docker inside docker container

Question

I want to install docker inside a running docker container.

docker run -it centos:centos7

My base container is using centos, I can login to running container using docker exec . But when I try to install docker inside it using yum install -y docker it installs.

But somehow I can't start the docker service with docker -d & , it gives me error as:

INFO[0000] Option DefaultNetwork: bridge 
WARN[0000] Running modprobe bridge nf_nat br_netfilter failed with message: , error: exit status 1 
FATA[0000] Error starting daemon: Error initializing network controller: Error initializing bridge driver: Setup IP forwarding failed: open /proc/sys/net/ipv4/ip_forward: read-only file system

Is there a way I can install docker inside docker container or build image already having running docker? I have already seen these examples but none works for me.

The output of uname -r on the host machine:

[fedora@ ~]$ uname -r
4.2.6-200.fc22.x86_64

Any help would be appreciated.

Thanks in advance

Answer 1

Update

Thanks to https://stackoverflow.com/a/38016704/372019 I want to show another approach.

Instead of mounting the host's docker binary, you should copy or install a container specific release of the docker binary. Since you're only using it in a client mode, you won't need to install it as a system service. You still need to mount the Docker socket into the container so that you can easily communicate with the host's Docker engine.

Assuming that you got a base image with a working Docker binary (eg the official docker image ), the example now looks like this:

docker run\\ -v /var/run/docker.sock:/var/run/docker.sock\\ docker:1.12 docker info

---

Without actually answering your question I'd suggest you to read Using Docker-in-Docker for your CI or testing environment? Think twice .

It explains why running docker-in-docker should be replaced with a setup where Docker containers run as siblings of the "outer" or "base" container. The article also links to the original https://github.com/jpetazzo/dind project where you can find working examples how to run Docker in Docker - in case you still want to have docker-in-docker.

An example how to enable a container to access the host's Docker daemon look like this:

docker run\
  -v /var/run/docker.sock:/var/run/docker.sock\
  -v /usr/bin/docker:/usr/bin/docker\
  busybox:latest /usr/bin/docker info

Answer 2

If you are on Mac with Docker toolbox.

The below command WON'T WORK

docker run\
  -v /var/run/docker.sock:/var/run/docker.sock\
  -v /usr/bin/docker:/usr/bin/docker\
  busybox:latest /usr/bin/docker info

Because /var/run/docker.sock will not be on your OSX filesystem

the Docker daemon is running inside the boot2docker VM - and that's where the unix socket is.

So you have to run the container from boot2docker VM

$ docker-machine ssh default
$ docker run\ 
         -v /var/run/docker.sock:/var/run/docker.sock\ 
         -v $(which docker):/usr/bin/docker\ 
         busybox:latest /usr/bin/docker info
$ exit

This looks like Docker-in-Docker, feels like Docker-in-Docker, but it's not Docker-in-Docker, when this container will create more containers, those containers will be created in the top-level Docker.

Answer 3

You need the --privileged parameter.

By default, Docker containers are “unprivileged” and cannot, for example, run a Docker daemon inside a Docker container.

Source

Run your base image with the command docker run --privileged -it centos:centos7 bash . Then you may install and run another docker container inside that container.