I have a docker container running jenkins. I want inside this container to start other container, so outside this container.
I've tried to start my jenkins controller with :
docker run -v /var/run/docker.sock:/var/run/docker.sock -v $(which docker):/bin/docker
( As written here : https://jpetazzo.github.io/2015/09/03/do-not-use-docker-in-docker-for-ci/ )
But when inside of my container I try to run a Docker command, I have the typical message
FATA[0000] Get http://%2Fvar%2Frun%2Fdocker.sock/v1.18/containers/json: dial unix /var/run/docker.sock:
connect: permission denied. Are you trying to connect to a TLS-enabled daemon without TLS?
And no way to run docker command inside this container..
I've tried with and without --privileged=true, it still don't work.
If you have any ideas !
A related post to this issue is this one.
However, a few words on this (as I had the same issue). There are two things you need to do: (1) mount docker.sock and (2) have docker service running.
Regarding (1): As mentioned by @yclian you have to put the jenkins used into the docker group.
I followed Adrian Mouat's instruction. He suggests to execute docker commands in a build step with sudo docker run ... The sudo is fine in my scenario, but in general it may be a security issue in that the Jenkins user may get root access to the host and could create containers that mount arbitrary directories on the host.
Regarding (2) and -v $(which docker):/bin/docker in your command. I'm on MacOS. which docker gives me /usr/local/bin/docker/ which is correct, but still docker was not available inside the container. I started the jenkins container with
docker run -p 8080:8080 -p 50000:50000 -v /usr/bin/docker:/usr/bin/docker -v /var/run/docker.sock:/var/run/docker.sock -v /Users/matthaeus/.jenkins_home:/var/jenkins_home -t -i jenkins
If you do not want to do this you have to install the docker engine inside the container, either manually by connecting to it (docker exec -t -i container-id /bin/bash and apt-get install docker-engine) or specifying it in a Dockerfile.
If you have done both your build steps may contain the commands like this sudo docker build -t my-image . and this image will also be available on the host machine.
When such situation happens, first have a look at the /var/run/docker.sock it's dialing. If I'm not wrong, you will have to put your jenkins user into the docker group in order to have access to the socket file.
Would also be good to troubleshoot this by logging into the shell as jenkins user, vs. troubleshooting via Jenkins UI.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 叛逆 的文章《Execute docker host command inside jenkins docker 》','https://www.manongdao.com/article-778347.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}