In order to facilitate the start command of the management container, the docker compose command is used together with docker-compose.yml File start container. Basic use can Refer here.
About how to install Jenkins in Docker, Reference here.
If you just want to see the final docker-compose.yml File, skip to the last part.
My CentOS7 kernel has been upgraded to 4.15. The details of the version are as follows:
# uname -a Linux VM_139_74_centos 4.15.6-1.el7.elrepo.x86_64 #1 SMP Sun Feb 25 20:57:32 EST 2018 x86_64 x86_64 x86_64 GNU/Linux
1. docker: not found
First, to use the commands on the host in the container of CentOS7, you need to use the root user in the container (you can also run as jenkins user, but you need to add jenkins user in the container to the docker group, and view the GID of the docker group through the grep docker /etc/group command).
docker-compose.yml The sample file is as follows:
version: '3' services: jenkins-compose: image: jenkins user: root ports: - "8088:8080" - "50000:50000" volumes: - /var/run/docker.sock:/var/run/docker.sock - /home/demo/jenkins-compose:/var/jenkins_home
among
- user: root means to run as root user in the container
- /var/run/docker.sock:/var/run/docker.sock Represents the Unix socket that the docker daemons listen on. This option is required to use the docker command in the Jenkins container.
However, it was wrongly reported:
/var/jenkins_home/workspace/first@tmp/durable-859cc63c/script.sh: 2: /var/jenkins_home/workspace/first@tmp/durable-859cc63c/script.sh: docker: not found
After searching data, there are two ways to use the docker command of the host in the container:
- Add privileges to the Jenkins container, map the docker command of the host to the container through - v, so that it can directly run the docker command on the host where the container is located, which is called DooD.
- Installing docker in the Jenkins container is called DioD. But this may lead to inexplicable problems, not recommended, cause reference This article . If you want to install it, please refer to here.
Docker above- compose.yml The first method is to map the docker command of the host to the container through - v /usr/bin/docker:/usr/bin/docker. Here, / usr/bin/docker before the colon indicates the installation location of the docker command on the host. If you do not use the default installation location, you need to replace it with your actual location. You can view the installation location of the docker command through which docker.
2. docker: Permission deniedModified docker-compose.yml The sample file is as follows:
version: '3' services: jenkins-compose: image: jenkins user: root ports: - "8088:8080" - "50000:50000" volumes: - /var/run/docker.sock:/var/run/docker.sock - /usr/bin/docker:/usr/bin/docker - /home/demo/jenkins-compose:/var/jenkins_home
However, the error was reported again:
/var/jenkins_home/workspace/first@tmp/durable-f92a2624/script.sh: 2: /var/jenkins_home/workspace/first@tmp/durable-f92a2624/script.sh: docker: Permission denied
When using the root user in the container, you need to give the container Assign privileged privileges In this way, the root user in the container can have the same permissions as the root user on the host. You can see if the container has privileges by using the following command:
docker inspect --format='{{.HostConfig.Privileged }}'ID of your container3. Not found libltdl.so.7
Modified docker again- compose.yml The sample file is as follows:
version: '3' services: jenkins-compose: image: jenkins privileged: true user: root ports: - "8088:8080" - "50000:50000" volumes: - /var/run/docker.sock:/var/run/docker.sock - /home/demo/jenkins-compose:/var/jenkins_home - /usr/bin/docker:/usr/bin/docker
among
- privileged: true indicates that the current container has privileges
This error is reported as follows:
docker: error while loading shared libraries: libltdl.so.7: cannot open shared object file: No such file or directory
This error indicates that the image where Jenkins is located can execute the docker command, but the library required to execute the docker command is still missing. There are two options:
- Map the library of the host to the container
- Install the missing library in the container
Because I'm lazy, I don't want to create an intermediate image, but I also want to use the official default image as much as possible, so I chose scheme one. The library may not be installed on CentOS7, but it doesn't matter. You can easily install it by using the yum install command
yum install libltdl.so.7
After installation, check the installation location to prepare for using the volume:
which libltdl.so.7
My installation location here is:
/usr/lib64/libltdl.so.7
The location to use this library in Jenkins image is / usr/lib/x86_64-linux-gnu/libltdl.so.7, by - v mapping.
4. Complete analysisThe complete error reporting content is as follows:
Using sole credentials lihongfeng/****** in realm '<svn://111.230.25.113:3690> jenkins demo' [Pipeline] node Running on Jenkins in /var/jenkins_home/workspace/demo-pipeline [Pipeline] { [Pipeline] sh [demo-pipeline] Running shell script + docker inspect -f . golang:1.10 /var/jenkins_home/workspace/demo-pipeline@tmp/durable-d5484068/script.sh: 2: /var/jenkins_home/workspace/demo-pipeline@tmp/durable-d5484068/script.sh: docker: not found [Pipeline] sh [demo-pipeline] Running shell script + docker pull golang:1.10 /var/jenkins_home/workspace/demo-pipeline@tmp/durable-3aaa5181/script.sh: 2: /var/jenkins_home/workspace/demo-pipeline@tmp/durable-3aaa5181/script.sh: docker: not found [Pipeline] } [Pipeline] // node [Pipeline] End of Pipeline ERROR: script returned exit code 127 Finished: FAILURE
In fact, through
docker run -p 8080:8080 -p 50000:50000 privildged -v /var/run/docker.sock:/var/run/docker.sock jenkins
When the command starts Jenkins, - v /var/run/docker.sock:/var/run/docker.sock It means that the container can communicate with the docker daemons, and there is no problem on the Linux of Ubuntu series (not verified on Ubuntu for the time being), but when docker is running on the Linux of red hat series (RHEL, CentOS, Fedora, etc.), an error will be reported on docker because of SELinux: not found. Solutions in here.
5. Finally available docker-compose.yml fileversion: '3' services: jenkins-compose: image: jenkins privileged: true user: root ports: - "8088:8080" - "50000:50000" volumes: - /var/run/docker.sock:/var/run/docker.sock - /usr/bin/docker:/usr/bin/docker - /usr/lib64/libltdl.so.7:/usr/lib/x86_64-linux-gnu/libltdl.so.7 - /home/demo/jenkins-compose:/var/jenkins_home
among
- image: jenkins means to use the latest version from the official Jenkins repository
- privileged: true indicates that the current container has privileges
- user: root means to use root user in the container
- ports represents port mapping
- "8088:8080" maps port 8088 of the host to port 8080 of the container (Jenkins listens to port 8080 by default)
- "50000:50000" requires this configuration only when one or more JNLP based Jenkins agents are set up on other hosts, and these agents interact with the Jenkins CI / BlueOcean container (as the main Jenkins server "Jenkins master").
- volumes represents the disk mapping
- /usr/bin/docker:/usr/bin/docker means to map the docker command in the host to the container
- /home/demo/jenkins-compose:/var/jenkins_home means to map the / home / demo / Jenkins compose directory in the host to the container as the working directory of Jenkins