Docker Community Forums

Share and learn in the Docker community.

How to restrict docker images to run on specific host machines and prevent access to underlying code?

(Tp53) #1

Hi Folks,

I have just started playing around with docker and running docker images.

I had a few docker questions and wanted your help with it:

Usecase :

Lets say i have created some ml(machine learning) models by training on some data.

I now want to distribute these models to run inference, by packaging the trained models and some python scripts, as a docker image.

These docker images will go to clients who should be able to start and stop the containers; however they should not be able to :

  1. Get to the content of the container image : the python scripts or the trained ml models

Given a docker image, can some determined person, get to the scripts & models contained in the docker image ?

If yes, how to prevent it ?

  1. Restricting this docker image to run on certain host(s) only :

If someone malicious, gets access to this docker image, is there a way to restrict the execution of this docker image, so that it can only run on authorized host machines & cant be run on unauthorized host machines ?

What’s the most effective method of achieving this/ distributing docker images to customers, so that it runs on only certain host machines and cant be reverse engineered to get to the underlying code and data(e.g. ml models) contained in the docker image ?

Thanks a ton,