Jenkins 构建 Docker 守护程序不在 kubernetes 集群上运行
[英]Jenkins build Docker daemon not running on kubernetes cluster
问题描述
I'm new to Dev Ops and trying to build my code using Jenkins and upload it on the kubernetes cluster which is hosted on the IBM cloud.
我是 Dev Ops 的新手,正在尝试使用 Jenkins 构建我的代码,并将其上传到托管在 IBM 云上的 kubernetes 集群上。 But when I run the Docker run command in the Jenkins script I keep getting this error.但是当我在 Jenkins 脚本中运行 Docker 运行命令时,我不断收到此错误。 Installed all the latest plugins and安装了所有最新的插件和
+ docker run hello-world
docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
Here's the Jenkins script which I don't know is right or wrong.这是我不知道是对还是错的 Jenkins 脚本。 I searched a couple of articles and question.我搜索了几篇文章和问题。 They all were not giving me a positive result.他们都没有给我一个积极的结果。 Tried this Jenkins Docker in Docker on GCP/Kubernetes . 在 GCP/Kubernetes 上的 Docker 中尝试了这个 Jenkins Docker 。
podTemplate(
cloud: "kubernetes",
label:"mypod",
containers:[
containerTemplate(
name:"nodejs",
image:"node",
ttyEnabled:true,
command:'cat',
alwaysPullImage: true,
resourceRequestCpu: '200m',
resourceRequestMemory: '100Mi',
),
containerTemplate(
name:"docker",
image:"",
ttyEnabled:true,
command:'cat',
alwaysPullImage: true,
resourceRequestCpu: '200m',
resourceRequestMemory: '100Mi',
),
containerTemplate(
name:"helm",
image:"alpine/helm",
ttyEnabled:true,
command:'cat',
alwaysPullImage: true,
resourceRequestCpu: '200m',
resourceRequestMemory: '100Mi',
)
],
volumes:[
hostPathVolume(hostPath: '/var/run/docker.sock', mountPath: '/var/run/docker.sock')
]
){
node("mypod"){
def commitId
stage ("Fetch repo"){
checkout scm
commitId = sh(script: 'git rev-parse --short HEAD',returnStdout:true).trim()
}
stage ("Installing packages"){
container("nodejs"){
sh 'npm install'
}
}
stage ("Build"){
container("nodejs"){
sh 'npm run build'
}
}
def repository
stage ("Docker"){
container('docker'){
docker.withRegistry("https://us.icr.io/api","ibm-cloud"){
sh "docker run hello-world"
}
}
}
stage ("Deploy"){
container ("helm"){
sh 'helm version'
}
}
}
}
This is the deployment file of my Jenkins pod这是我的 Jenkins pod 的部署文件
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins-uat
labels:
app: jenkins
chart: jenkins-5.0.18
release: jenkins-uat
heritage: Helm
spec:
selector:
matchLabels:
app: jenkins
release: jenkins-uat
template:
metadata:
labels:
app: jenkins
chart: jenkins-5.0.18
release: jenkins-uat
heritage: Helm
spec:
securityContext:
fsGroup: 1001
containers:
- name: jenkins
image: docker.io/bitnami/jenkins:2.235.1-debian-10-r7
imagePullPolicy: "IfNotPresent"
securityContext:
runAsUser: 1001
env:
- name: JENKINS_USERNAME
value: "hlpjenkin"
- name: JENKINS_PASSWORD
valueFrom:
secretKeyRef:
name: jenkins-uat
key: jenkins-password
- name: JENKINS_HOME
value: "/opt/bitnami/jenkins/jenkins_home"
- name: DISABLE_JENKINS_INITIALIZATION
value: "no"
ports:
- name: http
containerPort: 8080
- name: https
containerPort: 8443
livenessProbe:
httpGet:
path: /login
port: http
initialDelaySeconds: 180
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 6
readinessProbe:
httpGet:
path: /login
port: http
initialDelaySeconds: 30
periodSeconds: 5
timeoutSeconds: 3
successThreshold: 1
failureThreshold: 3
resources:
limits: {}
requests:
cpu: 300m
memory: 512Mi
volumeMounts:
- name: jenkins-data
mountPath: /bitnami/jenkins
volumes:
- name: jenkins-data
persistentVolumeClaim:
claimName: jenkins-uat
3 个解决方案
解决方案1
1 2020-08-17 14:22:29
I had this similar problem and I fixed this by enabling my user to be part of docker group and execute docker.我遇到了类似的问题,我通过使我的用户成为 docker 组的一部分并执行 docker 来解决这个问题。 This happens when your user is unable to find docker.当您的用户无法找到 docker 时,就会发生这种情况。
You need follow the post installation steps after installing docker.安装 docker 后,您需要按照安装后步骤进行操作。
Create the docker group
sudo groupadd docker创建 docker 组sudo groupadd dockerAdd your user to the docker group.
将您的用户添加到 docker 组。 sudo usermod -aG docker $USERRestart docker service
sudo service docker stopandsudo service docker start重启 docker service sudo service docker stop和sudo service docker startExit/Logout from current user and Log back in to verify
从当前用户退出/注销并重新登录以验证
解决方案2
1 2020-08-20 16:48:13
So I have installed Jenkins as a container in my k8s cluster:) and managed to reproduce the same error:所以我在我的 k8s 集群中安装了 Jenkins 作为容器:) 并设法重现了同样的错误:
docker run --rm hello-world
docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
See 'docker run --help'.
How to fix it .如何解决它。
In order to fix you definitely need to have access to the Docker on your K8s Node.为了解决这个问题,您肯定需要访问您的 K8s 节点上的 Docker。 Very good explanation of how that works was given by jpetazzo . jpetazzo很好地解释了它是如何工作的。
Technically you do not need "Docker in Docker" (that is the "full Docker setup" in Docker).从技术上讲,您不需要“Docker 中的 Docker”(即 Docker 中的“完整的 Docker 设置”)。 You just want to be able to run Docker from your CI system, while this CI system itself is in a container.您只想能够从 CI 系统运行 Docker,而该 CI 系统本身位于容器中。 So that that your CI system like Jenkins can start containers.这样您的 CI 系统(如 Jenkins)就可以启动容器。
So when you start your CI container (Jenkins or other), instead of hacking something together with Docker-in-Docker, start it with the access to /var/run/docker.sock on main host.因此,当您启动 CI 容器(Jenkins 或其他)时,不要使用 Docker-in-Docker 来破解某些东西,而是通过访问主主机上的/var/run/docker.sock来启动它。
Below you can see the part of my Yamls that a responsible for that.您可以在下面看到我的Yamls中对此负责的部分。
That allows my CI container to have access to the Docker socket, and CI container will, therefore, be able to start containers.这允许我的 CI 容器访问 Docker 套接字,因此 CI 容器将能够启动容器。
Except that instead of starting “child” containers, it will start “sibling” containers, but that is perfectly fine in our context.除了启动“子”容器之外,它会启动“兄弟”容器,但这在我们的上下文中非常好。
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
...
spec:
template:
spec:
containers:
- env:
volumeMounts:
- mountPath: /var/run/docker.sock
name: docker-sock
...
volumes:
- hostPath:
path: /var/run/docker.sock
type: File
name: docker-sock
So in my case, the pipeline I've created produces the following logs:因此,就我而言,我创建的管道会生成以下日志:
####pipeline
pipeline {
agent any
stages {
stage('second_stage'){
steps{
sh 'docker run --rm hello-world'
}
}
}
}
####logs
+ docker run --rm hello-world
Hello from Docker!
解决方案3
1 2020-09-21 09:48:34
So I see a couple of problems in your podtemplate.所以我在你的 podtemplate 中看到了几个问题。
First of all, for docker container, you didn't specify any image.首先,对于 docker 容器,您没有指定任何图像。 You should use a docker image in this container.您应该在此容器中使用 docker 映像。 Create your own container with docker installed in it or you can use https://hub.docker.com/r/volaka/ibm-cloud-cli this image.创建您自己的容器,其中安装了 docker,或者您可以使用https://hub.docker.com/r/volaka/ibm-cloud-cli此图像。 It includes ibmcloud cli, kubectl, helm and docker for kubernetes automation on IBM Cloud.它包括 ibmcloud cli、kubectl、helm 和 docker,用于 IBM Cloud 上的 kubernetes 自动化。
Second thing is that I think it is related with Jenkins Kubernetes.第二件事是我认为它与 Jenkins Kubernetes 有关。 Once you create a podTemplate in a pipeline, even if you edit the template, sometimes the changes are not seen in the latest pod.在管道中创建 podTemplate 后,即使您编辑模板,有时在最新的 pod 中也看不到更改。 I had this kind of error so I deleted and recreated the pipeline with the edited podTemplate.我遇到了这种错误,所以我使用编辑过的 podTemplate 删除并重新创建了管道。 I am saying this because even if you have declared your volume binding in podTemplate, I don't see it in the created pod's yaml.我这样说是因为即使您在 podTemplate 中声明了卷绑定,我在创建的 pod 的 yaml 中也看不到它。 So I recommend you to recreate your pipeline with your final podTemplate.因此,我建议您使用最终的 podTemplate 重新创建管道。
I have created a detailed walkthrough about how to install, configure and automate Jenkins pipelines on IBM Kubernetes Service.我创建了有关如何在 IBM Kubernetes 服务上安装、配置和自动化 Jenkins 管道的详细演练。 Feel free to check it.随意检查它。 https://volaka.gitbook.io/jenkins-on-k8s/ https://volaka.gitbook.io/jenkins-on-k8s/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.