I’ve decided to setup a few docker hosts. I needed to access them remotely, so I deployed the necessary CA and server keys and certs (see https://docs.docker.com/engine/security/https/#create-a-ca-server-and-client-keys-with-openssl for more). So far, so good.
I knew that docker should have been instructed to use these files, also to listen on 0.0.0.0. So I edited /etc/default/docker (on Ubuntu Bionic), restarted the docker daemon, and nothing happened.
I rushed to the docker site to figure out what da heck, and end up at https://docs.docker.com/engine/reference/commandline/dockerd/#daemon-configuration-file telling me that unfortunately it wouldn’t work with systemd, you must use /etc/docker/daemon.json.
I’ve created the file:
then restarted docker, and still nothing. The -H fd:// option in /lib/systemd/system/docker.service file caused trouble preventing docker to listen on 0.0.0.0:
ExecStart=/usr/bin/dockerd -H fd://
Fear not, the fix is to remove -H fd:// as follows:
Then run systemctl daemon-reload && systemctl restart docker, and you should be able to connect to docker on the remote host.