Thanks Ben. It does seem sensible to use build strategies but prior to a 
wholesale migration to OpenShift, and for existing workflows that may contain 
docker and docker-compose commands is there any reasonable option other than a 
an external (cloud/proprietary/dedicated) docker-enabled slave? I can, for 
example, just have a Docker slave available (outside the OpenShift cluster) but 
that’s not ideal.

Is there an _unsafe_ route I might be able to use now?

I understand the issues around sharing a docker.sock but it seems to be an 
acceptable strategy for many. And, for a controlled environment, just mounting 
docker.sock is a rather neat (quick-n-dirty) solution.

It may be that, was you say there’s no sensible route down the OpenShift/CICD 
road other than build strategies. It’s just that for existing/legacy projects 
not having docker.sock is quite a hill to climb.

Thanks for your advice though, that has been gratefully received.

Alan.

> On 5 Dec 2017, at 13:41, Ben Parees <bpar...@redhat.com> wrote:
> 
> 
> 
> 
> 
> On Dec 5, 2017 07:57, "Alan Christie" <achris...@informaticsmatters.com 
> <mailto:achris...@informaticsmatters.com>> wrote:
> I’m using Jenkins from the CI/CD catalogue and am able to spin up slaves and 
> use an `ImageStream` to identify my own slave image. That’s useful, but what 
> I want to be able to do is build and run Docker images, primarily for 
> unit/functional test purposes. The _sticking point_, it seems, is the ability 
> to mount the host's `docker.sock`, without this I’m unable to run any Docker 
> commands in my Docker containers.
> 
> Q. Is there a way to mount the Jenkins/OpenShift host’s /var/run/docker.sock 
> in my slave so that I can run Docker commands?
> 
> Not safely. (mounting the host docker socket is giving out root access to 
> your host). 
> 
> You could use a remote docker host with a certificate for access I believe. 
> (that's still handing out root access on the docker host but at least it's a 
> little protected) 
> 
> If not, what is the recommended/best practice for building/running/pushing 
> Docker images from a slave agent?
> 
> Define docker build strategies in openshift and trigger them from your 
> jenkins job. 
> 
> 
> Alan
> 
> _______________________________________________
> dev mailing list
> dev@lists.openshift.redhat.com <mailto:dev@lists.openshift.redhat.com>
> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev 
> <http://lists.openshift.redhat.com/openshiftmm/listinfo/dev>
> 

_______________________________________________
dev mailing list
dev@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/dev

Reply via email to