Comments (8)
I had to chmod 777 /run/docker.sock in Fedora 23 then it worked. I found this out by logging into the container
docker exec -it jenkins-ci /bin/bash
and running docker info
which couldn't connect to the docker daemon
in the down.sh why would you run rm -rf /home/$(whoami)/jenkins_home ?
from jenkins.
Thanks a lot i'll explore that path and keep you informed here
from jenkins.
I don't think it's CoreOS, but the Docker version. As far as I know Docker API changed a lot from 1.11 to 1.12. You can can fork the repo and install Docker 1.11.2 on the Jenkins image here https://github.com/stefanprodan/jenkins/blob/master/Dockerfile#L29
from jenkins.
Running docker -v
on my freshly built image returns this
Docker version 1.11.2, build b9f10c9
To build the image i cloned the url you linked me, and edited the docker-engine package apt-get is installing (docker-engine=1.11.2-0~jessie which is the only 1.11.2 version i could download, see https://apt.dockerproject.org/repo/dists/debian-jessie/main/filelist)
As a reminder, my host (CoreOS) docker version is : Docker version 1.12.3, build 6b644e
which is the same but not exactly, refering to the build number...
Sadly i can't get closer but i think it's close enough to guess that the problem is somewhere else.
What about the docker.sock permissions ? Might be a good lead no ?
from jenkins.
Thanks for your contribution sofuca.
So you executed something like docker exec -u root ${NAME} /bin/chmod -v a+s $(which docker)
(untested) after running the jenkins container ? Because there's no sudo in the container and running as jenkins user you can't use chmod on the .sock file, no rights for that.
I really advice you both to read the following post and moreover, to watch the video in it to fully understand the risks of the container we're discussing about. I'm currently wondering if i shouldn't look for another way to fulfill my CI objectives (not using a docker.sock passed to a docker container).
https://www.lvh.io/posts/dont-expose-the-docker-socket-not-even-to-a-container.html
In my opinion, the part of the down.sh script you're talking about is just here to let stefanprodan easily reset his environment for testing his work on the container.
from jenkins.
Hey, sorry for the confusion, you need to change the permissions on the docker.sock on the host, not inside the Jenkins container.
from jenkins.
Yeah i had and hesitation about it. I'm not sure i'll do that but thanks for your explanation.
from jenkins.
Yes the down.sh resets everything on host, don't use that if you want to keep your data.
Regarding the permissions on the docker sock, it shouldn't be a security issue if your CI server is behind a firewall. If your Jenkins server has a public IP then the docker socket is the least of your problems.
from jenkins.
Related Issues (2)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jenkins.