Docker: Enable API: Difference between revisions
From wiki.jacobjohns.com
jwiki>jjohns No edit summary |
jwiki>jjohns No edit summary |
||
| Line 13: | Line 13: | ||
} | } | ||
3.Restart docker: <code>systemctl restart docker</code> | 3.Restart docker: <code>systemctl restart docker</code> | ||
==Securing Docker API== | |||
To add tls and secure the API create certs for the host, store them, and add them to the daemon.json file as the below: | |||
{ | |||
"hosts": ["unix:///var/run/docker.sock", "tcp://10.1.31.100:2375"], | |||
"tls": true, | |||
"tlscacert": "/server/config/docker-certs/rootCA.pem", | |||
"tlscert": "/server/config/docker-certs/tndocker.fwe.com.crt", | |||
"tlskey": "/server/config/docker-certs/tndocker.fwe.com.key", | |||
"tlsverify": true | |||
} | |||
Revision as of 14:51, 24 June 2023
Enable Docker API
- Edit the docker.service:
sudo systemctl edit docker.service- Add the below above the '### Lines below this comment will be discarded line':
[Service] ExecStart= ExecStart=/usr/bin/dockerd
2. Create /etc/docker/daemon.json with the below:
{
"hosts": ["unix:///var/run/docker.sock", "tcp://<HostIP>:2375"]
}
3.Restart docker: systemctl restart docker
Securing Docker API
To add tls and secure the API create certs for the host, store them, and add them to the daemon.json file as the below:
{
"hosts": ["unix:///var/run/docker.sock", "tcp://10.1.31.100:2375"],
"tls": true,
"tlscacert": "/server/config/docker-certs/rootCA.pem",
"tlscert": "/server/config/docker-certs/tndocker.fwe.com.crt",
"tlskey": "/server/config/docker-certs/tndocker.fwe.com.key",
"tlsverify": true
}
