如何在Docker容器中运行Docker主机?

I have a Jenkins container running inside Docker and I want to use this Jenkins container to spin up other Docker containers when running integration tests etc.

我有一个运行在Docker中的Jenkins容器，我想在运行集成测试等时使用这个Jenkins容器来旋转其他Docker容器。

So my plan was to install Docker in the container but this doesn't seem to work so well for me. My Dockerfile looks something like this:

所以我的计划是在容器中安装Docker，但是这对我来说并不是很好。我的Dockerfile看起来是这样的:

FROM jenkins
MAINTAINER xxxx

# Switch user to root so that we can install apps
USER root

RUN apt-get update 

# Install latest version of Docker
RUN apt-get install -y apt-transport-https
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9
RUN sh -c "echo deb https://get.docker.com/ubuntu docker main > /etc/apt/sources.list.d/docker.list"
RUN apt-get update
RUN apt-get install -y lxc-docker

# Switch user back to Jenkins
USER jenkins

The jenkins image is based on Debian Jessie. When I start bash terminal inside container based on the generated image and do for example:

jenkins的图像是基于Debian Jessie的。当我基于生成的映像在容器中启动bash终端时，并执行以下操作:

docker images

I get the following error message:

我得到以下错误信息:

FATA[0000] Get http:///var/run/docker.sock/v1.16/images/json: dial unix /var/run/docker.sock: no such file or directory. Are you trying to connect to a TLS-enabled daemon without TLS?

I suspect that this could be because the docker service is not started. But my next problem arise when I try to start the service:

我怀疑这可能是因为docker服务没有启动。但当我尝试开始这项服务时，我的下一个问题出现了:

service docker start

This gives me the following error:

这给了我以下的错误:

mount: permission denied

I've tracked the error in /etc/init.d/docker to this line:

我跟踪了/etc/ initit中的错误。d /码头工人这一行:

mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup

So my questions are:

所以我的问题是:

How do I actually start a Docker host inside a container? Or is this something that should be avoided?
如何在容器中启动Docker主机?还是说这是应该避免的?
Is there something special I need to do if I'm running Mac and boot2docker?
如果我正在运行Mac和boot2docker，我需要做什么特别的事情吗?
Perhaps I should instead link to the Docker on the host machine as described here?
也许我应该像这里描述的那样链接到主机上的Docker ?

Update: I've tried the container as user root and jenkins. sudo is not installed.

更新:我已经尝试了容器作为用户根和jenkins。sudo没有安装。

2 个解决方案

#1

1.- The first container you start (the one you launch other one inside) must be run with the --privileged=true flag.

1。-您启动的第一个容器(您在其中启动的另一个容器)必须使用—privilege =true标志运行。

2.- I think there is not.

2。-我想没有。

3.- Using the privileged flag you don't need to mount the docker socket as a volume.

3所示。-使用特权标志，您不需要将docker套接字挂载为卷。

Check this project to see an example of all this.

检查此项目以查看所有这些的示例。

#2

A simpler alternative is to mount the docker socket and create sibling containers. To do this, install docker on your image and run something like:

一个更简单的替代方法是挂载docker套接字并创建同级容器。为此，在映像上安装docker并运行以下操作:

docker run -it -v /var/run/docker.sock:/var/run/docker.sock myimage

In the container you should now be able to run docker commands as if you were on the host. The advantage of this method is that you don't need --privileged and get to use the cache from the host. The disadvantage is that you can see all running containers, not just the ones the created from the container.

在容器中，您现在应该能够像在主机上一样运行docker命令。这种方法的优点是，您不需要——具有特权，并且可以从主机使用缓存。缺点是您可以看到所有运行的容器，而不仅仅是容器创建的容器。

#1