I'm building a multi node Docker Swarm cluster and want to connect to it from my local desktop. I'd like to use my local development tools to build all of my Docker related files and push them up to the cluster.
Note, this is an unauthenticated, full access, http (not https) configuration. It is to show a remote setup. I'm starting simple. The next post will be about securing this config.
First my setup:
- 3 docker nodes,
- They are running
- They are configured in a swarm using default configs.
docker1.example.comis my Swarm master.
- They are built following this guide: https://www.frakkingsweet.com/docker-swarm-on-debian-and-hyper-v/
With that out of the way lets setup the master,
docker1.example.com, to accept remote http connections.
sudo systemctl edit docker.service
In the editor, by default Debian 9 uses nano. Add or modify it to read:
[Service] ExecStart= ExecStart=/usr/bin/dockerd -H fd:// -H tcp://0.0.0.0:2375
The official docs say to use
tcp://127.0.0.1:2375. However, that will not allow remote hosts to connect. You need to use
tcp://0.0.0.0:2375 for that.
Refresh systemd, and restart docker.
sudo systemctl daemon-reload sudo systemctl restart docker
Now, on a remote client, you should be able to do
docker -H tcp://docker1.example.com:2375 version and it should return something similar to:
Client: Docker Engine - Community Version: 18.09.0 API version: 1.39 Go version: go1.10.4 Git commit: 4d60db4 Built: Wed Nov 7 00:47:51 2018 OS/Arch: windows/amd64 Experimental: false Server: Docker Engine - Community Engine: Version: 18.09.6 API version: 1.39 (minimum version 1.12) Go version: go1.10.8 Git commit: 481bc77 Built: Sat May 4 01:59:36 2019 OS/Arch: linux/amd64 Experimental: false
To show it can run a container:
docker -H tcp://docker1.example.com:2375 run hello-world
It should output the results of the
Hello from Docker! This message shows that your installation appears to be working correctly. To generate this message, Docker took the following steps: 1. The Docker client contacted the Docker daemon. 2. The Docker daemon pulled the "hello-world" image from the Docker Hub. (amd64) 3. The Docker daemon created a new container from that image which runs the executable that produces the output you are currently reading. 4. The Docker daemon streamed that output to the Docker client, which sent it to your terminal. To try something more ambitious, you can run an Ubuntu container with: $ docker run -it ubuntu bash Share images, automate workflows, and more with a free Docker ID: https://hub.docker.com/ For more examples and ideas, visit: https://docs.docker.com/get-started/
To always connect to the remote instance, you set an environment variable
DOCKER_HOST to the remote host.
That's it for a proof-of-concept to remotely access a docker instance. Check out this post to see how we secure that port. https://www.frakkingsweet.com/securing-the-remote-docker-instance/