uml-docker is a proof of concept (PoC) demonstrating how to compile and run the Linux kernel in User-Mode Linux (UML) so that it can run Docker — all without requiring root privileges.
A statically linked single-binary Linux kernel running in user mode, capable of running the Docker daemon (dockerd) inside the UML environment.
- Build the kernel by simply running ./build.sh. The compiled kernel binary will be available at out/linux. (no root required, so I use rootless podman)
- On first boot, the system creates an Ubuntu-based root filesystem under
$pwd/data/rootfs.img. - Docker is automatically installed inside the root filesystem.
- OpenSSH server runs inside UML.
- Host TCP port 5022 is forwarded to port 22 (SSH) inside the UML.
- Root user has no password set (empty password).
- SSH access allows you to run Docker commands remotely inside UML.
- Build the kernel:
./build.sh
- Start UML (example):
./out/linux
- Connect to Docker inside UML over SSH:
Note: Currently, 127.0.0.1 does not work for SSH connections. Use your real IP address instead.
DOCKER_HOST=ssh://root@<your-ip>:5022 docker run -it alpine
or simply use a prebuild docker image (so you run a container that runs a uml that can run docker, useful? unlikely!)
# mount a data dir, so you do not need to recreate the rootfs
podman run -it -p 5022:5022 -v ./data/:/data ghcr.io/codemaker219/uml-docker:latest
- Linux host with User-Mode Linux support.
- Internet access to build the root filesystem.
tbd