Docker Custom Build Environment with Docker in Docker

Written by: Nicolas De Loof
2 min read

So I was able to write a blog post with "Docker" 3 times in the title.

Docker Custom Build Environment is a Jenkins plugin I wrote some time ago (as "Oki Docki") and was renamed as it was mostly impossible for user to discover it searching for "docker" in the 1200+ plugins proposed by Jenkins update center.

I just released version 1.5, which introduce support for advanced usages, including Docker in Docker.

The plugin is designed to run the build inside a Docker container, just after the checkout completed. The container to run can be define by a Dockerfile stored in SCM aside project source code. So far I received feature requests and contributions for minor fixes or basic usage, but in the last months some advanced and interesting bugs / improvements have been logged into Jira : this demonstrate actual users running this plugin and asking for concrete use-cases.

One of them is about ability to configure build tool cache, for sample Maven or Ivy local repository, so the job won't download dependencies every time it is triggered. I introduces configurable volume settings in advanced section, so you can now bind mount your build executor directories in container. Used to share build tool cache, first build will populate the repository, next ones will benefit a provisioned artifact cache.

The second one is for build who use Docker to run test resources or such things. They require a docker daemon to run containers and bind mount files from the workspace. But as the build already run inside Docker, you can't just rely on the existing docker daemon. Docker in Docker is a popular solution to this problem, which require some advanced configuration and privileged mode. Plugin has been improved to let user configure such an advanced docker usage, and let you setup such a Russian doll architecture:

  • configure container to run in privileged mode (please consider twice the security impacts)

  • option to set the command used to start the container, which is used here to invoke the nested docker daemon setup script.

  • option to configure group for the user running build commands in container, which is used to acquire permissions to access the nested docker daemon.

I'm proud the plugin get user attention and interesting feedback, so it can evolve in the right direction to be useful in your toolbox.

Nicolas De Loof
Hacker
CloudBees

Stay up to date

We'll never share your email address and you can opt out at any time, we promise.