Docker Socket Without TLS

I have a TLS secured docker demon running. I use TLS for remote accessing the docker demon and access docker locally without any TLS. Normally…

Recently, I have updated Docker. Apparently I cannot connect to the local socket anymore. I suppose Docker is using now TLS for remote and local connections.

  • How to connect to a Postgres server in a Docker (1.12.0) container on a Mac?
  • How do I communicate from Docker Hub to Jenkins via web hook?
  • can't run docker in daemon mode?
  • Docker container don`t work in detached mode, although works OK in attached one
  • can't push or pull to a docker repo `Repository not found`
  • Multi-container docker on AWS - Nginx use host machine /etc/hosts resolver
  • Is there a way to disable TLS for the local Docker socket?

    Output of ps auxw | grep dockerd:

    /usr/bin/dockerd -H 0.0.0.0:2376 –tlsverify –tlscacert /home/dockermanager/.docker/ca.pem –tlscert /home/dockermanager/.docker/server-cert.pem –tlskey /home/dockermanager/.docker/server-key.pem

  • How to create a Docker image of centos provisioned with apache?
  • How to detect a docker daemon port
  • Can Docker be installed on SUSE 11 SP3
  • Intermittent slow response from Dockerized NodeJS app
  • Docker/EC2: getting exclusive access to a port?
  • Unable to pull the images in docker on Windows
  • One Solution collect form web for “Docker Socket Without TLS”

    Had been able to fix this myself.

    I needed to migrate to these two systemd files provided by Docker:
    https://github.com/moby/moby/tree/master/contrib/init/systemd

    One service file is for the docker demon and there is one for the docker socket separately. The docker socket is a required dependency by docker.service and will be loaded, restartet and stopped accordingly.

    Then i needed to add the docker demon parameter -H unix:// in order to activate the docker demon listening to the docker socket.

    Afterwards everything worked as always and I assume local docker.socket communication does not need tls verification at all.

    Start command now:

    /usr/bin/dockerd -H unix:// -H tcp://0.0.0.0:2376 --tlsverify --tlscacert /home/dockeruser/.docker/ca.pem --tlscert /home/dockeruser/.docker/server-cert.pem --tlskey /home/dockeruser/.docker/server-key.pem
    
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.