What I'm trying to do?
To have the current setup:
- Jenkins controller (aka master) running on a container.
- Jenkins agent (aka slave) running on a container.
- The agent should be able to run podman commands on the host machine.
What have I understood so far:
So... from all the back and forward try and error is:
- Podman on macOS is a VM, so I need to connect to it via SSH.
- I've tried to expose the SSH connection configuration (podman-machine-default-root/podman-machine-default) to the agent container, but I'm not sure if I am on the right path to get this sorted.
- Podman has a remote connection module.. so I have also tried to use that in the container agent with the same setup I have on the host machine... mounting the ssh key as a volume... and something like
podman --remote system connection add podman-machine-default-root --identity /root/.ssh/podman-machine-default ssh://[email protected]:50431/run/podman/podman.sock, which kind of works, if you run as root... but when running the job as the Jenkins user it kind of falls apart.
What I've tried?
Not sure if there's a better way to do this, but I've tried the following setup:
$ uname -a
Darwin 21.6.0 Darwin Kernel Version 21.6.0: Mon Dec 19 20:43:09 PST 2022; root:xnu-8020.240.18~2/RELEASE_ARM64_T6000 arm64
$ podman machine info
Host:
Arch: arm64
CurrentMachine: podman-machine-default
DefaultMachine: ""
EventsDir: /var/folders/rq/qy00w08s4zgcb2wyw_pnzzfd2yzr03/T/podman-run--1/podman
MachineConfigDir: /Users/{USER}/.config/containers/podman/machine/qemu
MachineImageDir: /Users/{USER}/.local/share/containers/podman/machine/qemu
MachineState: Running
NumberOfMachines: 1
OS: darwin
VMType: qemu
Version:
APIVersion: 4.5.0
Built: 1681478900
BuiltTime: Fri Apr 14 15:28:20 2023
GitCommit: 75e3c12579d391b81d871fd1cded6cf0d043550a
GoVersion: go1.20.3
Os: darwin
OsArch: darwin/arm64
Version: 4.5.0
$ podman system connection list
podman-machine-default ssh://core@localhost:50431/run/user/1173348355/podman/podman.sock /Users/{USER}/.ssh/podman-machine-default
podman-machine-default-root ssh://root@localhost:50431/run/podman/podman.sock /Users/{USER}/.ssh/podman-machine-default
podman-compose.yml
version: "3.8"
services:
jenkins:
image: jenkins/jenkins:latest-jdk11
container_name: jenkins
ports:
- 8070:8080
volumes:
- ./jenkins_home:/var/jenkins_home
networks:
- jenkins
restart: unless-stopped
agent:
image: custom-ssh-agent
privileged: true
user: root
container_name: agent
build:
context: ./agent
expose:
- 22
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- jenkins
restart: unless-stopped
env_file:
- ./agent/.env
networks:
jenkins:
agent/Dockerfile
FROM jenkins/ssh-agent:latest-jdk11
USER root
# install podman
RUN apt-get update \
&& apt-get install --no-install-recommends -y \
podman
USER jenkins
agent/.env
JENKINS_AGENT_SSH_PUBKEY=ssh-rsa AAA
References that I have read: