Replies: 1 comment
-
|
I think the best way is run Jenkins as another user (or even another (virtual-)machine). According to my knowledge, there's no different between image and container in low level, there only have layers. If you familiar with systemd, you can modify Jenkins service, set Also note there is a |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
We are looking for a solution to strictly separate the storage of container images and the storage of containers.
We would like to use this in a build environment that consists of a Jenkins controller and several Jenkins agents. The Jenkins builds are executed locally as containers on the Jenkins agents. The container images are made available to all jenkins agents centrally via a shared image cache.
In storage.conf there are the parameters runroot=/run/containers/storage and graphroot=/var/lib/containers/storage
The hope was that image data would be stored only in the graphroot. And that container data would be stored only in the runroot.
So central image cache on Jenkins controller was mapped into each Jenkins agent container via mount "type=bind,src=/var/lib/containers/storage,target=/var/lib/containers/storage".
But we faced the problem that running Jenkins build resides in graphroot and get visible with "podman ps -a" on Jenkins controller. :-(
What is the best way to implement these requirement (local containers and shared images)?
Beta Was this translation helpful? Give feedback.
All reactions