Skip to content

Instantly share code, notes, and snippets.

@peterwwillis

peterwwillis/gist:e2b37e5dd502fd7ffc3833f56feade1e

Last active February 21, 2026 07:56
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save peterwwillis/e2b37e5dd502fd7ffc3833f56feade1e to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save peterwwillis/e2b37e5dd502fd7ffc3833f56feade1e to your computer and use it in GitHub Desktop.
Download ZIP
Installing and running Docker-in-Docker in a dedicated Colima VM on Ubuntu Linux 24.04, for AI agent work
Raw
gistfile1.md

Installing and running Docker-in-Docker in a dedicated Colima VM, for AI agent work

Colima creates a VM and sets up Docker inside it. This is a good command-line replacement for Docker Desktop.

Colima will keep persistent files in a different volume than the VM's root disk, so you can delete and recreate the root disk and your files are still there. This makes recovering from AI 'incidents' easy.

You can have multiple Docker contexts, one for "safe" work (in one VM), and one for "dangerous" AI work (different VM). The only real downside is a VM volume filling up with container images.

Your containers can access the local host's ports using hostname host.docker.internal.

Install Docker, Colima

Ubuntu 24.04

Install Docker

$ sudo apt update
$ sudo apt install apt-transport-https ca-certificates curl software-properties-common lsb-release
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
$ sudo chmod a+r /etc/apt/keyrings/docker.gpg
$ echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
$ sudo apt update
$ sudo apt upgrade
$ sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
$ sudo usermod -aG docker $USER
# NOTE:
#  - Reboot, or log out and log back in, to get Docker daemon access

Install Qemu

$ sudo apt install qemu-system-gui virt-top vde2 qemu-user-static qemu-system-x86

Install Colima (using mise)

$ sudo add-apt-repository -y ppa:jdxcode/mise
$ sudo apt update -y
$ sudo apt install -y mise
$ echo 'eval "$(mise activate bash)"' >> ~/.bashrc
$ eval "$(mise activate bash)"
$ printf "%s\n" "lima latest" "colima latest" >> .tool-versions
$ mise install

MacOS

Install Homebrew

$ bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"

Install Docker and Colima

$ brew install colima docker docker-buildx

Create a Colima VM, and mount in directories

$ colima start \
    --cpu 4 \
    --memory 4 \
    --disk 100 \
    --dns 1.1.1.1 \
    --dns 8.8.8.8 \
    --mount ~/git \
    --mount ~/ai-agent-1:rw \
    ai-agent-1

Run Docker in Colima

Check Docker contexts

$ docker context ls
NAME                  DESCRIPTION                               DOCKER ENDPOINT                                                                                  ERROR
colima *              colima                                    unix:///Users/peterw/.colima/default/docker.sock
colima-ai-agent-1     colima [profile=ai-agent-1]               unix:///Users/peterw/.colima/ai-agent-1/docker.sock
default               Current DOCKER_HOST based configuration   unix:///var/run/docker.sock

Select your AI docker context

$ docker context use colima-ai-agent-1
colima-ai-agent-1
Current context is now "colima-ai-agent-1"

Run Docker-in-Docker

Create a network

Create one network for all docker-in-docker containers to use:

$ docker network create -d bridge dind-lab

Container Networking option 1: Port-forwarding

On MacOS, with Colima, you must always use port forwarding for the docker-in-docker step.

Start docker-in-docker

Start DinD, pass through all ports from 8000 to 9000, and mount some directories.

$ docker run \
  -d \
  --privileged \
  --restart=always \
  --network dind-lab \
  --name dind \
  -e DOCKER_TLS_CERTDIR= \
  -v dind-lab-data:/var/lib/docker \
  -p 8000-9000:8000-9000 \
  -v $HOME/git:$HOME/git:ro \
  -v $HOME/ai-agent-1:$HOME/ai-agent-1:rw \
  docker:27-dind

Start agent container

Option 1. Explicit container pass-through
$ docker run \
  --rm \
  -it \
  --network dind-lab \
  -p 8000-9000:8000-9000 \
  -e DOCKER_HOST=tcp://dind:2375 \
  -v $HOME/git:$HOME/git:ro \
  -v $HOME/ai-agent-1:$HOME/ai-agent-1:rw \
  ubuntu:24.04 bash
Option 2. Non-explicit, VM-host-network
$ docker run \
  --rm \
  -it \
  --network dind-lab \
  -e DOCKER_HOST=tcp://dind:2375 \
  -v $HOME/git:$HOME/git:ro \
  -v $HOME/ai-agent-1:$HOME/ai-agent-1:rw \
  ubuntu:24.04 bash

Container Networking option 2: Host-networking

Pass through all networking to the host. This is dangerous: it allows the agent to perform network operations as if from your host machine, can conflict with your host's networking, and expose information from the container through your host's tcp/ip stack.

This does not work on MacOS with Colima, but may work with Docker Desktop.

Start docker-in-docker

Run Docker-in-Docker with host networking. This is insecure. Use TLS certs and authentication for a bit more security.

Explicitly passes the path to the Docker daemon for more safety, since with host networking, we're playing a dangerous game. May have to change port numbers to not conflict with Docker on your host.

$ docker run \
  -d \
  --privileged \
  --network host \
  --name dind \
  -e DOCKER_TLS_CERTDIR= \
  -v dind-lab-data:/var/lib/docker \
  -v $HOME/git:$HOME/git:ro \
  -v $HOME/ai-agent-1:$HOME/ai-agent-1:rw \
  docker:27-dind dockerd -H unix:///var/run/docker.sock -H tcp://127.0.0.1:2375

Run agent container

docker run \
  --rm \
  -it \
  --network dind-lab \
  -e DOCKER_HOST=tcp://127.0.0.1:2375 \
  -v $HOME/git:$HOME/git:ro \
  -v $HOME/ai-agent-1:$HOME/ai-agent-1:rw \
  ubuntu:24.04 bash

Links

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment