如何在现有Jenkins主从VM环境中配置Docker搭建CI/CD流水线?
2026-5-25
Hey there, let’s break down exactly how to set up your CI/CD pipeline using your existing Jenkins master and Ubuntu slave nodes—no need to run Jenkins itself in a container. I’ll walk you through each step clearly, from prepping your slaves to writing the pipeline script.
1. Prep Your Ubuntu Slave Nodes
First, make sure each slave has Docker installed and that the Jenkins user can interact with it without sudo:
- Install Docker on each Ubuntu slave:
sudo apt update && sudo apt install docker.io -y - Add the Jenkins user to the
dockergroup to grant permissions:sudo usermod -aG docker jenkins - Restart Docker and the Jenkins agent (or reboot the slave VM) to apply the permissions:
sudo systemctl restart docker # Then restart the Jenkins slave agent service, or reboot the VM for good measure
2. Configure Jenkins Master: Tools & Credentials
Next, set up the necessary tools and secure credentials on your Jenkins master:
- Docker Tool Setup: Go to
Manage Jenkins→Global Tool Configuration. Find the Docker section, add a Docker installation (you can point it to the Docker path on your slaves, or let Jenkins manage a consistent version). - Add Credentials:
- GitHub Credentials: Navigate to
Manage Jenkins→Manage Credentials. Add either aUsername with passwordorSSH Username with private keycredential for your GitHub repo—save it with an ID you’ll reference later (e.g.,github-repo-creds). - Docker Registry Credentials: Add another credential for your image registry (Docker Hub or private repo) using
Username with password. Save it with an ID likedocker-registry-creds.
- GitHub Credentials: Navigate to
3. Tag Your Slave Nodes (Optional but Recommended)
To make it easy to target your Docker-capable slaves:
- Go to
Manage Jenkins→Manage Nodes and Clouds. - For each Ubuntu slave, click
Configure, then add a label likedocker-slavein the Labels field. This lets your pipeline explicitly run Docker steps on these nodes.
4. Create Your Pipeline & Jenkinsfile
Now build the pipeline itself:
- On Jenkins, create a new
Pipelineproject. - Under the Pipeline section, select
Pipeline script from SCM, choose Git, and enter your GitHub repo URL. Select the GitHub credential you created earlier. - Specify the path to your
Jenkinsfile(e.g.,Jenkinsfileif it’s in the repo root).
Here’s a sample Jenkinsfile that covers all your required steps—customize the values to match your setup:
pipeline { agent { label 'docker-slave' // Targets your tagged Ubuntu slaves } environment { DOCKER_REGISTRY = 'your-registry-url' // e.g., docker.io or your private repo URL IMAGE_NAME = 'your-app-image' IMAGE_TAG = "${BUILD_NUMBER}" // Use Jenkins build number as the tag, or a Git commit hash } stages { stage('Checkout Code') { steps { git credentialsId: 'github-repo-creds', url: 'https://github.com/your-username/your-repo.git' } } stage('Build Docker Image') { steps { script { // Build the image using the Dockerfile in your repo root docker.build("${DOCKER_REGISTRY}/${IMAGE_NAME}:${IMAGE_TAG}") } } } stage('Push to Image Registry') { steps { script { // Log in to the registry and push the image docker.withRegistry("https://${DOCKER_REGISTRY}", 'docker-registry-creds') { docker.image("${DOCKER_REGISTRY}/${IMAGE_NAME}:${IMAGE_TAG}").push() // Optional: Push a 'latest' tag too docker.image("${DOCKER_REGISTRY}/${IMAGE_NAME}:${IMAGE_TAG}").push('latest') } } } } // Optional: Add a test stage if you need to run tests in the container stage('Run Tests') { steps { sh "docker run --rm ${DOCKER_REGISTRY}/${IMAGE_NAME}:${IMAGE_TAG} npm test" // Adjust command to your test suite } } } post { always { // Clean up local images on the slave to save disk space sh "docker rmi ${DOCKER_REGISTRY}/${IMAGE_NAME}:${IMAGE_TAG} || true" sh "docker rmi ${DOCKER_REGISTRY}/${IMAGE_NAME}:latest || true" } } }
5. Test Your Pipeline
Click Build Now on your pipeline project, then check the console output to verify each stage works:
- Confirm code is pulled from GitHub correctly
- Check that the Docker image builds without errors
- Verify the image is pushed to your registry
- Ensure the post-build cleanup runs as expected
Key Tips to Avoid Headaches
- Docker Daemon Access: If you get "permission denied" errors with Docker, double-check that the Jenkins user is in the
dockergroup and that the Docker daemon is running on the slave. - Network Access: Make sure your slaves can reach GitHub and your Docker registry—check firewall rules or security groups if connections fail.
- Disk Space: Docker images can eat up disk space fast. The post-build cleanup helps, but you might also want to set up a periodic job to prune unused images/containers on slaves.
内容的提问来源于stack exchange,提问作者Govind Kalyankar
