How to use docker in scripted jenkins pipeline on RHEL7











up vote
0
down vote

favorite












The goal is to start a docker image from a scripted jenkins pipeline.



The node running docker is RHEL7 machine.



On RHEL7 regular users aren't allowed to execute docker commands without sudo, see this post by Dan Walsh.



Sudo has been configured and I set up the alias as recommended.
However jenkins doesn't read the bash profile.



Next I removed the alias and created a script called docker and placed that in directory which I now prepend to the PATH.



The pipeline is now able to execute docker but at the end of the pipeline it tries to call /usr/bin/docker-current and for some reason this doesn't use the script. Even though which docker-current in a sh step in the pipeline shows that it found the script.



All of this feels like I'm missing something.
How can I configure jenkins/docker so that jenkins is able to properly start docker images to run steps in my pipeline?






docker jenkins rhel-7







share|improve this question


























    up vote
    0
    down vote

    favorite












    The goal is to start a docker image from a scripted jenkins pipeline.



    The node running docker is RHEL7 machine.



    On RHEL7 regular users aren't allowed to execute docker commands without sudo, see this post by Dan Walsh.



    Sudo has been configured and I set up the alias as recommended.
    However jenkins doesn't read the bash profile.



    Next I removed the alias and created a script called docker and placed that in directory which I now prepend to the PATH.



    The pipeline is now able to execute docker but at the end of the pipeline it tries to call /usr/bin/docker-current and for some reason this doesn't use the script. Even though which docker-current in a sh step in the pipeline shows that it found the script.



    All of this feels like I'm missing something.
    How can I configure jenkins/docker so that jenkins is able to properly start docker images to run steps in my pipeline?






    docker jenkins rhel-7







    share|improve this question
























      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      The goal is to start a docker image from a scripted jenkins pipeline.



      The node running docker is RHEL7 machine.



      On RHEL7 regular users aren't allowed to execute docker commands without sudo, see this post by Dan Walsh.



      Sudo has been configured and I set up the alias as recommended.
      However jenkins doesn't read the bash profile.



      Next I removed the alias and created a script called docker and placed that in directory which I now prepend to the PATH.



      The pipeline is now able to execute docker but at the end of the pipeline it tries to call /usr/bin/docker-current and for some reason this doesn't use the script. Even though which docker-current in a sh step in the pipeline shows that it found the script.



      All of this feels like I'm missing something.
      How can I configure jenkins/docker so that jenkins is able to properly start docker images to run steps in my pipeline?






      docker jenkins rhel-7







      share|improve this question













      The goal is to start a docker image from a scripted jenkins pipeline.



      The node running docker is RHEL7 machine.



      On RHEL7 regular users aren't allowed to execute docker commands without sudo, see this post by Dan Walsh.



      Sudo has been configured and I set up the alias as recommended.
      However jenkins doesn't read the bash profile.



      Next I removed the alias and created a script called docker and placed that in directory which I now prepend to the PATH.



      The pipeline is now able to execute docker but at the end of the pipeline it tries to call /usr/bin/docker-current and for some reason this doesn't use the script. Even though which docker-current in a sh step in the pipeline shows that it found the script.



      All of this feels like I'm missing something.
      How can I configure jenkins/docker so that jenkins is able to properly start docker images to run steps in my pipeline?






      docker jenkins rhel-7




      docker jenkins rhel-7






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 27 at 11:31









      Bram

      577312




      577312






















          1 Answer
          1






          active

          oldest

          votes

















          up vote
          0
          down vote













          Instead of giving the Jenkins user sudo and trying to wrap calls to docker with sudo, add the Jenkins user to the docker group:




          If you don’t want to preface the docker command with sudo, create a Unix group called docker and add users to it. When the Docker daemon starts, it creates a Unix socket accessible by members of the docker group.




          Source from the official documentation with more detailed instructions on giving non-root users access to the docker daemon.



          These instructions are what I followed to give Jenkins docker access on RHEL 7 via scripted Pipelines and it seems to work just fine.






          share|improve this answer





















          • As Dan Walsh explains in the post I linked to this poses security risks. My goal is to allow jenkins to run docker containers without exposing this securoty risk.
            – Bram
            Dec 11 at 15:34










          • Giving the Jenkins user sudo creates security risks too. At some point you have to accept that allowing an agent to run a setuid executable is going to expose attack surfaces no matter how you do it.
            – jayhendren
            Dec 11 at 17:01











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "3"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1378729%2fhow-to-use-docker-in-scripted-jenkins-pipeline-on-rhel7%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          up vote
          0
          down vote













          Instead of giving the Jenkins user sudo and trying to wrap calls to docker with sudo, add the Jenkins user to the docker group:




          If you don’t want to preface the docker command with sudo, create a Unix group called docker and add users to it. When the Docker daemon starts, it creates a Unix socket accessible by members of the docker group.




          Source from the official documentation with more detailed instructions on giving non-root users access to the docker daemon.



          These instructions are what I followed to give Jenkins docker access on RHEL 7 via scripted Pipelines and it seems to work just fine.






          share|improve this answer





















          • As Dan Walsh explains in the post I linked to this poses security risks. My goal is to allow jenkins to run docker containers without exposing this securoty risk.
            – Bram
            Dec 11 at 15:34










          • Giving the Jenkins user sudo creates security risks too. At some point you have to accept that allowing an agent to run a setuid executable is going to expose attack surfaces no matter how you do it.
            – jayhendren
            Dec 11 at 17:01















          up vote
          0
          down vote













          Instead of giving the Jenkins user sudo and trying to wrap calls to docker with sudo, add the Jenkins user to the docker group:




          If you don’t want to preface the docker command with sudo, create a Unix group called docker and add users to it. When the Docker daemon starts, it creates a Unix socket accessible by members of the docker group.




          Source from the official documentation with more detailed instructions on giving non-root users access to the docker daemon.



          These instructions are what I followed to give Jenkins docker access on RHEL 7 via scripted Pipelines and it seems to work just fine.






          share|improve this answer





















          • As Dan Walsh explains in the post I linked to this poses security risks. My goal is to allow jenkins to run docker containers without exposing this securoty risk.
            – Bram
            Dec 11 at 15:34










          • Giving the Jenkins user sudo creates security risks too. At some point you have to accept that allowing an agent to run a setuid executable is going to expose attack surfaces no matter how you do it.
            – jayhendren
            Dec 11 at 17:01













          up vote
          0
          down vote










          up vote
          0
          down vote









          Instead of giving the Jenkins user sudo and trying to wrap calls to docker with sudo, add the Jenkins user to the docker group:




          If you don’t want to preface the docker command with sudo, create a Unix group called docker and add users to it. When the Docker daemon starts, it creates a Unix socket accessible by members of the docker group.




          Source from the official documentation with more detailed instructions on giving non-root users access to the docker daemon.



          These instructions are what I followed to give Jenkins docker access on RHEL 7 via scripted Pipelines and it seems to work just fine.






          share|improve this answer












          Instead of giving the Jenkins user sudo and trying to wrap calls to docker with sudo, add the Jenkins user to the docker group:




          If you don’t want to preface the docker command with sudo, create a Unix group called docker and add users to it. When the Docker daemon starts, it creates a Unix socket accessible by members of the docker group.




          Source from the official documentation with more detailed instructions on giving non-root users access to the docker daemon.



          These instructions are what I followed to give Jenkins docker access on RHEL 7 via scripted Pipelines and it seems to work just fine.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Nov 27 at 22:10









          jayhendren

          228210




          228210












          • As Dan Walsh explains in the post I linked to this poses security risks. My goal is to allow jenkins to run docker containers without exposing this securoty risk.
            – Bram
            Dec 11 at 15:34










          • Giving the Jenkins user sudo creates security risks too. At some point you have to accept that allowing an agent to run a setuid executable is going to expose attack surfaces no matter how you do it.
            – jayhendren
            Dec 11 at 17:01


















          • As Dan Walsh explains in the post I linked to this poses security risks. My goal is to allow jenkins to run docker containers without exposing this securoty risk.
            – Bram
            Dec 11 at 15:34










          • Giving the Jenkins user sudo creates security risks too. At some point you have to accept that allowing an agent to run a setuid executable is going to expose attack surfaces no matter how you do it.
            – jayhendren
            Dec 11 at 17:01
















          As Dan Walsh explains in the post I linked to this poses security risks. My goal is to allow jenkins to run docker containers without exposing this securoty risk.
          – Bram
          Dec 11 at 15:34




          As Dan Walsh explains in the post I linked to this poses security risks. My goal is to allow jenkins to run docker containers without exposing this securoty risk.
          – Bram
          Dec 11 at 15:34












          Giving the Jenkins user sudo creates security risks too. At some point you have to accept that allowing an agent to run a setuid executable is going to expose attack surfaces no matter how you do it.
          – jayhendren
          Dec 11 at 17:01




          Giving the Jenkins user sudo creates security risks too. At some point you have to accept that allowing an agent to run a setuid executable is going to expose attack surfaces no matter how you do it.
          – jayhendren
          Dec 11 at 17:01


















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Super User!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.





          Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


          Please pay close attention to the following guidance:


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1378729%2fhow-to-use-docker-in-scripted-jenkins-pipeline-on-rhel7%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Terni

          Image
          Questa voce o sezione sull'argomento Umbria non è ancora formattata secondo gli standard . Contribuisci a migliorarla secondo le convenzioni di Wikipedia. Segui i suggerimenti del progetto di riferimento. Terni comune Localizzazione Stato   Italia Regione Umbria Provincia Terni Amministrazione Sindaco Leonardo Latini (Lega Nord) dal 25-06-2018 Territorio Coordinate 42°34′N 12°39′E  /  42.566667°N 12.65°E 42.566667; 12.65  ( Terni ) Coordinate: 42°34′N 12°39′E  /  42.566667°N 12.65°E 42.566667; 12.65  ( Terni ) Altitudine 130 m s.l.m. Superficie 211,90 km² Abitanti 111 189 [1] (31-12-2017) Densità 524,72 ab./km² Frazioni Vedi elenco Comuni confinanti Acquasparta, Arrone, Colli sul Velino (RI), Labro (RI), Montecastrilli, Montefranco, Narni, Rieti (RI), San Gemini, Spoleto (PG), Stroncone Altre informazioni Cod. postale 05100 Prefisso 0744 Fuso orario UTC+1 Codice ISTAT...
          Read more

          A new problem with tex4ht and tikz

          Image
          3 When run through pdflatex the code snippet below produces: but when I run it through make4ht the following web page, without the numbers, is generated: (The difference in scale is an artifact of my skills in taking screenshots.) Here is the code: documentclass{article} usepackage{tikz} begin{document} begin{tikzpicture} foreach x in {-3,...,3} { draw(x,0.25) --(x,0)node[below]{x}; } foreach x in {-2.5,...,2.5} { draw(x,0.18) --(x,0); } draw[thick,<->](-3.5,0)--(3.5,0); filldraw[blue!50!white](1.5,0) circle (1mm); draw[red] (-3.5,-1) rectangle (3.5,1); % make bounding box higher end{tikzpicture} end{document} Only the first line of the tikzpicture environment is necessary. The rest is just to show that everything else is OK. I am...
          Read more

          Sun Ra

          Image
          .mw-parser-output .avviso .mbox-text-div>div,.mw-parser-output .avviso .mbox-text-full-div>div{font-size:90%}.mw-parser-output .avviso .mbox-image div{width:52px}.mw-parser-output .avviso .mbox-text-full-div .hide-when-compact{display:block} Questa voce o sezione sull'argomento compositori statunitensi non cita le fonti necessarie o quelle presenti sono insufficienti . Puoi migliorare questa voce aggiungendo citazioni da fonti attendibili secondo le linee guida sull'uso delle fonti. Sun Ra Sun Ra nel 1992 al conservatorio del New England Nazionalità   Stati Uniti Genere Fusion Free jazz Hard bop Space music Jazz d'avanguardia Musica sperimentale Big band Periodo di attività musicale 1934 – 1993 Strumento pianoforte, sintetizzatore Modifica dati su Wikidata  · Manuale .mw-parser-output .citazione-table{margin-bottom:.5em;font-size:95%}.mw-parser-output .citazione-table td{padding:0 1.2em 0 2.4em}.mw-parser-output...
          Read more