I've created multiple DMG files from the same folder - checksum is different on each?

Copies of an existing dmg will be identical but separately created dmg files will not.

Effectively Guaranteed to Differ

The Apple Disk Image .dmg format effectively guarantees that no two disk images will be bit for bit identical. Equality between disk images containing the same contents is not a practical requirement of the format.

UUID within the 0x6B6F6C79 / koly Block

Within the dmg file format is the koly structure. This structure includes a SegmentID of type uuid_t. This is a 128 bit Universally Unique Identifier (UUID). The SegmentID identifier alone will ensure that every dmg file differs by more than one bit.

Using HFSleuth on the iTunes 11.0 disk image shows the embedded UUID:

HFSleuth> ver
Verbose output is on
HFSleuth> fs iTunes11.dmg
KOLY header found at 200363895:
    UDIF version 4, Header Size: 512
    Flags:1
    Rsrc fork: None
    Data fork: from 0, spanning 200307220 bytes
    XML plist: from 200307220, spanning 56675 bytes (to 200363895)
    Segment #: 1, Count: 1
    Segment UUID: 626f726e-7743259b-6086eb93-4b42fb65
    Running Data fork offset 0
    Sectors: 1022244

In the example above, the line Segment UUID: 626f726e-7743259b-6086eb93-4b42fb65 is a universally unique identifier embedded in the disk image.

One Bit Differences and Hash Functions

A difference in one bit should result in a 50% or more change in a cryptographic hash function output, such as SHA-2.

The use of a UUID within the structure is not to ensure every disk image is unique but to ease segment identification within the disk image. That a UUID provides uniqueness properties beyond the scope of the disk image is a by-product of the UUID's use.