0

How can I connect my local docker client to a remote docker host on my network?

I have a ubuntu server box on my local network on which I intend to setup my containers. However, at this point, I have to SSH into that box from my development box manually and then run the containers.

I attempted to set the $DOCKER_HOST environment variable on my development box and also ensured that the 2376 port is opened on the docker host box. But when I tried to run the docker commands, but I keep getting the message:

Cannot connect to the Docker daemon. Is the docker daemon running on this host?

P.S. Is there a way to configure my docker host to bind the docker server to a different hostname and port?

Improve this question
3
  • Exactly what did you do? Commented May 22, 2016 at 18:12
  • I have a Mac Developer box with Docker Toolbox installed. I am successfully able to run docker hosts created via docker-machine. I have another server box on my network which has docker installed on it. I am unable to configure the server box and my local docker client to connect to the docker daemon running on my server box and run containers. I tried to set the $DOCKER_HOST environment variable on my local box to point to the server box. But this is not working. Commented May 22, 2016 at 18:20
  • I figured that much out already. But your description is too vague. You need to show exactly every step of what you did and what happened. You can copy and paste from your terminal. Use the edit link below your question to add the additional information. Commented May 22, 2016 at 18:26

2 Answers 2

Reset to default
3 
sudo docker -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock -d &

This should give you what you want. Run it on the host, allows it to listen for any IP and binds it to the socket.

Improve this answer
2
  • 3
    This is equivalent to configuring telnet on the server with a root login that has no password. Unencrypted passwordless access to the root account on a server is not something I would recommend to anyone. Commented Jun 19, 2018 at 12:05
  • @BMitch very true - would recommend the TLS support that comes with docker. A a simple development environment, it works. Commented Jun 26, 2018 at 1:03
0

Docker has the steps listed to configure remote access to the socket using mutual TLS encryption here. Follow the steps carefully to ensure the server validates the CA of the client certificates. Because of the trust given to certificates signed by the CA, this is a scenario where you want to have a self signed CA.

The steps involved include:

  • Creating your own CA keys
  • Creating your server keys and signing with the server hostname
  • Creating your client keys and signing with a special client extension field
  • Loading the server keys and CA on the docker host, configuring it to listen on 2376, and validate the TLS of clients
  • Loading the client keys and CA on your remote client, configuring the docker host to the remote server, and verifying the TLS of the server

Skipping any of these steps can result in the server allowing root level access without a password, or encryption, on a well known protocol that is actively scanned for and exploited on the internet.

Improve this answer
2
  • What if my host is located in my local network with no access to the internet? How can I simply connect my client to a docker host running on Windows 10 on another computer in my network? Commented Jun 10, 2019 at 20:34
  • @BrunoFinger not sure on Windows, this answer covers Linux since that was listed in the question. Windows has lots of development, so the answer may depend on the docker and windows versions, if it's possible at all. Commented Jun 10, 2019 at 22:26

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.