Docker-runner auto-created network blocked by firewall

Drone Support
1

Hello everyone,

I’m now working a couple of hours on my local setup and googled and debugged a lot. But now hitting a dead end…

  1. I have gitea, drone, runner etc. running in docker and connected by a bridge network, let’s call it drone-bridge
  2. I figured out how to connect the bits and pieces so that the spawned runner can clone using DRONE_RUNNER_NEWTORKS
  3. I found out that every build step spawns a new container and that all spawned containers are added to their only newly created docker network and to the drone-bridge
  4. Build steps fail because the temporary docker network has no internet access due to firewall policies. However… drone-bridge has.

Does anyone have an idea how to achieve one of the following:

  • re-use an existing network (DOCKER_NETWORK_ID does not work with existing nets)
  • pass a configuration for the “to-be-created-network” to the runner with an ip not blocked by the firewall

Any other approach is highly welcome - except “Allow all” :slight_smile:

2

someone in the drone community may have gotten this working (perhaps they can chime in) but due to network complications that you described above this is not a configuration we formally support.

Please note we strongly recommend installing Drone on a dedicated instance. We do not recommend installing Drone and Gitea on the same machine due to network complications, and we definitely do not recommend installing Drone and Gitea on the same machine using docker-compose. [source]

3

I’m aware of the guide… but as you said. Maybe can provide a hint.