Reading Room | Projects | Cloudwatch-AI LIVE Demo | Contact

Running Docker remotely on kali Linux

Occasionally, running Docker locally may not be feasible due to various reasons, such as requiring a different architecture. In such cases, setting up a Docker server on Kali Linux can be a viable solution. Docker operates in a client-server model, allowing us to establish a Docker server on Kali Linux in the following manner.

On the server side (Kali Linux)

└─$ sudo systemctl status docker                                     
● docker.service - Docker Application Container Engine
     Loaded: loaded (/lib/systemd/system/docker.service; enabled; preset: enabled)
     Active: active (running) since Sat 2023-06-10 09:51:40 EDT; 2h 38min ago
TriggeredBy: ● docker.socket
   Main PID: 94373 (dockerd)
      Tasks: 11
     Memory: 924.2M
        CPU: 2min 19.742s
     CGroup: /system.slice/docker.service
             └─94373 /usr/sbin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

Notice the line: Loaded: loaded (/lib/systemd/system/docker.service; enabled; preset: enabled)

ExecStart=/usr/sbin/dockerd -H tcp:// -H fd:// --containerd=/run/containerd/containerd.sock $DOCKER_OPTS
sudo systemctl restart docker

Note: you might need to run systemctl daemon-reload

On the client side

export DOCKER_HOST=tcp://<IP_ADDRESS>:2375
% docker info
 Context:    default
 Debug Mode: false
  buildx: Docker Buildx (Docker Inc., v0.8.2)
  compose: Docker Compose (Docker Inc., v2.6.1)
  extension: Manages Docker extensions (Docker Inc., v0.2.7)
  sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc., 0.6.0)
  scan: Docker Scan (Docker Inc., v0.17.0)

 Containers: 2
  Running: 0
  Paused: 0
  Stopped: 2
 Images: 7
 Server Version: 20.10.23+dfsg1
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: systemd
 Cgroup Version: 2
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runtime.v1.linux runc io.containerd.runc.v2
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 1.6.18~ds1-1+b2
 runc version: 1.1.4+ds1-1+b3
 init version: 
 Security Options:
   Profile: default
 Kernel Version: 6.0.0-kali3-amd64
 Operating System: Kali GNU/Linux Rolling
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 1.927GiB
 Name: kali
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Experimental: false
 Insecure Registries:
 Live Restore Enabled: false

WARNING: API is accessible on without encryption.
         Access to the remote API is equivalent to root access on the host. Refer
         to the 'Docker daemon attack surface' section in the documentation for
         more information:

Note: This traffic is not encrypted. To encrypt it we will have to create certificates and establish trust.

By: Ahmed Abugharbia
Date: 06-10-2023