Docker Community Forums

Share and learn in the Docker community.

Non- Distributable Docker Image

docker

(Mwk088) #1

I am looking to deploy a docker image to a customer, however, I do not want the customer the ability to duplicate and distribute the image or committed container to other machines or clients. Is there a way to possibly tie a docker image or running container to a machine’s mac address? Does anyone else have any ideas?

Thanks

Mark


(David Maze) #2

You can’t do this. Docker doesn’t have the ability to prevent docker tag; docker push to send an image to a private registry, or docker save; docker load to copy an image offline. Also remember that anyone who can run any Docker command has unrestricted root access to their system; and the contents of /var/lib/docker aren’t that hard to dig into.

The closest you could get is the same you could get without Docker: make sure you use a compiled language (Go is popular these days, C/C++ will work well) and gate execution on something like a license key that, in principle, only your paying customers will have.


(Mwk088) #3

Hi David,

Thank you for the response. I will have to look into another method to limit the distribution of my docker image.

Please let me know if the docker developers intend to roll out a feature to tackle my problem.

Also, if anyone in the docker community has had the issue and overcame it, I would love to learn how it was done.

Thank you

Mark