Docker Community Forums

Share and learn in the Docker community.

Docker Rootless in Docker Rootless, It's possible?

For my job I would like to run Jenkins and Docker Rootless, all in a Docker Rootless installation.

I would like this because I need a secure environment as I do not inspect Jenkins pipelines

But when I run rootless docker in rootless docker, I get this error:

[rootlesskit:parent] error: failed to setup UID/GID map: newuidmap 54 [0 1000 1 1 100000 65536] failed: newuidmap: write to uid_map failed: Operation not permitted
: exit status 1

I have tried many actions but failed to get it to work. Anyone have a solution to do this, please?

Thanks for reading me, have a nice day!

With Docker all the containers are managed via the Docker Daemon. The Daemon controls all aspects of the container lifecycle.

Previous versions of Docker required that the Daemon started by user with root privileges. This required giving users full access to a machine in order to control and configure Docker. As a result, this exposed potential security risks.

Rootless Docker is a project from Docker that removes the requirement for the Docker Daemon to be started by a root. This creates a more secure environment.

In this scenario, you will learn how to deploy Rootless Docker from a low privileged user, and how user will be able to manage and control the containers running on the system.

Hello, first of all thank you for your reply.
So, if I run the “docker:dind” image in a rootless docker installation. That in this container I run an alpine image with the flag “–privileged”, in no case will this sub-container be able to do dangerous actions on the host machine