Shared node - hide containers from other users


Here is my situation : I would like to replace the Vmware infrastructure by the docker infrastructure, in order to reduce the final price for customers (licensing). So, I would like to install docker directly on physical Ubuntu machines, in order to register them as physical nodes.
I’ve tested rancher for a while and it seems to be really great for IT administrators. I would also like to provide a minimalist rancher interface for customers, so they can just view, start, and stop their containers.

As I would like to reduce costs for customer, I want the node server to be shared between customer. The problem I have is that, when a node is shared, each container on it can be managed by every customer that has at least one container on that node. It means a customer can view, stop and start containers of other containers, which is not acceptable.

We cannot provide one node per customer. In this situation it will require virtualization infrastructure (I don’t want) or one physical server per customer (which is too expansive for the final customer, which maybe only need one little application).

Is it possible to create a new kind of user (equivalent of restricted user but only for its containers) ? Or maybe just lock the “host page” for this kind of user…

Please make an enhancement request at Github for this user type.

Ok thanks,

Here is the link of the post :