No internet in Rancher Pipeline

Rancher 2.x
1

Hello All,

I am trying out Rancher Pipelines, and when building docker images in a pipeline, i noticed that there is no internet connectivity.
When running a simple apt-get update command, I can see that the url is being resolved to a correct ip (so not a DNS problem i would assume) but that the connection fails. (see logs below)

When running the same base image as a pod in the same cluster, there is internet connectivity and the commands work.

I have found similar problems (not using Rancher pipelines) where a resolution would be to add the --network=host argument to the docker build command, but i don’t know if it is possible in Rancher Pipelines to add arguments.

Any help would be greatly appreciated!

.rancher-pipeline.yml

stages:
  - name: Build something
    # Conditions for stages
    when:
      branch: master
      event: [ push, pull_request ]
    # Multiple steps run concurrently
    steps:
      - runScriptConfig:
          image: busybox
          shellScript: date -R
  - name: Publish my image
    steps:
    - publishImageConfig:
        dockerfilePath: ./Dockerfile
        buildContext: .
        tag: kevindewolf/helloworld-python:v1.0.0
        # Optionally push to remote registry
        pushRemote: true
        registry: registry.hub.docker.com
  - name: Deploy
    steps:
    - applyYamlConfig:
        path: ./deployment.yaml

DockerFile

FROM ubuntu:18.04

COPY . /app

WORKDIR /app

RUN apt-get update

RUN apt-get install python3-pip -y

RUN pip install -r app/requirements.txt

EXPOSE 5000

CMD ["python", "app/main.py"]

Pipeline Publish image log

+ /usr/local/bin/dockerd-entrypoint.sh /bin/drone-docker
+ /usr/local/bin/dockerd --data-root /var/lib/docker
Registry credentials or Docker config not provided. Guest mode enabled.
+ /usr/local/bin/docker version
Client: Docker Engine - Community
 Version:           18.09.0
 API version:       1.39
 Go version:        go1.10.4
 Git commit:        4d60db4
 Built:             Wed Nov  7 00:46:51 2018
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          18.09.0
  API version:      1.39 (minimum version 1.12)
  Go version:       go1.10.4
  Git commit:       4d60db4
  Built:            Wed Nov  7 00:52:55 2018
  OS/Arch:          linux/amd64
  Experimental:     false
+ /usr/local/bin/docker info
Containers: 0
 Running: 0
 Paused: 0
 Stopped: 0
Images: 0
Server Version: 18.09.0
Storage Driver: overlay2
 Backing Filesystem: xfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 468a545b9edcd5932818eb9de8e72413e616e86e
runc version: 69663f0bd4b60df09991c08812a60108003fa340
init version: fec3683
Security Options:
 seccomp
  Profile: default
Kernel Version: 3.10.0-1062.9.1.el7.x86_64
Operating System: Alpine Linux v3.8 (containerized)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 15.65GiB
Name: buildpod.pipeline-p-sj4m6-25.1-03lbf-v26tk
ID: DRIP:WOLI:256H:THO7:SNHK:QTM6:U6FE:RKRU:FRP5:6U6A:VG2V:2YBE
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false
Product License: Community Engine

WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
+ /usr/local/bin/docker build --rm=true -f ./Dockerfile -t 00000000 . --pull=true --label org.label-schema.schema-version=1.0 --label org.label-schema.build-date=2020-05-27T11:34:24Z --label org.label-schema.vcs-ref=00000000 --label org.label-schema.vcs-url=
Sending build context to Docker daemon  188.4kB

Step 1/12 : FROM ubuntu:18.04
18.04: Pulling from library/ubuntu
23884877105a: Pulling fs layer
bc38caa0f5b9: Pulling fs layer
2910811b6c42: Pulling fs layer
36505266dcc6: Pulling fs layer
36505266dcc6: Waiting
bc38caa0f5b9: Verifying Checksum
bc38caa0f5b9: Download complete
2910811b6c42: Verifying Checksum
2910811b6c42: Download complete
23884877105a: Verifying Checksum
23884877105a: Download complete
36505266dcc6: Verifying Checksum
36505266dcc6: Download complete
23884877105a: Pull complete
bc38caa0f5b9: Pull complete
2910811b6c42: Pull complete
36505266dcc6: Pull complete
Digest: sha256:3235326357dfb65f1781dbc4df3b834546d8bf914e82cce58e6e6b676e23ce8f
Status: Downloaded newer image for ubuntu:18.04
 ---> c3c304cb4f22
Step 2/12 : COPY . /app
 ---> 8e438fd404d4
Step 3/12 : WORKDIR /app
 ---> Running in 741d6fd7b508
Removing intermediate container 741d6fd7b508
 ---> 69b017d2efb7
Step 4/12 : RUN apt-get update
 ---> Running in ad7cd4684039
Err:1 http://archive.ubuntu.com/ubuntu bionic InRelease
  Connection failed [IP: 91.189.88.152 80]
Err:2 http://security.ubuntu.com/ubuntu bionic-security InRelease
  Connection failed [IP: 91.189.91.38 80]
Err:3 http://archive.ubuntu.com/ubuntu bionic-updates InRelease
  Connection failed [IP: 91.189.88.152 80]