Macos – How to setup Jenkins under macOS with Docker daemon access

dockerJenkinsmacos

I followed the simple steps to get Jenkins up and running through a docker container: https://jenkins.io/doc/book/installing/#downloading-and-running-jenkins-in-docker

Basically, all I did was run:

docker run \
  --rm \
  -d \
  -p 8080:8080 \
  -v jenkins-data:/var/jenkins_home \
  -v /var/run/docker.sock:/var/run/docker.sock \
  jenkinsci/blueocean

Now, when trying to setup a pipeline inside Jenkins, it can not find the Docker deamon. Error output I get from the pipeline inside Jenkins:

+ docker pull python:3.6.3
Warning: failed to get default registry endpoint from daemon (Cannot connect to the Docker daemon. Is the docker daemon running on this host?). Using system default: https://index.docker.io/v1/
Cannot connect to the Docker daemon. Is the docker daemon running on this host?
script returned exit code 1

So this suggests that there is no Docker daemon running that Jenkins can see. The option: -v /var/run/docker.sock:/var/run/docker.sock in the container start-up should have worked, but I'm not sure what other setup steps I may be missing here?

I am running this under macOS 10.13 and my Docker installation on the host appears to work fine. There are some Jenkins config points, where more docker info and installations can be configured, but it seems the default should work?

Please let me know if I am missing anything to get jenkins access to the docker daemon.

[UPDATE]

After more searching everyone was pointing to the /var/run/docker.sock permissions as the main source for this kind of problem. Looking at this mounted socket it looks like the jenkins user is not part of the right group. I'm guessing the mapping form the host group into the container is done by id and that simply doesn't match ?

Best Answer

add --group-add docker to the docker run command to make sure the user running inside the jenkins docker container will belong to the equivalent docker group on your host.

docker run \
  --group-add docker \
  --rm \
  -d \
  -p 8080:8080 \
  -v jenkins-data:/var/jenkins_home \
  -v /var/run/docker.sock:/var/run/docker.sock \
  jenkinsci/blueocean

The mounted socket: /var/run/docker.sock is resulting in confusion about which group it belongs to on the host and inside the jenkins container.

There is some discussion in this GitHub issue: https://github.com/jenkinsci/docker/issues/263