[英]How to run a privileged Docker container with the Jenkins declarative pipeline
[英]Jenkins cannot start a docker agent container in declarative pipeline with specific run arguments
我有下一个设置:
我想要完成的是在 Jenkins 管道中使用 docker 容器作为主要代理。 现在这个代理需要运行一些构建步骤并保持运行,直到其他构建计划停止运行的容器并清理它们。 这是管道脚本:
pipeline {
agent {
docker {
image 'localhost:5000/build_deploy_agent:base'
label 'build-deploy-agent'
args '--network bridge -p 9102:9102'
}
}
stages {
stage('Example Build') {
steps {
sh 'ps aux'
}
}
}
}
发生的情况是:Jenkins 启动容器,但它不能用于从阶段运行脚本。 我收到三个像这样的错误:
docker inspect -f . localhost:5000/build_deploy_agent:base
/home/jenkins/workspace/view name/Build plan name@tmp/durable-9a8a9027/script.sh: 1:
/home/jenkins/workspace/view name/Build plan name@tmp/durable-9a8a9027/script.sh: docker: not found
我肯定在这里做错了什么,但我一无所知。
更新 1
运行jenkins
docker-ce-cli
并且运行jenkins
服务器的用户应该在docker
组中(如果不是以root
身份运行)。
此示例使用 docker 中的所有内容,使用docker
进行docker-compose
。
.
├── docker-compose.yaml
├── Dockerfile
├── etc
│ └── nginx
│ └── conf.d
│ └── default.conf
└── plugins.txt
docker-compose
规范运行由 nginx 代理的nginx
服务器:
version: '3.7'
services:
nginx:
image: 'nginx:1.19'
container_name: 'nginx'
restart: 'always'
depends_on:
- 'jenkins'
ports:
- '80:80'
volumes:
- 'jenkins:/var/jenkins_home'
- './etc/nginx/conf.d/default.conf:/etc/nginx/conf.d/default.conf'
jenkins:
build:
context: '.'
container_name: 'jenkins'
privileged: true
restart: 'always'
expose:
- '50000'
- '8080'
volumes:
- 'jenkins:/var/jenkins_home'
- '/var/run/docker.sock:/var/run/docker.sock'
volumes:
jenkins:
注意: jenkins
主页在nginx
服务器和用户内容的jenkins
服务之间userContent
。
注意: jenkins
服务与主机共享docker
套接字。
upstream jenkins {
keepalive 32;
server jenkins:8080 max_fails=3;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen *:80;
listen [::]:80;
server_name _;
charset utf-8;
ignore_invalid_headers off;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ "^/static/[0-9a-fA-F]{8}\/(.*)$" {
rewrite "^/static/[0-9a-fA-F]{8}\/(.*)" /$1 last;
}
location /userContent {
root /var/jenkins_home/;
if (!-f $request_filename){
rewrite (.*) /$1 last;
break;
}
sendfile on;
}
location / {
sendfile off;
proxy_pass http://jenkins;
proxy_redirect default;
proxy_http_version 1.1;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_max_temp_file_size 0;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffering off;
proxy_request_buffering off;
proxy_set_header Connection "";
}
}
The jenkins
image is extended with docker
and the jenkins
user is added to the ping
group (the group ID is 999
which is the docker
group ID on the host). Dockerfile
:
FROM docker:20.10.5-dind as docker
FROM jenkins/jenkins:alpine
USER root
COPY --from=docker /usr/local/bin/docker /usr/local/bin/docker
COPY plugins.txt /usr/share/jenkins/plugins.txt
RUN /usr/local/bin/install-plugins.sh < /usr/share/jenkins/plugins.txt
RUN adduser jenkins ping
USER jenkins
注意: jenkins
映像是使用默认建议插件以及Docker和Docker 管道插件预烘焙的。 plugins.txt
:
github:1.33.1
pipeline-model-api:1.8.4
scm-api:2.6.4
mailer:1.32.1
workflow-support:3.8
font-awesome-api:5.15.2-2
pipeline-milestone-step:1.3.2
git:4.6.0
plain-credentials:1.7
resource-disposer:0.15
jackson2-api:2.12.1
jquery3-api:3.5.1-3
gradle:1.36
credentials:2.3.15
docker-workflow:1.26
workflow-scm-step:2.12
display-url-api:2.3.4
bootstrap4-api:4.6.0-2
antisamy-markup-formatter:2.1
command-launcher:1.5
pipeline-stage-tags-metadata:1.8.4
snakeyaml-api:1.27.0
pipeline-stage-view:2.19
script-security:1.76
okhttp-api:3.14.9
pipeline-stage-step:2.5
workflow-step-api:2.23
timestamper:1.11.8
pipeline-github-lib:1.0
token-macro:2.13
pam-auth:1.6
workflow-cps-global-lib:2.18
ws-cleanup:0.39
pipeline-model-definition:1.8.4
workflow-aggregator:2.6
jsch:0.1.55.2
matrix-auth:2.6.5
ssh-credentials:1.18.1
ant:1.11
jjwt-api:0.11.2-9.c8b45b8bb173
momentjs:1.1.1
trilead-api:1.0.13
durable-task:1.35
workflow-job:2.40
git-server:1.9
ssh-slaves:1.31.5
plugin-util-api:2.0.0
git-client:3.6.0
lockable-resources:2.10
checks-api:1.5.0
pipeline-input-step:2.12
cloudbees-folder:6.15
pipeline-build-step:2.13
popper-api:1.16.1-2
pipeline-graph-analysis:1.10
matrix-project:1.18
workflow-api:2.41
github-branch-source:2.9.7
workflow-basic-steps:2.23
apache-httpcomponents-client-4-api:4.5.13-1.0
workflow-multibranch:2.22
workflow-cps:2.90
ldap:1.26
build-timeout:1.20
echarts-api:5.0.1-1
pipeline-model-extensions:1.8.4
structs:1.22
junit:1.48
docker-java-api:3.1.5.2
docker-plugin:1.2.2
workflow-durable-task-step:2.38
credentials-binding:1.24
jdk-tool:1.5
bouncycastle-api:2.20
docker-commons:1.17
github-api:1.123
authentication-tokens:1.4
email-ext:2.82
branch-api:2.6.2
pipeline-rest-api:2.19
ace-editor:1.1
handlebars:1.1.1
您可以使用docker-compose
出环境,即: docker-compose up -d
。 服务器启动后,您可以在 http://localhost 上访问jenkins
服务器。
基本jenkins
流水线:
pipeline {
agent {
docker {
image 'ubuntu:20.04'
}
}
stages {
stage('Test') {
steps {
sh 'ps -axf'
}
}
}
}
注意:不使用任何标签或模板(与问题无关)。 docker run
是从jenkins
主机完成的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.