I am running a Jenkins build server in a docker container on my Synology NAS.
As part of some build jobs I need to call docker to create me a new docker image containing the newly built resources. I understand that there are two options to achieve this:
a. I could install (a second) docker inside the jenkins container, i.e. run docker inside a docker container.
b. I could allow the jenkins container access to the docker that hosts the jenkins container itself.
I would like to go for option b., i.e. spare me an additional docker installation inside the jenkins container (and besides: I wouldn’t even be sure if docker inside docker would work).
I googled around somewhat and found, that accessing the hosting docker from inside a container should be feasible by adding:
services: ... jenkins: ... volumes: # This allows to access the host's docker, e.g. for builds: - /var/run/docker.sock:/var/run/docker.sock ...
to the docker-compose.yml that I use to start jenkins. Mapping the docker socket should allow a docker client inside the jenkins container to access the docker daemon on the host running that container. I also installed the docker client plugin in Jenkins.
And, indeed, the access as such seems to work, but when I try to build me my example project “hellonode” I get the following error:
docker build -t michaelmoser/hellonode . Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.29/build?buildargs=%7B%7D&cachefrom=%5B%5D&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=Dockerfile&labels=%7B%7D&memory=0&memswap=0&networkmode=default&rm=1&shmsize=0&t=michaelmoser%2Fhellonode&target=&ulimits=null: dial unix /var/run/docker.sock: connect: permission denied
So obviously there is some permission thing that must be in place before that actually works. Any idea anyone, what I need to do to get this working?