Private Docker Environment for Each Users using Docker in Docker / DIND

Docker is an open-source platform that automates the deployment, scaling, and management of applications using containerization. Containers are lightweight, portable, and self-sufficient units that include everything needed to run a piece of software, including the code, runtime, libraries, and system tools. This ensures that the application runs consistently across different environments.

Key features of Docker:

Portability: Containers can run on any system that supports Docker, ensuring consistent environments across development, testing, and production.
Isolation: Each container runs in its own isolated environment, which helps in avoiding conflicts between applications.
Efficiency: Containers share the host system’s kernel, making them more lightweight and faster to start compared to traditional virtual machines.

Docker is widely used for:

Simplifying configuration
Code pipeline management
Improving developer productivity
Enabling microservices architecture

Daftar isi

What is Docker in Docker?

Docker in Docker (DinD) is a technique that allows you to run Docker within a Docker container. It enables you to create a nested Docker environment, where you can build and run Docker images inside another Docker container. This can be useful in scenarios where you need to isolate and test Docker-related workflows or when you want to simulate a multi-node Docker environment.Docker in Docker (DinD) is a technique that allows you to run Docker within a Docker container. It enables you to create a nested Docker environment, where you can build and run Docker images inside another Docker container. This can be useful in scenarios where you need to isolate and test Docker-related workflows or when you want to simulate a multi-node Docker environment.

Here is a table comparing docker with dind.

| Feature        | Docker                      | DIND (Docker-in-Docker)            |
|----------------|-----------------------------|------------------------------------|
| Isolation      | Uses host OS kernel         | Uses nested Docker engine          |
| Performance    | Native performance          | Slightly slower                    |
| Resource Usage | Shares host resources       | Requires additional resources      |
| Portability    | Runs on any OS              | Requires Docker installed          |
| Use Cases      | Containerization            | Testing and CI/CD pipelines        |
| Complexity     | Easier to set up and manage | More complex configuration         |
| Security       | Potential security risks    | Enhanced security                  |
| Scalability    | Limited by host resources   | Scalable with additional resources |
| Maintenance    | Regular Docker updates      | Additional DIND updates            |

Prerequisite

Docker installed is required for using docker in docker

Autoinstaller Docker Ubuntu

Run DinD Container

This command runs a Docker-in-Docker container in the background with elevated privileges, disables TLS, ensures it restarts automatically, and names the container dind.

docker run -d --name dind -e DOCKER_TLS_CERTDIR="" --privileged --restart always docker:dind

Explanation:

docker run: This command is used to create and start a new Docker container.
-d: This flag runs the container in detached mode, meaning it runs in the background.
–name dind: This option assigns the name dind to the container. You can use this name to reference the container in subsequent Docker commands.
-e DOCKER_TLS_CERTDIR=””: This sets an environment variable inside the container. Here, DOCKER_TLS_CERTDIR is set to an empty string, which disables TLS (Transport Layer Security) for Docker.
–privileged: This flag gives the container elevated privileges. It allows the container to access all devices on the host and perform various administrative tasks. This is necessary for Docker-in-Docker to function properly.
–restart always: This option ensures that the container will always restart if it stops or if the Docker daemon restarts. This is useful for ensuring high availability.
docker:dind: This specifies the Docker image to use. docker:dind is the official Docker-in-Docker image.

Create New User for DinD

Create new user with passwd

adduser tkjpedia
<enter passwd>

Add tkjpedia user to docker group

usermod -aG docker tkjpedia

make sure tkjpedia user can access the docker environment

su - tkjpedia
docker ps

Modify tkjpedia’s .bashrc

modify tkjpedia /home/tkjpedia/.bashrc, add this 2 line in the end

docker exec -it dind sh
exit

Test it

Try to login using tkjpedia user. when you logged in, you dirrectly logged in to docker in docker, no access to host vm. when you type exit, you will disconnect from server (no access to host).

docker dind: