MAke sure the uidmap package is installed
Registers dockerd as systemd user unit
curl -fsSL https://get.docker.com/rootless | sh
docker context use rootless
Rootless Docker in rootful Docker
docker run -d --name dind-rootless --privileged \
docker:20.10-dind-rootless
Privileged container is required for:
Remote access to rootless Docker via secure TCP
export DOCKERD_ROOTLESS_ROOTLESSKIT_FLAGS="-p 0.0.0.0:2376:2376/tcp"
dockerd-rootless.sh \
--host tcp://0.0.0.0:2376 \
--tlsverify \
--tlscacert=ca.pem \
--tlscert=cert.pem \
--tlskey=key.pem
Remoting through SSH also works…
…but DOCKER_HOST must be set and available for user
Resource management requires cgroup v2
Container UID 0 is mapped to host UID of user
All other container UIDs are mapped to high UIDs
Rootless Podman is also a thing