Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-46799

Blueocean Docker Pipeline Failed | Cannot start docker container

      I started docker container using the specified switch using below command:

      docker run -p 8888:8080 --group-add docker jenkinsci/blueocean:latest

      But getting this error during pipeline execution.

      [jenkin-test_master-MXNJBW333G3XAISBGXCTVVZGS4GJ5DS6V6NEEORWPSORGJY5OCGA] Running shell script
      + docker pull php
      Using default tag: latest
      Warning: failed to get default registry endpoint from daemon (Cannot connect to the Docker daemon. Is the docker daemon running on this host?). Using system default: https://index.docker.io/v1/
      Cannot connect to the Docker daemon. Is the docker daemon running on this host?
      script returned exit code 1

          [JENKINS-46799] Blueocean Docker Pipeline Failed | Cannot start docker container

          Hi there!

          I'm able to start a docker inside jenkins using this commands:

          docker pull jenkinsci/blueocean
          docker run -u root -v /var/run/docker.sock:/var/run/docker.sock -p 8080:8080 -p 2375:2375 --name jenkins_blueocean jenkinsci/blueocean:latest
          

          I know that running jenkins with root user isn't the desired solution but for now it works for my purposes.

          Please remember to also activate the config "Expose daemon on tcp://localhost:2375 without TLS".

          Best regards,

          mtocchetto

          Marcelo Tocchetto added a comment - Hi there! I'm able to start a docker inside jenkins using this commands: docker pull jenkinsci/blueocean docker run -u root -v / var /run/docker.sock:/ var /run/docker.sock -p 8080:8080 -p 2375:2375 --name jenkins_blueocean jenkinsci/blueocean:latest I know that running jenkins with root user isn't the desired solution but for now it works for my purposes. Please remember to also activate the config "Expose daemon on tcp://localhost:2375 without TLS". Best regards, mtocchetto

          Marcelo Tocchetto added a comment - - edited

          I believe that the solution below also works:

          docker pull jenkinsci/blueocean
          docker run -v /var/run/docker.sock:/var/run/docker.sock -p 8080:8080 --name jenkins_blueocean jenkinsci/blueocean:latest
          

          Press Ctrl+C and then:

          docker exec -u root -ti jenkins_blueocean bash
          chown :jenkins /var/run/docker.sock
          

          Best regards,
          mtocchetto

          Marcelo Tocchetto added a comment - - edited I believe that the solution below also works: docker pull jenkinsci/blueocean docker run -v /var/run/docker.sock:/var/run/docker.sock -p 8080:8080 --name jenkins_blueocean jenkinsci/blueocean:latest Press Ctrl+C and then: docker exec -u root -ti jenkins_blueocean bash chown :jenkins /var/run/docker.sock Best regards, mtocchetto

          James Dumay added a comment -

          Thanks for the advice here mtocchetto. This is the right way to run docker within a docker container.

          James Dumay added a comment - Thanks for the advice here mtocchetto . This is the right way to run docker within a docker container.

          Enric Prats added a comment - - edited

          mtocchetto workaround is good but people should not have to change the docker image once downloaded and running. 

          This should be changed on the Dockerfile which builds the image.

           

          It's enough to add to the Jenkinsfile:

              # Allow Jenkins to run docker commands

              chown :jenkins /var/run/docker.sock

           

          I will try to figure how to make the pull request but I have never made one

          Enric Prats added a comment - - edited mtocchetto workaround is good but people should not have to change the docker image once downloaded and running.  This should be changed on the Dockerfile which builds the image.   It's enough to add to the Jenkinsfile:     # Allow Jenkins to run docker commands     chown :jenkins /var/run/docker.sock   I will try to figure how to make the pull request but I have never made one

          Gavin Mogan added a comment -

          I'm pretty sure you can use `--group-add` (I have it setup on my instance, I just forgot if this is why)

          on my system docker group is 978 `getent group docker | awk -F: '{print $3}'`

          so the following will make the jenkins user (which the container runs as) also have the GID of 978

          docker run -v /var/run/docker.sock:/var/run/docker.sock --group-add 978 -p 8080:8080 --name jenkins_blueocean jenkinsci/blueocean:latest

          Gavin Mogan added a comment - I'm pretty sure you can use `--group-add` (I have it setup on my instance, I just forgot if this is why) on my system docker group is 978 `getent group docker | awk -F: '{print $3}'` so the following will make the jenkins user (which the container runs as) also have the GID of 978 docker run -v / var /run/docker.sock:/ var /run/docker.sock --group-add 978 -p 8080:8080 --name jenkins_blueocean jenkinsci/blueocean:latest

          Gavin Mogan added a comment -

          I just tried it on my ubuntu laptop, group-add 999 and seems to work.

           

          Gavin Mogan added a comment - I just tried it on my ubuntu laptop, group-add 999 and seems to work.  

          Gavin Mogan added a comment -

          I think the key is --group-add takes in a GID, not a group name

          Gavin Mogan added a comment - I think the key is --group-add takes in a GID, not a group name

          Gavin Mogan added a comment -

          My bad, it does take in groups, but maps it to the containers group name, not the host's group names

          docker run --rm -v /var/run/docker.sock:/var/run/docker.sock --group-add 999 -p 8080:8080 --name jenkins_blueocean --entrypoint "" jenkinsci/blueocean:latest id 
          
          uid=1000(jenkins) gid=1000(jenkins) groups=1000(jenkins),999(ping) 

          vs

          docker run --rm -v /var/run/docker.sock:/var/run/docker.sock --group-add 999 -p 8080:8080 --name jenkins_blueocean --entrypoint "" jenkinsci/blueocean:latest id
            
          uid=1000(jenkins) gid=1000(jenkins) groups=1000(jenkins),999(ping)
          

          Gavin Mogan added a comment - My bad, it does take in groups, but maps it to the containers group name, not the host's group names docker run --rm -v / var /run/docker.sock:/ var /run/docker.sock --group-add 999 -p 8080:8080 --name jenkins_blueocean --entrypoint "" jenkinsci/blueocean:latest id uid=1000(jenkins) gid=1000(jenkins) groups=1000(jenkins),999(ping) vs docker run --rm -v / var /run/docker.sock:/ var /run/docker.sock --group-add 999 -p 8080:8080 --name jenkins_blueocean --entrypoint "" jenkinsci/blueocean:latest id    uid=1000(jenkins) gid=1000(jenkins) groups=1000(jenkins),999(ping)

          Enrique Diaz added a comment - - edited

          That solved one issue, but now I get the following problem:
          + docker inspect -f . node:6-alpine

          Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.39/containers/node:6-alpine/json: dial unix /var/run/docker.sock: connect: permission denied[Pipeline] isUnix[Pipeline] sh
          -------------------------
          The usual comment to address this is to do ---> sudo usermod -a -G docker $USER

          But that is not an option in mac. Any suggestions?

          Kind Regards.

          Enrique Diaz added a comment - - edited That solved one issue, but now I get the following problem: + docker inspect -f . node:6-alpine Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.39/containers/node:6-alpine/json : dial unix /var/run/docker.sock: connect: permission denied [Pipeline] isUnix [Pipeline] sh ------------------------- The usual comment to address this is to do ---> sudo usermod -a -G docker $USER But that is not an option in mac. Any suggestions? Kind Regards.

            Unassigned Unassigned
            shashwat Shashwat Tripathi
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: