Dockerized Android Running an Android Emulator inside Docker
Dockerized Android Running an Android Emulator inside Docker

Dockerized Android: Running an Android Emulator inside Docker

Dockerized Android is a container-based framework that allows to execute and Android Emulator inside Docker and control it through a browser.

This project has been developed in order to provide a starting point for integrating mobile security components into Cyber Ranges but it can be used for any purpose. Anyway, for development and testing purposes the project suggested is docker-android.

Dockerized Android Usage Presentation
Dockerized Android Usage Presentation

Introduction

As stated in the brief description above this project has been created in order to provide a starting point for the introduction of mobile security components into Cyber Ranges. For this reasons the features already developed and the ones that will be added in the feature will help the user to make easier to setup a realistic simulation (for example for security training). This README is quite long, maybe you just wanna skip to the “How to run” part.

Features

The following features are currently available:

"
"
  • Run an Android Emulator in Docker
  • Control the device through the web browser
  • Install applications
  • Enable port forwarding
  • Reboot the device
  • Emulate SMS
  • Use the terminal from the web browser
  • Attach also a physical device
  • Customize startup behaviour
  • Easily manage multiple instances

List of Docker images

Android VersionAPIImage
5.0.121secsi/dockerized-android-core-emulator-5.0.1
5.1.122secsi/dockerized-android-core-emulator-5.1.1
6.023secsi/dockerized-android-core-emulator-6.0
7.024secsi/dockerized-android-core-emulator-7.0
7.1.125secsi/dockerized-android-core-emulator-7.1.1
8.026secsi/dockerized-android-core-emulator-8.0
8.127secsi/dockerized-android-core-emulator-8.1
9.028secsi/dockerized-android-core-emulator-9.0
10.029secsi/dockerized-android-core-emulator-10.0
11.030secsi/dockerized-android-core-emulator-11.0
secsi/dockerized-android-core-bare
secsi/docker-android-core-real-device

The secsi/dockerized-android-core-bare does not download any system image and you may mount the folder on your host machine where you have all the SDK folders

How to Run

In order to see a full example on how to run the platform you may watch the docker-compose available in the examples directory. This directory contains three different configurations:

  • docker-compose-core: setup with a core for a real device;
  • docker-compose-emulator: setup with a core for an emulator;
  • docker-compose-instance-manager: setup with two different core and also the optional Instance Manager component.

Once you understood how it works you may change it to satisfy any needs you have.

Prerequisites

Docker and Docker Compose have to be installed on your machine.

OS compatibility

This platform behaves in different ways based on the host OS, here is a table that summarizes the current compatibility:

XLinuxWindowsOS X
Core for EmulatorFull compatibilityNot supported (yet)Not supported
Core for Real DeviceFull compatibilityFull compatibilityWorkaround

For Windows and OS X you have to use a Linux VM with nested virtualization.

To check if your Linux machine supports nested virtualization you may run the following commands:

sudo apt install cpu-checker
kvm-ok

OS X Workaround for Real Device

To use the Core for Real Device on OS X you may:

  • Use the adb of the host
  • Use wireless connection

For the wireless connection Google provides a simple tutorial. To connect to the host adb from within the container you have to manually enter inside the container and run:

"
"
adb -H host.docker.internal devices

Run

The commands to start using the framework are as follows:

  1. Firstly, choose a configuration found in the examples folder. For example:
cp ./examples/docker-compose-core.yml docker-compose.yml
  1. Run with docker-compose:
docker-compose up

More simply you can also use the command:

docker-compose -f ./examples/docker-compose-core.yml up

All that remains is to navigate through a browser at the following address http://127.0.0.1:8080 and set the current configuration:

Initial setup of Dockerized Android
Initial setup of Dockerized Android

If the Instance Manager was not used, click on Manual Setup and enter the following information:

  1. A name of your choosing for the instance;
  2. IP address of component core declared in docker-compose;
  3. Core port number (4242 by default);
  4. VNC port number (6080 by default).

If the Instance Manager is used, click on “Instance Manager” and just enter the IP address and its port number (for example, 193.21.1.100:7373).

That’s it! You can use the framework within the browser.

Build

You may also build the images yourself throught the scripts placed in the utils folder

Configuration

You may configure some features to customize the setup through ENV variables, the following table provides a list of all of them:

ComponentENV NameDefault valueDescription
CoreTARGET_PORT6080Websockify port
CoreCUSTOM_APP_DEFAULT_PORT4242Node.js backend port
CoreDEVICEINFOUnset, but behaves like trueEnables/Disables the device info feature
CoreTERMINALUnset, but behaves like trueEnables/Disables the terminal feature
CoreAPKUnset, but behaves like trueEnables/Disables the install APK feature
CoreFORWARDUnset, but behaves like trueEnables/Disables the port forward feature
CoreSMSUnset, but behaves like trueEnables/Disables the SMS emulation feature
CoreREBOOTUnset, but behaves like trueEnables/Disables the reboot feature
CoreINSTALL_ON_STARTUPfalseEnables/Disables the feature that allows to install all the apks placed in the/root/dockerized-android/apk folde
CoreENABLE_UNKNOWN_SOURCESfalseEnables the install from unknown sources
CoreREAL_DEVICE_SERIALunsetIf there is more than one physical device connected this value must be set to the serial of the device that has to be controlled otherwise all the other features won’t work
Instance ManagerDEFAULT_PORT7373Port of the REST API

The REAL_DEVICE_SERIAL variable is fundamental if there is more than one physical device attached because if missing nothing will work. Finally there is a list of exposed ports by each component:

ComponentPort #Description
Core5555ADB port
Core4242Node.js Backend
Core6080Websockify (for noVNC)
UI80Frontend
Instance Manager7373REST API
Dark Mode

dockerized-android (this link opens in a new window) by cybersecsi (this link opens in a new window)

A container-based framework to enable the integration of mobile components in security training platforms