Enabling root execution in repo2docker

I’d like to get feedback on a proposal / experiment.

Goal: I’d like to run our existing app for exploring interactive papers (https://o2r.info/results for a video) with repo2docker and BinderHub, ideally with only small changes. I hope that this way we can take advantage of the scheduling/scalability that BinderHub+Kubernetes offers.

Problem: Our Node.js-based app needs to execute Docker containers for internal workflows and the main feature: executing a scientific workflow in a container. It also needs full access to Docker to export images. The image is created by our service (akin to repo2docker) and it is only capable of executing the specific workflow and does not container Jupyter/RStudio etc.

Prototype: I have a little nbo2rproxy extension that demonstrates the usecase: https://github.com/o2r-project/nbo2rproxy
With these changes in repo2docker the prototype successfully executes a Docker container on the host, next to the container started by r2d. It does not have any resource restrictions yet, though that could be added. The Docker container does not do any networking yet, which might not be straightforward.

Security: Duh, this is a security problem of course! It this gives the container the rights to start other containers, though via r2d the mounts and resources are controlled at least. In my understanding, mounting the Docker Socket is less bad than running a container --privileged, but in the Binder use case this would allow a specific Binder to list and control other containers on the same pod, right? So that’s not good.

In my particular use case, I only allow only known users to execute specific workspaces. As we’re already executing arbitrary containers provided on our current platform, that’s not scaring me off yet. Happy about pointers what I am missing of course.

Further thoughts:

  • I have no idea if the “non-root” execution of Docker 19.03 might help here, though I suspect not. I did some quick tests with podman, but they failed (I’m not sure why, maybe a privileged container would work?): https://github.com/nuest/binder-podman
  • I have not tried to run this on BinderHub with Kubernetes! I expect trouble there, I guess.
  • Could it be possible to run only one nbxxproxy as root, but keep the jupyter user as it is?