Official Repository

Last pushed: 5 days ago
Short Description
Docker in Docker!
Full Description

Supported tags and respective Dockerfile links

Quick reference

What is Docker in Docker?

Although running Docker inside Docker is generally not recommended, there are some legitimate use cases, such as development of Docker itself.

Docker is an open-source project that automates the deployment of applications inside software containers, by providing an additional layer of abstraction and automation of operating-system-level virtualization on Linux, Mac OS and Windows.

wikipedia.org/wiki/Docker_(software)

Before running Docker-in-Docker, be sure to read through Jérôme Petazzoni's excellent blog post on the subject, where he outlines some of the pros and cons of doing so (and some nasty gotchas you might run into).

If you are still convinced that you need Docker-in-Docker and not just access to a container's host Docker server, then read on.

How to use this image

Start a daemon instance

IMPORTANT: this image defaults to --storage-driver=vfs, which will be very slow and inefficient (but is the only driver which is guaranteed to work regardless of your underlying filesystem). Which driver you should use varies depending on your needs, but a good rule of thumb is that your DinD instance should be using the same driver as your host (which can be seen under Storage Driver in the output of docker info). See the "Custom daemon flags" section below for how to specify your storage driver.

$ docker run --privileged --name some-docker -d docker:stable-dind

Note: --privileged is required for Docker-in-Docker to function properly, but it should be used with care as it provides full access to the host environment, as explained in the relevant section of the Docker documentation.

This image includes EXPOSE 2375 (the Docker port), so standard container linking will make it automatically available to the linked containers (as the following examples illustrate).

Connect to it from a second container

$ docker run --rm --link some-docker:docker docker:edge version
Client:
 Version:      17.05.0-ce
 API version:  1.27 (downgraded from 1.29)
 Go version:   go1.7.5
 Git commit:   89658be
 Built:        Fri May  5 15:36:11 2017
 OS/Arch:      linux/amd64

Server:
 Version:      17.03.1-ce
 API version:  1.27 (minimum version 1.12)
 Go version:   go1.7.5
 Git commit:   c6d412e
 Built:        Tue Mar 28 00:40:02 2017
 OS/Arch:      linux/amd64
 Experimental: false
$ docker run -it --rm --link some-docker:docker docker:edge sh
/ # docker version
Client:
 Version:      17.05.0-ce
 API version:  1.27 (downgraded from 1.29)
 Go version:   go1.7.5
 Git commit:   89658be
 Built:        Fri May  5 15:36:11 2017
 OS/Arch:      linux/amd64

Server:
 Version:      17.03.1-ce
 API version:  1.27 (minimum version 1.12)
 Go version:   go1.7.5
 Git commit:   c6d412e
 Built:        Tue Mar 28 00:40:02 2017
 OS/Arch:      linux/amd64
 Experimental: false
$ docker run --rm --link some-docker:docker docker info
Containers: 0
 Running: 0
 Paused: 0
 Stopped: 0
Images: 0
Server Version: 17.03.1-ce
Storage Driver: vfs
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins: 
 Volume: local
 Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 4ab9917febca54791c5f071a9d1f404867857fcc
runc version: 54296cf40ad8143b62dbcaa1d90e520a2136ddfe
init version: 949e6fa
Security Options:
 seccomp
  Profile: default
Kernel Version: 4.4.63-gentoo
Operating System: Alpine Linux v3.5 (containerized)
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 31.4 GiB
Name: 393376fdc461
ID: FDP3:4GDT:L2WP:D4CC:UAW5:RHNA:4Z4G:WQYY:YWBE:7RER:LV7E:USY5
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false
$ docker run --rm -v /var/run/docker.sock:/var/run/docker.sock docker version
Client:
 Version:      17.05.0-ce
 API version:  1.28 (downgraded from 1.29)
 Go version:   go1.7.5
 Git commit:   89658be
 Built:        Fri May  5 15:36:11 2017
 OS/Arch:      linux/amd64

Server:
 Version:      17.04.0-ce
 API version:  1.28 (minimum version 1.12)
 Go version:   go1.8
 Git commit:   4845c56
 Built:        Thu Apr 27 07:51:43 2017
 OS/Arch:      linux/amd64
 Experimental: false

Custom daemon flags

$ docker run --privileged --name some-overlay-docker -d docker:dind --storage-driver=overlay

Where to Store Data

Important note: There are several ways to store data used by applications that run in Docker containers. We encourage users of the docker images to familiarize themselves with the options available, including:

  • Let Docker manage the storage of your data by writing to disk on the host system using its own internal volume management. This is the default and is easy and fairly transparent to the user. The downside is that the files may be hard to locate for tools and applications that run directly on the host system, i.e. outside containers.
  • Create a data directory on the host system (outside the container) and mount this to a directory visible from inside the container. This places the files in a known location on the host system, and makes it easy for tools and applications on the host system to access the files. The downside is that the user needs to make sure that the directory exists, and that e.g. directory permissions and other security mechanisms on the host system are set up correctly.

The Docker documentation is a good starting point for understanding the different storage options and variations, and there are multiple blogs and forum postings that discuss and give advice in this area. We will simply show the basic procedure here for the latter option above:

  1. Create a data directory on a suitable volume on your host system, e.g. /my/own/var-lib-docker.
  2. Start your docker container like this:

    $ docker run --privileged --name some-docker -v /my/own/var-lib-docker:/var/lib/docker -d docker:dind
    

The -v /my/own/var-lib-docker:/var/lib/docker part of the command mounts the /my/own/var-lib-docker directory from the underlying host system as /var/lib/docker inside the container, where Docker by default will write its data files.

Image Variants

The docker images come in many flavors, each designed for a specific use case.

docker:<version>

This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of.

docker:windowsservercore

This image is based on Windows Server Core (microsoft/windowsservercore). As such, it only works in places which that image does, such as Windows 10 Professional/Enterprise (Anniversary Edition) or Windows Server 2016.

For information about how to get Docker running on Windows, please see the relevant "Quick Start" guide provided by Microsoft:

License

View license information for the software contained in this image.

Docker Pull Command

Comments (12)
yp28
2 months ago

@syntecypher it's added as a virtual package on line 17, and deleted on line 42.

synthecypher
2 months ago

Any idea why curl is not available in 17.06.0 even though I can see it being added here?
https://github.com/docker-library/docker/blob/e68e4e6ec06c055a95d441144b0e34d0872f2665/17.06/Dockerfile

researchiteng
2 months ago

There are differences: DockerInDocker and DockerOutsideDocker
Practices for DockerInDocker in kubernetes.
https://applatix.com/case-docker-docker-kubernetes-part/ -> discussing why jpetazzo’s blog.
In part 2 (https://applatix.com/case-docker-docker-kubernetes-part-2/ presents both DinD DoutD options for kubernetes.

tobiaskuendig
5 months ago

I filed an issue on GitHub asking if curl could be added back to the image:
https://github.com/docker-library/docker/issues/57

curlcurl
5 months ago

Great idea to remove curl guys! No one uses this thing anyway... /s

kevishie
5 months ago

Why'd curl get removed?

montefuscolo
5 months ago

Could you make curl available again?

ymiroshnyk
2 years ago

How can I add sshd daemon int autostart to this image? The simple RUN apk add --update openssh && rc-update add sshd and then EXPOSE 22 doesn't work.