When build images in dind (docker in docker), the image is only accessible in dind.
$ docker run -d --name dind --privileged --net=host -v `pwd`:/app -w /app docker:stable-dind
fe66d6e7e5effcf15e439a332a2368fddab810e9bc8ac3445392c8e56b0aa38a
$ docker exec dind ls
Dockerfile
$ docker exec dind docker build -t demo .
Sending build context to Docker daemon 521.7kB
Step 1/24 : FROM alpine
...
$ docker exec dind docker images|grep demo
REPOSITORY TAG IMAGE ID CREATED SIZE
demo latest a9dd4e725029 7 seconds ago 88.3MB
$ docker images |grep demo
<no result>
I can push the image to public or private docker registry server in dind, because they have IP or dns name to access. But how can I push the new image back to localhost (the host running dind)
Second, if I want to pull image from localhost in Dind, how to do that?
I can answer my first question now.
$ docker exec dind docker save demo |docker load
2f7d711abbe9: Loading layer [==================================================>] 11.44MB/11.44MB
...
Loaded image: demo:latest
$ docker images |grep demo
demo latest a9dd4e725029 8 minutes ago 88.3MB
Same size :-)
But still not sure how to pull image from localhost in Dind, any ideas?
Related
I'm running https://hub.docker.com/r/jenkinsci/blueocean/ in docker. Trying to build a docker image in jenkins.
but i get the following error:
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
clearly the jenkins version in docker does not have access to the docker binary.
I confirmed this by,
docker exec -it db4292380977 bash
docker images
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
"db4292380977" is the running container. It shows the same error.
Question:
how do I allow access to docker in the jenkins container?
The docker client is installed on the jenkinsci/blueocean image, but not the daemon. Docker client will use the daemon (by default via the socket unix:///var/run/docker.sock). Docker client needs a Docker daemon in order to work, you can read Docker Architecture for more info.
What you can do:
Use docker-in-docker (DinD) image
Library Docker image provides a way to run a Docker daemon in Docker, you can then use it from another container. For example, using plain docker CLI:
docker run --name docker-dind --privileged -d docker:stable-dind
docker run --name jenkins --link=docker-dind -d jenkinsci/blueocean
docker exec jenkins docker -H docker-dind images
REPOSITORY TAG IMAGE ID CREATED SIZE
Docker daemon runs in docker-dind container and can be reached using the same hostname. You just need to provide the docker client with the daemon host (-H docker-dind in the example, you can also use DOCKER_HOST env variable as described in the doc).
Mount host machine /var/run/docker.sock in your container
As described by #Herman Garcia answer:
docker run -p 8080:8080 --user root \
-v /var/run/docker.sock:/var/run/docker.sock jenkinsci/blueocean
You need to mount your local /var/run/docker.sock and run the container as root user
NOTE: this might be a security flaw so be careful who has access to the jenkins container
docker run -p 8080:8080 --user root \
-v /var/run/docker.sock:/var/run/docker.sock jenkinsci/blueocean
you will be able to execute docker inside the container
➜ ~ docker exec -it gracious_agnesi bash
bash-4.4# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS
NAMES
c4dc85b0d88c jenkinsci/blueocean "/sbin/tini -- /usr/…" 18 seconds ago Up 16 seconds 0.0.0.0:8080->8080/tcp, 50000
/tcp gracious_agnesi
Just only try to do the same command but with sudo in the beginning
For example
sudo docker images
sudo docker exec -it db4292380977 bash
To avoid use sudo in the future you should run this command in Unix O.S
sudo usermod -aG docker <your-user>
Change for the user that you are using at this moment. Remember to log out and back in for this to take effect! More information about Docker installation click here
I perform the following docker commands in the following order:
docker pull docker
docker run -ti <imgId>
https://hub.docker.com/_/docker/
Now I am inside the "docker" image for Docker
Now suppose I create a temp folder and download a Dockerfile
mkdir temp
cd temp
curl <dockerfile>
docker build .
It will tell me Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
This means that the docker service needs to be started, but as the official docker image comes on alpine linux, commands like service/systemctl are not available, so we must perform apk add openrc --no-cache to access these.
After I install it, I still cannot start the docker service.
Performing system docker start says that it cannot find docker as a service?
service: service docker does not exist
Eventually I want to build this via Jenkins.
In the build step, I perform Execute Shell
if [ -f "Dockerfile" ]; then
echo "Dockerfile exists ... removing it"
rm Dockerfile
fi
wget <dockerFile url>
docker build .
I purposely don't do the openrc on Jenkins since I want to test locally first
The image you're pulling here (with the latest tag) does not contain the docker daemon. It's meant to be used as the docker client. What you want is to first get the docker daemon running with the image tagged dind (docker in docker).
docker network create dind
docker run --privileged --name docker --network dind -v docker-client-certs:/certs/client -d docker:dind
To verify it started up and works, you can check the logs.
docker logs docker
Now you can use a client container to connect to the daemon. This is how you connect interactively to the shell, like you wanted to:
docker run -ti --network dind -e DOCKER_TLS_CERTDIR=/certs -v docker-client-certs:/certs/client:ro docker
Docker commands should work inside this container. If you do docker version, you should see the versions of both the client and the server.
Note the two containers share the same network (some examples online feature links, but those are deprecated). They also share some of the TLS certs, which are generated when starting up the dind image.
Below are steps to reproduce the issue.
docker --version
Docker version 17.09.1-ce, build 19e2cf6
docker images | grep centos
centos latest 3fa822599e10 3 weeks ago 204MB
docker tag centos:latest 127.0.0.1:5000/centos
docker push 127.0.0.1:5000/centos
The push refers to a repository [127.0.0.1:5000/centos]
d1be66a59bc5: Pushed
latest: digest:
sha256:3a32a170c945ffe18334b3f514fcb66f9c14001b2266c9ed8504c72db0acde11 size: 529
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
046a5d68c8b2 registry:2 "/entrypoint.sh /e..." About an hour ago Up About an hour 0.0.0.0:5000->5000/tcp festive_wozniak
curl -X GET http://localhost:5000/v2/_catalog
{"repositories":["centos"]} -----We can list 'centos' repo after pushing.
docker stop 046a5d68c8b2
046a5d68c8b2
docker run -p 5000:5000 -d registry:2
bad6ec7aad590f91aaf1721703ce6468e8254d159e56a5b5f018e5e3c25cf7e0
curl -X GET http://localhost:5000/v2/_catalog
{"repositories":[]} ---- after restarting registry, we cannot see 'centos' info
Each docker run creates a new container.
To restart a container you can either run docker start 046a5d68c8b2 (following your example) or use the --restart=always option to docker run.
See:
https://docs.docker.com/engine/reference/commandline/run/#restart-policies-restart
I have seen docker inside docker docker container for Ubuntu/Linux. As per the replies in this thread, the following command works
docker run -v /var/run/docker.sock:/run/docker.sock -v $(which docker):/bin/docker [your image
Are there any similar commands available for docker in Windows 7?
I am using the below command in Windows 10 to run docker inside docker. The docker image is with alpine OS. Note that the path is //var/run/docker.sock
docker run -it --rm --privileged --name dockerindocker -v //var/run/docker.sock:/var/run/docker.sock docker
/ # docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
02285c22006f docker "docker-entrypoint..." 3 seconds ago Up 2 seconds dockerindocker
/ # cat /etc/alpine-release
3.6.2
Unfortunately Windows doesn't support true docker-in-docker yet.
All the answers here are about running a docker client in a container which connects to the top level docker server on the host (same docker running the container where you invoke docker from). It is not a real docker in docker.
See discussion here for more details https://github.com/docker-library/docker/issues/49
I am running jenkins docker container. how can keep jenkins backup folder in my current OS ?
You need to use -v flag in docker run this way:
docker run -v /Users/<path>:/<container path>
This will map your /Users/ directory to the container directory specified.
You can find more information here: https://docs.docker.com/engine/tutorials/dockervolumes/
First of all, you need to create a new image from the running container :
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c3f279d17e0a jenkins:latest "/bin/bash" 7 days ago Up 25 hours jenkins
$ docker commit jenkins newjenkinsimage:v2
This image takes the exact same state as the running container, check the result with the following command :
$ docker images
REPOSITORY TAG ID CREATED SIZE
newjenkinsimage v2 f5283438590d 16 seconds ago 335.7 MB
Finally you need to run a new container from the new image and mount a volume :
$ docker run -it --name newjenkins -v /path/to/backup/file:/backup newjenkinsimage:v2
PS : for the -v argument, The format is host-src:container-dest