You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We seem unable to use the host's docker machine (v1.7.1) when operating without root privileges.
On the host I have added a jenkins user (resultant id:1006) and group and added it to the docker group:
jenkins@virt-04:/home/jamesg$ id
uid=1006(jenkins) gid=1007(jenkins) groups=1007(jenkins),4(adm),998(docker),1002(admin)
And a corresponding folder owned by that user. I launch jenkins passing in our --username 1006 and bind-mounting our folder into /var/jenkins_home.
This appears to work well enough. I also bind-mount /var/run/docker.sock and /usr/bin/docker. Inside the Jenkins container I can execute docker help and see assistance. If I run docker ps I get told permission denied:
jenkins@79798524d818:/$ docker ps
Get http:///var/run/docker.sock/v1.19/containers/json: dial unix /var/run/docker.sock: permission denied. Are you trying to connect to a TLS-enabled daemon without TLS?
Within a job, the following is the relevant console log:
+ pwd
/var/jenkins_home/jobs/dispatcher/workspace
ERROR: Failed to mkdirs: ?/.docker
If I docker exec in to the container with --user root I can repeat docker ps and see the listing of sibling containers.
If I launch the Jenkins docker container with --username root instead of --username 1006, Jenkins is now able to launch sibling docker containers.
I do not expect this problem to be exclusive to Jenkins, but the problem ought to be documented. Nor do I know what I've missed...
The text was updated successfully, but these errors were encountered:
That's pretty much where I landed. So I tried making the host's jenkins have a home dir of /var/lib/jenkins_home, and of /mnt/jenkins which is the host point. Neither worked.
To get some work done, I launched with root and saw success.
This isn't a docker-machine issue, it is a docker client accessing the daemon issue yes? What you have is a permissions problem for the jenkins user with regards to the /var/run/docker.sock. Please take a look at the script i mention in this comment #196 (comment) for #196.
We seem unable to use the host's docker machine (v1.7.1) when operating without root privileges.
On the host I have added a
jenkins
user (resultant id:1006) and group and added it to thedocker
group:And a corresponding folder owned by that user. I launch jenkins passing in our
--username 1006
and bind-mounting our folder into/var/jenkins_home
.This appears to work well enough. I also bind-mount
/var/run/docker.sock
and/usr/bin/docker
. Inside the Jenkins container I can executedocker help
and see assistance. If I rundocker ps
I get told permission denied:Within a job, the following is the relevant console log:
If I
docker exec
in to the container with--user root
I can repeatdocker ps
and see the listing of sibling containers.If I launch the Jenkins docker container with
--username root
instead of--username 1006
, Jenkins is now able to launch sibling docker containers.I do not expect this problem to be exclusive to Jenkins, but the problem ought to be documented. Nor do I know what I've missed...
The text was updated successfully, but these errors were encountered: