Jenkins触发时如何解决Docker权限错误 [英] How to solve Docker permission error when trigger by Jenkins

问题描述

我的Jenkins不在Docker容器中运行，只是传统安装到VPS.当执行一个简单的测试项目时，出现以下错误.我正在使用Ubuntu 14，java 7和稳定的Jenkins.我尝试了所有可以在Google上找到的方法，但是无法正常工作.

My Jenkins is not run in Docker container, just tradional install to VPS. I got the following error when executing a simple test project. I am using Ubuntu 14, java 7, and stable Jenkins. I tried all methods I can find on google, but can't get it work.

我正在尝试执行此shell

I am trying to execute this shell

docker build --pull=true -t nick/hello-jenkins:$GIT_COMMIT .

更改代码后.

这是错误:

Got permission denied while trying to connect to the Docker daemon socket at unix: ....

---

Started by user nicolas xu
Building in workspace /var/lib/jenkins/workspace/hello-Jenkins
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://github.com/nicolasxu/hello-nick-jenkins.git # timeout=10
Fetching upstream changes from https://github.com/nicolasxu/hello-nick-jenkins.git
 > git --version # timeout=10
 > git fetch --tags --progress https://github.com/nicolasxu/hello-nick-jenkins.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/master^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision d94ae21a8a2cf58ffc790dcad15bd851fb17df5a (refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f d94ae21a8a2cf58ffc790dcad15bd851fb17df5a
 > git rev-list d94ae21a8a2cf58ffc790dcad15bd851fb17df5a # timeout=10
[hello-Jenkins] $ /bin/sh -xe /tmp/hudson5076309502904684976.sh
+ docker build --pull=true -t nick/hello-jenkins:d94ae21a8a2cf58ffc790dcad15bd851fb17df5a .
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.27/build?buildargs=%7B%7D&cachefrom=%5B%5D&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=Dockerfile&labels=%7B%7D&memory=0&memswap=0&networkmode=default&pull=1&rm=1&shmsize=0&t=nick%2Fhello-jenkins%3Ad94ae21a8a2cf58ffc790dcad15bd851fb17df5a&ulimits=null: dial unix /var/run/docker.sock: connect: permission denied
Build step 'Execute shell' marked build as failure
Finished: FAILURE

我可以以root身份在控制台中运行"docker"，没问题，为什么jenkins不能尝试运行"docker"的shell命令?到底是怎么回事?完全糊涂了...

I can run 'docker' in console as root no problem, why jenkins can't try a shell command which runs 'docker'? What is going on? Totally confused.......

推荐答案

在您的VPS服务器终端中，执行以下操作以将您的jenkins用户添加到docker组:

In your VPS server terminal, do this to add your jenkins user to the docker group:

sudo usermod -aG docker jenkins

然后重新启动jenkins服务器以刷新组.

Then restart your jenkins server to refresh the group.

请考虑到这可能产生的任何安全问题:

Take into account any security issue that this could produce:

警告:泊坞窗组授予与root用户等效的特权.有关如何影响系统安全性的详细信息，请参阅Docker Daemon Attack Surface.

Warning: The docker group grants privileges equivalent to the root user. For details on how this impacts security in your system, see Docker Daemon Attack Surface.

请参阅文档

编辑(由@iger提及):只需确保从命令行重新启动Jenkins(即sudo服务jenkins重新启动)，但不要通过其余端点(http:///restart)

Edit (mentioned by @iger): Just make sure to restart the Jenkins from command-line (i.e. sudo service jenkins restart), but not through the rest endpoint (http:///restart)

这篇关于Jenkins触发时如何解决Docker权限错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！