linux - Access docker.sock from inside a container -
i'm running jenkins docker container need build , run dockers. container started using -v /var/run/docker.sock:/var/run/docker.sock. problem i'm getting access denied when jenkins (from inside container) tries use it.
this i've tried far no luck:
- create jenkins user in host , add docker group.
- start docker daemon
-g jenkinsparameter socket owned jenkins group instead of docker one. jenkins being executed jenkins user belongs jenkins group inside container.
the thing worked "hack" don't @ all: i've modified id of jenkins group inside container match group id of docker.sock.
any suggestion on how solve in more elegant way appreciated.
this sounds basic unix permissions problem. access file (or socket), need either (a) root or (b) have numeric uid or gid permits access based on file mode.
if running inside container , want have access on host, you're going have either run things inside container root or you're going have work out uid/gid synchronization between host , container.
one way deal latter problem pass in target gid when start container , have entrypoint script set appopriate users/groups before starting cmd. like:
if [ "$docker_gid" ]; groupadd -g $docker_gid hostdocker usermod -a -g hostdocker jenkins fi exec "$@"
Comments
Post a Comment