I’m using Drone server and docker runner with the following configuration:
services:
drone:
image: drone/drone:2.17
container_name: drone-srv
restart: always
ports:
- "5100:80"
volumes:
- /var/lib/drone:/data
environment:
DRONE_GITLAB_SERVER: <server>
DRONE_GITLAB_CLIENT_ID: <client_id>
DRONE_GITLAB_CLIENT_SECRET: <secret>
DRONE_GITLAB_SKIP_VERIFY: "true"
DRONE_RPC_SECRET: <secret>
DRONE_SERVER_HOST: <host>
DRONE_SERVER_PROTO: https
DRONE_USER_CREATE: username:admin,admin:true
DOCKER_API_VERSION: 1.39
runner:
image: drone/drone-runner-docker:1.8
container_name: drone-runner
restart: always
ports:
- "5110:3000"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
DRONE_RPC_PROTO: https
DRONE_RPC_HOST: <host>
DRONE_RPC_SECRET: <secret>
DRONE_RUNNER_CAPACITY: 5
DRONE_RUNNER_NAME: drone-docker-runner-1
DRONE_RUNNER_ENVIRON: GIT_SSL_NO_VERIFY:false
GitLab version is 16.0.
When having DRONE_RUNNER_CAPACITY>1, the runners can’t use GitLab OAuth correctly: pipelines are stuck and I get plenty of messages in the runner log, like the following:
time="2023-06-20T07:27:05Z" level=error msg="cannot get stage details" error="The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client." stage.id=7170 stage.name="..." stage.number=1 thread=5
With DRONE_RUNNER_CAPACITY=1 everything works like a charm. However, I’d like to increase the capacity. Could you please advise?
It feels like multiple threads (when capacity is higher than 1) are using the same authorization grant and somehow interfering with each other. As a result, only one thread is actually working and others are failed with the mentioned authorization error and therefore get stuck.