Morioh
Login
Vern Greenholt

Vern Greenholt

3 years ago

In our company, we currently run all internal services on dockers, for example, Gitlab, YouTrack, and Jenkins. It gives is high flexibility but also produces specific issues. Today I want to talk about one of them — docker inside docker. I assume that you already know Docker, Jenkins, and Ubuntu (or other Linux), because we use them as an example.

For our CI, we decided to use Jenkins. We use the dockerized version: https://hub.docker.com/r/jenkins/jenkins/. We build multiple different projects, which require different environments. Because of that, we choose to run all tasks in separate dockers. This way, we can have a different setting for each project. Such an environment is managed by developers and is the same as on their machines and preview servers. When we do that, we run docker inside docker. After some research, we decided to run a docker with a host daemon instead of a container inside the container. With that, we encounter issues with permissions for docker.sock. Let’s get through each step and solve all problems together.

What is going on?

Let’s start by understanding what is going on.

Our main machine is a host for Jenkins container. When Jenkins needs to run tasks, it builds a docker container and runs specific commands on it. So we run dockers for jobs on our docker with Jenkins. If you try to run a virtual machine on a virtual machine, you can encounter many issues.

But there is the way to run all dockers outside our container, directly on the host. In that case, all docker commands dispatched inside the container will be processed on the host machine. How is it so? All docker commands are run by docker service, which is available via socket. When we run cli, the application sends a command to service via that socket. By default, the socket is exposed as a file, for example /var/run/docker.sock. So if we’ll run cli on the container, and it will communicate with service on the host instead that on the container, then we’ll get the possibility to run docker on the host from containers. The only thing which we need to do is mount that exposed socket inside the container instead of its default socket. Let’s do it with our Jenkins.

#jenkins #docker #programming #devops

Docker inside Docker for Jenkins

itnext.io

Docker inside Docker for Jenkins

Let’s run Jenkins on docker with jobs running on docker too. We’ll run container inside container and fix docker.sock permission denied.

1.15 GEEK