Docker in Docker is not working on gitlab-ci

Question

docker command throws error on gitlab-ci

my gitlab-ci.yml:

build-image_stage:
  stage: build-image
  image: docker:18.09.7
  services:
    - docker:18.09.7-dind
  rules:
    - if: $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "main"
  script:
    - docker build -t bridge-image ./docker
    - docker tag bridge-image:latest ${AWS_ACCOUNT_ID}.dkr.ecr.ap-northeast-1.amazonaws.com/bridge/${ENVIRONMENT}:latest
    - docker push ${AWS_ACCOUNT_ID}.dkr.ecr.ap-northeast-1.amazonaws.com/bridge/${ENVIRONMENT}:latest
  variables:
    ENVIRONMENT: "stage"
    DOCKER_DRIVER: overlay2

error log:

Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

I saw this issue. And try all ideas. https://gitlab.com/gitlab-org/gitlab-runner/-/issues/27300

But it's still not working. what should I do?

---

I tried this too.

gitlab-ci.yml

build-image_stage:
  stage: build-image
  image: docker:20.10.16
  services:
    - docker:20.10.16-dind
  rules:
    - if: $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "main"
  script:
    - apk add nmap
    - nmap -sT -p- docker
    - docker build -t bridge-image ./docker
    - docker tag bridge-image:latest ${AWS_ACCOUNT_ID}.dkr.ecr.ap-northeast-1.amazonaws.com/bridge/${ENVIRONMENT}:latest
    - docker push ${AWS_ACCOUNT_ID}.dkr.ecr.ap-northeast-1.amazonaws.com/bridge/${ENVIRONMENT}:latest
  variables:
    ENVIRONMENT: "stage"
    DOCKER_TLS_CERTDIR: ''
    DOCKER_HOST: "tcp://docker:2375"
    FF_NETWORK_PER_BUILD: "true"

Log

$ apk add nmap
fetch https://dl-cdn.alpinelinux.org/alpine/v3.16/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.16/community/x86_64/APKINDEX.tar.gz
(1/7) Installing libgcc (11.2.1_git20220219-r2)
(2/7) Installing lua5.3-libs (5.3.6-r3)
(3/7) Installing libpcap (1.10.1-r0)
(4/7) Installing pcre (8.45-r2)
(5/7) Installing libssh2 (1.10.0-r2)
(6/7) Installing libstdc++ (11.2.1_git20220219-r2)
(7/7) Installing nmap (7.92-r2)
Executing busybox-1.35.0-r13.trigger
OK: 26 MiB in 29 packages
$ nmap -sT -p- docker
Starting Nmap 7.92 ( https://nmap.org ) at 2023-12-12 09:53 UTC
Nmap scan report for docker (127.0.0.1)
Host is up (0.000038s latency).
rDNS record for 127.0.0.1: localhost
All 65535 scanned ports on docker (127.0.0.1) are in ignored states.
Not shown: 65535 closed tcp ports (conn-refused)
Nmap done: 1 IP address (1 host up) scanned in 1.53 seconds
$ docker build -t bridge-image ./docker
Cannot connect to the Docker daemon at tcp://docker:2375. Is the docker daemon running?

Answer 1

In my case it worked when I added privileged=true to config.toml:

....
    [[runners]]
      name = "myrunner"
      url = "https://gitlab.com"
      id = 2648
      token = "xxxxxxxxxxx"
      executor = "kubernetes"
      [runners.kubernetes]
        host = ""
        bearer_token_overwrite_allowed = false
        image = ""
        namespace = "runner"
        namespace_overwrite_allowed = ""
        privileged = true
        service_account_overwrite_allowed = "true"

and used a .gitlab-ci.yml file like this:

.....
    build_image:
      stage: build
      image: docker:24.0.5
      services:
       - docker:24.0.5-dind
      variables:
        DOCKER_TLS_CERTDIR: ""
      before_script:
        - dockerd >/tmp/docker.stdout 2>/tmp/docker.stderr &
      script:
        - docker run hello-world