As Docker continues to mature, many organizations are striving to run as much of their infrastructure as possible within containers. Of course, this investment results in a lot of docker-centric tooling for deployment, development, etc...

Given that, I think it makes a lot of sense for docker containers themselves to be built within other docker containers. Otherwise, you'll introduce a needless exception into your automation practices. Boo to that!

There are a few ways to run docker from within a container, but here's a neat way that leaves you with access to your host's local images: just mount the docker from your host system.

** note: in cases where arbitrary users can push code to your containers, this would be a dangerous thing to do **


docker run -i -t \
-v /var/run/docker.sock:/run/docker.sock \
-v $(which docker):/usr/bin/docker \
ubuntu:latest /bin/bash

apt-get install libapparmor-dev \
# docker-cli requires this library \
you could mount it as well if you like


Et voila!

http://linux-poetry.com/blog/section/mozilla/18/