Jenkins触发时如何解决Docker权限错误 [英] How to solve Docker permission error when trigger by Jenkins
问题描述
我的Jenkins不在Docker容器中运行,只是传统安装到VPS.当执行一个简单的测试项目时,出现以下错误.我正在使用Ubuntu 14,java 7和稳定的Jenkins.我尝试了所有可以在Google上找到的方法,但是无法正常工作.
My Jenkins is not run in Docker container, just tradional install to VPS. I got the following error when executing a simple test project. I am using Ubuntu 14, java 7, and stable Jenkins. I tried all methods I can find on google, but can't get it work.
我正在尝试执行此shell
I am trying to execute this shell
docker build --pull=true -t nick/hello-jenkins:$GIT_COMMIT .
更改代码后.
这是错误:
Got permission denied while trying to connect to the Docker daemon socket at unix: ....
Started by user nicolas xu
Building in workspace /var/lib/jenkins/workspace/hello-Jenkins
> git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
> git config remote.origin.url https://github.com/nicolasxu/hello-nick-jenkins.git # timeout=10
Fetching upstream changes from https://github.com/nicolasxu/hello-nick-jenkins.git
> git --version # timeout=10
> git fetch --tags --progress https://github.com/nicolasxu/hello-nick-jenkins.git +refs/heads/*:refs/remotes/origin/*
> git rev-parse refs/remotes/origin/master^{commit} # timeout=10
> git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision d94ae21a8a2cf58ffc790dcad15bd851fb17df5a (refs/remotes/origin/master)
> git config core.sparsecheckout # timeout=10
> git checkout -f d94ae21a8a2cf58ffc790dcad15bd851fb17df5a
> git rev-list d94ae21a8a2cf58ffc790dcad15bd851fb17df5a # timeout=10
[hello-Jenkins] $ /bin/sh -xe /tmp/hudson5076309502904684976.sh
+ docker build --pull=true -t nick/hello-jenkins:d94ae21a8a2cf58ffc790dcad15bd851fb17df5a .
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.27/build?buildargs=%7B%7D&cachefrom=%5B%5D&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=Dockerfile&labels=%7B%7D&memory=0&memswap=0&networkmode=default&pull=1&rm=1&shmsize=0&t=nick%2Fhello-jenkins%3Ad94ae21a8a2cf58ffc790dcad15bd851fb17df5a&ulimits=null: dial unix /var/run/docker.sock: connect: permission denied
Build step 'Execute shell' marked build as failure
Finished: FAILURE
我可以以root身份在控制台中运行"docker",没问题,为什么jenkins不能尝试运行"docker"的shell命令?到底是怎么回事?完全糊涂了...
I can run 'docker' in console as root no problem, why jenkins can't try a shell command which runs 'docker'? What is going on? Totally confused.......
推荐答案
在您的VPS服务器终端中,执行以下操作以将您的jenkins用户添加到docker组:
In your VPS server terminal, do this to add your jenkins user to the docker group:
sudo usermod -aG docker jenkins
然后重新启动jenkins服务器以刷新组.
Then restart your jenkins server to refresh the group.
请考虑到这可能产生的任何安全问题:
Take into account any security issue that this could produce:
警告:泊坞窗组授予与root用户等效的特权.有关如何影响系统安全性的详细信息,请参阅Docker Daemon Attack Surface.
Warning: The docker group grants privileges equivalent to the root user. For details on how this impacts security in your system, see Docker Daemon Attack Surface.
请参阅文档
编辑(由@iger提及):只需确保从命令行重新启动Jenkins(即sudo服务jenkins重新启动),但不要通过其余端点(http:///restart)
Edit (mentioned by @iger): Just make sure to restart the Jenkins from command-line (i.e. sudo service jenkins restart), but not through the rest endpoint (http:///restart)
这篇关于Jenkins触发时如何解决Docker权限错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!