问题描述
我正在docker中运行Jenkins实例,并使用docker-compose在 RHEL 7.7主机
上启动了该实例docker版本:Docker 1.13.1版,内部版本64e9980 / 1.13.1
docker撰写文件
version: "3.5"
services:
jenkins:
image: jenkins:2.251-slim
container_name: jenkins
privileged: true
user: 1000:2020
ports:
- "8000:8080"
- "50000:50000"
volumes:
- /var/run/docker.sock:/var/run/docker.sock # Expose the docker daemon in the container
- ./jenkins:/var/jenkins_home:rwz # Jenkins workspace
networks:
- backend
networks:
backend:
name: sup_bridge
driver: "bridge"
我最初遇到的问题是jenkins无法访问已挂载的./jenkins目录,后来发现selinux在我的计算机中处于强制状态
cat /etc/selinux/config
SELINUX=enforcing
SELINUXTYPE=targeted
通过在jenkins home的卷装载中添加:rwz
来解决该问题
Jenkins现在工作正常,能够安装插件,并且我创建了多分支管道,
在分支中包含Jenkinsfile的管道阶段,
# Jenkinsfile
pipeline {
agent none
triggers {
cron('25 */4 * * *')
}
stages {
stage('Download Data') {
agent {
docker {
image 'sup:python-3.6-slim'
args '--network=sup_bridge'
}
}
steps {
withCredentials([
usernamePassword(credentialsId: 'stgapi-username-pass',passwordVariable: 'pass',usernameVariable: 'user'),usernamePassword(credentialsId: 'user-git-creds',usernameVariable: 'gituser',passwordVariable: 'gitpass'),usernamePassword(credentialsId: 'mongo-connection-url',usernameVariable: 'mongo',passwordVariable: 'mongo_url'),]) {
// the code in here can access $pass and $user
sh 'git config --global credential.helper store'
// to access and install some pip libraries from private hosted git server
// $gitpass is of format https://user:pass@gitserver.com
sh 'echo "$gitpass" > ~/.git-credentials'
sh 'python --version'
sh 'pip install -r requirements.txt'
sh 'export username=$user && export password=$pass && export mongo_database="test" && export mongo_connection=$mongo_url && python runner.py'
}
}
}
}
}
当我在该分支上触发Jenkins构建时,它使容器摇摇欲坠,但挂在执行脚本上,并且超时了,
Jenkins构建控制台输出,
...
...
...
[Pipeline] withEnv
[Pipeline] {
[Pipeline] isUnix
[Pipeline] sh
+ docker inspect -f . sup:python-3.6-slim
.
[Pipeline] withDockerContainer
Jenkins seems to be running inside container d35f65a438579849028b27162bbd30067992b2fce2561d0efa65e2a4cca4a462
$ docker run -t -d -u 1000:2020 --network=sup_bridge -w /var/jenkins_home/workspace/hon-scripts_release_demo-scripts --volumes-from d35f65a438579849028b27162bbd30067992b2fce2561d0efa65e2a4cca4a462 -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** sup:python-3.6-slim cat
$ docker top 99cdb9d0b568fa04db05606dd47db42d5af3eb051ae8df7f18bcf98966453276 -eo pid,comm
[Pipeline] {
[Pipeline] withCredentials
Masking supported pattern matches of $user or $pass or $svcStgUser or $svcStgPass or $mongo or $mongo_url
[Pipeline] {
[Pipeline] sh
process apparently never started in /var/jenkins_home/workspace/hon-scripts_release_demo-scripts@tmp/durable-edbff6e4
(running Jenkins temporarily with -Dorg.jenkinsci.plugins.durabletask.BourneshellScript.LAUNCH_DIAGNOSTICS=true might make the problem clearer)
[Pipeline] }
[Pipeline] // withCredentials
[Pipeline] }
$ docker stop --time=1 99cdb9d0b568fa04db05606dd47db42d5af3eb051ae8df7f18bcf98966453276
$ docker rm -f 99cdb9d0b568fa04db05606dd47db42d5af3eb051ae8df7f18bcf98966453276
[Pipeline] // withDockerContainer
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }
[Pipeline] // node
[Pipeline] }
[Pipeline] // stage
[Pipeline] End of Pipeline
ERROR: script returned exit code -2
Finished: FAILURE
我尝试在容器运行时登录到该容器,并且在运行ls时出现权限拒绝错误,
root@storage:/root $ docker exec -ti 99cdb9d0b568fa04db05606dd47db42d5af3eb051ae8df7f18bcf98966453276 bash
I have no name!@99cdb9d0b568:/var/jenkins_home/workspace/hon-scripts_release_demo-scripts$ ls
ls: cannot open directory '.': Permission denied
I have no name!@99cdb9d0b568:/var/jenkins_home/workspace/hon-scripts_release_demo-scripts$
在Jenkins容器中,我看到一切都很好,
root@storage:/root $ docker exec -ti jenkins bash
jenkins@d35f65a43857:/$ ls -l /var/jenkins_home/workspace/hon-scripts_release_demo-scripts
total 24
-rw-r--r--. 1 jenkins 2020 1171 Aug 22 06:40 Dockerfile
-rw-r--r--. 1 jenkins 2020 1231 Aug 23 06:37 Jenkinsfile
-rw-r--r--. 1 jenkins 2020 107 Aug 21 16:25 README.md
-rw-r--r--. 1 jenkins 2020 100 Aug 21 16:25 requirements.txt
-rw-r--r--. 1 jenkins 2020 2672 Aug 21 16:25 runner.py
-rw-r--r--. 1 jenkins 2020 9 Aug 21 16:25 xio-list.txt
jenkins@d35f65a43857:/$ id jenkins
uid=1000(jenkins) gid=1000(jenkins) groups=1000(jenkins)
jenkins@d35f65a43857:/$
容器详细信息,
root@storage:/apps/sup-docker-files $ docker inspect jenkins
[
{
"Id": "d35f65a438579849028b27162bbd30067992b2fce2561d0efa65e2a4cca4a462","Created": "2020-08-21T16:01:26.975885118Z","Path": "/sbin/tini","Args": [
"--","/usr/local/bin/jenkins.sh"
],"State": {
"Status": "running","Running": true,"Paused": false,"Restarting": false,"OOMKilled": false,"Dead": false,"Pid": 42107,"ExitCode": 0,"Error": "","StartedAt": "2020-08-23T06:42:15.242777419Z","FinishedAt": "2020-08-23T06:42:14.725898361Z"
},"Image": "sha256:d5b43f2e4e274587e35c9a96c4a7126e8a038526179e33e03eca15885b6ea86d","ResolvConfPath": "/var/lib/docker/containers/d35f65a438579849028b27162bbd30067992b2fce2561d0efa65e2a4cca4a462/resolv.conf","HostnamePath": "/var/lib/docker/containers/d35f65a438579849028b27162bbd30067992b2fce2561d0efa65e2a4cca4a462/hostname","HostsPath": "/var/lib/docker/containers/d35f65a438579849028b27162bbd30067992b2fce2561d0efa65e2a4cca4a462/hosts","LogPath": "","Name": "/jenkins","RestartCount": 0,"Driver": "overlay2","MountLabel": "","ProcessLabel": "","AppArmorProfile": "","ExecIDs": [
"a0cec19243e66453ebd98bd56080227c4b84ea7008f988463c109404192a0468"
],"HostConfig": {
"Binds": [
"/apps/sup-docker-files/jenkins:/var/jenkins_home:rw","/var/run/docker.sock:/var/run/docker.sock:rw"
],"ContainerIDFile": "","LogConfig": {
"Type": "journald","Config": {}
},"NetworkMode": "sup_bridge","PortBindings": {
"50000/tcp": [
{
"HostIp": "","HostPort": "50000"
}
],"8080/tcp": [
{
"HostIp": "","HostPort": "8000"
}
]
},"RestartPolicy": {
"Name": "","MaximumRetryCount": 0
},"AutoRemove": false,"VolumeDriver": "","VolumesFrom": [],"CapAdd": null,"CapDrop": null,"Dns": null,"DnsOptions": null,"DnsSearch": null,"ExtraHosts": null,"GroupAdd": null,"IpcMode": "","Cgroup": "","Links": null,"OomscoreAdj": 0,"PidMode": "","Privileged": true,"PublishAllPorts": false,"ReadonlyRootfs": false,"SecurityOpt": [
"label=disable"
],"UTSMode": "","UsernsMode": "","ShmSize": 67108864,"Runtime": "docker-runc","ConsoleSize": [
0,0
],"Isolation": "","cpuShares": 0,"Memory": 0,"Nanocpus": 0,"CgroupParent": "","BlkioWeight": 0,"BlkioWeightDevice": null,"BlkioDeviceReadBps": null,"BlkioDeviceWriteBps": null,"BlkioDeviceReadiops": null,"BlkioDeviceWriteIOps": null,"cpuPeriod": 0,"cpuQuota": 0,"cpuRealtimePeriod": 0,"cpuRealtimeRuntime": 0,"cpusetcpus": "","cpusetMems": "","Devices": null,"diskQuota": 0,"KernelMemory": 0,"MemoryReservation": 0,"MemorySwap": 0,"MemorySwappiness": -1,"OomKilldisable": false,"PidsLimit": 0,"Ulimits": null,"cpuCount": 0,"cpuPercent": 0,"IOMaximumIOps": 0,"IOMaximumBandwidth": 0
},"GraphDriver": {
"Name": "overlay2","Data": {
"LowerDir": "/var/lib/docker/overlay2/ab66e81361bde255fbc1f1c07b0491bc50e5d0089bb50de7663ae76eec30e93c-init/diff:/var/lib/docker/overlay2/9399117d0334821a325394fb4400e506a3c95342b9f84f627bae7fc0f00c557b/diff:/var/lib/docker/overlay2/4ee0450a85bb94883d86217e6e477a058d78a1894883b49e76822fcac42d1fef/diff:/var/lib/docker/overlay2/955d3e785ce494c24230c829cba6d55ad30d24066b78473f688d14a33d86c51d/diff:/var/lib/docker/overlay2/68fb301072578685f05f722644ccbc96d686e2f5cf3df8fa49acc2242997cc4b/diff:/var/lib/docker/overlay2/7beae213d72e90260c6950dc7b46a61a9d8b0292dc7ce239fbe65a250604b8c7/diff:/var/lib/docker/overlay2/23b8c42f4af72826fc4fe4902772017887f8e24b2d52d7d552c9d65cb8f3c201/diff:/var/lib/docker/overlay2/a1f6e6ed7ce0c49cddea5366cb6cf93cf08fd53e4bb627b5ec265e8b633d552d/diff:/var/lib/docker/overlay2/135017c88a16e2771b2fd1a7258a4fd363d9415721c429539ef3f5ffc188ff95/diff:/var/lib/docker/overlay2/eb5df73b4cefe9363beaefb685554b171209d272154153e74d9ca3320cf25bd6/diff:/var/lib/docker/overlay2/800ac38cf9d797c5aedf8fcf9d31fa20b0d62a1befe43fa1101db0991a840426/diff:/var/lib/docker/overlay2/23b8c68e4587d1d17236ac90e5bc27fe42729017fafc5ee21a6111db93130d15/diff:/var/lib/docker/overlay2/cd365484f184147b216fa2958669bfa1a3fc46195dce1f47a241d38300687dfe/diff:/var/lib/docker/overlay2/fd0c78be3c352634fcbede164a69896bfa519e735610687e0acd4d599cdb821b/diff:/var/lib/docker/overlay2/2737db6b73657fb25875155997c28cbca39a62ae6a41e97fa0bd01c5ac568a5d/diff:/var/lib/docker/overlay2/772ab50e1dbb08318e95799450953a7bbb262e71f78e7dc9eb2ed27dda217bc6/diff:/var/lib/docker/overlay2/df7f9928a06fdb680d56b1c47c58c4d0af8e2b94749a9da327c84e180b4b1906/diff","MergedDir": "/var/lib/docker/overlay2/ab66e81361bde255fbc1f1c07b0491bc50e5d0089bb50de7663ae76eec30e93c/merged","UpperDir": "/var/lib/docker/overlay2/ab66e81361bde255fbc1f1c07b0491bc50e5d0089bb50de7663ae76eec30e93c/diff","workdir": "/var/lib/docker/overlay2/ab66e81361bde255fbc1f1c07b0491bc50e5d0089bb50de7663ae76eec30e93c/work"
}
},"Mounts": [
{
"Type": "bind","Source": "/apps/sup-docker-files/jenkins","Destination": "/var/jenkins_home","Mode": "rw","RW": true,"Propagation": "rprivate"
},{
"Type": "bind","Source": "/var/run/docker.sock","Destination": "/var/run/docker.sock","Propagation": "rprivate"
}
],"Config": {
"Hostname": "d35f65a43857","Domainname": "","User": "1000:2020","AttachStdin": false,"AttachStdout": false,"AttachStderr": false,"ExposedPorts": {
"50000/tcp": {},"8080/tcp": {}
},"Tty": false,"OpenStdin": false,"StdinOnce": false,"Env": [
"PATH=/usr/local/openjdk-8/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin","LANG=C.UTF-8","JAVA_HOME=/usr/local/openjdk-8","JAVA_VERSION=8u265","JENKINS_HOME=/var/jenkins_home","JENKINS_SLAVE_AGENT_PORT=50000","REF=/usr/share/jenkins/ref","JENKINS_VERSION=2.251","JENKINS_UC=https://updates.jenkins.io","JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental","JENKINS_INCREMENTALS_REPO_MIRROR=https://repo.jenkins-ci.org/incrementals","copY_REFERENCE_FILE_LOG=/var/jenkins_home/copy_reference_file.log"
],"Cmd": null,"Image": "hub.docker.prod.walmart.com/jenkins/jenkins:2.251-slim","Volumes": {
"/var/jenkins_home": {},"/var/run/docker.sock": {}
},"WorkingDir": "","Entrypoint": [
"/sbin/tini","--","/usr/local/bin/jenkins.sh"
],"OnBuild": null,"Labels": {
"com.docker.compose.config-hash": "8262323b7455e26e006d5a9622c59c762a8ee8ac5d7abec9f08a75af879ff6f7","com.docker.compose.container-number": "1","com.docker.compose.oneoff": "False","com.docker.compose.project": "sup-docker-files","com.docker.compose.service": "jenkins","com.docker.compose.version": "1.21.2"
}
},"NetworkSettings": {
"Bridge": "","SandBoxID": "0bdefa52a1fdc80b96879599f5c972af9d14773ab53559de1d0130470a13dd51","HairpinMode": false,"LinkLocalIPv6Address": "","LinkLocalIPv6PrefixLen": 0,"Ports": {
"50000/tcp": [
{
"HostIp": "0.0.0.0","8080/tcp": [
{
"HostIp": "0.0.0.0","SandBoxKey": "/var/run/docker/netns/0bdefa52a1fd","SecondaryIPAddresses": null,"SecondaryIPv6Addresses": null,"EndpointID": "","Gateway": "","GlobalIPv6Address": "","GlobalIPv6PrefixLen": 0,"IPAddress": "","IPPrefixLen": 0,"IPv6Gateway": "","MacAddress": "","Networks": {
"sup_bridge": {
"IPAMConfig": null,"Aliases": [
"jenkins","d35f65a43857"
],"NetworkID": "853e635af231810586eec328f0a6175355095af839e2ea67ba298e3d08df96a9","EndpointID": "395e46f06194676038287a9e4364bc6466ace54ab81eb5cd28c6a6a7ee613ea8","Gateway": "172.19.0.1","IPAddress": "172.19.0.2","IPPrefixLen": 16,"MacAddress": "02:42:ac:13:00:02"
}
}
}
}
]
root@storage:/apps/sup-docker-files $
sup:python-3.6-slim的Docker文件
# https://www.debian.org/releases/buster/ - Debian buster
FROM python:3.6-slim
# Installing the required packages
RUN apt-get update \
&& apt-get install -yq git \
&& apt-get autoremove \
&& apt-get clean \
&& rm -rf /var/lib/apt
# upgrading pip to latest version
RUN pip install --upgrade pip
我的Macbook上的相同设置运行正常,没有任何问题,并按预期完成了工作。
由于安全原因,我无法禁用selinux。
请帮帮我!
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)