How to connect to Docker API from another machine?

Question

I\'m trying to use the Docker API to connect to docker daemon from another machine. I am able to do this command successfully:

docker -H=tcp://127.0.0.1:4243         


        

Answer 1

Please note that in doing this, you have given anyone, and any URL sent to you by email access to your Docker API, and thus root permission.

you should, at minimum, secure your socket using https: http://docs.docker.com/articles/https/

Answer 2

There are 2 ways in configuring the docker daemon port

1) Configuring at /etc/default/docker file:

DOCKER_OPTS="-H tcp://127.0.0.1:5000 -H unix:///var/run/docker.sock"

2) Configuring at /etc/docker/daemon.json:

{
"hosts": ["tcp://<IP-ADDRESS>:<PORT>", "unix:///var/run/docker.sock"]
}

IP-ADDRESS - any address which is accessible can be used.

Restart the docker service after configuring the port.

The reason for adding both the user port[ tcp://127.0.0.1:5000] and default docker socket[unix:///var/run/docker.sock] is that the user port enables the access to the docker APIs whereas the default socket enables the CLI.

Answer 3

Came across a similar issue, one thing I don't see mentioned here is you need to start docker to listen to both the network and a unix socket. All regular docker (command-line) commands on the host assume the socket.

sudo docker -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock -d &

will start docker listening to any ip address on your host, as well as the typical unix socket.

Answer 4

You need to listen to 0.0.0.0. When you listen on 127.0.0.1, it means that no one outside your host will be able to connect.