@papi83dm: the "download faster" is really not a general rule to be honest. With more layers, if done correctly (e.g. with layers changing frequently on the bottom part), the pull of images can be only on the changed layers which is clearly faster than a 2 Gb single layer. So the rule is "it depends".
As the adage say "premature optimization is the root of all evil": start by an image that you can build, test and deploy efficiently (so you can add changes to your jenkins quickly) and which meet your goals. Then measure the download/build times and optimize from here.
USER root, do what you need as root, and then USER jenkins when you’re done. In a custom Dockerfile
FROM jenkins/inbound-agent:3077.vd69cf116da_6f-3-alpine-jdk11
USER root
RUN apk add --no-cache \
ca-certificates \
curl \
jq
USER jenkins
ENTRYPOINT ["/usr/local/bin/jenkins-agent"]source "docker" "jenkins-agent" {
# parent image
image = "jenkins/inbound-agent:3077.vd69cf116da_6f-3-alpine-jdk11"
# Persist image on local docker engine
commit = true
# Image metadatas
changes = [
"ENTRYPOINT [\"/usr/local/bin/jenkins-agent\"]",
"USER jenkins",
]
exec_user = "root"
}
build {
sources = ["sources.docker.jenkins-agent"]
provisioner "shell" {
inline = ["apk add --no-cache ca-certificates curl jq"]
}
post-processor "docker-tag" {
repository = "custom/agent"
tags = ["latest", "1.0.0"]
}
}
2 replies
Hi all, I am following the documentation on how to install Jenkins with docker (https://www.jenkins.io/doc/book/installing/docker/) and I got an error while building the Jenkins image, at plugins installation:
Step 8/8 : RUN jenkins-plugin-cli --plugins "blueocean:1.25.8 docker-workflow:521.v1a_a_dd2073b_2e"
---> Running in 94f2d09719fc
Unable to create plugin directory: '/usr/share/jenkins/ref/plugins', supply a directory with -d <your-directory>There seems to be a problem with the directory ownership but I don't know why I have this error on this machine while it is working on another one of mine. Maybe some docker global configuration ? Do you have any idea where it can come from ?
/usr/share/jenkins/ is expected to be owned by the UID 1000 inside the image. It should not be a data volume so I wonder why there is this error. Do you mind sharing your Dockerfile ?
FROM jenkins/jenkins:2.375.1-jdk11
USER root
RUN apt-get update && apt-get install -y lsb-release
RUN curl -fsSLo /usr/share/keyrings/docker-archive-keyring.asc \
https://download.docker.com/linux/debian/gpg
RUN echo "deb [arch=$(dpkg --print-architecture) \
signed-by=/usr/share/keyrings/docker-archive-keyring.asc] \
https://download.docker.com/linux/debian \
$(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list
RUN apt-get update && apt-get install -y docker-ce-cli
USER jenkins
RUN jenkins-plugin-cli --plugins "blueocean:1.25.8 docker-workflow:521.v1a_a_dd2073b_2e"/usr/share/jenkins/ref belongs to root:root
Gthevampire_gitlab (Gerome):
docker run -it --rm jenkins/jenkins:2.375.1-jdk11 ls -ltd /usr/share/jenkins/ref
drwxr-xr-x 1 jenkins root 4096 Nov 30 11:07 /usr/share/jenkins/refthats so weird, i don't see why it would be root
with this Dockerfile:
FROM jenkins/jenkins:2.375.1-jdk11
USER root
RUN apt-get update && apt-get install -y lsb-release
RUN curl -fsSLo /usr/share/keyrings/docker-archive-keyring.asc \
https://download.docker.com/linux/debian/gpg
RUN echo "deb [arch=$(dpkg --print-architecture) \
signed-by=/usr/share/keyrings/docker-archive-keyring.asc] \
https://download.docker.com/linux/debian \
$(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list
RUN apt-get update && apt-get install -y docker-ce-cliAnd with userns-remap set in /etc/docker/daemon.json I get:
$ docker run -it --rm myjenkins-blueocean:2.375.1-1 ls -ltd /usr/share/jenkins/ref
drwxr-xr-x 1 root root 4096 Nov 30 11:07 /usr/share/jenkins/ref
$ docker run -it --rm jenkins/jenkins:2.375.1-jdk11 ls -ltd /usr/share/jenkins/ref
touch: cannot touch '/var/jenkins_home/copy_reference_file.log': Permission denied
Can not write to /var/jenkins_home/copy_reference_file.log. Wrong volume permissions?interesting, gotta try to reproduce then.
Please note that the error /var/jenkins_home/ is related to the volume itself (and is another concern, but unrelated).
- Try with the command
docker run -it --rm --entrypoint='' jenkins/jenkins:2.375.1-jdk11 ls -ltd /usr/share/jenkins/refagain? - Open an issue on github.com/jenkinsci/docker with these elements to allow us reproducing?
4 replies
the jenkins user.
jenkinsci/inbound-agent of course, and add your custom HEALTHCHECK (https://docs.docker.com/engine/reference/builder/#healthcheck) dockerfile's instruction
background is that Docker Engine executes the healthcheck inside* the container so it requires the image to have the required binaries used by the healthcheck, while other system run the healthcheck from outside** the container.
- What do you want to check for?
- What kind of kubernetes probe do you want to use: liveness or readiness?
latest of https://hub.docker.com/r/jenkins/inbound-agent/tags has been downgraded to 4.10-3 - was that intentional?
2 replies
We are building the Jenkins docker image by referring to the code below. https://github.com/jenkinsci/docker
The build is successful using the make tool, but running the docker image results in an error in the jenkins.sh file. The error message is as follows:
: invalid option:02 /bin/bash: -Docker Execute Commands (use local image):
docker run --name my-jenkins -d -p 8087:8080 --restart=on-failure -v jenkins_home:/var/jenkins_home jenkins/jenkins:2.356-centos7Development Environment:
windows11, git-bash, make, jq, curl, docker-desktop
docker run command that you provided works just fine. Running that old a weekly version means that you're running with a known security vulnerability, but it does run for me and does not report any invalid option message.
1 reply
