GitHub/Docker runner can't reach npm
Closed this issue · 5 comments
I have a GitHub Action jobs which builds a Docker image, similar to (abbreviated):
jobs:
tests:
runs-on: self-hosted
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Build image
run: docker build .
Inside the Dockerfile, it goes similar to:
FROM node:14-slim AS development
RUN apt-get -qy update && apt-get -qy install build-essential python3
COPY package.json yarn.lock ./
RUN yarn
Stragely, the apt update/apt install works perfectly file (downloads packages from http://deb.debian.org/debian).
However, the yarn command fails and can't reach the internet. This is it's output:
Step x/y : RUN yarn
---> Running in xxxxxx
yarn install v1.22.5
[1/4] Resolving packages...
[2/4] Fetching packages...
info There appears to be trouble with your network connection. Retrying...
info There appears to be trouble with your network connection. Retrying...
...
info There appears to be trouble with your network connection. Retrying...
info There appears to be trouble with your network connection. Retrying...
info If you think this is a bug, please open a bug report with the information provided in "/app/yarn-error.log".
info Visit yarnpkg.com/en/docs/cli/install for documentation about this command.
error An unexpected error occurred: "registry.yarnpkg.com/@material-ui/icons/-/icons-4.11.2.tgz: ESOCKETTIMEDOUT".
I can't figure out why this is happening. I've tried with and without --mtu=1430 inside the dind args (exact same the example yaml).
The actual MTU depends on your CNI. Docker must use the bridge-network in order to leave the same logical iface, and hence use the mtu setting. You can also enforce it via https://www.linuxtopia.org/Linux_Firewall_iptables/x4700.html but that is a bit more hackish.
Linux Packet Filtering and iptables - TCPMSS target
@davidkarlsen can you point to some resources/examples for your last message? Our cluster is configured with Cilium and I'm not sure how to enable bridging
https://docs.docker.com/network/bridge/
Docker Documentation
All about using user-defined bridge networks and the default bridge
@davidkarlsen How would I configure this? I understand that Docker must be ran with bridge network, however I don't understand how this is configured inside the k8s cluster
@davidkarlsen How would I configure this? I understand that Docker must be ran with bridge network, however I don't understand how this is configured inside the k8s cluster
You don’t. The bridging is an aspect of Docker.