skip to Main Content

I have installed docker inside my EC2 instance and running Jenkins as a docker container. The complete code is given below.

sudo su
apt-get update 
apt install -y docker.io 
service docker start 
usermod -a -G docker ubuntu
chmod 666 /var/run/docker.sock 
mkdir /data
mkdir /data/jenkins
chmod o+rwx /data
chmod o+rwx /data/jenkins

Then to run the container,

docker run --name jenkins-dev -p 8080:8080 -p 50000:50000 -v /data/jenkins:/var/jenkins_home -v /var/run/docker.sock:/var/run/docker.sock jenkins/jenkins:jdk11 

An then I entered inside the container by docker exec -it 17cfbb0f966d and install docker inside it as mentioned over here. Then, the docker commands were working fine. But after re logging I can’t run docker commands. It gives below error Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json": dial unix /var/run/docker.sock: connect: permission denied. I guess, after every login the permission for docker.sock file is changing. So i had to rerun chmod 666 /var/run/docker.sock in main terminal to work docker commands inside the container. But I tried another way to add user jenkins into docker group as well. It was successfully added to group "docker" as shown below.

ubuntu@ip-10-133-184-31:~$ docker exec -it 17cfbb0f966d bash
jenkins@17cfbb0f966d:/$ grep /etc/group -e "docker"
docker:x:999:jenkins

After that i rebooted the instance and started the container again. But still I can’t run any docker commands inside the container. It throws the same error.

ubuntu@ip-10-133-184-31:~$ docker exec -it 17cfbb0f966d bash
jenkins@17cfbb0f966d:/$ docker ps
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json": dial unix 
/var/run/docker.sock: connect: permission denied

What may be the issue?

2

Answers


  1. Chosen as BEST ANSWER

    It worked after running the container as root user ie: docker run -u root ...


  2. I met the same problem several days ago and fixed it by adding an another group as below:

    RUN useradd -u $UID -ms /bin/bash $USER && 
      usermod -aG docker $USER && 
      groupadd -g $DGID dockerr && 
      usermod -aG dockerr $USER
    

    The $DGID here is the gid of group docker at the host.

    After installing docker client inside the docker image, a docker group is created, but the gid of this docker group could be different from that at host, while the gid, not the group name is the key.

    So I created a new group with the gid of docker group at host and put my new user into this group. With this gid, this user then can access the /var/run/docker.sock.

    PS.

    I tried to make the docker group inside docker share the same gid with the host, but just couldn’t make it.

    This did fix my problem, however I’m wondering whether there could be a better solution.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search