2

I have a Kubernetes pod based on jenkins/slave container to which I mount docker socket and docker binary file with necessary kernel module in privileged mode. Inside that pod I build Docker image basing on which I run docker container. Inside that container I don't have Internet connection at all because pod container uses flannel network (198.x.x.x) and that container uses bridged docker network (172.x.x.x) which is not available inside pod container. How can I make Internet to be available inside the second container which is being created inside Kubernetes pod container? Using Docker API in Jenkins pipeline is not a solution for me as long as it limits output of error logs and I can not commit changes made in the second container because of immediate removing of that container after build.

Nicolas Pepinster
  • 5,413
  • 2
  • 30
  • 48
user54
  • 573
  • 2
  • 7
  • 22
  • You may refer this for your answer [https://stackoverflow.com/questions/49299428/no-internet-connectivity-inside-docker-container-running-inside-kubernetes-with/49408621#49408621](https://stackoverflow.com/questions/49299428/no-internet-connectivity-inside-docker-container-running-inside-kubernetes-with/49408621#49408621) – Vaibhav Jain Mar 21 '18 at 14:15

1 Answers1

2

Not sure if this article will help you with this issue, JENKINS DECLARATIVE PIPELINES WITH KUBERNETES . This article shows a full stack on how to setup Jenkins in Kubernetes and also involves idea about Docker in Docker.

Based on my thought, we could mark as pod container as container1 and container in pod as container2.

I think container1 and container2 should locate in the same host and shared the same docker engine. So flannel network with docker network should setup together.

As my idea, network flow for container2 should be from container2 -> docker0 -> host, should be not with container1.

Just let me know if this should be reasonable, or we could discuss together, I think this question is very interesting.

Zhao Jian
  • 216
  • 2
  • 6
  • Hi Zhao, I was able to figure out the issue. My Hypervisor was instantly rebooted 5 days ago and after reboot I noticed that firewall rule was not applied for Docker bridge. Once I added the next rule: iptables -t nat -A POSTROUTING -s 172.17.0.0/16 -j MASQUERADE the issue has gone. I have already added autostart script which will apply this rule in case of reboot. – user54 Oct 30 '17 at 19:42
  • 1
    @zaho I am also struggling with the same problem, I have my jenkins hosted as pod inside docker container and this jenkins spawns jenkins slave as K8s pod and in this slave I am building my dockerfile, here starts the problem, if I have any statement in dockerfile that needes internet connection(yum install xyz) then my slave container not able to access the internet. My slaves are using the host docker engine and I have mapped docker.sock inside the container. Any thought on this? – Vaibhav Jain Mar 14 '18 at 18:02