Thanks @paula, I got it working in the end, I had to combine both solutions.
I enabled the Buildkite-agent namespace during the AMI build, and increased theDOCKER_PRUNE_UNTIL to prevent the images from being deleted on startup.
This is how my shell provisioning script looks like now:
#!/usr/bin/env bash
set -o errexit
set -o nounset
sudo sh -c "echo 'export DOCKER_PRUNE_UNTIL=26280h' > /etc/profile.d/script.sh"
sudo chmod +x /etc/profile.d/script.sh
sudo cp /etc/docker/daemon.json /etc/docker/daemon.json.bak
sudo systemctl stop docker
DOCKER_CONFIG_TMP=$(mktemp)
sudo cp /etc/docker/daemon.json /etc/docker/daemon.json.bak
jq '. += {"userns-remap": "buildkite-agent"}' < /etc/docker/daemon.json > "${DOCKER_CONFIG_TMP}"
sudo mv "${DOCKER_CONFIG_TMP}" /etc/docker/daemon.json
cat <<EOF > /tmp/subuid
buildkite-agent:$(id -u buildkite-agent):1
buildkite-agent:100000:65536
EOF
sudo mv /tmp/subuid /etc/subuid
cat <<EOF > /tmp/subgid
buildkite-agent:$(getent group docker | awk -F: '{print $3}'):1
buildkite-agent:100000:65536
EOF
sudo mv /tmp/subgid /etc/subgid
sudo systemctl start docker
(
sudo su - buildkite-agent
docker pull softartdev/android-fastlane:30
)
sudo mv /etc/docker/daemon.json.bak /etc/docker/daemon.json
Thanks for all the help!