我有一个詹金斯-奴隶形象,其中我已经将詹金斯添加到码头工人组
RUN usermod -aG docker jenkins
然后我在工作中使用此图像,如下所示
podTemplate(label: 'builder-pod-startclust', cloud: 'kubernetes', containers: [
containerTemplate(
name: 'jnlp',
image: "${artifact_repo}/jenkins-slave:ekslave",
ttyEnabled: true,
privileged: true,
alwaysPullImage: true,
workingDir: '/var/jenkins_home',
resourceRequestCpu: '1000m',
resourceRequestMemory: '1Gi',
resourceLimitMemory: '1.1Gi',
)
], volumes: [hostPathVolume(mountPath: '/var/run', hostPath: '/var/run')],
annotations: [
podAnnotation(key: 'iam.amazonaws.com/role', value: 'arn:aws:iam::XXXXXXXX:role/kube2iam-role')
]) { //podtemplate
但是,在jenkins-slave pod中运行docker命令(例如docker version
)会遇到权限问题
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.39/version: dial unix /var/run/docker.sock: connect: permission denied
詹金斯大师Yaml如下
containers:
- name: jenkins-container
image: $artifact_repo/jenkins:latest
...
volumeMounts:
- mountPath: /var/run
name: docker-sock