I’m running Jenkins agent as a Kubernetes pod. But when I try to run a Pipeline Which tries to build a docker image, I’m getting the following error. “java.io.IOException: Cannot run program “docker” (in directory “/var/jenkins_home/workspace/samplefreestyle”): error=2, No such file or directory” Should I install docker inside a the kubernetes pod ?
Hi @rickyrich206 , Docker needs to component: the command line but also a Docker daemon.
Installing the first one is easy but you’ll end up scratching your head with the second.
I found this nice article: https://applatix.com/case-docker-docker-kubernetes-part-2/ (don’t hesitate to rad their first blog post as a prerequisite) explaining what could be done.
Be warned that running a Docker Engine inside a Kubernetes pod is dangerous as it allows full administrator access to the underlying Kubernetes node.
If you can afford running ephemeral VM as agents to handle Docker, that would be the safest way to go (VMs usually starts in 1 min in most cloud nowadays and Jenkins is able to spawn ephemeral agents to avoid reusing data from previous builds).
If you must stick to Kubernetes, then https://firecracker-microvm.github.io/ or https://katacontainers.io/ would be solution to enforce underlying isolation (so that the --privileged flag used to run Docker in Docker pods would not be a danger).