如何从Jenkins Docker容器内部使用Docker [英] How to use docker from inside Jenkins docker container
问题描述
我面临以下问题:我创建了一个Jenkins docker容器,并将该主机上的docker套接字与该容器链接.像这样:
I'm facing the following problem: I created a Jenkins docker container, and linked the docker socket on the host, with the container. Like this:
docker run -v /var/run/docker.sock:/var/run/docker.sock -p 8080:8080 -p 50000:50000 -d --name jenkins --restart unless-stopped jenkins
然后,当我尝试在詹金斯上创建一些作业时,我得到了通常的权限被拒绝"消息:
Then when I try to create some jobs on jenkins I get the usual "permission denied" message:
尝试连接Docker守护程序时拒绝获得权限 unix:///var/run/docker.sock上的套接字:获取 http://%2Fvar%2Frun%2Fdocker.sock/v1.29/images /json :拨打Unix /var/run/docker.sock:连接:权限被拒绝
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.29/images/json: dial unix /var/run/docker.sock: connect: permission denied
但是,如果我连接到容器并使用root用户运行命令,则不会发生该问题.
But that problem doesn't happen if I attach to the container and run the command using the root user.
我该如何解决?
我无法通过运行sudo gpasswd -a jenkins docker将jenkins用户添加到主机上的docker组(因为主机上没有jenkins用户,仅在容器中),而且我也无法在容器内运行此命令(因为该容器不知道任何码头工人组).有关如何解决此问题的任何提示?
I can't add jenkins user to docker group on the host by running sudo gpasswd -a jenkins docker (because there is no jenkins user on the host, only in the container) and I also can't run this command inside the container (because the container doesn't know about any docker group). Any tips on how to solve this?
推荐答案
您可以在容器内添加docker组.进行此操作:
You can add the docker group inside the container. Do this in its bash:
groupadd -g <docker-group-id> docker
找出在主机中运行此命令的<docker-group-id>:
Find out the <docker-group-id> running this in the host:
ls -ln /var/run/docker.sock
然后将jenkins用户添加到docker组:
Then add the jenkins user to the docker group:
gpasswd -a jenkins docker
请考虑到这可能产生的任何安全问题:
Take into account any security issue that this could produce:
警告:泊坞窗组授予与root用户等效的特权.有关如何影响系统安全性的详细信息,请参阅Docker Daemon Attack Surface.
Warning: The docker group grants privileges equivalent to the root user. For details on how this impacts security in your system, see Docker Daemon Attack Surface.
请参阅文档
这篇关于如何从Jenkins Docker容器内部使用Docker的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
