How to Enable The Docker Remote API on Windows

How to enable docker remote API in Docker for Windows

You can edit the configuration for docker daemon.
Add a daemon.json file in the following path: %ProgramData%\docker\config

The file should contain something like this:

{
   "hosts": ["tcp://0.0.0.0:4243"]
}

Then restart docker service.(eg Powershell: Restart-Service docker )

References:

  • How to use Remote API with Windows Container

  • Configuration File reference

How do I enable the Docker RestAPI on Windows Containers?

(Posted on behalf of the OP).

Finally, I found how to enable Remote API of Docker Containers on Windows. The key point is file daemon.json which place in C:\ProgramData\docker\config.

In the guide linked in the question, the author only mention that we should place in it something like: 

{"hosts": ["tcp://0.0.0.0:2376", "npipe://"]}

But when I try to add this to daemon.json, my daemon don't work on CLI. At last, I reverse the order of array like 

{"hosts": ["npipe://", "tcp://0.0.0.0:2376"]}

My docker will work well in both CLI & Remote API. Good experience with Windows Docker and thanks for your attention!

How to expose Docker TCP socket on WSL2? (WSL-installed Docker, not Docker Desktop)

Quick-Fix (insecure)

From Gist

1. /etc/docker/daemon.json

{"hosts": ["tcp://0.0.0.0:2375", "unix:///var/run/docker.sock"]}

2. sudo service docker restart


Long-Fix (TLS)

TLS support: more detailed serverfault, step-by-step blog post. If you're setting up Docker on server, I recommend following the blog post. For me I just wanted Docker in WSL2, socket reachable by Windows (PyCharm), and TLS secure. So my modifications use ~/.docker & localhost (rather than root folders & FQDN). Here are my steps:

1. /etc/docker/daemon.json

"hosts": ["unix:///var/run/docker.sock", "tcp://0.0.0.0:2376"],
"tlscacert": "/home/lefnire/.docker/certs/ca.pem",
"tlscert": "/home/lefnire/.docker/certs/server-cert.pem",
"tlskey": "/home/lefnire/.docker/certs/server-key.pem",
"tlsverify": true

Note I'm using ~/.docker/certs instead of /etc/docker/certs. I hit permission snags with PyCharm needing access to "Certificates Folder", even with chmod -v 0444 x attempts.

2. Certs

$ mkdir ~/.docker/certs
$ cd ~/.docker/certs
$ openssl genrsa -aes256 -out ca-key.pem 4096  # enter passphrase
$ openssl req -new -x509 -days 365 -key ca-key.pem -sha256 -out ca.pem  # enter localhost at FQDN step
$ openssl genrsa -out server-key.pem 4096
$ openssl req -subj "/CN=localhost" -sha256 -new -key server-key.pem -out server.csr
$ openssl x509 -req -days 365 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out server-cert.pem
$ echo subjectAltName = DNS:localhost,IP:127.0.0.1 >> extfile.cnf
$ echo extendedKeyUsage = serverAuth >> extfile.cnf
$ openssl x509 -req -days 365 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out server-cert.pem -extfile extfile.cnf
$ openssl genrsa -out key.pem 4096
$ openssl req -subj '/CN=client' -new -key key.pem -out client.csr
$ echo extendedKeyUsage = clientAuth > extfile-client.cnf
$ openssl x509 -req -days 365 -sha256 -in client.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out cert.pem -extfile extfile-client.cnf

Ignore openssl RAND errors (or fix it)

3. sudo service docker restart

4. PyCharm (optional)

  1. File > Settings > Build, Execution, Deployment > Docker
    1. Add Docker (or click existing) > [x] TCP Socket
    2. Engine API URL: https://localhost:2376
    3. Certificates Folder: \\wsl$\Ubuntu-18.04\home\lefnire\.docker\certs
  2. File > Settings > Project: [my-proj] > Python Interpreter
    1. Dropdown > Show All... > Add > Docker

run docker on a remote windows server from a non windows box

Enable remote access to Docker API on your remote host (Windows system in your case). You may need to enable also auth to be safe.

Then just configure env variable which will point your local docker client to remote API (remote docker daemon), for example:

export DOCKER_HOST=tcp://<IP>:<PORT>

See doc for more details about env variables. There is env variable also for auth (DOCKER_CERT_PATH): https://docs.docker.com/engine/reference/commandline/cli/#environment-variables

This approach works with Docker API and all files, which you are using in the container/in build process from host OS must be available also on the remote machine.


Related Topics

How Does The *Nix Gui Work

What Is The Relation Between 'Container_Memory_Working_Set_Bytes' Metric and Oom-Killer on The Container

Copy N Bytes of Data X to File

How to Install Oracle 11G on Linux Without X

Process Handle in Lldbinit

Shell Gnu-Screen -X Stuff Problems

Git Error: Gpg Failed to Sign The Data on Linux

How to Get Exit Code of Remote Command Through Ssh

How to Detect If The Script Is Running on a Virtual Machine

Install R in Linux/Unix Without Having Root Privilage

How to Zip Folder That Contains More Than 12Gb Data

What's The Difference Between /Usr/Include/Linux and The Include Folder in Linux Kernel Source

How to Send Data Using Curl from Linux Command Line

Bash Script to Create Symbolic Links to Shared Libraries

How Run Different Versions of Node.Js in Same Time

User-Space Memory Editing Programs

How to Efficiently Move Many Files to a New Server

Listing Yum Group


Leave a reply



Submit