我正在尝试在ci圈中使用docker compose,以便我可以在工作流程中运行一些组件测试。但是,当我尝试使用docker compose时,出现以下错误:Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.38/containers/json: dial unix /var/run/docker.sock: connect: permission denied /
这是我的圈子ci配置
version: 2
jobs:
build:
component_test:
docker:
- image: circleci/openjdk:8-jdk
working_directory: ~/repo
environment:
JVM_OPTS: -Xmx3200m
TERM: dumb
steps:
- checkout
- run:
name: Install Docker Compose
command: |
curl -L https://github.com/docker/compose/releases/download/1.19.0/docker-compose-`uname -s`-`uname -m` > ~/docker-compose
chmod +x ~/docker-compose
sudo mv ~/docker-compose /usr/local/bin/docker-compose
- setup_remote_docker:
docker_layer_caching: true
- run: |
set -x
docker ps
docker-compose up -d
- run: |
./gradlew cucumber -Dtag="@Local"
输出: ==== >> sudo groupadd泊坞窗 #!/ bin / bash -eo pipefail sudo groupadd泊坞窗 ==== >> sudo usermod -aG泊坞窗$ USER #!/ bin / bash -eo pipefail sudo usermod -aG码头$ USER 用法:usermod [选项]登录
Options:
-c, --comment COMMENT new value of the GECOS field
-d, --home HOME_DIR new home directory for the user account
-e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
-f, --inactive INACTIVE set password inactive after expiration
to INACTIVE
-g, --gid GROUP force use GROUP as new primary group
-G, --groups GROUPS new list of supplementary GROUPS
-a, --append append the user to the supplemental GROUPS
mentioned by the -G option without removing
him/her from other groups
-h, --help display this help message and exit
-l, --login NEW_LOGIN new value of the login name
-L, --lock lock the user account
-m, --move-home move contents of the home directory to the
new location (use only with -d)
-o, --non-unique allow using duplicate (non-unique) UID
-p, --password PASSWORD use encrypted password for the new password
-R, --root CHROOT_DIR directory to chroot into
-s, --shell SHELL new login shell for the user account
-u, --uid UID new UID for the user account
-U, --unlock unlock the user account
-v, --add-subuids FIRST-LAST add range of subordinate uids
-V, --del-subuids FIRST-LAST remove range of subordinate uids
-w, --add-subgids FIRST-LAST add range of subordinate gids
-W, --del-subgids FIRST-LAST remove range of subordinate gids
-Z, --selinux-user SEUSER new SELinux user mapping for the user account
Error: Exited with code 2
Step failed
Error: runner failed
{"Runner":true,"level":"error","msg":"runner failed","task-id":"localbuild-1547728937","time":"2019-01-17T12:42:24Z"}
Task failed
Error: task failed
答案 0 :(得分:0)
Docker守护程序绑定到Unix套接字而不是TCP端口。默认情况下,Unix套接字是由root用户拥有的,其他用户只能使用sudo访问它。 Docker守护程序始终以root用户身份运行。如果您不想以sudo开头docker命令,请创建一个名为docker的Unix组并将用户添加到其中。 Docker守护程序启动时,它将创建一个可由Docker组成员访问的Unix套接字。
要创建docker组并添加用户:
docker组。$ sudo groupadd docker
docker组。$ sudo usermod -aG docker $USER
注销并重新登录,以便重新评估您的组成员身份。
如果在虚拟机上进行测试,则可能需要重新启动虚拟机以使更改生效。
在台式机Linux环境(例如X Windows)上,完全退出会话,然后重新登录。
验证您可以在没有docker的情况下运行sudo命令。
$ docker ps