All Projects → marty90 → Multidocker

marty90 / Multidocker

Licence: apache-2.0
Creates a system where users are forced to login in dedicated independent docker containers.

Projects that are alternatives of or similar to Multidocker

Hands On Devops
A hands-on DevOps course covering the culture, methods and repeated practices of modern software development involving Packer, Vagrant, VirtualBox, Ansible, Kubernetes, K3s, MetalLB, Traefik, Docker-Compose, Docker, Taiga, GitLab, Drone CI, SonarQube, Selenium, InSpec, Alpine 3.10, Ubuntu-bionic, CentOS 7...
Stars: ✭ 196 (+833.33%)
Mutual labels:  docker-image, virtual-machine
Dockerpi
A Virtualised Raspberry Pi inside a Docker image
Stars: ✭ 1,064 (+4966.67%)
Mutual labels:  docker-image, virtual-machine
Hyperplatform
Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
Stars: ✭ 925 (+4304.76%)
Mutual labels:  virtual-machine
Sysbench Docker Hpe
Sysbench Dockerfiles and Scripts for VM and Container benchmarking MySQL
Stars: ✭ 14 (-33.33%)
Mutual labels:  virtual-machine
Docker Gitlab
Dockerized GitLab
Stars: ✭ 7,084 (+33633.33%)
Mutual labels:  docker-image
Max Inception Resnet V2
Identify objects in images using a third-generation deep residual network.
Stars: ✭ 25 (+19.05%)
Mutual labels:  docker-image
Burrow
https://wiki.hyperledger.org/display/burrow
Stars: ✭ 851 (+3952.38%)
Mutual labels:  virtual-machine
Dockerfiles Windows
Various Dockerfiles for Windows Containers
Stars: ✭ 920 (+4280.95%)
Mutual labels:  docker-image
Goquiet Shadowsocks Docker
A Docker image for Shadowsocks over GoQuiet
Stars: ✭ 21 (+0%)
Mutual labels:  docker-image
Awesome Virtualization
Collection of resources about Virtualization
Stars: ✭ 846 (+3928.57%)
Mutual labels:  virtual-machine
Enigma
An Erlang VM implementation in Rust
Stars: ✭ 877 (+4076.19%)
Mutual labels:  virtual-machine
Docker Oracle 12c R1
Oracle 12c Release 1 with web console and startup initdb
Stars: ✭ 8 (-61.9%)
Mutual labels:  docker-image
Owasp Zap Glue Ci Images
Ready to use images of Zap and Glue, especially for CI integration.
Stars: ✭ 25 (+19.05%)
Mutual labels:  docker-image
Phpqa
Docker image that provides static analysis tools for PHP
Stars: ✭ 853 (+3961.9%)
Mutual labels:  docker-image
Docker Images
Out-of-box Data Science / AI platform | AI/数据科学的瑞士军刀
Stars: ✭ 25 (+19.05%)
Mutual labels:  docker-image
Nano Nginx
Nano container with nginx preconfigured as reverse proxy
Stars: ✭ 15 (-28.57%)
Mutual labels:  docker-image
Hbc
API of homomorphic binary operations such as binary comparisons or binary divisions using the library HElib
Stars: ✭ 23 (+9.52%)
Mutual labels:  virtual-machine
Atmosphere
Atmosphere cloud platform
Stars: ✭ 7 (-66.67%)
Mutual labels:  virtual-machine
Dockerized lara
Build your Laravel App with Redis - Mongodb - MariaDB - Nginx - php7 - zsh
Stars: ✭ 9 (-57.14%)
Mutual labels:  docker-image
Postgresql Postgis Timescaledb
PostgreSQL + PostGIS + TimescaleDB docker image 🐘🌎📈
Stars: ✭ 19 (-9.52%)
Mutual labels:  docker-image

MultiDocker

This container creates a system where each new user is forced to login into an independent docker container. The obtained scenario is similar to a setup where each user is provided a virtual machine, but it is implemented with docker.

Each user has root access within her container and cannot access the physical machine nor other users' containers. Thus, this tool is useful to share a machine across different users that need to be root, but need to be isolated eachothers. Compared to per-user virtual machines, multidocker has few limitations: (i) users cannot interact with the kernel, (ii) users cannot create other users (only admin can).

Under the hood it leverages the key ideas of docker-in-docker and dockersh.

Warning: It has not been designed for being deployed in the wild, nor has been tested by independent auditors.

1. Run

Just run.

sudo docker run  -d --privileged --name multidocker martino90/multidocker

The --privileged flag is needed as new containers are spawned within this one. And ssh to the container with:

ssh [email protected]<IPADDRESS>

<IPADDRESS> is the containers's ip address. You can get it with:

 docker inspect --format '{{ .NetworkSettings.IPAddress }}' multidocker

Default password is toor. You may want to change it. Within the container, you are in a standard Ubuntu image with few packets already installed.

Note 1: You may want to run the container with the -p [external_port]:22 to make the docker reachable from outside your machine via ssh on the port [external_port].

Note 2: If you want to persist the home directory of users on you host machine, you can run the container with the -v <local_dir>:/home parameter. In this way, all the home dirs of users are saved in <local_dir>, and, if you kill and run again multidocker, the users will find their files in their home directory.

2. Add users

To add a user in the system, ssh as root to the container (see previous point), and type:

adduser_docker <USERNAME>

Alternatively you can run on the host:

docker exec -i multidocker adduser_docker <USERNAME>

This will create a new user. You have to specify the user's password. You can manipulate the created user with normal bash tool (e.g., deluser). adduser_docker is a simple macro that creates a user, and does some magic to force it to login in an independent container.

3. Connect as a user

To login as user in the system, ssh to the container:

ssh <USERNAME>@<IPADDRESS>

The user is prompted in its own docker container. The base image is ubuntu. This is an independent container, where the user can play and install whatever she wants. The user has almost the same freedom as in a virtual machine (few limitations are imposed by docker). You may want to add your ssh public key in ~/.ssh/authorized_keys to autologin in the shell.

You can logout from the shell, and then login again; the container is persistent!

4. Resume if the container stops

If the container stops for any reason (the host machine restarted, docker daemon crashed), you can restart multidocker with:

docker start multidocker

If this does not solve, the docker and ssh deamons might be down. Restart them with:

docker exec -d multidocker /opt/start_daemons.sh
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].