Is it safe running docker inside a unprivileged container?

[gmbeniamin]

We are working with some software that requires Docker to run. Two years ago when we started using Promox we had no clue how to make Docker work with LXC. There were many threads covering the configuration but we were scared because most of the messages were "but be careful". At least this what we noticed. We do not want to put our infrastructure in danger. This is why we started using VMs but with the recent problems regarding losing master credentials and resource consumption we decided to start using Docker.

We are testing with one container. We selected the features tab and activated FUSE and NESTED. We are web development guys who work with PHP, JavaScript and some bash. We do not know if what we are doing is safe, especially because we want to use Docker in productions.

Is there anybody concerned about this subject that can give us some information about what we are doing wrong? That would be appreciated.

 

[Dominic]

This is why we started using VMs

Only VMs or VMs with Docker? Because using Docker im KVM VMs is what we recommend in the PVE administration guide.

 

[gmbeniamin]

Thank you for the response. We ended up switching back to VMs. It felt right. We know little about everything than runs under the hood. We love the proxmox GUI and are trying to master what we can in order to become more efficient. We are running game servers, web servers and containers for our projects.