31

My Jenkins is not run in Docker container, just tradional install to VPS. I got the following error when executing a simple test project. I am using Ubuntu 14, java 7, and stable Jenkins. I tried all methods I can find on google, but can't get it work.

I am trying to execute this shell

docker build --pull=true -t nick/hello-jenkins:$GIT_COMMIT .

After code change.

Here is error: 

Got permission denied while trying to connect to the Docker daemon socket at unix: ....

Started by user nicolas xu
Building in workspace /var/lib/jenkins/workspace/hello-Jenkins
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://github.com/nicolasxu/hello-nick-jenkins.git # timeout=10
Fetching upstream changes from https://github.com/nicolasxu/hello-nick-jenkins.git
 > git --version # timeout=10
 > git fetch --tags --progress https://github.com/nicolasxu/hello-nick-jenkins.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/master^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision d94ae21a8a2cf58ffc790dcad15bd851fb17df5a (refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f d94ae21a8a2cf58ffc790dcad15bd851fb17df5a
 > git rev-list d94ae21a8a2cf58ffc790dcad15bd851fb17df5a # timeout=10
[hello-Jenkins] $ /bin/sh -xe /tmp/hudson5076309502904684976.sh
+ docker build --pull=true -t nick/hello-jenkins:d94ae21a8a2cf58ffc790dcad15bd851fb17df5a .
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.27/build?buildargs=%7B%7D&cachefrom=%5B%5D&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=Dockerfile&labels=%7B%7D&memory=0&memswap=0&networkmode=default&pull=1&rm=1&shmsize=0&t=nick%2Fhello-jenkins%3Ad94ae21a8a2cf58ffc790dcad15bd851fb17df5a&ulimits=null: dial unix /var/run/docker.sock: connect: permission denied
Build step 'Execute shell' marked build as failure
Finished: FAILURE

I can run 'docker' in console as root no problem, why jenkins can't try a shell command which runs 'docker'? What is going on? Totally confused.......

Nicolas S.Xu
  • 13,794
  • 31
  • 84
  • 129
  • I'm voting to close this question as off-topic because this guy is handing out credentials to his Jenkins server asking about Docker issues which are related to running the Docker daemon as root. If this already hasn't been hacked, I'd be amazed to wake up next morning to a world where it hasn't. – Esko Jun 08 '17 at 19:50
  • (off-topic was the least-wrong category I could find from the options, sorry for that) – Esko Jun 08 '17 at 19:50
  • 1
    @NicolasS.Xu, please change your user name and password that you had posted here. – Robert Jun 08 '17 at 19:53
  • sorry, I am desperate here. – Nicolas S.Xu Jun 08 '17 at 19:56
  • If you are having the issue with a remote node, and have update the group but still get the error you can restart Jenkins as mentioned above, or just disconnect and reconnect the node for a faster less impactful approach. – James Taylor Mar 09 '22 at 22:56

4 Answers4

66

In your VPS server terminal, do this to add your jenkins user to the docker group:

sudo usermod -aG docker jenkins

Then restart your jenkins server to refresh the group.

Take into account any security issue that this could produce:

Warning: The docker group grants privileges equivalent to the root user. For details on how this impacts security in your system, see Docker Daemon Attack Surface.

Refer to the docs

Edit (mentioned by @iger): Just make sure to restart the Jenkins from command-line (i.e. sudo service jenkins restart), but not through the rest endpoint (http:///restart)

Robert
  • 33,429
  • 8
  • 90
  • 94
  • tried, doesn't work. Same error "Got permission denied while trying to connect to the Docker daemon socket" – Nicolas S.Xu Jun 08 '17 at 19:40
  • Is it because of my Docker, not my Jenkins? – Nicolas S.Xu Jun 08 '17 at 19:41
  • 3
    Restart your jenkins service in order to get the groups impacted – Robert Jun 08 '17 at 19:51
  • 3
    It works after restart Jenkins. Thank you so much!! I'll read the doc you provided in your answer. – Nicolas S.Xu Jun 08 '17 at 20:03
  • 12
    Just make sure to restart the Jenkins from command-line (i.e. sudo service jenkins restart), but not through the rest endpoint (http:///restart) – Iger Feb 06 '18 at 11:36
  • I am getting this error to add jenkins - **"usermod: user 'jenkins' does not exist"** – Shamim Sep 17 '19 at 05:04
  • 2
    Actually, you need to check the user of Jenkins, for example, if you use the codebase distribution, need to use `sudo usermod -aG docker cloudbees-jenkins-distribution`. you can check it by list user: `sudo cat /etc/passwd` – Xin Meng Sep 29 '19 at 16:44
  • What do you do when using the Jenkins agent docker image? i.e. `jenkins/ssh-agent:jdk11` – KernelDeimos Jan 16 '23 at 04:07
5

Running

sudo usermod -aG docker jenkins

and then

sudo service jenkins restart

worked perfectly for me.

mindfulDoubt
  • 51
  • 1
  • 2
2
  1. Add user to docker group as it described here.
  2. Start jenkins with this command: docker run -d -u root --restart on-failure -p "8080:8080" -p "50000:50000" -v $PWD/jenkins-data:/var/jenkins_home -v /var/run/docker.sock:/var/run/docker.sock jenkinsci/blueocean

root user required because without it you will not be able to execute root task, example: apk update && apk install ...

Denys Bushulyak
  • 335
  • 2
  • 6
-1

sudo chmod 666 /var/run/docker.sock it work on linus base system

zaheer shaikh
  • 109
  • 1
  • 2
  • 5
  • Is better just to add jenkins to the docker group sudo usermod -aG docker jenkins sudo service jenkins restart – Diego Meza Oct 22 '22 at 19:15