I have Kubernetes running on my Macintosh computer and I'm trying to run a Jenkins image which has the ability to connect to the internal docker system and then spin up more docker images in order to be able to run jobs on them. So far I have not gotten it to work, and I was hoping that someone might be able to help.

The version of docker that I'm running is:

1. Docker Desktop 2.0.0.0-mac81 (29211) Stable
2. Engine 10.09.0

3. Kubernetes v1.10.3

   • I went from installing docker from a tar file to actually using apt-get
   • I have also tried adding the Jenkins user to the docker group which is created when docker is installed via apt-get

My Docker File

FROM jenkins/jenkins:lts

USER root

RUN apt-get update \
    && apt-get install -y \
    maven \
    vim \
    libunwind8 \
    gettext \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg2 \
    software-properties-common

RUN curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
RUN add-apt-repository \
    "deb [arch=amd64] https://download.docker.com/linux/debian \
    $(lsb_release -cs) \
    stable"
RUN apt-get update -qq \
    && apt-get install docker-ce -y

USER jenkins

and my deployment.yml

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: jenkins
  namespace: deployment-tools
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: jenkins
    spec:
      containers:
        - name: jenkins
          image: my/jenkins
          imagePullPolicy: Never
          env:
            - name: JAVA_OPTS
              value: -Djenkins.install.runSetupWizard=false
          ports:
            - name: http-port
              containerPort: 8080
            - name: jnlp-port
              containerPort: 50000
          volumeMounts:
            - name: jenkins-home
              mountPath: /var/jenkins_home
            - name: docker-socket
              mountPath: /var/run/docker.sock
      securityContext:
      # Specify fsGroup for pod, so that the persistent volume is writable for the non-privileged uid/gid 1000
        runAsUser: 1000
        fsGroup: 1000
      volumes:
        - name: jenkins-home
          hostPath:
            path: /Users/myUser/links/code/jenkins/filesystem
            type: Directory
        - name: docker-socket
          hostPath:
            path: /var/run/docker.sock
            type: File

I'm currently trying to access the subsystem by mounting my local filesystem docker socket, but it gives me this error:

myUser@mymac jenkins (master) $ kubectl exec -it jenkins-78689b8786-rjqf6 --namespace=deployment-tools -- /bin/bash
jenkins@jenkins-78689b8786-rjqf6:/$ docker images list
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.39/images/json?filters=%7B%22reference%22%3A%7B%22list%22%3Atrue%7D%7D: dial unix /var/run/docker.sock: connect: permission denied

and I was expecting it to not throw an error and return a list of the docker images that I've installed on my computer.