Jenkins All in Docker 1

(this post if part of the material I cover in my devops course)

This post is based on these instructions.

How to run everything in docker containers

We are using a unique configuration, where the Jenkins controller+agent are running in a docker container. The basic Jenkins image we can use is jenkins/jenkins image. The problem with this image is thast the Jenkins agent included cannot run docker containers. So if a pipeline uses a docker agent, Jenkins cannot run it directly.
The solution is to do 2 things (everything in orange in the image):

  1. add another container, used as a docker daemon (so it will be a docker-in-docker container). We can use a docker-in-docker container, based on the docker:dind image.
  2. Add a docker client (so docker cli) to the jenkins controller. To do that we'll have to build a new image, based on Jenkins but adding docker cli.

This is how it all looks:

docker in docker Jenkins
.
For my personal case, I an running all of this in a single Ubuntu virtualbox machine. I then use the Firefox in this machine to browse to Jenkins.

Install Docker

If docker is not installed yet, install it as described here.
Installation instruction can sometimes be misleading, and I learned that what I really need is the docker engine (not the Docker desktop).
The system I use is Ubuntu.

Create a docker network

This is the docker network where Jenkins and the dind containers will be talking to each other.
Create a docker bridge network by using this command:

1docker network create jenkins

You can verify this by using:

1docker network ls

Run a docker:dind container

Let's test this docker:dind image:

  • run a container from the image like that:
 1docker run \
 2  --name docker-in-docker \
 3  --detach \
 4  --restart always \
 5  --privileged \
 6  --network jenkins \
 7  --network-alias docker \
 8  --env DOCKER_TLS_CERTDIR=/certs \
 9  --volume jenkins-docker-certs:/certs/client \
10  --volume jenkins-data:/var/jenkins_home \
11  --publish 2376:2376 \
12  docker:dind \
13  --storage-driver overlay2
  • Note the --network-alias docker parameter we gave it.
    It means that throughout the jenkins network, the name docker will be used as an alias to the ip address of the container, and the Jenkins container will use it to find the dind container.

Test the docker:dind container

  • The docker-in-docker container we just ran is an amazing one.
    It can run containers withing it!
    Here's a demonstration of exec into it and running a python container:
 1osboxes@osboxes:~/Documents/jenkins/0-install$ docker exec -it docker-in-docker /bin/sh
 2/ # 
 3/ # docker run -it python sh
 4# 
 5# python
 6Python 3.12.1 (main, Dec 19 2023, 20:14:15) [GCC 12.2.0] on linux
 7Type "help", "copyright", "credits" or "license" for more information.
 8>>> exit()
 9# exit
10/ # 
11/ # exit
12osboxes@osboxes:~/Documents/jenkins/0-install$ 
  • I have tried this before, so that the python image was already there.

In the next post we'll create a jenkins image and container that'll use this one to run docker containers for its pipelines.