Jenkins using Kubernetes plugin - Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

Question

Using Jenkins on Kubernetes plugin and using Jenkins as a code.

I'm getting this error when trying to use 'docker build'

Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

1. I tried to mount /var/run/docker.sock.. but still not working..
2. I tried to use runAsUser: root to run with root permissions... but still not working..

My Jenkins as a code pod template configuration -

  Jenkins:config:
    chart: jenkins
    namespace: default
    repo: https://charts.jenkins.io
    values:
      agent:
        enabled: true
        podTemplates:
          jenkins-slave-pod: |
            - name: jenkins-xxx-pod
              label: ecs-slave
              serviceAccount: jenkins-xxx-prod
              containers:
                - name: main
                  image: '805xxxx.dkr.ecr.us-west-2.amazonaws.com/slave:ecs-xxxx-node_master-3'
                  command: "sleep"
                  args: "30d"
                  privileged: true
                  runAsUser: root
              volumes:
                - hostPathVolume:
                    hostPath: "/var/run/docker.sock"
                    mountPath: "/var/run/docker.sock"

Answer 1

I assume that you are using k8s >= v1.24 where docker as runtime is not supported anymore.

I would also add that mounting docker socket is not a good practice from security perspective.

If you want to build container image in k8s please use podman or kaniko.

Answer 2

There are some possible reasons which cause that error.

1. Docker daemon is not running.
2. Docker did not shut down cleanly.
3. Lack of root privileges to start the docker service

Here are some troubleshooting steps which you can try:

1. Use Systemctl to Start the Docker Service.

2. Use Snap to Start the Docker Service.

3. Clean a "Failed Docker Pull" and Start the Docker Service.

4. Start Docker for Users Without Root Privileges.

5. Reinstall Docker.

The above information is derived from the document written by Daisy for more detailed steps you can follow the same document.

Answer 3

You need to connect your jenkins agent (with docker client inside) to remote docker daemon for docker commands to succeed.

One option to achieve this is to use Jenkins Docker in Docker Agent where docker daemon runs inside a container in the same pod with a container of jenkins agent which has docker client inside it.

additionalAgents: 
  dind:
    podName: dind-agent
    customJenkinsLabels: dind-agent
    image: dind-client-jenkins-agent
    tag: latest
    envVars:
     - name: DOCKER_HOST
       value: "tcp://localhost:2375"
    alwaysPullImage: true
    yamlTemplate:  |-  
     spec: 
         containers:
           - name: dind-daemon 
             image: docker:20.10-dind
             securityContext: 
               privileged: true
             env: 
               - name: DOCKER_TLS_VERIFY
                 value: ""

Disclaimer: I wrote this article