Sign in Subscribe

Running Gemini-CLI in Docker

Ryan R

3 min read
Gemini Agent inside of a Jail on your computer

Command Line Interfaces (CLI) for AI coding tools have become popular. The most popular is Claude Code. I've dabbled in Claude Code, but I've focused on tools like Gemini-CLI and Opencode due to my current subscriptions.

Right now, there is somewhat a difference between these CLI's. However, I find that they tend to converge on the same solution over time. One day Claude Code leads. Another, Opencode or some other CLI dominates. But, the principles remain the same.

Each of these CLI interfaces relies on the Agentic framework for using LLM's for code generation. The overall process remains the same. The process being provide skills, plan your development, and take a step-wise approach to creating your application.

That being said, there are dangers in running these CLI's directly from your desktop. These CLI tools are powerful and can access everything from the browser to commands that can alter your computer's functionality. This is where Docker comes in.

Docker as a cage

Docker is on of a few services that provide a container. A container is a light-weight operating system that is self-contained. Essentially, you can run a full operating system (OS) like Linux and Windows as software on your desktop. This OS self-contained, meaning it doesn't know about the rest of your computers systems. It may have access to one folder or to the internet. But, that is up to you.

Docker provides a small cage that any piece of software can live in. It provides you a "contained" environment that you can safely test new code and not worry about far-reaching system changes.

This allows you to create software in a restricted OS. This restriction means that you can spool up an OS with all of your installs and delete it when you're done. No worries about installing things that might affect other programs. It also restricts code within the environment to within a well-defined box. That way if you try anything crazy, it is easily deleted and forgotten about.

AI CLI tools needs a cage

The power of CLIs are great, but they also provide a level of uncertainty. Letting an agent roam free on your operating system may change things on your system. Changes to your system you may not be aware of. This is dangerous with a system that has some level of intelligence.

To skirt this problem, you can run a Gemini-CLI for a Claude Code inside of a container, like Docker. This allows you to provide a well-contained box for the AI to operate in. Since a Docker container has an OS and file system, the only files affected should be within the OS you created. That way, the AI is restricted to the temporary OS you created. It cannot affect items on your main system.

Now, Docker can be somewhat intimidating. However, it has gotten easier over the years. Now, you can download a simple desktop program that manages these containers. And, the added layer of safety is well worth the trade-off of a few minutes of building a docker container. It keeps the AI contained within a well-defined box.

Put the AI in a jail cell

For an analogy, image putting an AI agent in jail. You are the owner of the jail. The AI has no choice but to eat the food you provide and follow the schedule you dictate. More so, it has limited visits that you dictate the rules of: Only friendly visitors within the hours of 9-5 on weekdays.

That's the power of Docker containers. You can spool up a container with an OS and download a CLI from one of the major players in the space. However, the Agent you use in the CLI is only able to modify files within the container. If internet access is required, you can allow it. If browser usage is needed, you can also allow that or restrict it.

This provides a safe, simple way to use CLI tools from major AI players. The worry of it finding you bank account or sending emails can be forgotten. The AI is within its own OS and knows nothing of your main computer.

For some practical info. All CLI tools from major AI players, like Google Gemini Claude Code, and Opencode, all have Docker installations. So, take the time to explore this idea, it'l give you a level of confidence in these tools and a freedom to experiment without the nagging feeling of danger.

Sign up for more like this.

Enter your email
Subscribe