The docker master is where the docker server/engine daemon exists. There is strategic importance of maintaining a unique docker server in Build and Deployment during continuous release cycles, The docker clients such as the jenkins CICD server and other docker hosts connect to this master ensuring credibility and atomicity of the docker build process, And most of the times the Dynamic Docker agent from the jenkins build can connect to it and execute the docker builds.
The Docker master is the server where the build images are initially created when you run the docker build command during continuous build process.
To make a docker instance as the docker master you need to identify the following things.
Have an up to date docker daemon running with good amount of disk space for mount point /var/lib/docker.
Next up, In the file /etc/sysconfig/docker add the line OPTIONS="-H tcp://0.0.0.0:4243"
at the end of the file.
As this docker master is running on a Centos machine we have the filepath /etc/sysconfig/docker
.
But on Ubuntu/Debian the filepath location could be /etc/default/docker
And then restart docker daemon as follows:
[vamshi@docker-master01 ~]$ sudo systemctl restart docker
Confirm the changes with the ps command as follows:
[vamshi@docker-master01 ~]$ ps -ef | grep docker root 2556 1 0 16:09 ? 00:00:05 /usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current --default-runtime=docker-runc --exec-opt native.cgroupdriver=systemd --userland-proxy-path=/usr/libexec/docker/docker-proxy-current --init-path=/usr/libexec/docker/docker-init-current --seccomp-profile=/etc/docker/seccomp.json -H tcp://0.0.0.0:4243 --storage-driver overlay2
Connecting to Docker master from client on TCP
Now the changes we got to make on the docker client are as follows:
Make sure the docker daemon on client is stopped and disabled, the following command does them both at once:
[vamshi@jenkins01 ~]$ sudo systemctl disable docker --now
From the docker client, we should test and establish the connection to the docker server through tcp ip port 4243
[vamshi@jenkins01 ~]$ docker -H tcp://10.100.0.10:4243 version Client: Version: 1.13.1 API version: 1.26 Package version: docker-1.13.1-96.gitb2f74b2.el7.centos.x86_64 Go version: go1.10.3 Git commit: cccb291/1.13.1 Built: Tue Mar 3 17:21:24 2020 OS/Arch: linux/amd64 Server: Version: 1.13.1 API version: 1.26 (minimum version 1.12) Package version: docker-1.13.1-96.gitb2f74b2.el7.centos.x86_64 Go version: go1.10.3 Git commit: b2f74b2/1.13.1 Built: Wed May 1 14:55:20 2019 OS/Arch: linux/amd64 Experimental: false
Now that we have confirmed the successful connection from the client to the docker master server we can make the changes permanent, we shall export theĀ DOCKER_HOST to the system user profile.
Now on the docker client(here: our Jenkins server) with export of DOCKER_HOST as the environment variables.
[vamshi@jenkins01 ~]$ sudo sh -c 'echo "export DOCKER_HOST=\"tcp://10.100.0.10:4243\"" > /etc/profile.d/docker.sh'
Now we see the results as our docker client is able to connect to the master.
[vamshi@jenkins01 ~]$ docker version Client: Version: 1.13.1 API version: 1.26 Package version: docker-1.13.1-96.gitb2f74b2.el7.centos.x86_64 Go version: go1.10.3 Git commit: cccb291/1.13.1 Built: Tue Mar 3 17:21:24 2020 OS/Arch: linux/amd64 Server: Version: 1.13.1 API version: 1.26 (minimum version 1.12) Package version: docker-1.13.1-96.gitb2f74b2.el7.centos.x86_64 Go version: go1.10.3 Git commit: b2f74b2/1.13.1 Built: Wed May 1 14:55:20 2019 OS/Arch: linux/amd64 Experimental: false
You might generally face an error saying : Cannot connect to the Docker daemon at unix:///var/run/docker.sock
This is generally caused by not having privileges to access the /var/run/docker.sock
and the socket attributes being owned by the docker group is must. See https://linuxcent.com/cannot-connect-to-the-docker-daemon-at-unix-var-run-docker-sock-is-the-docker-daemon-running/ on changing the group ownership for unix:///var/run/docker.sock
The solution is to add your user to the docker group
# useradd -aG docker <username>
The best way to identify this issue is to run the docker info and docker version commands.
# docker version
The docker version command output has two sections.
The first section is describes Client information; which is your workstation.
The second part of the output describes about the server side information.
And here you can list out the
# docker version
Client:
Version: 1.13.1
API version: 1.26
Package version:
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
(or)
Cannot connect to the Docker daemon at tcp://<docker-server-ip>:4243. Is the docker daemon running?
Either of them can mean that the destined server is not running.
Ensure by running ps -ef | grep docker
# docker info
This presents the complete information about the docker system.
In case of a tcp connection outage or if the server is not running, this command doesn’t yield any output and the output describes the error details
Its is a best practice to have a docker group created on the server and have the user part of the docker group.
# sudo groupadd docker
And add the curent user as part of the docker group.
# sudo usermod -aG docker $USER