Docker inside Docker container

[pragmaticivan]

Hi there, Have you guys had any trouble trying to run docker containers inside a Jenkins build?

I'm having issues with permissions on /var/run/docker.sock

[sorenroug]

Since your subject is docker inside docker, I presume the Jenkins build is also running in a container.

If you're also running SELinux then you have to make a new policy module that allows a process tagged with svirt_lxc_net_t to connect to sockets tagged with docker_t. The policy module is then installed on the docker host.

If you're try to achieve your goal by mapping the host's /var/run/docker.sock to the same location in the Jenkins container, then note that the docker containers you start up in Jenkins are sibling containers, and you won't be able to connect to any ports they might expose from Jenkins.

It might be easier to start up a container dedicated to running containers:

dockernode:
  image: docker.io/library/docker:1.9.1-dind
  privileged: true

worker:
  image: jenkins
  links:
    - dockernode:dockernode
  environment:
    - DOCKER_HOST=tcp://dockernode:2375

If you start up, say Tomcat in a container, then you can reach it at dockernode port 8080.

[pragmaticivan]

Thanks, actually the purpose of having docker inside Jenkins was just for running tests, I'm in a place where we use a couple of different technologies, and using docker will facilitate a lot our tests. And actually the containers will be destroyed after each build. I solved the problem changing the group permission of the socket in the main host.