英文:
Jenkins using Kubernetes plugin - Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
问题
在Kubernetes插件上使用Jenkins,并将Jenkins作为代码。
尝试使用'docker build'时遇到以下错误:
无法连接到unix:///var/run/docker.sock的Docker守护程序。Docker守护程序是否正在运行?
- 我尝试挂载/var/run/docker.sock,但仍然无法工作。
- 我尝试使用runAsUser: root以root权限运行,但仍然无法工作。
我的Jenkins作为代码的Pod模板配置 -
Jenkins:config:
chart: jenkins
namespace: default
repo: https://charts.jenkins.io
values:
agent:
enabled: true
podTemplates:
jenkins-slave-pod: |
- name: jenkins-xxx-pod
label: ecs-slave
serviceAccount: jenkins-xxx-prod
containers:
- name: main
image: '805xxxx.dkr.ecr.us-west-2.amazonaws.com/slave:ecs-xxxx-node_master-3'
command: "sleep"
args: "30d"
privileged: true
runAsUser: root
volumes:
- hostPathVolume:
hostPath: "/var/run/docker.sock"
mountPath: "/var/run/docker.sock"
英文:
Using Jenkins on Kubernetes plugin and using Jenkins as a code.
I'm getting this error when trying to use 'docker build'
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
- I tried to mount /var/run/docker.sock.. but still not working..
- I tried to use runAsUser: root to run with root permissions... but still not working..
My Jenkins as a code pod template configuration -
Jenkins:config:
chart: jenkins
namespace: default
repo: https://charts.jenkins.io
values:
agent:
enabled: true
podTemplates:
jenkins-slave-pod: |
- name: jenkins-xxx-pod
label: ecs-slave
serviceAccount: jenkins-xxx-prod
containers:
- name: main
image: '805xxxx.dkr.ecr.us-west-2.amazonaws.com/slave:ecs-xxxx-node_master-3'
command: "sleep"
args: "30d"
privileged: true
runAsUser: root
volumes:
- hostPathVolume:
hostPath: "/var/run/docker.sock"
mountPath: "/var/run/docker.sock"
答案1
得分: 3
I assume that you are using k8s >= v1.24 where docker
as runtime is not supported anymore.
I would also add that mounting docker
socket is not a good practice from a security perspective.
If you want to build a container image in k8s, please use podman or kaniko.
英文:
I assume that you are using k8s >= v1.24 where docker
as runtime is not supported anymore.
I would also add that mounting docker
socket is not a good practice from security perspective.
If you want to build container image in k8s please use podman or kaniko.
答案2
得分: 1
有一些可能导致该错误的原因。
- Docker守护程序未运行。
- Docker没有干净地关闭。
- 缺乏root权限来启动Docker服务。
以下是一些您可以尝试的故障排除步骤:
-
使用Systemctl启动Docker服务。
-
使用Snap启动Docker服务。
-
清除“Failed Docker Pull”并启动Docker服务。
-
为没有root权限的用户启动Docker。
-
重新安装Docker。
以上信息来自Daisy编写的文档,您可以按照同样的文档获取更详细的步骤。
英文:
There are some possible reasons which cause that error.
- Docker daemon is not running.
- Docker did not shut down cleanly.
- Lack of root privileges to start the docker service
Here are some troubleshooting steps which you can try:
-
Use Systemctl to Start the Docker Service.
-
Use Snap to Start the Docker Service.
-
Clean a "Failed Docker Pull" and Start the Docker Service.
-
Start Docker for Users Without Root Privileges.
-
Reinstall Docker.
The above information is derived from the document written by Daisy for more detailed steps you can follow the same document.
答案3
得分: 1
你需要将你的Jenkins代理(内含Docker客户端)连接到远程Docker守护程序,以便使Docker命令执行成功。
实现这一目标的一个选项是使用Jenkins Docker in Docker Agent,其中Docker守护程序在与Jenkins代理的容器位于同一Pod内的容器中运行,该Jenkins代理内含有Docker客户端。
additionalAgents:
dind:
podName: dind-agent
customJenkinsLabels: dind-agent
image: dind-client-jenkins-agent
tag: latest
envVars:
- name: DOCKER_HOST
value: "tcp://localhost:2375"
alwaysPullImage: true
yamlTemplate: |-
spec:
containers:
- name: dind-daemon
image: docker:20.10-dind
securityContext:
privileged: true
env:
- name: DOCKER_TLS_VERIFY
value: ""
免责声明:本文作者为我。
英文:
You need to connect your jenkins agent (with docker client inside) to remote docker daemon for docker commands to succeed.
One option to achieve this is to use Jenkins Docker in Docker Agent where docker daemon runs inside a container in the same pod with a container of jenkins agent which has docker client inside it.
additionalAgents:
dind:
podName: dind-agent
customJenkinsLabels: dind-agent
image: dind-client-jenkins-agent
tag: latest
envVars:
- name: DOCKER_HOST
value: "tcp://localhost:2375"
alwaysPullImage: true
yamlTemplate: |-
spec:
containers:
- name: dind-daemon
image: docker:20.10-dind
securityContext:
privileged: true
env:
- name: DOCKER_TLS_VERIFY
value: ""
Disclaimer: I wrote this article
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论