enable the remote API for dockerd

最新推荐文章于 2024-05-30 10:35:00 发布

转载最新推荐文章于 2024-05-30 10:35:00 发布 · 93 阅读

CC 4.0 BY-SA版权

原文链接：http://www.cnblogs.com/jplus/p/10621536.html

文章标签：

本文介绍如何不编辑systemd单元文件即可为dockerd启用远程API。通过创建包含特定设置的文件并重启docker守护进程来实现。注意确保对TCP监听套接字有访问权限的都是受信任的用户。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

After completing these steps, you will have enabled the remote API for dockerd, without editing the systemd unit file in place:

Create a file at /etc/systemd/system/docker.service.d/startup_options.conf with the below contents:
```
# /etc/systemd/system/docker.service.d/override.conf
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H fd:// -H tcp://0.0.0.0:2376
```
Note: The -H flag binds dockerd to a listening socket, either a Unix socket or a TCP port. You can specify multiple -H flags to bind to multiple sockets/ports. The default -H fd:// uses systemd's socket activation feature to refer to /lib/systemd/system/docker.socket.
Reload the unit files:
```
$ sudo systemctl daemon-reload
```
Restart the docker daemon with new startup options:
```
$ sudo systemctl restart docker.service
```
Ensure that anyone that has access to the TCP listening socket is a trusted user since access to the docker daemon is root-equivalent.