Issue
I am trying to get docker running on Jenkins which itself is a container. Below is part of the Pod spec.
cyrilpanicker/jenkins
is an image with Jenkins and docker-cli installed.
For Docker daemon, I am running another container with docker:dind
image (The nodes are running on a k8s cluster).
And to get docker.sock
linked between them, I am using volume mounts.
spec:
containers:
- name: jenkins
image: cyrilpanicker/jenkins
volumeMounts:
- mountPath: /var/run/docker.sock
name: docker-socket
- name: docker
image: docker:dind
securityContext:
privileged: true
volumeMounts:
- mountPath: /var/run/docker.sock
name: docker-socket
volumes:
- name: docker-socket
hostPath:
path: /docker.sock
type: FileOrCreate
But this is not working. Below are the logs from the docker
container.
time="2021-06-04T20:47:26.059792967Z" level=info msg="Starting up"
time="2021-06-04T20:47:26.061956820Z" level=warning msg="could not change group /var/run/docker.sock to docker: group docker not found"
failed to load listeners: can't create unix socket /var/run/docker.sock: device or resource busy
Can anyone suggest another way to get this working?
Solution
According to the kubernetes docs, hostPath
mounts a path from node filesystem, so if I understand correctly, this is not what you want to achieve.
I'm afraid that it isn't possible do mount single file as a volume, so even if you remove hostPath
from volumes
, docker.sock
will be mounted as directory:
jenkins@static-web:/$ ls -la /var/run/
total 20
drwxr-xr-x 1 root root 4096 Jun 5 14:44 .
drwxr-xr-x 1 root root 4096 Jun 5 14:44 ..
drwxrwxrwx 2 root root 4096 Jun 5 14:44 docker.sock
I would try to run docker daemon in dind container with TCP listener instead of sock file:
spec:
containers:
- name: jenkins
image: cyrilpanicker/jenkins
- name: docker
image: docker:dind
command: ["dockerd"]
args: ["-H", "tcp://127.0.0.1:2376"]
ports:
- containerPort: 2376
securityContext:
privileged: true
jenkins@static-web:/$ docker -H tcp://127.0.0.1:2376 ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
And then configure jenkins to use tcp://127.0.0.1:2376
as a remote docker daemon.
Answered By - Arek
Answer Checked By - Mary Flores (JavaFixing Volunteer)