In general, Docker agent is supposed to run in a local process (not in a docker container) and this local process is a layer between Prefect backend and a Docker Daemon. This agent polls the API for new flow runs, and if there are new flow runs scheduled to run, it then creates new flow runs and deploys those as Docker containers on the same machine as the agent.
When Docker agent is running within a container itself (rather than a local process), your flow runs end up deployed as container, but not as individual containers, but rather within the agent container. You effectively have a single agent container spinning up new containers within itself (docker in docker), which may have many unintended consequences.
If you want more environment isolation for this agent process, you can run it within a virtual environment. And if you’re super strict that every process must run in a container, check out the
KubernetesAgent instead.