Permission Denied while trying to connect to Docker Daemon while running Jenkins pipeline in Macbook

Question

I am trying to run Jenkins pipeline job in my macbook. I also have docker instance running locally. Initially I got the "docker command not found" error while running the Jenkins Job. I fixed the error by adding a symlink "ln -f -s /Applications/Docker.app/Contents/Resources/bin/* /usr/local/bin"

I also applied these two changes so that jenkins user has the access to the docker directory

1. chmod -R 777 /Users/myUserName/Library/Containers/com.docker.docker/
2. chmod -R 777 /Users/myUserName/Library/Containers/com.docker.helper/

I am getting below errors:

Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.27/containers/openjdk:8/json: dial unix /var/run/docker.sock: connect: permission denied [Pipeline] sh [test] Running shell script + docker pull openjdk:8 Warning: failed to get default registry endpoint from daemon (Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.27/info: dial unix /var/run/docker.sock: connect: permission denied). Using system default: https://index.docker.io/v1/ Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.27/images/create?fromImage=openjdk&tag=8: dial unix /var/run/docker.sock: connect: permission denied [Pipeline] } [Pipeline] // node [Pipeline] End of Pipeline ERROR: script returned exit code 1 Finished: FAILURE

Answer 1

You need to add the jenkins build agent user to the docker group and then restart jenkins for this to take effect:

usermod -aG docker ${USER}
systemctl restart jenkins

Answer 2

Solution: -

Here is how I fixed the issue, open the terminal and type this command

sudo chmod 666 /var/run/docker.sock

Answer 3

Somewhat hacky workaround:

• DockerUser is the user who installed Docker
• Both DockerUser and the Jenkins user are in the staff group (verify with groups USERNAME)

As DockerUser:

$ chmod g+rx /Users/DockerUser/Library
$ chmod g+rx /Users/DockerUser/Library/Containers
$ chmod g+rx /Users/DockerUser/Library/Containers/com.docker.docker
$ chmod g+rw /Users/DockerUser/Library/Containers/com.docker.docker/Data/docker.sock

⚠️ Security Implications

Any user account on the machine (not just the Jenkins user) has write access to all of your docker containers/volumes/anything and launch anything they like.

Then as your other (Jenkins) user, you should be able to do the following to launch a container:

$ docker run --rm ubuntu uname -a
Unable to find image 'ubuntu:latest' locally
latest: Pulling from library/ubuntu
6a5697faee43: Pull complete
ba13d3bc422b: Pull complete
a254829d9e55: Pull complete
Digest: sha256:fff16eea1a8ae92867721d90c59a75652ea66d29c05294e6e2f898704bdb8cf1
Status: Downloaded newer image for ubuntu:latest

Linux dc3d34c548e5 5.4.39-linuxkit #1 SMP Fri May 8 23:03:06 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

Answer 4

You can try this and worked for me:

docker run --rm -p 8080:8080 -p 4040:4040 -v /var/run/docker.sock:/var/run/docker.sock -v $PWD/jenkins_home:/var/jenkins_home logimethods/jenkins

Answer 5

There are any ways to solve this issue, I faced it last week, I solved but with docker-compose this setup is replicable to docker, you can create a shared volume that points from the location of docker.sock in your host /var/run/docker.sock to location of docker.sock in your container /var/run/docker.sock. Something like this:

version: '2'
services:
  jenkins:
    build:
      context: ./jenkins
    ports:
      - "8080:8080"
    expose:
      - "8080"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /usr/bin/docker:/usr/bin/docker
      - /usr/local/bin/docker-compose:/usr/local/bin/docker-compose

  nginx:
    build:
      context: ./nginx
    container_name: "prueba"
    links:
      - jenkins
    ports:
      - "80:80"
    depends_on:
      - jenkins

To works well you have to give permissons of user to the socketsudo chown $USER:$USER /var/run/docker.sock and to the group of docker , as Innocent Anigbo mentioned.

Answer 6

This is a docker permission issue. Add the jenkins user to docker group as follow:

usermod -aG docker ${USER}