In order to fix a docker issue in Jenkins, I need to run the following commands:
$ sudo usermod -aG docker tomcat #add the tomcat user to the docker group
$ sudo service docker restart #restart the docker service
The next step is to log out of the session (close the terminal window) and log back in (re-open the terminal window). This is easy from an actual terminal window, but how do we instruct Jenkins to simulate a logout and log back in?
It looks like you are trying to configure your user to access the docker socket. The restart of the engine isn't needed, nor is it necessary to exit the shell:
$ sudo usermod -aG docker tomcat #add the tomcat user to the docker group
$ newgrp docker #recognize the new group membership
Related
Docker, docker-compose have been installed according to docker docs for fresh install of Ubuntu 20.04.
When I try to run the compose command I get the following error:
***DOCKER_WWWROOT is not set or not an existing directory.
I have previously run export ***DOCKER_WWWROOT=/path/to/myproject and have conifrmed the path is correct by running export.
The declare -x ***DOCKER_WWWROOT value shows my correct path. The directory does exist.
Any help is appreciated. The ***'s are just placeholders for the template brand name.
My install process was missing a step. Needed to add user group to run docker as a non-root user https://docs.docker.com/engine/install/linux-postinstall/
From the docker docs:
Create docker group sudo groupadd docker
Add user to group sudo usermod -aG docker $USER Activate group changes newgrp dockerVerify docker can be run without sudo commandsdocker run hello-world`
I have added current user to docker group and I'm able to run docker commands like docker run hello-world in terminal opened in vscode with no problem, but vscode doesn't let me attach to a running container, giving "current user does not have permission to run docker. Try adding the user to the 'docker' group" error message.
My system is Ubuntu 18.04, VS code is 1.39.0-insider
If you've not already created a docker group
sudo groupadd docker
Then
sudo usermod -aG docker $USER
Then log out and back in (or reboot) again.
Had the same issue. The reason for the problem was that the vscode server was still running with the old user privileges (without the docker group). Kill the respective process on the remote machine, then reload your vscode windows and everything should work without a reboot.
$ ps aux|grep bin/code-server # find out process id
$ kill <process id>
I have set a private pipeline with linux vm and agent is install and in the portal it shows that the agent is active. I also have install docker. In the same machine if I use sudo docker it works. So I am sure it is a permission issues when the VSTS agent is running the command. Not sure what which user i need to give which premission so that docker command will run when I initial a build from VSTS.
Got permission denied while trying to connect to the Docker daemon
socket at unix:///var/run/docker.sock: Post
http://%2Fvar%2Frun%2Fdocker.sock/v.37/build?buildargs=%7B%7D&cachefrom=%5B]&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=Dockerfile&labels=%7B%7D&memory=0&memswap=0&networkmode=default&rm=&session=a53bebddc77c89993b6e464d9f2a56fac9b***e62***094***fe70355df2c8dfcf***8b9&shmsize=0&t=mycontainerreg.azurecr.io%2Ftk-dashboard%3A853&target=&ulimits=null:
dial unix /var/run/docker.sock: connect: permission denied
/usr/bin/docker failed with return code: ***
In VSTS, it's the build service account which execute entire build pipeline. This account should also run the command.
Note, the service is setting up during the configuration of build agent. You can run the build agent as a systemd service. More details please refer to this tutorial.
You will need to grant appropriate permissions. The user just needs to be added to the group docker.
sudo usermod -a -G docker user
Also restart the systemd service and try to trigger the build again.
First of all, check if the docker group was created.
If the gourp does not exist -> https://www.digitalocean.com/community/questions/how-to-fix-docker-got-permission-denied-while-trying-to-connect-to-the-docker-daemon-socket
Then
usermod -aG docker $USER
usermod -aG root $USER
chmod 777 /var/run/docker.sock
I had to run following commands to get rid off this issue:
sudo usermod -aG docker vstsbuildagent
# check docker group
grep 'docker' /etc/group
usermod -aG root vstsbuildagent
sudo systemctl restart docker
# your build agent process
sudo systemctl stop vsts********
sudo systemctl start vsts********
I am running a jenkins docker application (https://hub.docker.com/r/jenkinsci/blueocean/)
I am trying to do a docker run on jenkins but received this error:Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
I tried doing : sudo usermod -aG docker jenkins but it said that jenkins user does not exist. I tried doing add admin also but it said it does not exists also.
What am i doing wrong?
I presume that docker service is up & running, if not verify it by running below command -
$ sudo systemctl status docker.service
Run below command to make it work -
$ sudo usermod -aG docker $USER
Log out/in to activate the changes to groups
Explanation -
Change user jenkins with the username which you are logged in on your host -
$ sudo usermod -aG docker $USER
Do a echo $USER to view your current user.
Log out/in to activate the changes to groups, then you can do a docker run ..... successfully.
Note - Jenkins user exists inside the docker container & not on your host machine.
Ref - https://docs.docker.com/install/linux/linux-postinstall/
Check below settings,
The user with which you are running docker run command might not be able to connect with docker, so in that case you need to do
usermod -aG docker <username>
After this, logout from current session, and login again.
Check your docker service
systemctl status docker.service
If not running,
systemctl start docker.service
I would like to run Docker shell commands on Jenkins like:
docker ps
Is it possible to do it with out using any plugins? Since Jenkins isn't a user, but a service account how can I add to docker group?
First execute
sudo groupadd docker
Then execute
sudo usermod -aG docker $USER
Then logout its important to logout because your group membership is re-evaluated
Login and try again
docker ps
It works!
Following approach worked for me to run docker commands without any plugins
Rather than adding jenkins user to docker group, allowed jenkins user to run sudo commands with out prompting for password and then created an alias to avoid sudo in Dockerfile for jenkins slave. I had to install docker client in the container which connects to daemon running in the host machine.
## allowing jenkins user to run sudo commands
RUN echo "jenkins ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
## avoid typing sudo in command line
RUN echo "alias docker='sudo docker '" >> /home/jenkins/.bashrc
(Taken from this answer: https://askubuntu.com/a/477554)
If you run on Ubuntu and Jenkins runs directly on the host machine (i.e. not inside a Docker container):
Add the docker group if it doesn't already exist:
sudo groupadd docker
Add the user "jenkins" to the docker group:
sudo gpasswd -a jenkins docker
Restart the Docker daemon:
sudo service docker restart
Either do a newgrp docker or log out/in to activate the changes to groups.
I had the issue when I was running from jenkins pipeline. I added jenkins user to docker group, restarted the docker engine and rebooted the machine as well. However I still get the same error dial unix /var/run/docker.sock: connect: permission denied.
Finally I added jenkins to root group and it resolved my issue (ubuntu 18.04) (VM on Azure)
sudo gpasswd -a jenkins root
sudo service docker restart