Docker: UNIX socket and TCP port

root's picture

There are situations where you need to expose docker cli via a tcp port. For example when you use management tools like portainer.

On debian stretch (linux with systemd)

You need to add to ExecStart in /lib/systemd/system/docker.service: -H IP:2375:

root@uranus:/docker# ps -ef|grep -i dockerd
root     17570     1  1 02:28 ?        00:00:26 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
root     20778  2216  0 02:55 pts/0    00:00:00 grep -i dockerd
root@uranus:/docker# netstat -tlnp | grep -i dockerd
root@uranus:/docker# nano /lib/systemd/system/docker.service
root@uranus:/docker# grep ExecStart /lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd -H fd:// -H 192.168.11.10:2375 --containerd=/run/containerd/containerd.sock
root@uranus:/docker# systemctl daemon-reload
root@uranus:/docker# /etc/init.d/docker restart
Restarting docker (via systemctl): docker.service.
root@uranus:/docker# netstat -tlnp | grep -i dockerd
tcp        0      0 192.168.11.10:2375      0.0.0.0:*               LISTEN      21021/dockerd       
root@uranus:/docker# ps -ef|grep -i dockerd
root     21021     1  1 02:55 ?        00:00:00 /usr/bin/dockerd -H fd:// -H 192.168.11.10:2375 --containerd=/run/containerd/containerd.sock
root     21157  2216  0 02:55 pts/0    00:00:00 grep -i dockerd

On debian wheezy (or linux without systemd)

You need to add to DOCKER_OPTS in /etc/default/docker: -H IP:2375:

00:27:31 root@jupiter:~# ps -ef|grep -i dockerd|grep -v grep
root      4868     1  0 00:23 ?        00:00:00 /usr/bin/dockerd -p /var/run/docker.pid
00:29:46 root@jupiter:~# grep ^DOCKER_OPTS /etc/default/docker 
DOCKER_OPTS="-H 192.168.11.7:2375"

The docker process should now look like this:

00:29:54 root@jupiter:~# ps -ef|grep -i dockerd|grep -v grep
root      5747     1  0 00:28 ?        00:00:00 /usr/bin/dockerd -p /var/run/docker.pid -H 192.168.11.7:2375

On wheezy you may have by default another problem. Unix socket may not be setup by default and docker command will not work:

00:41:44 root@jupiter:~# docker container ls
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

You must configure unix socket too, in the same file. The modified like would be:

00:42:34 root@jupiter:~# grep ^DOCKER_OPTS /etc/default/docker
DOCKER_OPTS="-H unix:///var/run/docker.sock -H 192.168.11.7:2375"

The docker process should now look like this:

00:43:38 root@jupiter:~# ps -ef|grep -i dockerd|grep -v grep
root      5747     1  0 00:28 ?        00:00:00 /usr/bin/dockerd -p /var/run/docker.pid -H unix:///var/run/docker.sock -H 192.168.11.7:2375

And now docker command works (no running containers, ignore that):

00:43:44 root@jupiter:~# docker container ls
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES

Thou shalt not steal!

If you want to use this information on your own website, please remember: by doing copy/paste entirely it is always stealing and you should be ashamed of yourself! Have at least the decency to create your own text and comments and run the commands on your own servers and provide your output, not what I did!

Or at least link back to this website.

Recent content