Closed tigerblue77 closed 1 year ago
Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.
Pretty sure it's needed for docker-in-docker, a more precise search term to see if it's possible
Seems that you are right, I didn't know that, but they quote an alternative which seems interesting. But I don't know anything about all this stuff
That's for building docker images inside a docker container. Kasm runs containers inside of its container.
Okay well, perhaps there are other ways to do this? My goal is to run this container on a Docker Swarm setup and avoid security risks brought by running in privileged mode.
@tigerblue77 the purpose of this container is to allow someone to spinup a Kasm Workspaces installation inside of a single docker container without polluting their underlying host.
In the end the application is files stored on disk for settings and a docker compose configuration. They support a native installation method: https://www.kasmweb.com/downloads I would highly recommend looking at that installation method in a VM, how it installs, runs, and manages itself. https://www.kasmweb.com/docs/latest/index.html
As for this specific container it will never run in an unprivileged mode, you might be able to cobble something together using alternative container platforms, but it will more than likely break it and we as an organization only ever test containers running on Docker and containerd.
@thelamer okay, thanks for that explanation. Of course I was not talking about using something else than Docker.
Is this a new feature request?
Wanted change
Remove the need to run this Docker container in privileged mode
Reason for change
Running privileged containers is a bad practice and cannot be done in Docker Swarm mode.
Proposed code change
This docker compose file is almost working :
But gives me the following errors :
Ran the following command in my Docker host to find this "GLIBC" library :
but found nothing.