linux – 为什么Jenkins用户没有权限访问Docker unix套接字？

我已经将jenkins用户添加到docker组,认为它允许Jenkins作业运行Docker命令.如果我切换到jenkins用户,我可以验证它是否有效(手动)：

ubuntu@hostname:~$ps aux | grep java jenkins 2210 9.5 7.5 1950316 292896 ? Sl 00:01 1:00 /usr/bin/java -jar /data/jenkins/jenkins-1.586.war --httpPort=8080 -Xloggc:/var/log/jenkins/gc.log ubuntu@hostname:~$getent group docker docker:x:999:jenkins ubuntu@hostname:~$ls -la /var/run/docker.* -rw-r--r-- 1 root root 4 Oct 23 18:32 /var/run/docker.pid srw-rw---- 1 root docker 0 Oct 23 18:32 /var/run/docker.sock ubuntu@hostname:~$sudo su -s /bin/bash jenkins jenkins@hostname:/home/ubuntu$docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES@H_404_3@

但是,在Jenkins构建/作业期间,它没有权限：

# Job log
Started by user Matt Wright
Building on master in workspace /data/jenkins/jobs/docker-base-images-build/workspace
[ssh-agent] Using credentials CI-jenkins
[ssh-agent] Looking for ssh-agent implementation...
[ssh-agent]   Java/JNR ssh-agent
[ssh-agent] Started.
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url git@github.com:<redacted>/docker-base-images.git # timeout=10
Fetching upstream changes from git@github.com:<redacted>/docker-base-images.git
 > git --version # timeout=10
using GIT_SSH to set credentials 
 > git fetch --tags --progress git@github.com:<redacted>/docker-base-images.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/master^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision 83c4463e7195b412a3a803dd7338210c1a772f55 (refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 83c4463e7195b412a3a803dd7338210c1a772f55
 > git rev-list 83c4463e7195b412a3a803dd7338210c1a772f55 # timeout=10
[workspace] $/bin/sh -xe /tmp/hudson5606381166745886966.sh
+ ./build.sh
Sending build context to Docker daemon 
2014/10/24 16:14:18 Post http:///var/run/docker.sock/v1.15/build?rm=1&t=<redacted>%2Fpython%3A3.4: dial unix /var/run/docker.sock: permission denied
Build step 'Execute shell' marked build as failure
[ssh-agent] Stopped.
Notifying upstream projects of job completion
Finished: FAILURE@H_404_3@ 
 这是Docker 1.3.0和Ubuntu 14.04.1.有什么线索吗？

解决方法

我认为给jenkins组权限的docker unix socket解决了这个问题.可以通过添加此行在@R_502_382@中配置docker守护程序启动选项来修改此问题

DOCKER_OPTS=' -G jenkins'@H_404_3@

在ubuntu / etc / default / docker中是docker@R_502_382@.

原文链接：https://www.f2er.com/linux/401097.html

linux – 为什么Jenkins用户没有权限访问Docker unix套接字？

解决方法

猜你在找的Linux相关文章