Cannot connect to the Docker daemon about jenkins HOT 8 OPEN

I had to chmod 777 /run/docker.sock in Fedora 23 then it worked. I found this out by logging into the container
docker exec -it jenkins-ci /bin/bash and running docker info which couldn't connect to the docker daemon

in the down.sh why would you run rm -rf /home/$(whoami)/jenkins_home ?

from jenkins.

Thanks a lot i'll explore that path and keep you informed here

from jenkins.

I don't think it's CoreOS, but the Docker version. As far as I know Docker API changed a lot from 1.11 to 1.12. You can can fork the repo and install Docker 1.11.2 on the Jenkins image here https://github.com/stefanprodan/jenkins/blob/master/Dockerfile#L29

from jenkins.

Running docker -v on my freshly built image returns this

Docker version 1.11.2, build b9f10c9

To build the image i cloned the url you linked me, and edited the docker-engine package apt-get is installing (docker-engine=1.11.2-0~jessie which is the only 1.11.2 version i could download, see https://apt.dockerproject.org/repo/dists/debian-jessie/main/filelist)

As a reminder, my host (CoreOS) docker version is : Docker version 1.12.3, build 6b644e which is the same but not exactly, refering to the build number...
Sadly i can't get closer but i think it's close enough to guess that the problem is somewhere else.

What about the docker.sock permissions ? Might be a good lead no ?

from jenkins.

Thanks for your contribution sofuca.
So you executed something like docker exec -u root ${NAME} /bin/chmod -v a+s $(which docker) (untested) after running the jenkins container ? Because there's no sudo in the container and running as jenkins user you can't use chmod on the .sock file, no rights for that.

I really advice you both to read the following post and moreover, to watch the video in it to fully understand the risks of the container we're discussing about. I'm currently wondering if i shouldn't look for another way to fulfill my CI objectives (not using a docker.sock passed to a docker container).
https://www.lvh.io/posts/dont-expose-the-docker-socket-not-even-to-a-container.html

In my opinion, the part of the down.sh script you're talking about is just here to let stefanprodan easily reset his environment for testing his work on the container.

from jenkins.

Hey, sorry for the confusion, you need to change the permissions on the docker.sock on the host, not inside the Jenkins container.

from jenkins.

Yeah i had and hesitation about it. I'm not sure i'll do that but thanks for your explanation.

from jenkins.

Yes the down.sh resets everything on host, don't use that if you want to keep your data.
Regarding the permissions on the docker sock, it shouldn't be a security issue if your CI server is behind a firewall. If your Jenkins server has a public IP then the docker socket is the least of your problems.

from jenkins.