在Centos7的jenkins容器中运行jenkins用户的docker

我尝试在CentOS7.1的Jenkins slave容器中运行Docker。 这是我在我的dockerfile中执行的步骤: 

FROM java:8 ARG user=jenkins ARG group=jenkins ARG uid=1000 ARG gid=1000 RUN groupadd -g ${gid} ${group} \ && useradd -d "$JENKINS_HOME" -u ${uid} -g ${gid} -m -s /bin/bash ${user} RUN groupadd -g 983 docker \ && gpasswd -a ${user} docker

所以我有一个用户jenkins(id1000)在组jenkins(gid1000)+在一个组docker(gid983)+。 我为什么selectgid 983? 那么如果我检查我的主机上的/etc/group ,我看到: 

 docker:x:983:centos

在我的docker-compose脚本中,我安装了docker套接字,这就是为什么我在主机上使用同样的gid。

docker的一部分组成: 

 volumes: - /var/run/docker.sock:/var/run/docker.sock - /usr/bin/docker:/usr/bin/docker

当我以root身份在我的容器中exec

 root@c4af16c386d7:/var/jenkins_home# docker images REPOSITORY TAG IMAGE ID CREATED SIZE jenkins-slave 1.0 94a5d6606f86 10 minutes jenkins 2.7.1 b4974ba62598 3 weeks ago 741 MB java 8-jdk 264282a59a95 7 weeks ago 669.2 MB

但作为jenkins用户: 

 Cannot connect to the Docker daemon. Is the docker daemon running on this host?

在我的容器中: 

 cat /etc/passwd jenkins:x:1000:1000::/var/jenkins_home:/bin/bash cat /etc/group jenkins:x:1000: docker:x:983:jenkins

加成: 

 $ docker exec -it ec52d4125a02 bash root@ec52d4125a02:/var/jenkins_home# whoami root root@ec52d4125a02:/var/jenkins_home# su jenkins jenkins@ec52d4125a02:~$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a23521523249 jenkins:2.7.1 "/bin/tini -- /usr/lo" 20 minutes ago Up 20 minutes 0.0.0.0:8080->8080/tcp, 0.0.0.0:32777->22/tcp, 0.0.0.0:32776->50000/tcp jenkins-master ec52d4125a02 jenkins-slave:1.0 "setup-sshd" 20 minutes ago Up 20 minutes 0.0.0.0:32775->22/tcp, 0.0.0.0:32774->8080/tcp, 0.0.0.0:32773->50000/tcp jenkins-slave

但: 

 $ docker exec -it -u jenkins ec52d4125a02 bash jenkins@ec52d4125a02:~$ docker ps Cannot connect to the Docker daemon. Is the docker daemon running on this host?

在第一种情况下,我的jenkins用户: 

 uid=1000(jenkins) gid=1000(jenkins) groups=1000(jenkins),983(docker)

在第二种情况下: 

 uid=1000(jenkins) gid=1000(jenkins) groups=1000(jenkins)

首先,你为什么需要与Jenkins一起在另一个容器内旋转容器? 这是为什么这不是一个好主意。

有这样的说法,你仍然想要继续前进。 首先,你需要在Docker容器中运行Docker。 例如,你有没有在 – --priviledged模式下启动这个容器?

您应该尝试在Docker中使用Jerome Petazzoni的Docker,因为它可以满足您的所有需求 。

然后,您可以将DInD的东西与Jenkins安装结合起来。 这里有一个例子,我把Jerome的DInD与其他东西混合在一起,然后组装一个有Jenkins,Docker Compose和其他有用的东西的docker容器:

Dockerfile: 

 FROM ubuntu:xenial ENV UBUNTU_FLAVOR xenial #== Ubuntu flavors - common RUN echo "deb http://archive.ubuntu.com/ubuntu ${UBUNTU_FLAVOR} main universe\n" > /etc/apt/sources.list \ && echo "deb http://archive.ubuntu.com/ubuntu ${UBUNTU_FLAVOR}-updates main universe\n" >> /etc/apt/sources.list MAINTAINER Rogério Peixoto ENV JENKINS_HOME /var/jenkins_home ENV JENKINS_SLAVE_AGENT_PORT 50000 ARG user=jenkins ARG group=jenkins ARG uid=1000 ARG gid=1000 # Jenkins is run with user `jenkins`, uid = 1000 # If you bind mount a volume from the host or a data container, # ensure you use the same uid RUN groupadd -g ${gid} ${group} \ && useradd -d "$JENKINS_HOME" -u ${uid} -g ${gid} -m -s /bin/bash ${user} # useful stuff. RUN apt-get update -q && apt-get install -qy \ apt-transport-https \ ca-certificates \ curl \ lxc \ supervisor \ zip \ git \ iptables \ locales \ nano \ make \ openssh-client \ openjdk-8-jdk-headless \ && rm -rf /var/lib/apt/lists/* # Install Docker from Docker Inc. repositories. RUN curl -sSL https://get.docker.com/ | sh # Install the wrapper script from https://raw.githubusercontent.com/docker/docker/master/hack/dind. ADD ./wrapdocker /usr/local/bin/wrapdocker RUN chmod +x /usr/local/bin/wrapdocker # Define additional metadata for our image. VOLUME /var/lib/docker ENV JENKINS_VERSION 2.8 ENV JENKINS_SHA 4d83a40319ecf4eaab2344a18c197bd693080530 RUN mkdir -p /usr/share/jenkins/ \ && curl -SL http://repo.jenkins-ci.org/public/org/jenkins-ci/main/jenkins-war/${JENKINS_VERSION}/jenkins-war-${JENKINS_VERSION}.war -o /usr/share/jenkins/jenkins.war # RUN echo "$JENKINS_SHA /usr/share/jenkins/jenkins.war" | sha1sum -c - ENV JENKINS_UC https://updates.jenkins.io RUN mkdir -p /usr/share/jenkins/ref \ && chown -R ${user} "$JENKINS_HOME" /usr/share/jenkins/ref RUN usermod -a -G docker jenkins ENV DOCKER_COMPOSE_VERSION 1.8.0-rc1 # Install Docker Compose RUN curl -L https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose RUN chmod +x /usr/local/bin/docker-compose RUN apt-get install -y python-pip && pip install supervisor-stdout EXPOSE 8080 EXPOSE 50000 ADD supervisord.conf /etc/supervisor/conf.d/supervisord.conf CMD ["/usr/bin/supervisord"]

supervisord.conf 

 [supervisord] nodaemon=true [program:docker] priority=10 command=wrapdocker startsecs=0 exitcodes=0,1 [program:chown] priority=20 command=chown -R jenkins:jenkins /var/jenkins_home startsecs=0 [program:jenkins] priority=30 user=jenkins environment=JENKINS_HOME="/var/jenkins_home",HOME="/var/jenkins_home",USER="jenkins" command=java -jar /usr/share/jenkins/jenkins.war stdout_events_enabled = true stderr_events_enabled = true [eventlistener:stdout] command=supervisor_stdout buffer_size=100 events=PROCESS_LOG result_handler=supervisor_stdout:event_handler

你可以 在这里 得到 wrapdocker文件

把所有的东西放在同一个目录中,然后构build它:

docker build -t my_dind_jenkins .

然后运行它: 

 docker run -d --privileged \ --name=master-jenkins \ -p 8080:8080 \ -p 50000:50000 my_dind_jenkins
Interesting Posts

无法访问泊坞窗应用程序

在Heroku上使用Docker部署REST api

如何将dos2unix添加到基于Alpine的docker集装箱?

MongoDB> 3.2 RaspberryPi Docker

从另一个Dockerfile运行命令(但不是在开始;没有`FROM`)

如何在ENTRYPOINT数组中使用Docker环境variables?

运行时Docker OSX端口映射错误:exec

如何在dockerfile中编译apache2自己的模块?

你怎么知道当你拉一个现有的Docker镜像时你得到了什么?

使用Docker Hub中的Dockerfile运行ckan