在Jenkins(在docker容器中)build立docker镜像
我使用docker集装箱的jenkins。 我想在Jenkinspipe道中构builddocker镜像,但是docker不存在于这个容器中(Jenkins)。
由Docker Compose部署的Jenkins容器,yml文件:
version: "3.3" services: jenkins: image: jenkins:alpine ports: - 8085:8080 volumes: - ./FOR_JENKINS:/var/jenkins_home 我们可以在Jenkinspipe道中build立docker镜像吗? 我们可以用Docker部署一些docker容器,并使用一次来构builddocker图像吗? 或者是其他东西? 你怎么和他们做?
编辑:
谢谢@VonC,我查了你的资料,但是…“被拒绝的权限”
Docker撰写文件:
version: "3.3" services: jenkins: image: jenkins:alpine ports: - 8085:8080 volumes: - ./FOR_JENKINS:/var/jenkins_home # - /var/run/docker.sock:/var/run/docker.sock:rw - /var/run:/var/run:rw
Jenkinsfile:
pipeline { agent any stages { stage('Build') { steps { echo "Compiling..." sh "${tool name: 'sbt', type: 'org.jvnet.hudson.plugins.SbtPluginBuilder$SbtInstallation'}/bin/sbt compile" } } /*stage('Unit Test') { steps { echo "Testing..." sh "${tool name: 'sbt', type: 'org.jvnet.hudson.plugins.SbtPluginBuilder$SbtInstallation'}/bin/sbt coverage 'test-only * -- -F 4'" sh "${tool name: 'sbt', type: 'org.jvnet.hudson.plugins.SbtPluginBuilder$SbtInstallation'}/bin/sbt coverageReport" sh "${tool name: 'sbt', type: 'org.jvnet.hudson.plugins.SbtPluginBuilder$SbtInstallation'}/bin/sbt scalastyle || true" } }*/ stage('DockerPublish') { steps { echo "Docker Stage ..." // Generate Jenkinsfile and prepare the artifact files. sh "${tool name: 'sbt', type: 'org.jvnet.hudson.plugins.SbtPluginBuilder$SbtInstallation'}/bin/sbt docker:stage" echo "Docker Build-2 ..." // Run the Docker tool to build the image script { docker.withTool('docker') { echo "D1- ..." //withDockerServer([credentialsId: "AWS-Jenkins-Build-Slave", uri: "tcp://192.168.0.29:2376"]) { echo "D2- ..." sh "printenv" echo "D3- ..." //sh "docker images" echo "D4- ..." docker.build('my-app:latest', 'target/docker/stage').inside("--volume=/var/run/docker.sock:/var/run/docker.sock") echo "D5- ..." //base.push("tmp-fromjenkins") //} } } } } } }
结果:
[job1] Running shell script + docker build -t my-app:latest target/docker/stage Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.29/build?buildargs=%7B%7D&cachefrom=%5B%5D&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=Dockerfile&labels=%7B%7D&memory=0&memswap=0&networkmode=default&rm=1&shmsize=0&t=my-app%3Alatest&target=&ulimits=null: dial unix /var/run/docker.sock: connect: permission denied script returned exit code 1
编辑:与“权限被拒绝”的最后一个问题修复:
>>sudo chmod 0777 /var/run/docker.sock
工作状态:
呼叫主持人:
>>sudo chmod 0777 /var/run/docker.sock
Docker撰写文件:
version: "3.3" services: jenkins: image: jenkins:alpine ports: - 8085:8080 volumes: - ./FOR_JENKINS:/var/jenkins_home # - /var/run/docker.sock:/var/run/docker.sock:rw - /var/run:/var/run:rw
Jenkinsfile:
pipeline { agent any stages { stage('Build') { steps { echo "Compiling..." sh "${tool name: 'sbt', type: 'org.jvnet.hudson.plugins.SbtPluginBuilder$SbtInstallation'}/bin/sbt compile" } } /*stage('Unit Test') { steps { echo "Testing..." sh "${tool name: 'sbt', type: 'org.jvnet.hudson.plugins.SbtPluginBuilder$SbtInstallation'}/bin/sbt coverage 'test-only * -- -F 4'" sh "${tool name: 'sbt', type: 'org.jvnet.hudson.plugins.SbtPluginBuilder$SbtInstallation'}/bin/sbt coverageReport" sh "${tool name: 'sbt', type: 'org.jvnet.hudson.plugins.SbtPluginBuilder$SbtInstallation'}/bin/sbt scalastyle || true" } }*/ stage('DockerPublish') { steps { echo "Docker Stage ..." // Generate Jenkinsfile and prepare the artifact files. sh "${tool name: 'sbt', type: 'org.jvnet.hudson.plugins.SbtPluginBuilder$SbtInstallation'}/bin/sbt docker:stage" echo "Docker Build-2 ..." // Run the Docker tool to build the image script { docker.withTool('docker') { echo "D1- ..." //withDockerServer([credentialsId: "AWS-Jenkins-Build-Slave", uri: "tcp://192.168.0.29:2376"]) { echo "D2- ..." sh "printenv" echo "D3- ..." //sh "docker images" echo "D4- ..." docker.build('my-app:latest', 'target/docker/stage') echo "D5- ..." //base.push("tmp-fromjenkins") //} } } } } } }
我的决心:
我在Jenkinsfile中添加一些步骤,并获得:
pipeline { agent any //def app stages { stage('Build') { steps { echo "Compiling..." sh "${tool name: 'sbt', type: 'org.jvnet.hudson.plugins.SbtPluginBuilder$SbtInstallation'}/bin/sbt compile" } } stage('DockerPublish') { steps { echo "Docker Stage ..." // Generate Jenkinsfile and prepare the artifact files. sh "${tool name: 'sbt', type: 'org.jvnet.hudson.plugins.SbtPluginBuilder$SbtInstallation'}/bin/sbt docker:stage" echo "Docker Build ..." // Run the Docker tool to build the image script { docker.withTool('docker') { echo "Environment:" sh "printenv" app = docker.build('ivanbuh/myservice:latest', 'target/docker/stage') echo "Push to Docker repository ..." docker.withRegistry('https://registry.hub.docker.com', 'docker-hub-credentials') { app.push("${env.BUILD_NUMBER}") app.push("latest") } echo "Complated ..." } } } } //https://boxboat.com/2017/05/30/jenkins-blue-ocean-pipeline/ //https://gist.github.com/bvis/68f3ab6946134f7379c80f1a9132057a stage ('Deploy') { steps { sh "docker stack deploy myservice --compose-file docker-compose.yml" } } } }
你可以看看“ Docker在Jenkinspipe道中的Docker ”。 它包括以下步骤:
在Jenkinsfile内部,我需要将我的构build容器连接到外部的Docker实例。 这是通过安装Docker套接字来完成的:
docker.build('my-build-image').inside("--volume=/var/run/docker.sock:/var/run/docker.sock") { // The build here }
您可以在“ 在Docker和Jenkins中使用Docker构build容器 ”中看到类似的方法。
为了使主机系统的Docker可用,我需要使API可用于Jenkins docker容器。 您可以通过映射父系统上可用的docker套接字来完成此操作。
我已经创build了一个小的docker-compose文件,在这里我的卷和docker套接字如下所示:
jenkins: container_name: jenkins image: myjenkins:latest ports: - "8080:8080" volumes: - /Users/devuser/dev/docker/volumes/jenkins:/var/jenkins_home - /var/run:/var/run:rw
请注意特殊映射“
/var/run”和rw权限,这是确保Jenkins容器可以访问主机系统docker.sock。
而且,正如我之前提到的 ,您可能需要以特权模式运行docker。
或者,正如OP报告的那样:
sudo chmod 0777 /var/run/docker.sock