我的Macintosh计算机上运行的是Kubernetes,我正在尝试运行Jenkins映像,该映像可以连接到内部docker系统,然后启动更多docker映像,以便能够在其上运行作业。到目前为止,我还没有开始工作,我希望有人能够提供帮助。
我正在运行的docker版本是:
Kubernetes v1.10.3
我的Docker文件
FROM jenkins/jenkins:lts
USER root
RUN apt-get update \
&& apt-get install -y \
maven \
vim \
libunwind8 \
gettext \
apt-transport-https \
ca-certificates \
curl \
gnupg2 \
software-properties-common
RUN curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
RUN add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/debian \
$(lsb_release -cs) \
stable"
RUN apt-get update -qq \
&& apt-get install docker-ce -y
USER jenkins
和我的deployment.yml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: jenkins
namespace: deployment-tools
spec:
replicas: 1
template:
metadata:
labels:
app: jenkins
spec:
containers:
- name: jenkins
image: my/jenkins
imagePullPolicy: Never
env:
- name: JAVA_OPTS
value: -Djenkins.install.runSetupWizard=false
ports:
- name: http-port
containerPort: 8080
- name: jnlp-port
containerPort: 50000
volumeMounts:
- name: jenkins-home
mountPath: /var/jenkins_home
- name: docker-socket
mountPath: /var/run/docker.sock
securityContext:
# Specify fsGroup for pod, so that the persistent volume is writable for the non-privileged uid/gid 1000
runAsUser: 1000
fsGroup: 1000
volumes:
- name: jenkins-home
hostPath:
path: /Users/myUser/links/code/jenkins/filesystem
type: Directory
- name: docker-socket
hostPath:
path: /var/run/docker.sock
type: File
我当前正在尝试通过挂载本地文件系统docker套接字来访问子系统,但这给了我这个错误:
myUser@mymac jenkins (master) $ kubectl exec -it jenkins-78689b8786-rjqf6 --namespace=deployment-tools -- /bin/bash
jenkins@jenkins-78689b8786-rjqf6:/$ docker images list
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.39/images/json?filters=%7B%22reference%22%3A%7B%22list%22%3Atrue%7D%7D: dial unix /var/run/docker.sock: connect: permission denied
并且我期望它不会抛出错误并返回我在计算机上安装的docker映像的列表。