicy string
type DockerSysCtls map[string]string
const ( const (
PullPolicyAlways = "always" PullPolicyAlways = "always"
...@@ -76,6 +77,7 @@ type DockerConfig struct { ...@@ -76,6 +77,7 @@ type DockerConfig struct {
PullPolicy DockerPullPolicy `toml:"pull_policy,omitempty" json:"pull_policy" long:"pull-policy" env:"DOCKER_PULL_POLICY" description:"Image pull policy: never, if-not-present, always"` PullPolicy DockerPullPolicy `toml:"pull_policy,omitempty" json:"pull_policy" long:"pull-policy" env:"DOCKER_PULL_POLICY" description:"Image pull policy: never, if-not-present, always"`
ShmSize int64 `toml:"shm_size,omitempty" json:"shm_size" long:"shm-size" env:"DOCKER_SHM_SIZE" description:"Shared memory size for docker images (in bytes)"` ShmSize int64 `toml:"shm_size,omitempty" json:"shm_size" long:"shm-size" env:"DOCKER_SHM_SIZE" description:"Shared memory size for docker images (in bytes)"`
ServicesTmpfs map[string]string `toml:"services_tmpfs,omitempty" json:"services_tmpfs" long:"services-tmpfs" env:"DOCKER_SERVICES_TMPFS" description:"A toml table/json object with the format key=values. When set this will mount the specified path in the key as a tmpfs volume in all the service containers, using the options specified as key. For the supported options, see the documentation for the unix 'mount' command"` ServicesTmpfs map[string]string `toml:"services_tmpfs,omitempty" json:"services_tmpfs" long:"services-tmpfs" env:"DOCKER_SERVICES_TMPFS" description:"A toml table/json object with the format key=values. When set this will mount the specified path in the key as a tmpfs volume in all the service containers, using the options specified as key. For the supported options, see the documentation for the unix 'mount' command"`
SysCtls DockerSysCtls `toml:"sysctls,omitempty" json:"sysctls" long:"sysctls" env:"DOCKER_SYSCTLS" description:"Sysctl options, a toml table/json object of key=value. Value is expected to be a string."`
} }
type DockerMachine struct { type DockerMachine struct {
......
...@@ -36,6 +36,8 @@ concurrent = 4 ...@@ -36,6 +36,8 @@ concurrent = 4
privileged = false privileged = false
disable_cache = false disable_cache = false
cache_dir = "" cache_dir = ""
[runners.docker.sysctls]
"net.ipv4.ip_forward" = "1"
[runners.ssh] [runners.ssh]
port = "22" port = "22"
user = "root" user = "root"
......
...@@ -130,6 +130,7 @@ This defines the Docker Container parameters. ...@@ -130,6 +130,7 @@ This defines the Docker Container parameters.
| `allowed_images` | specify wildcard list of images that can be specified in .gitlab-ci.yml. If not present all images are allowed (equivalent to `["*/*:*"]`) | | `allowed_images` | specify wildcard list of images that can be specified in .gitlab-ci.yml. If not present all images are allowed (equivalent to `["*/*:*"]`) |
| `allowed_services` | specify wildcard list of services that can be specified in .gitlab-ci.yml. If not present all images are allowed (equivalent to `["*/*:*"]`) | | `allowed_services` | specify wildcard list of services that can be specified in .gitlab-ci.yml. If not present all images are allowed (equivalent to `["*/*:*"]`) |
| `pull_policy` | specify the image pull policy: `never`, `if-not-present` or `always` (default); read more in the [pull policies documentation](../executors/docker.md#how-pull-policies-work) | | `pull_policy` | specify the image pull policy: `never`, `if-not-present` or `always` (default); read more in the [pull policies documentation](../executors/docker.md#how-pull-policies-work) |
| `sysctls` | specify the sysctl options |
Example: Example:
...@@ -158,6 +159,8 @@ Example: ...@@ -158,6 +159,8 @@ Example:
services = ["mysql", "redis:2.8", "postgres:9"] services = ["mysql", "redis:2.8", "postgres:9"]
allowed_images = ["ruby:*", "python:*", "php:*"] allowed_images = ["ruby:*", "python:*", "php:*"]
allowed_services = ["postgres:9.4", "postgres:latest"] allowed_services = ["postgres:9.4", "postgres:latest"]
[runners.docker.sysctls]
"net.ipv4.ip_forward" = "1"
``` ```
### Volumes in the [runners.docker] section ### Volumes in the [runners.docker] section
......
...@@ -785,6 +785,7 @@ func (s *executor) createContainer(containerType string, imageDefinition common. ...@@ -785,6 +785,7 @@ func (s *executor) createContainer(containerType string, imageDefinition common.
LogConfig: container.LogConfig{ LogConfig: container.LogConfig{
Type: "json-file", Type: "json-file",
}, },
Sysctls: s.Config.Docker.SysCtls,
} }
// this will fail potentially some builds if there's name collision // this will fail potentially some builds if there's name collision
......
...@@ -951,6 +951,20 @@ func TestDockerUserNSSetting(t *testing.T) { ...@@ -951,6 +951,20 @@ func TestDockerUserNSSetting(t *testing.T) {
} }
func TestDockerSysctlsSetting(t *testing.T) {
dockerConfig := &common.DockerConfig{
SysCtls: map[string]string{
"net.ipv4.ip_forward": "1",
},
}
cce := func(t *testing.T, config *container.Config, hostConfig *container.HostConfig) {
assert.Equal(t, "1", hostConfig.Sysctls["net.ipv4.ip_forward"])
}
testDockerConfigurationWithJobContainer(t, dockerConfig, cce)
}
func init() { func init() {
docker_helpers.HomeDirectory = "" docker_helpers.HomeDirectory = ""
} }
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment