• Steve Azzopardi's avatar
    Update DinD example for 19.03 · 283a289a
    Steve Azzopardi authored
    Docker 19.03 enables TLS by default:
    Starting in 18.09+, the dind variants of this image will automatically
    generate TLS certificates in the directory specified by the
    DOCKER_TLS_CERTDIR environment variable.
    Warning: in 18.09, this behavior is disabled by default (for
    compatibility). If you use --network=host, shared network namespaces (as
    in Kubernetes pods), or otherwise have network access to the container
    (including containers started within the dind instance via their gateway
    interface), this is a potential security issue (which can lead to access
    to the host system, for example). It is recommended to enable TLS by
    setting the variable to an appropriate value (-e
    DOCKER_TLS_CERTDIR=/certs or similar). In 19.03+, this behavior is
    enabled by default.
    Update the example to use docker over TLS.
using_docker_build.md 24 KB