How to Emulate Different Architectures in Docker

Mar 11, 2025    #docker   #containers   #pentesting   #security   #devops   #containerization   #redteam  

Introduction

When conducting security assessments or penetration tests involving containers, you’ll often encounter images built for different CPU architectures. For example, you might need to analyze an ARM64 container on your x86_64 laptop, or test an old x86 container on modern ARM-based hardware. This guide covers various methods to handle cross-architecture container analysis.

Understanding Architecture Emulation in Docker

Docker uses QEMU under the hood to enable cross-architecture support. QEMU is a generic machine emulator and virtualizer that allows running binaries built for one CPU architecture on a different one.

Common Architecture Combinations

Method 1: Docker’s Built-in Emulation

The most straightforward approach uses Docker’s built-in QEMU support:

docker run --privileged --rm tonistiigi/binfmt --install all

docker run --rm tonistiigi/binfmt --info

docker run --platform linux/arm64 -it ubuntu:latest

Security Considerations

Method 2: Using Virtual Machines

When emulation isn’t sufficient, especially for complex security testing:

QEMU-based VM Approach

sudo apt install qemu-system-arm qemu-efi-aarch64

wget https://cdimage.ubuntu.com/ubuntu-server/jammy/daily-live/current/jammy-live-server-arm64.iso

qemu-system-aarch64 -m 4096 -cpu cortex-a72 -M virt -bios /usr/share/qemu-efi-aarch64/QEMU_EFI.fd

Method 3: Building Multi-Architecture Images

For testing purposes, you can build images that support multiple architectures.

docker buildx create --name mybuilder --use

docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v7 -t myimage:latest .

Example Dockerfile for Multi-arch Support

FROM --platform=$TARGETPLATFORM ubuntu:latest
ARG TARGETPLATFORM
ARG BUILDPLATFORM

RUN echo "I'm building on $BUILDPLATFORM for $TARGETPLATFORM"

Advanced Testing Scenarios

Analyzing Architecture-Specific Vulnerabilities

docker run --platform linux/arm64 -it ubuntu:latest file /bin/bash

docker run --platform linux/arm64 -it ubuntu:latest strace /bin/ls

Performance Impact Analysis

time docker run --platform linux/amd64 alpine:latest sha256sum /bin/busybox
time docker run --platform linux/arm64 alpine:latest sha256sum /bin/busybox

Security Testing Tips

Troubleshooting Common Issues

“Exec Format Error”

This usually means emulation isn’t properly configured:

docker run --privileged --rm tonistiigi/binfmt --install all

Performance Issues



Next: Transferring Docker Images via SCP