Record of Jenkins' step hole installation with container

In order to facilitate the start command of the management container, the docker compose command is used together with docker-compose.yml File start container. Basic use can Refer here.

About how to install Jenkins in Docker, Reference here.

If you just want to see the final docker-compose.yml File, skip to the last part.

My CentOS7 kernel has been upgraded to 4.15. The details of the version are as follows:

# uname -a
Linux VM_139_74_centos 4.15.6-1.el7.elrepo.x86_64 #1 SMP Sun Feb 25 20:57:32 EST 2018 x86_64 x86_64 x86_64 GNU/Linux

 

1. docker: not found

First, to use the commands on the host in the container of CentOS7, you need to use the root user in the container (you can also run as jenkins user, but you need to add jenkins user in the container to the docker group, and view the GID of the docker group through the grep docker /etc/group command).

docker-compose.yml The sample file is as follows:

version: '3'

services:
  jenkins-compose:
    image: jenkins
    user: root
    ports:
     - "8088:8080"
     - "50000:50000"
    volumes:
     - /var/run/docker.sock:/var/run/docker.sock
     - /home/demo/jenkins-compose:/var/jenkins_home

among

  • user: root means to run as root user in the container
  • /var/run/docker.sock:/var/run/docker.sock Represents the Unix socket that the docker daemons listen on. This option is required to use the docker command in the Jenkins container.

However, it was wrongly reported:

/var/jenkins_home/workspace/first@tmp/durable-859cc63c/script.sh: 2: /var/jenkins_home/workspace/first@tmp/durable-859cc63c/script.sh: docker: not found

 

After searching data, there are two ways to use the docker command of the host in the container:

  • Add privileges to the Jenkins container, map the docker command of the host to the container through - v, so that it can directly run the docker command on the host where the container is located, which is called DooD.
  • Installing docker in the Jenkins container is called DioD. But this may lead to inexplicable problems, not recommended, cause reference This article . If you want to install it, please refer to here.

Docker above- compose.yml The first method is to map the docker command of the host to the container through - v /usr/bin/docker:/usr/bin/docker. Here, / usr/bin/docker before the colon indicates the installation location of the docker command on the host. If you do not use the default installation location, you need to replace it with your actual location. You can view the installation location of the docker command through which docker.

2. docker: Permission denied

Modified docker-compose.yml The sample file is as follows:

version: '3'

services:
  jenkins-compose:
    image: jenkins
    user: root
    ports:
     - "8088:8080"
     - "50000:50000"
    volumes:
     - /var/run/docker.sock:/var/run/docker.sock
     - /usr/bin/docker:/usr/bin/docker
     - /home/demo/jenkins-compose:/var/jenkins_home

 

However, the error was reported again:

/var/jenkins_home/workspace/first@tmp/durable-f92a2624/script.sh: 2: /var/jenkins_home/workspace/first@tmp/durable-f92a2624/script.sh: docker: Permission denied

 

When using the root user in the container, you need to give the container Assign privileged privileges In this way, the root user in the container can have the same permissions as the root user on the host. You can see if the container has privileges by using the following command:

docker inspect --format='{{.HostConfig.Privileged }}'ID of your container

 

3. Not found libltdl.so.7

Modified docker again- compose.yml The sample file is as follows:

version: '3'

services:
  jenkins-compose:
    image: jenkins
    privileged: true
    user: root
    ports:
     - "8088:8080"
     - "50000:50000"
    volumes:
     - /var/run/docker.sock:/var/run/docker.sock
     - /home/demo/jenkins-compose:/var/jenkins_home
     - /usr/bin/docker:/usr/bin/docker

 

among

  • privileged: true indicates that the current container has privileges

This error is reported as follows:

docker: error while loading shared libraries: libltdl.so.7: cannot open shared object file: No such file or directory

 

This error indicates that the image where Jenkins is located can execute the docker command, but the library required to execute the docker command is still missing. There are two options:

  • Map the library of the host to the container
  • Install the missing library in the container

Because I'm lazy, I don't want to create an intermediate image, but I also want to use the official default image as much as possible, so I chose scheme one. The library may not be installed on CentOS7, but it doesn't matter. You can easily install it by using the yum install command

yum install libltdl.so.7

 

After installation, check the installation location to prepare for using the volume:

which libltdl.so.7

 

My installation location here is:

/usr/lib64/libltdl.so.7

 

The location to use this library in Jenkins image is / usr/lib/x86_64-linux-gnu/libltdl.so.7, by - v mapping.

4. Complete analysis

The complete error reporting content is as follows:

Using sole credentials lihongfeng/****** in realm '<svn://111.230.25.113:3690> jenkins demo'
[Pipeline] node
Running on Jenkins in /var/jenkins_home/workspace/demo-pipeline
[Pipeline] {
[Pipeline] sh
[demo-pipeline] Running shell script
+ docker inspect -f . golang:1.10
/var/jenkins_home/workspace/demo-pipeline@tmp/durable-d5484068/script.sh: 2: /var/jenkins_home/workspace/demo-pipeline@tmp/durable-d5484068/script.sh: docker: not found
[Pipeline] sh
[demo-pipeline] Running shell script
+ docker pull golang:1.10
/var/jenkins_home/workspace/demo-pipeline@tmp/durable-3aaa5181/script.sh: 2: /var/jenkins_home/workspace/demo-pipeline@tmp/durable-3aaa5181/script.sh: docker: not found
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
ERROR: script returned exit code 127
Finished: FAILURE

 

In fact, through

docker run -p 8080:8080 -p 50000:50000 privildged -v /var/run/docker.sock:/var/run/docker.sock jenkins

 

When the command starts Jenkins, - v /var/run/docker.sock:/var/run/docker.sock It means that the container can communicate with the docker daemons, and there is no problem on the Linux of Ubuntu series (not verified on Ubuntu for the time being), but when docker is running on the Linux of red hat series (RHEL, CentOS, Fedora, etc.), an error will be reported on docker because of SELinux: not found. Solutions in here.

5. Finally available docker-compose.yml file

version: '3'

services:
  jenkins-compose:
    image: jenkins
    privileged: true
    user: root
    ports:
     - "8088:8080"
     - "50000:50000"
    volumes:
     - /var/run/docker.sock:/var/run/docker.sock
     - /usr/bin/docker:/usr/bin/docker
     - /usr/lib64/libltdl.so.7:/usr/lib/x86_64-linux-gnu/libltdl.so.7
     - /home/demo/jenkins-compose:/var/jenkins_home

 

among

  • image: jenkins means to use the latest version from the official Jenkins repository
  • privileged: true indicates that the current container has privileges
  • user: root means to use root user in the container
  • ports represents port mapping
    • "8088:8080" maps port 8088 of the host to port 8080 of the container (Jenkins listens to port 8080 by default)
    • "50000:50000" requires this configuration only when one or more JNLP based Jenkins agents are set up on other hosts, and these agents interact with the Jenkins CI / BlueOcean container (as the main Jenkins server "Jenkins master").
  • volumes represents the disk mapping
    • /usr/bin/docker:/usr/bin/docker means to map the docker command in the host to the container
    • /home/demo/jenkins-compose:/var/jenkins_home means to map the / home / demo / Jenkins compose directory in the host to the container as the working directory of Jenkins

Tags: Docker jenkins Linux Permission denied

Posted on Sun, 28 Jun 2020 22:41:11 -0400 by deadlyp99