I am playing with Gitlab CI CD and docker. So far I have the following setup:
- A server with gitlab-runner (docker executor)
- A staging server with docker installed
- A self-hosted GitLab instance
After building and pushing images to the container registry, I am trying to deploy the app on a staging server by doing following steps:
- eval $(ssh-agent -s)
- echo "$DEPLOY_SSH_PRIVATE_KEY" | tr -d 'r' | ssh-add - > /dev/null
- docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $CI_REGISTRY_IMAGE
- docker-compose -H "ssh://$DEPLOY_USER@$DEPLOY_SERVER" down --remove-orphans || true
- docker-compose -H "ssh://$DEPLOY_USER@$DEPLOY_SERVER" pull
- docker-compose -H "ssh://$DEPLOY_USER@$DEPLOY_SERVER" up -d
It fails on the 4th step, where as far as I understood, it points to wrong container registry:
error during connect: Get "http://docker.example.com/v1.24/containers/json?all=1&filters=%7B%22label%22%3A%7B%22com.docker.compose.project%3Drepo_name%22%3Atrue%7D%7D&limit=0": command [ssh -l deployer — staging-server-ip docker system dial-stdio] has exited with exit status 255, please make sure the URL is valid, and Docker 18.09 or later is installed on the remote host: stderr=Host key verification failed.
Do I have to run docker login on a staging server as well, or what am I missing?
2
Answers
It turns out that there were several issues:
/etc/ssh/ssh_configstderr=Host key verification failedhappens when server’s public host key is not yet added to the client’s known_hosts file. If the client were connecting through a terminal, the server prompts the client to confirm if it is connected to the correct system. Answering Yes to this question, would add the server’s public host key to the clients~/.ssh/known_hosts. But here since you are connecting to the server in a gitlab CI pipeline, you can usessh-keyscanto gather ssh public host key from the server. Just insert the below code above line 4: