docker in docker

I will walk you through the steps required to run docker in docker using three different methods.

Docker in Docker Use Cases

Here are a few use cases to run docker inside a docker container.

1.One potential use case for docker in docker is for the CI pipeline, where you need to build and push docker images to a container registry after a successful code build.

2.Building Docker images with a VM is pretty straightforward. However, when you plan to use Jenkins Docker-based dynamic agents for your CI/CD pipelines, docker in docker comes as a must-have functionality.

3.Sandboxed environments.

4.For experimental purposes on your local development workstation.

TABLE OF CONTENTS

1.Docker in Docker Use Cases

2.Run Docker in a Docker Container

3.Method 1: Docker in Docker Using [/var/run/docker.sock]

4.Key Considerations

5.FAQ’s

Run Docker in a Docker Container

There are three ways to achieve docker in docker:

1.Run docker by mounting docker.sock (DooD Method)

2.dind method

3.Using Nestybox sysbox Docker runtime

Let’s have a look at each option in detail. Make sure you have docker installed in your host to try this setup.

Method 1: Docker in Docker Using [/var/run/docker.sock]

What is /var/run/docker.sock?

/var/run/docker.sock is the default Unix socket. Sockets are meant for communication between processes on the same host. Docker daemon by default listens to docker.sock. If you are on the same host where Docker daemon is running, you can use the /var/run/docker.sock to manage containers.

For example, if you run the following command, it would return the version of docker engine.

curl --unix-socket /var/run/docker.sock http://localhost/version

Now that you have a bit of understanding of what is docker.sock, let’s see how to run docker in docker using docker.sock

To run docker inside docker, all you have to do it just run docker with the default Unix socket docker.sock as a volume.

For example,

docker run -v /var/run/docker.sock:/var/run/docker.sock \

  -ti docker

Just a word of caution: If your container gets access to docker.sock, it means it has more privileges over your docker daemon. So when used in real projects, understand the security risks, and use it.

Now, from within the container, you should be able to execute docker commands for building and pushing images to the registry.

Here, the actual docker operations happen on the VM host running your base docker container rather than from within the container. Meaning, even though you are executing the docker commands from within the container, you are instructing the docker client to connect to the VM host docker-engine through docker.sock

To test his setup, use the official docker image from the docker hub. It has docker the docker binary in it.

Follow the steps given below to test the setup.

Step 1: Start Docker container in interactive mode mounting the docker.sock as volume. We will use the official docker image.

docker run -v /var/run/docker.sock:/var/run/docker.sock -ti docker

Step 2: Once you are inside the container, execute the following docker command.

docker pull ubuntu

Step 3: When you list the docker images, you should see the ubuntu image along with other docker images in your host VM.

docker images

Step 4: Now create a Dockerfile inside test directory.

mkdir test && cd test

vi Dockerfile

Copy the following Dockerfile contents to test the image build from within the container.

FROM ubuntu:18.04

LABEL maintainer="Hobbs Zhao"

RUN apt-get update && \

    apt-get -qy full-upgrade && \

    apt-get install -qy curl && \

    apt-get install -qy curl && \

Build the Dockerfile

docker build -t test-image .