[JENKINS-64608] Detection "running inside container" fails with cgroup namespace "private" for docker daemon - Jenkins Jira

Type: Bug
Resolution: Fixed
Priority: Minor
Component/s: docker-workflow-plugin
Labels:
- cgroup
- docker
Environment:
jenkins version 2.263.1
docker-workflow version 1.25
docker 20.10.2
arch linux with kernel 5.4.86-1-lts (/proc/cmdline contains systemd.unified_cgroup_hierarchy=1 cgroup_no_v1=all)
cgroups v2 enabled
cgroups v1 disabled

Similar Issues:
Powered by SuggestiMate

Show
Released As:
https://github.com/jenkinsci/docker-workflow-plugin/releases/tag/528.v7c193a_0b_e67c

With cgroups v2 running on the host there is a change to the behavior of the docker daemon regarding cgroups:

The default cgroup namespace mode (docker run --cgroupns) is "private" on v2, "host" on v1. (cf. https://github.com/docker/docker.github.io/blob/master/config/containers/runmetrics.md#running-docker-on-cgroup-v2).

Without any changes to the docker configuration the coding in src/main/java/org/jenkinsci/plugins/docker/workflow/client/ControlGroup.java of the docker-workflow-plugin fails, since /proc/self/cgroup does no longer contain the host-cgroup for the container.

A workaround is to set the option default-cgroupns-mode to "host" for the docker daemon.

Another way of detecting the containerization is needed.

is related to

JENKINS-66568 Pipeline withDockerContainer (docker-in-docker) unable to detect running inside container with cgroups v2

Resolved

relates to

JENKINS-65602 Durable task pipeline failed at sh initialisation

Open

links to

docker-workflow-plugin #280

Assignee:: Jesse Glick

Reporter:: Jörg

Votes:: 4 Vote for this issue

Watchers:: 8 Start watching this issue

Created:: 2021-01-13 16:40

Updated:: 2022-10-24 16:06

Resolved:: 2022-10-24 16:06

Details

Description

Attachments

Issue Links

Activity

People

Dates