Right, the docker builder mounts:
- hostPath:
path: /var/run/docker.sock
I guess you need to make the user that run the jenkins pod privileged [1]
in order to create such volume.
[1]
https://docs.openshift.org/latest/admin_guide/manage_scc.html#grant-access-to-the-privileged-scc
On Thu, Mar 10, 2016 at 5:57 PM, Ben Parees <[email protected]> wrote:
> it needs access to the docker socket, i'm assuming something related to
> being unprivileged is blocking it, just like our docker builder pods run as
> privileged so they can use the docker socket, no?
>
>
> On Thu, Mar 10, 2016 at 12:11 PM, Clayton Coleman <[email protected]>
> wrote:
>
>> Why would jenkins need access to host path?
>>
>> On Thu, Mar 10, 2016 at 12:01 PM, Ben Parees <[email protected]> wrote:
>> > Sounds like the jenkins pod on openshift needs to be run as privileged
>> and
>> > currently isn't.
>> >
>> >
>> > On Thu, Mar 10, 2016 at 11:55 AM, Clayton Coleman <[email protected]>
>> > wrote:
>> >>
>> >> Gabe, Michal, any ideas?
>> >>
>> >> On Tue, Mar 8, 2016 at 10:03 AM, Lorenz Vanthillo
>> >> <[email protected]> wrote:
>> >> > I already edited scc priviliged because otherwise I had this error:
>> >> >
>> >> > Error creating: pods "jenkins-5-" is forbidden: unable to validate
>> >> > against
>> >> > any security context constraint:
>> >> > [spec.containers[0].securityContext.volumes[1]: Invalid value:
>> >> > "hostPath":
>> >> > HostPath volumes are not allowed to be used
>> spec.containers[0].security
>> >> >
>> >> > So I added the jenkins:deploy + default service account but I've
>> still
>> >> > the
>> >> > error
>> >> >
>> >> > ________________________________
>> >> > From: [email protected]
>> >> > To: [email protected]
>> >> > Subject: Run Docker on Jenkins in OpenShift
>> >> > Date: Tue, 8 Mar 2016 16:52:34 +0100
>> >> >
>> >> > I've mounted the sockets to my Jenkins container. I've also edit the
>> >> > docker
>> >> > image of openshift/jenkins so I'm able to be root. Because otherwise
>> I'm
>> >> > not
>> >> > able to use Docker.
>> >> >
>> >> > But I still have a problem:
>> >> > docker -h (works)
>> >> > docker ps (doesn't work):
>> >> >
>> >> > + docker ps
>> >> > Get http:///var/run/docker.sock/v1.20/containers/json: dial unix
>> >> > /var/run/docker.sock: permission denied.
>> >> > * Are you trying to connect to a TLS-enabled daemon without TLS?
>> >> > * Is your docker daemon up and running?
>> >> > Build step 'Execute shell' marked build as failure
>> >> >
>> >> >
>> >> > When I just run the image on docker (without openshift) it works to
>> >> > perform
>> >> > docker ps.
>> >> > I use --privileged=true -t -i. When I try to run the container
>> without
>> >> > privileged it's not possible to perform the 'docker ps'. So the same
>> >> > issue
>> >> > as in my OpenShift. How and which service account do I have to
>> change to
>> >> > let
>> >> > it work?
>> >> >
>> >> > _______________________________________________
>> >> > users mailing list
>> >> > [email protected]
>> >> > http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>> >> >
>> >>
>> >> _______________________________________________
>> >> users mailing list
>> >> [email protected]
>> >> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>> >
>> >
>> >
>> >
>> > --
>> > Ben Parees | OpenShift
>> >
>>
>
>
>
> --
> Ben Parees | OpenShift
>
>
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
