Use docker inside docker with jenkins user

General
,
1

version:

Client:
 Version:      1.11.1
 API version:  1.23
 Go version:   go1.5.4
 Git commit:   5604cbe
 Built:        Wed Apr 27 00:34:42 2016
 OS/Arch:      linux/amd64

Server:
 Version:      1.11.1
 API version:  1.23
 Go version:   go1.5.4
 Git commit:   5604cbe
 Built:        Wed Apr 27 00:34:42 2016
 OS/Arch:      linux/amd64

I have a docker container (jenkins). I’ve mounted the sockets to my container so that I can perform docker commands inside my jenkins container. This works fine when I am root user in my container:

    docker run -d -v /var/run/docker.sock:/var/run/docker.sock -v
    /usr/bin/docker:/usr/bin/docker:ro -v
    /lib64/libdevmapper.so.1.02:/usr/lib/x86_64-linux-gnu/libdevmapper.so.1.02
    -v /lib64/libudev.so.0:/usr/lib/x86_64-linux-gnu/libudev.so.0
    -p 8080:8080 --name jenkins -u root --privileged=true -t -i
    my-jenkins:1.0

My dockerfile now looks like this: I add my jenkins user to the docker group so I can perform docker commands with my jenkins user:

My dockerfile:

FROM jenkins:1.651.1
COPY plugins.txt /usr/share/jenkins/plugins.txt
RUN /usr/local/bin/plugins.sh /usr/share/jenkins/plugins.txt
USER root 
RUN apt-get update 
RUN groupadd docker && gpasswd -a jenkins docker 
USER jenkins

When I start this container I’m not able to perform the docker commands with my jenkins user. But jenkins is in the dockergroup:

docker run -d -v /var/run/docker.sock:/var/run/docker.sock -v
/usr/bin/docker:/usr/bin/docker:ro -v
/lib64/libdevmapper.so.1.02:/usr/lib/x86_64-linux-gnu/libdevmapper.so.1.02
-v /lib64/libudev.so.0:/usr/lib/x86_64-linux-gnu/libudev.so.0
-p 8080:8080 --name jenkins -u jenkins --privileged=true -t -i
my-jenkins:1.0

But than it does not work

jenkins@bc145b8cfc1d:/$ docker ps
Cannot connect to the Docker daemon. Is the docker daemon running on this host?
jenkins@bc145b8cfc1d:/$ whoami
jenkins

This is the content of my /etc/groupon my container

jenkins:x:1000:
docker:x:1001:jenkins

my jenkins user is in the docker group

jenkins@bc145b8cfc1d:/$ groups jenkins
jenkins : jenkins docker
1 Like
2

Not sure what is your use case , but in general it is better to use only a docker client inside a container and mount the /var/run/docker.sock so you can run command on the docker daemon installed on the host itself.

there is a docker image on the hub for this
https://hub.docker.com/_/docker/

and also you might useful this step by step tutorial I did for jenkins and docker pipeline

3

This blog , which I wrote, has plenty of info on the problems with running Jenkins pipelines with Docker.

The approach of using a container with Jenkins + Docker-client and mounting /var/run/docker.sock so that the client can connect with Docker on the host is fine in some cases, but will give you a lot of headaches if your Jenkins job must build or run Docker containers (which is a common pattern).

The problems stem from the fact that the entity creating the containers (Jenkins) is running in a different context than the Docker daemon (the former runs in a container, the latter on the host).

I recently founded a company called Nestybox that has created a container runtime (aka runc) that enables Docker to deploy containers that act like virtual hosts and can run system-level software such as Docker in them, without using privileged containers.

The blog I referenced above has a clean & simple solution for running Jenkins + Docker that may save you a good amount of time. It has already helped others. Check it out, hopefully it will help!