Docker Community Forums

Share and learn in the Docker community.

How to expose the docker swarm API for jenkins docker-swar-plugin (Docker CE, Debian buster)?

Hi guys,
I am trying to use docker-swarm-plugin for Jenkins: https://github.com/jenkinsci/docker-swarm-plugin.
The first thing I have to configure is the docker swarm API URL, in th plugin configuration called “Docker Host URI”. I tried to use unix:///var/run/docker.sock as I did before with the jenkins docker-plugin but I get an error (yes, I mounted the socket to the container and yes, I set permissions to 777 in the container to be sure the user can access it):

java.lang.NullPointerException
at org.jenkinsci.plugins.docker.swarm.docker.api.request.ApiRequest.(ApiRequest.java:53)
at org.jenkinsci.plugins.docker.swarm.docker.api.ping.PingRequest.(PingRequest.java:10)

The plugin documentation uses a https… URL and says that

Docker swarm api url: The URL to the API of the Swarm you want to target. The API is not exposed by default, so you will likely need to take manual actions to expose it. Depending on your OS the method may vary but you basically need to add the -H tcp://0.0.0.0:<port> option at Docker startup. Failing to do so will result in a “Failed to _ping” error.

So I followed this article (https://success.docker.com/article/how-do-i-enable-the-remote-api-for-dockerd) and added a /etc/systemd/system/docker.service.d/startup_options.conf file to expose the api on port 2376. Then I tried to configure https://[my-swarm-manager-ip]:2376 as Docker Host URI but I got the same error as shown above. I also tried

But none of this works, always same error as shown above.
When I do docker info I get the following warning:

WARNING: API is accessible on http://0.0.0.0:2376 without encryption.
Access to the remote API is equivalent to root access on the host. Refer
to the ‘Docker daemon attack surface’ section in the documentation for
more information: https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface

But as I mentioned, I tried those URLs and it did not work. Can anyone give me some advice?
Kind regards
Timo

I could solve the problem, it was a firewall issue. I opened port 2376 on my swarm nodes, but only for the ip adresses of my hosts. As I opened port 2376 for the IP address range of my swarm network, it worked. Now I have the problem, that my jenkins builds create new docker services, but they do not start, they are just created, but they stay on 0/1 replicas and don’t do anything (docker service logs -f <servicename>does not return anything).
I opened issue #36 in the plugins GITHub repository, just in case someone feels motivated to have a look at it.
Kind regards
Timo