github.com/alloyci/alloy-runner@v1.0.1-0.20180222164613-925503ccafd6/docs/install/docker.md

github.com/alloyci/alloy-runner@v1.0.1-0.20180222164613-925503ccafd6/docs/install/docker.md (about)

     1  # Run AlloyCI Runner in a container
     2  
     3  This is how you can run AlloyCI Runner inside a Docker container.
     4  
     5  ## Docker image installation and configuration
     6  
     7  1. Install Docker first:
     8  
     9      ```bash
    10      curl -sSL https://get.docker.com/ | sh
    11      ```
    12  
    13  1. You need to mount a config volume into the `alloy-runner` container to
    14     be used for configs and other resources:
    15  
    16      ```bash
    17      docker run -d --name alloy-runner --restart always \
    18        -v /srv/alloy-runner/config:/etc/alloy-runner \
    19        -v /var/run/docker.sock:/var/run/docker.sock \
    20        alloy/alloy-runner:latest
    21      ```
    22  
    23      *On OSX, substitute the path "/Users/Shared" for "/srv".*
    24  
    25      Or, you can use a config container to mount your custom data volume:
    26  
    27      ```bash
    28      docker run -d --name alloy-runner-config \
    29          -v /etc/alloy-runner \
    30          busybox:latest \
    31          /bin/true
    32  
    33      docker run -d --name alloy-runner --restart always \
    34          --volumes-from alloy-runner-config \
    35          alloy/alloy-runner:latest
    36      ```
    37  
    38      If you plan on using Docker as the method of spawning Runners, you will need to
    39      mount your docker socket like this:
    40  
    41      ```bash
    42      docker run -d --name alloy-runner --restart always \
    43        -v /var/run/docker.sock:/var/run/docker.sock \
    44        -v /srv/alloy-runner/config:/etc/alloy-runner \
    45        alloy/alloy-runner:latest
    46      ```
    47  
    48  1. [Register the Runner](../register/README.md)
    49  
    50  Make sure that you read the [FAQ](../faq/README.md) section which describes
    51  some of the most common problems with AlloyCI Runner.
    52  
    53  ## Update
    54  
    55  Pull the latest version:
    56  
    57  ```bash
    58  docker pull alloyci/alloy-runner:latest
    59  ```
    60  
    61  Stop and remove the existing container:
    62  
    63  ```bash
    64  docker stop alloy-runner && docker rm alloy-runner
    65  ```
    66  
    67  Start the container as you did originally:
    68  
    69  ```bash
    70  docker run -d --name alloy-runner --restart always \
    71    -v /var/run/docker.sock:/var/run/docker.sock \
    72    -v /srv/alloy-runner/config:/etc/alloy-runner \
    73    alloy/alloy-runner:latest
    74  ```
    75  
    76  >**Note**:
    77  you need to use the same method for mounting you data volume as you
    78  did originally (`-v /srv/alloy-runner/config:/etc/alloy-runner` or
    79  `--volumes-from alloy-runner`).
    80  
    81  ## Installing trusted SSL server certificates
    82  
    83  If your AlloyCI server is using self-signed SSL certificates then you should
    84  make sure the AlloyCI server certificate is trusted by the alloy-runner
    85  container for them to be able to talk to each other.
    86  
    87  The `alloyci/alloy-runner` image is configured to look for the trusted SSL
    88  certificates at `/etc/alloy-runner/certs/ca.crt`, this can however be changed using the
    89  `-e "CA_CERTIFICATES_PATH=/DIR/CERT"` configuration option.
    90  
    91  Copy the `ca.crt` file into the `certs` directory on the data volume (or container).
    92  The `ca.crt` file should contain the root certificates of all the servers you
    93  want alloy-runner to trust. The alloy-runner container will
    94  import the `ca.crt` file on startup so if your container is already running you
    95  may need to restart it for the changes to take effect.
    96  
    97  ## Alpine Linux
    98  
    99  You can also use alternative [Alpine Linux](https://www.alpinelinux.org/) based image with much smaller footprint:
   100  ```
   101  alloyci/alloy-runner    latest              3e8077e209f5        13 hours ago        304.3 MB
   102  alloyci/alloy-runner    alpine              7c431ac8f30f        13 hours ago        25.98 MB
   103  ```
   104  
   105  **Alpine Linux image is designed to use only Docker as the method of spawning runners.**
   106  
   107  The original `alloyci/alloy-runner:latest` is based on Ubuntu 16.04 LTS.
   108  
   109  ## SELinux
   110  
   111  Some distributions (CentOS, RedHat, Fedora) use SELinux by default to enhance the security of the underlying system.
   112  
   113  The special care must be taken when dealing with such configuration.
   114  
   115  1. If you want to use Docker executor to run builds in containers you need to access the `/var/run/docker.sock`.
   116  However, if you have a SELinux in enforcing mode, you will see the `Permission denied` when accessing the `/var/run/docker.sock`.
   117  Install the `selinux-dockersock` and to resolve the issue: https://github.com/dpw/selinux-dockersock.
   118  
   119  1. Make sure that persistent directory is created on host: `mkdir -p /srv/alloy-runner/config`.
   120  
   121  1. Run docker with `:Z` on volumes:
   122  
   123  ```bash
   124  docker run -d --name alloy-runner --restart always \
   125    -v /var/run/docker.sock:/var/run/docker.sock \
   126    -v /srv/alloy-runner/config:/etc/alloy-runner:Z \
   127    alloyci/alloy-runner:latest
   128  ```
   129  
   130  More information about the cause and resolution can be found here:
   131  http://www.projectatomic.io/blog/2015/06/using-volumes-with-docker-can-cause-problems-with-selinux/