Docker Community Forums

Share and learn in the Docker community.

Mount docker.sock into jenkins container doesn't work

I am trying to mount the docker.sock into my jenkins container, so that it has access to the docker instance.

This is my Dockerfile:

FROM jenkins/jenkins:lts

USER root

RUN apt-get update && \
apt-get -y install apt-transport-https \
     ca-certificates \
     curl \
     gnupg2 \
     software-properties-common && \
curl -fsSL$(. /etc/os-release; echo "$ID")/gpg > /tmp/dkey; apt-key add /tmp/dkey && \
add-apt-repository \
   "deb [arch=amd64]$(. /etc/os-release; echo "$ID") \
   $(lsb_release -cs) \
   stable" && \
apt-get update && \
apt-get -y install docker-ce

RUN usermod -a -G docker jenkins

USER jenkins

I then start the contaienr with the the docker.sock mount:

docker run -v /var/run/docker.sock:/var/run/docker.sock --name jenkins jenkins/jenkins:lts

If I then go into the container as root (docker exec -it --user root jenkins bash) i can run docker ps without any trouble and I see all the containers which are running on the outside docker instance.

But if I the change to the jenkins user and run docker ps I get:

Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.40/containers/json: dial unix /var/run/docker.sock: connect: permission denied

Even though I ran usermod -a -G docker jenkins in the Dockerfile.
Does anyone know how to fix it so that the jenkins user also can run the docker commands?

An idendical group name on the host and inside the container doesn’t mean that they will have the same gid.Make sure the docker group inside the container uses the same gid as the group on the host.

That did the trick. Docker group id on the host was 1001 and in the container it was 999.

Thanks @meyay!