dockerbox

module
v0.0.0-...-aa2ce78 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 26, 2017 License: MIT

README

dockerbox

Container that runs a Docker daemon configured for running user code.

Currently it runs Docker in Docker with configuration that increases container isolation. It also adds extra iptables rules and makes it easy to add new IPs to block via config file.

The architecture is modular so new components can be added to augment the Docker daemon.

PLEASE CONTRIBUTE by adding any configuration I've missed that will further isolate/secure containers run by this Docker daemon.

Run in Docker

$ docker run -d -p 12375:2375 --privileged gliderlabs/dockerbox
$ DOCKER_HOST=tcp://127.0.0.1:12375 docker ps

Run on Kubernetes

Should be run as a Daemon Set but feel free to run however. Working manifest in run:

$ kubectl apply -f run/dockerbox.yaml

Now a headless service is available to use, typically via DNS. A container running in Kubernetes with a Docker client can do:

$ DOCKER_HOST=tcp://dockerbox.default.svc.cluster.local:2375 docker ps

Directories

Path Synopsis
app
dockerbox
dockerd
iptables
cmd
dockerbox
lib
subprocess

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.