`--privileged` is needed to run the container inside a container.
e.g. https://www.docker.com/blog/docker-can-now-run-within-docker...
This is particularly useful for using Kubernetes to manage a cluster of instances.