我是 Dev Ops 新手,正在尝试使用 Jenkins 构建代码并将其上传到托管在 IBM 云上的 kubernetes 集群上。但是当我在 Jenkins 脚本中运行 Docker run 命令时,我不断收到此错误。安装了所有最新的插件并且
+ docker run hello-world
docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
这是 Jenkins 脚本,我不知道是对还是错。我搜索了几篇文章和问题。他们都没有给我一个积极的结果。 尝试过这个Jenkins Docker in Docker on GCP/Kubernetes .
podTemplate(
cloud: "kubernetes",
label:"mypod",
containers:[
containerTemplate(
name:"nodejs",
image:"node",
ttyEnabled:true,
command:'cat',
alwaysPullImage: true,
resourceRequestCpu: '200m',
resourceRequestMemory: '100Mi',
),
containerTemplate(
name:"docker",
image:"",
ttyEnabled:true,
command:'cat',
alwaysPullImage: true,
resourceRequestCpu: '200m',
resourceRequestMemory: '100Mi',
),
containerTemplate(
name:"helm",
image:"alpine/helm",
ttyEnabled:true,
command:'cat',
alwaysPullImage: true,
resourceRequestCpu: '200m',
resourceRequestMemory: '100Mi',
)
],
volumes:[
hostPathVolume(hostPath: '/var/run/docker.sock', mountPath: '/var/run/docker.sock')
]
){
node("mypod"){
def commitId
stage ("Fetch repo"){
checkout scm
commitId = sh(script: 'git rev-parse --short HEAD',returnStdout:true).trim()
}
stage ("Installing packages"){
container("nodejs"){
sh 'npm install'
}
}
stage ("Build"){
container("nodejs"){
sh 'npm run build'
}
}
def repository
stage ("Docker"){
container('docker'){
docker.withRegistry("https://us.icr.io/api","ibm-cloud"){
sh "docker run hello-world"
}
}
}
stage ("Deploy"){
container ("helm"){
sh 'helm version'
}
}
}
}
这是我的 Jenkins pod 的部署文件
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins-uat
labels:
app: jenkins
chart: jenkins-5.0.18
release: jenkins-uat
heritage: Helm
spec:
selector:
matchLabels:
app: jenkins
release: jenkins-uat
template:
metadata:
labels:
app: jenkins
chart: jenkins-5.0.18
release: jenkins-uat
heritage: Helm
spec:
securityContext:
fsGroup: 1001
containers:
- name: jenkins
image: docker.io/bitnami/jenkins:2.235.1-debian-10-r7
imagePullPolicy: "IfNotPresent"
securityContext:
runAsUser: 1001
env:
- name: JENKINS_USERNAME
value: "hlpjenkin"
- name: JENKINS_PASSWORD
valueFrom:
secretKeyRef:
name: jenkins-uat
key: jenkins-password
- name: JENKINS_HOME
value: "/opt/bitnami/jenkins/jenkins_home"
- name: DISABLE_JENKINS_INITIALIZATION
value: "no"
ports:
- name: http
containerPort: 8080
- name: https
containerPort: 8443
livenessProbe:
httpGet:
path: /login
port: http
initialDelaySeconds: 180
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 6
readinessProbe:
httpGet:
path: /login
port: http
initialDelaySeconds: 30
periodSeconds: 5
timeoutSeconds: 3
successThreshold: 1
failureThreshold: 3
resources:
limits: {}
requests:
cpu: 300m
memory: 512Mi
volumeMounts:
- name: jenkins-data
mountPath: /bitnami/jenkins
volumes:
- name: jenkins-data
persistentVolumeClaim:
claimName: jenkins-uat
最佳答案
因此,我已将 Jenkins 作为容器安装在我的 k8s 集群中:) 并设法重现相同的错误:
docker run --rm hello-world
docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
See 'docker run --help'.
如何修复。
为了解决这个问题,您肯定需要访问 K8s 节点上的 Docker。 jpetazzo 很好地解释了其工作原理。 .
从技术上讲,您不需要“Docker in Docker”(即 Docker 中的“完整 Docker 设置”)。您只希望能够从 CI 系统运行 Docker,而该 CI 系统本身位于容器中。这样你的 CI 系统(比如 Jenkins)就可以启动容器了。
因此,当您启动 CI 容器(Jenkins 或其他)时,不要与 Docker-in-Docker 一起破解某些内容,而是通过访问 /var/run/docker.sock 来启动它主要主持人。
下面你可以看到我的Yamls的部分对此负责。
这使得我的 CI 容器能够访问 Docker 套接字,因此 CI 容器将能够启动容器。
只不过它不会启动“子”容器,而是启动“同级”容器,但这在我们的上下文中完全没问题。
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
...
spec:
template:
spec:
containers:
- env:
volumeMounts:
- mountPath: /var/run/docker.sock
name: docker-sock
...
volumes:
- hostPath:
path: /var/run/docker.sock
type: File
name: docker-sock
因此,就我而言,我创建的管道会生成以下日志:
####pipeline
pipeline {
agent any
stages {
stage('second_stage'){
steps{
sh 'docker run --rm hello-world'
}
}
}
}
####logs
+ docker run --rm hello-world
Hello from Docker!
关于docker - Jenkins 构建的 Docker 守护进程未在 kubernetes 集群上运行,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/63451837/