Docker-in-Docker on Kubernetes

Run your native docker builds in Kubernetes

This is a solution for securely running container builds in docker while on Kubernenets.

Works great for securely running Jenkins workers in Kubernetes to perform Docker images builds!

Installation

Clone Repo

git clone https://github.com/se7enack/Docker-In-Docker-on-Kubernetes.git

Create PEMs

cd Docker-In-Docker-on-Kubernetes
./PemsToSecureDockerSock.sh

Add the pems to Kubernetes

# Run from the clientkeys directory
kubectl create configmap dind-ca.pem --from-file=ca.pem -n {POD NAMESPACE}
kubectl create configmap dind-cert.pem --from-file=cert.pem -n {POD NAMESPACE}
kubectl create configmap dind-key.pem --from-file=key.pem -n {POD NAMESPACE}

# Run from the serverkeys directory
kubectl create configmap dind-server-cert.pem --from-file=server-cert.pem -n {POD NAMESPACE}
kubectl create configmap dind-server-key.pem --from-file=server-key.pem -n {POD NAMESPACE}

Create Persistent Volume Claim for the Docker Pod Cache

cd ..
# Edit the yaml below to reflect your namespace
kubectl apply -f ./CreatePVC.yaml

Create Secure Docker-in-Docker Pod

# Edit the yaml below to reflect your namespace
kubectl apply -f ./SecureDockerPod.yaml

Create a Build Pod to use the Secure Docker-in-Docker

# Edit the yaml below to reflect your namespace, build pod image, and FQDN of your docker pod
kubectl apply -f ./BuildPodExample.yaml

• Note that you will need docker installed on your build pods image.