Add documentation about registry mirror in dind

Docker Inc is rolling out new [terms of service](https://www.docker.com/pricing/resource-consumption-updates) which will introduce rate limits on `docker pull` from DockerHub for anonymous users. Users can already set a DockerHub mirror to not reach these limits when running CI jobs using the Docker executor. However when they use the `dind` service to build their images this won't use the registry mirror because it needs to be explicitly configured for the daemon. closes https://gitlab.com/gitlab-org/gitlab-runner/-/issues/27171

Add documentation about registry mirror in dind
Docker Inc is rolling out new [terms of service](https://www.docker.com/pricing/resource-consumption-updates) which will introduce rate limits on `docker pull` from DockerHub for anonymous users. Users can already set a DockerHub mirror to not reach these limits when running CI jobs using the Docker executor. However when they use the `dind` service to build their images this won't use the registry mirror because it needs to be explicitly configured for the daemon. closes https://gitlab.com/gitlab-org/gitlab-runner/-/issues/27171
ade52343 · Steve Azzopardi · Amy Qualls · fb7dc6c3 · ade52343
Commit ade52343 authored Oct 30, 2020 by Steve Azzopardi Committed by Amy Qualls Oct 30, 2020
Show whitespace changes
Inline Side-by-side

Showing with 52 additions and 0 deletions

doc/ci/docker/using_docker_build.md doc/ci/docker/using_docker_build.md +52 -0

No files found.
--- a/doc/ci/docker/using_docker_build.md
+++ b/doc/ci/docker/using_docker_build.md
@@ -302,6 +302,58 @@ build:
    - docker run my-docker-image /script/to/run/tests
 ```

+#### Enable registry mirror for `docker:dind` service
+
+When the Docker daemon starts inside of the service container, it uses
+the default configuration. You may want to configure a [registry
+mirror](https://docs.docker.com/registry/recipes/mirror/) for
+performance improvements and ensuring you don't reach DockerHub rate limits.
+
+##### Inside `.gitlab-ci.yml`
+
+You can append extra CLI flags to the `dind` service to set the registry
+mirror:
+
+```yaml
+services:
+   - name: docker:19.03.13-dind
+     command: ["--registry-mirror", "https://registry-mirror.example.com"] # Specify the registry mirror to use.
+```
+
+##### Docker executor inside GitLab Runner configuration
+
+If you are an administrator of GitLab Runner and you always want to use
+the mirror for every `dind` service, update the
+[configuration](https://docs.gitlab.com/runner/configuration/advanced-configuration.html)
+to specify a [volume
+mount](https://docs.gitlab.com/runner/configuration/advanced-configuration.html#volumes-in-the-runnersdocker-section).
+
+Given we have a file `/opt/docker/daemon.json` with the following
+content:
+
+```json
+{
+  "registry-mirrors": [
+    "https://registry-mirror.example.com"
+  ]
+}
+```
+
+Update the `config.toml` for GitLab Runner to mount the file to
+`/etc/docker/daemon.json`. This would mount the file for **every**
+container that is created by GitLab Runner. The configuration will be
+picked up by the `dind` service.
+
+```toml
+[[runners]]
+  ...
+  executor = "docker"
+  [runners.docker]
+    image = "alpine:3.12"
+    privileged = true
+    volumes = ["/opt/docker/daemon.json:/etc/docker/daemon.json:ro"]
+```
+
 ### Use Docker socket binding

 The third approach is to bind-mount `/var/run/docker.sock` into the