From 3215e8a87c26f4f09ff4c129641d8a725e8a71a6 Mon Sep 17 00:00:00 2001 From: Docker Library Bot Date: Thu, 4 Mar 2021 22:10:45 +0000 Subject: [PATCH] Run update.sh --- docker/README.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/docker/README.md b/docker/README.md index 4e77c4328..58f236981 100644 --- a/docker/README.md +++ b/docker/README.md @@ -263,6 +263,21 @@ Some of these will not be supported based on the settings on the host's `dockerd For more information about using the experimental "rootless" image variants, see [docker-library/docker#174](https://github.com/docker-library/docker/pull/174). +**Note:** just like the regular `dind` images, `--privileged` is required for Docker-in-Docker to function properly ([docker-library/docker#151](https://github.com/docker-library/docker/issues/151#issuecomment-483185972) & [docker-library/docker#281](https://github.com/docker-library/docker/issues/281#issuecomment-744766015)). For `19.03.x` rootless images, an argument of `--experimental` is required for `dockerd` ([docker/docker#40759](https://github.com/docker/docker/pull/40759)). + +Basic example usage: + +```console +$ docker run -d --name some-docker --privileged docker:dind-rootless +$ docker logs --tail=3 some-docker # to verify the daemon has finished generating TLS certificates and is listening successfully +time="xxx" level=info msg="Daemon has completed initialization" +time="xxx" level=info msg="API listen on /run/user/1000/docker.sock" +time="xxx" level=info msg="API listen on [::]:2376" +$ docker exec -it some-docker docker-entrypoint.sh sh # using "docker-entrypoint.sh" which auto-sets "DOCKER_HOST" appropriately +/ $ docker info --format '{{ json .SecurityOptions }}' +["name=seccomp,profile=default","name=rootless"] +``` + ## Where to Store Data Important note: There are several ways to store data used by applications that run in Docker containers. We encourage users of the `docker` images to familiarize themselves with the options available, including: