Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Enable TCP port 2375 for external connection to Docker

Enable TCP port 2375 for external connection to Docker

See this issue.
Docker best practise to Control and configure Docker with systemd.

  1. Create daemon.json file in /etc/docker:

     {"hosts": ["tcp://0.0.0.0:2375", "unix:///var/run/docker.sock"]}
    
  2. Add /etc/systemd/system/docker.service.d/override.conf

     [Service]
     ExecStart=
     ExecStart=/usr/bin/dockerd
    
  3. Reload the systemd daemon:

     systemctl daemon-reload
    
  4. Restart docker:

     systemctl restart docker.service
    
@tiensvanzyl
Copy link

tiensvanzyl commented Nov 2, 2020

works great on Ubuntu 20.04 too thanks. Had to reboot the server though as only restarting docker.service did not work

@nurlanf
Copy link

nurlanf commented Nov 8, 2020

This something I've tried as well and ran in to a few issues creating /etc/systemd/system/docker.service.d/override.conf, I am running Debian 10 and installed (and updated) docker using the script provided in the documentation. (Install using the convenience script)

After reloading the systemd daemon docker still failed to start, going to the log I noticed the following line: (getting the last few lines of the log sudo tail -n 100 /var/log/daemon.log

Oct  8 16:40:16 docker-host systemd[1]: Starting Docker Application Container Engine...
Oct  8 16:40:16 docker-host dockerd[675]: unable to configure the Docker daemon with file /etc/docker/daemon.json: the following directives are specified both as a flag and in the configuration file: hosts: (fro
m flag: [fd://], from file: [tcp://0.0.0.0:2375 unix:///var/run/docker.sock])
Oct  8 16:40:16 docker-host systemd[1]: docker.service: Main process exited, code=exited, status=1/FAILURE
Oct  8 16:40:16 docker-host systemd[1]: docker.service: Failed with result 'exit-code'.
Oct  8 16:40:16 docker-host systemd[1]: Failed to start Docker Application Container Engine.
Oct  8 16:40:18 docker-host systemd[1]: docker.service: Service RestartSec=2s expired, scheduling restart.
Oct  8 16:40:18 docker-host systemd[1]: docker.service: Scheduled restart job, restart counter is at 2.
Oct  8 16:40:18 docker-host systemd[1]: Stopped Docker Application Container Engine.

To get this to work I adding hosts to /etc/docker/daemon.json and editing /lib/systemd/system/docker.service (running sudo systemctl status docker.service reported the daemon being loaded from there) where I removed host provided in the start:

# Replacing this line:
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

# With this line:
ExecStart=/usr/bin/dockerd --containerd=/run/containerd/containerd.sock

After which reloading the systemd daemon and restarting docker worked as a charm.

Worked for Debian 10, thanks a lot 👍

@PlusLibrary
Copy link

PlusLibrary commented Jan 15, 2021

Server side seems OK but I cant connect to the daemon from other machine:

C:\Users\Plus>docker -H tcp://192.168.3.2:2375 images
error during connect: Get https://192.168.3.2:2375/v1.40/images/json: http: server gave HTTP response to HTTPS client

I can get image list from browser with HTTP but I cannot use Docker Client (CLI) to access it

http://192.168.3.2:2375/v1.40/images/json

Can I force my Docker Client to NOT using HTTPS?
the docker environment is inside a private network so it maybe safe to not using SSL/HTTPS

@ZaharBozhok
Copy link

ZaharBozhok commented Mar 25, 2021

If you are on mac you can just edit it in Docker -> Preferences -> Docker Engine (just add hosts and press apply & restart)
But if you are lucky and that gives you "Bad request" you can try editing in ~/.docker/daemon.json, that worked for me

@yuriy-slobodchikov
Copy link

yuriy-slobodchikov commented May 12, 2021

Thanks a lot! Centos 7.8

@LoesterFranco
Copy link

LoesterFranco commented May 26, 2021

thanks.

@sne4ky
Copy link

sne4ky commented Jun 1, 2021

Working on Manjaro 20.2.1 :)

@danielhoherd
Copy link

danielhoherd commented Aug 12, 2021

You can connect over ssh without having to reconfigure dockerd.

$ docker ps
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
$ uname -a
Darwin danielh-mac 20.6.0 Darwin Kernel Version 20.6.0: Wed Jun 23 00:26:31 PDT 2021; root:xnu-7195.141.2~5/RELEASE_X86_64 x86_64
$ export DOCKER_HOST=ssh://example-host
$ docker ps
CONTAINER ID   IMAGE         COMMAND                 CREATED        STATUS       PORTS                                      NAMES
4bbc34bc14dc   mariadb:10.6  "docker-entrypoint.s…"  32 hours ago   Up 32 hours  0.0.0.0:3306->3306/tcp, :::3306->3306/tcp  mariadb
$ ssh example-host uname -a
Linux example-host 5.4.0-80-generic #90-Ubuntu SMP Fri Jul 9 22:49:44 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

@PatrickRainer
Copy link

PatrickRainer commented Aug 14, 2021

Great works for me

@Adrianopogianeli
Copy link

Adrianopogianeli commented Sep 22, 2021

Thanks a lot! "Raspbian GNU/Linux 10 (buster)"

@tmumford
Copy link

tmumford commented Sep 30, 2021

I really want to thank you for posting this. Worked great!

@akhiljalagam
Copy link

akhiljalagam commented Oct 19, 2021

thanks

@chakib-belgaid
Copy link

chakib-belgaid commented Nov 5, 2021

thank you !

@sheelprabhakar
Copy link

sheelprabhakar commented Nov 8, 2021

Thank you

@mawen12
Copy link

mawen12 commented Nov 16, 2021

Thank you!

@ppprabhakara
Copy link

ppprabhakara commented Dec 9, 2021

Worked like charm on centos 7 too. Was struggling to get this working since 2 days.

Steps followed:

  1. vi /usr/lib/systemd/system/docker.service

add the line below where you find ExecStart (under Service section):

  1. ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:4243 -H unix:///var/run/docker.sock

Then,
3. systemctl daemon-reload
4. systemctl restart docker.service

@valterm
Copy link

valterm commented Dec 9, 2021

Can confirm it works both on arch and debian 11.
Thanks!

@rfay
Copy link

rfay commented Dec 27, 2021

I was also unable to get it to work on Debian 11 without the workaround in https://gist.github.com/styblope/dc55e0ad2a9848f2cc3307d4819d819f#gistcomment-3482239 (directly editing the docker.service file). It seems that on Debian 11, the docker.service.d/override.conf doesn't actually get read, so you just have to edit the docker.service.

I also used ExecStart=/usr/sbin/dockerd --containerd=/run/containerd/containerd.sock --tls=false to avoid the very strong and important complaints:

Binding to IP address without --tlsverify is insecure and gives root access on this machine to everyone who has access to your network. host="tcp://0.0.0.0:2375".
Binding to an IP address, even on localhost, can also give access to scripts run in a browser. Be safe out there! host="tcp://0.0.0.0:2375"
Binding to an IP address without --tlsverify is deprecated. Startup is intentionally being slowed down to show this message host="tcp://0.0.0.0:2375"
Please consider generating tls certificates with client validation to prevent exposing unauthenticated root access to your network host="tcp://0.0.0.0:2375"
You can override this by explicitly specifying '--tls=false' or '--tlsverify=false' host="tcp://0.0.0.0:2375"
Support for listening on TCP without authentication or explicit intent to run without authentication will be removed in the next release host="tcp://0.0.0.0:2375"

@boris779
Copy link

boris779 commented Jan 24, 2022

I absolutely do not get this run with docker 20.10.12 and ubuntu 21.10

I tried to edit /usr/lib/systemd/system/docker.service or do it via systemctl edit docker.service
Every time when I add -H tcp://127.0.0.1:2375 or tcp://0.0.0.0:2375 the docker.service cannot start
I tried with -H unix, without, with --containerd and without.

ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --containerd=/run/containerd/containerd.sock

Any suggestion how to solve it?

@vincentgerris
Copy link

vincentgerris commented Jan 24, 2022

check logs, journalctl -xe. The options overlap, remove the 127.0.0.1 , 0.0.0.0 means all interfaces.

@h4r5h1t-hrs
Copy link

h4r5h1t-hrs commented Jan 28, 2022

Follow this:
https://docs.docker.com/engine/install/linux-postinstall/#configure-where-the-docker-daemon-listens-for-connections

NOTE: Just change the IP from 127.0.0.1 to 0.0.0.0 and its work fine for Ubuntu ( for selenium dynamic grid)

@smblott-github
Copy link

smblott-github commented Feb 1, 2022

I found that the docker daemon failed to start on reboot (only) with the approach described here. I never tracked down the source of the problem.

However, it did lead me to implement instead an alternative solution with socat:

exec socat -d TCP-LISTEN:2375,fork UNIX-CONNECT:/var/run/docker.sock

Notes:

  • I used daemontools to launch this an keep it running (https://cr.yp.to/daemontools.html).
  • You can protect the port with the range=... option to socat, or with IP tables or netfilter.

@Nakilon
Copy link

Nakilon commented Apr 20, 2022

Does not work for Docker Desktop on Windows. It refuses bind to 0.0.0.0

@rcedillo45
Copy link

rcedillo45 commented Apr 27, 2022

I was having an issue to connect from another machine, turns out it was a firewall issue.
to fix I did:
ufw allow 2375/tcp
ufw reload
hopefully this helps someone.

@russellhoff
Copy link

russellhoff commented May 12, 2022

Thanks!!

@sithson
Copy link

sithson commented May 19, 2022

👍 ✔️ 🙇‍♀️
I can also confirm this, very much GG @styblope, my rock star hero!1 :))))))

Specs:

  • Linux Mint 20.3 Una x64
  • Docker version 20.10.16, build aa7e414
  • Docker Compose version v2.5.0

@sumitdhungana14
Copy link

sumitdhungana14 commented Aug 4, 2022

🔥

@AbdelazizSharaf001
Copy link

AbdelazizSharaf001 commented Sep 1, 2022

I need to run docker from external docker client but the docker server is containerized (no daemon)
is it aplicable ?

@russellhoff
Copy link

russellhoff commented Sep 9, 2022

I need to run docker from external docker client but the docker server is containerized (no daemon) is it aplicable ?

AFAIK, Docker will be run as daemon wherever you deploy it.

@webzakimbo
Copy link

webzakimbo commented Sep 28, 2022

Here's another way that worked for me:

/etc/systemd/system/docker.service.d/override.conf

[Service]
 ExecStart=
 ExecStart=/usr/bin/dockerd --config-file /etc/docker/daemon.json

/etc/docker/daemon.json

{
  "hosts": ["tcp://0.0.0.0:2375", "unix:///var/run/docker.sock"]
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment