0

Currently I use nomad with the docker driver for services and batch jobs.

I have a project which I can't simply use github/gitlab/circleci/etc to build the image because in order for the build to succeed it requires access to network resources that are otherwise private (i.e. no access from 3rd party platforms).

is there a way to build and push docker images using batch jobs?

The things I've tried and the issues I've run into:

  • exec: it's use of isolation primitives means it is not able to access the running docker daemon.
  • docker: via docker in docker, I was unable to get the docker container to access the host machine's daemon.
Zia
  • 2,735
  • 3
  • 30
  • 27
  • 1
    Your question is a bit too broad. If you are asking `s there an effective way` - what is an "effective" way? There is "a" way, I am building docker container from inside nomad jobs. And from Jenkins jobs run inside Nomad. Many of them. `I've run into issues not being able to access the docker` What issues _exactly_? Are you asking about _your issues_ or generally if it is possible at all? Please post your job specification and the error you are getting. – KamilCuk Oct 25 '22 at 16:25
  • using the `exec` driver I was running into issues with the docker socket not being reachable due to permissions. turns out the way around this issue is by using `raw_exec` to get around the isolation `exec` driver uses. If `raw_exec` does in fact work, I'll add an answer with details and also update the question to be clearer. Thanks! – Zia Oct 25 '22 at 17:32

1 Answers1

0

turns out raw_exec is the solution. here's an example task:

    task "worker-image" {
      driver = "raw_exec"

      artifact {
        source      = "git::git@my-org/my-repo.git"
        destination = "local/path"
        options {
          ref    = var.branch
          sshkey = var.ssh_key
        }
      }

      env {
        ENV              = var.env
        BUILD_DOCKERFILE = "local/path/Dockerfile"
        BUILD_IMAGE_NAME = var.image_name
        BUILD_CONTEXT    = "local/path/."
      }

      config {
        command = "/bin/bash"
        args = [
          "-xc",
          "docker build ${BUILD_CONTEXT} -f ${BUILD_DOCKERFILE} -t ${BUILD_IMAGE_NAME} --build-arg ENV=${ENV} && docker push ${BUILD_IMAGE_NAME}"
        ]
      }
    }

Note that I tried using a bash script (so command = "myscript.sh") but it didn't work as I kept getting a "docker build" requires exactly 1 argument. error even though I passed the arg and options via env vars (same as I do in the task example above which works, but doesn't in the script file).

Zia
  • 2,735
  • 3
  • 30
  • 27