How to use docker from inside Jenkins docker container

Question

I'm facing the following problem: I created a Jenkins docker container, and linked the docker socket on the host, with the container. Like this:

docker run -v /var/run/docker.sock:/var/run/docker.sock -p 8080:8080 -p 50000:50000 -d --name jenkins --restart unless-stopped jenkins

Then when I try to create some jobs on jenkins I get the usual "permission denied" message:

Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.29/images/json : dial unix /var/run/docker.sock: connect: permission denied

But that problem doesn't happen if I attach to the container and run the command using the root user.

How can I fix this?

I can't add jenkins user to docker group on the host by running sudo gpasswd -a jenkins docker (because there is no jenkins user on the host, only in the container) and I also can't run this command inside the container (because the container doesn't know about any docker group). Any tips on how to solve this?

Answer 1

You can add the docker group inside the container. Do this in its bash:

groupadd -g <docker-group-id> docker

Find out the <docker-group-id> running this in the host:

ls -ln /var/run/docker.sock

Then add the jenkins user to the docker group:

gpasswd -a jenkins docker

---

Take into account any security issue that this could produce:

Warning: The docker group grants privileges equivalent to the root user. For details on how this impacts security in your system, see Docker Daemon Attack Surface.

Refer to the docs