I need to set docker to listen to tcp://0.0.0.0/4243 on my host machine running amazon linux (centos). All the documentation I have seen has told me to run the following command

echo DOCKER_OPTS="-H=tcp://127.0.0.1:4243" >> /etc/default/docker

Which will write the correct docker_opts to /etc/default/docker. I've done this, but when I restart docker it does not listen to 127.0.0.1

I can make docker run correctly by typing

sudo /usr/bin/docker -H tcp://0.0.0.0:4243 -d &

That works, but I want the default option to be listening on tcp://0.0.0.0:4243 without having to specify it every time.

It seems that docker is completely ignoring my /etc/default/docker file so the settings are being ignored. I also tried writing the file to /etc/default/docker.io and /etc/default/docker-io (didn't really expect much to happen)

I need to be able to start docker with just

service docker start

or it will cause issues in my current deployment playbook.

Any thoughts on what I can do to set DOCKER_OPTS and not have to do it every time I restart docker?

In RHEL7, instead of modifying your docker.service unit file, you can also just edit your /etc/sysconfig/docker file:

# /etc/sysconfig/docker

# Modify these options if you want to change the way the docker daemon runs
OPTIONS=--selinux-enabled -H unix:///var/run/docker.sock -H tcp://0.0.0.0:4243

and then restart your docker service.

To me, this is more reliable than modifying the service script.

For CentOS 7 (RHEL 7):

Find the systemd docker.service unit file. Mine is located at: /usr/lib/systemd/system/docker.service

In this file, edit the line in the [Service] section beginning with ExecStart=. Add the "-H tcp://0.0.0.0:4243" into the line. (notice there's no "=" between the -H and the IP address as in your example DOCKER_OPTS line above.)

On my system, the entire contents of docker.service then looks like:

[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
After=network.target docker.socket
Requires=docker.socket

[Service]
Type=notify
EnvironmentFile=-/etc/sysconfig/docker
ExecStart=/usr/bin/docker -d -H tcp://127.0.0.1:4243 -H fd:// $OPTIONS
LimitNOFILE=1048576
LimitNPROC=1048576

[Install]
Also=docker.socket

(I only need Docker to listen on the loopback, instead of all IP addresses.)

After making this edit to the systemd unit file and restarting the Docker service via systemctl restart docker, I see the following process:

root 8574 0.0 0.2 321708 10564 ? Ssl 00:42 0:00 /usr/bin/docker -d -H tcp://127.0.0.1:4243 -H fd:// --selinux-enabled

As you can see, it does now listen on the configured TCP address, and will persist over reboots and service stop/starts.

I cannot believe how many answers there are for this. So here is another one for:

• CentOS 7.3
• Docker Version = 17.03.1-ce, API Version = 1.27

This answer is built upon an unbelievable playing around combination of this answer and this one and this one.

1. sudo vim /usr/lib/systemd/system/docker.service
2. insert " -H tcp://0.0.0.0:4243 -H unix:///var/run/docker.sock"
3. sudo systemctl daemon-reload //refresh your file changes above
4. sudo systemctl restart docker
5. netstat -l | grep 4243 //verify port is open
6. connect to your docker host from somewhere, like Jenkins Docker Plugin, i.e. tcp://[server_ip]:4243

Editing /etc/docker/daemon.json seems to be the new, supported way.

With Docker 1.7.1 on CentOS 7 neither modifying /usr/lib/systemd/system/docker.service or /etc/sysconfig/docker worked for me. It seems that in systemd sets up the socket, so in order to change the group you have to edit SocketGroup in /usr/lib/systemd/system/docker.socket

[Unit]
Description=Docker Socket for the API
PartOf=docker.service

[Socket]
ListenStream=/var/run/docker.sock
SocketMode=0660
SocketUser=root
SocketGroup=jenkins

[Install]
WantedBy=sockets.target

I Think on CentOS, you can try setting the options as below in the file /etc/sysconfig/docker

other_args="-H tcp://0.0.0.0:4243 -H unix:///var/run/docker.sock"

Then restart the docker and try checking if the port is opening using

netstat -plt | grep 4243 

This should list if listening

I needed to change the default bridge interface docker0 to use my own bridge interface br0 and putting the following content in that file solved my issue:

CentOS 7.2 and docker 1.10.3

/usr/lib/systemd/system/docker.service.d/docker.conf

[Service] 
ExecStart=
ExecStart=/usr/bin/docker daemon --bridge=br0 -H fd://

and of course the following need to be performed after:

sudo systemctl daemon-reload

sudo systemctl restart docker 

ip link del docker0

It worked for me when I followed how its shown in the posts above with drop-in replacement files in: /etc/systemd/system/docker.service.d

I am working on centos 7.

I just want to add insecure-registry in docker config file then I changed "DOCKER_OPTS=--insecure-registry=...." in /etc/sysconfig/docker while it did not work.

While I saw a INSECURE_REGISTRY in the config so I changed this variable and it WORKS!

So I guess DOCKER_OPTS does not work here!

But it worked on my unbuntu 14!

It is really frustrating when using docker!

Based on https://docs.docker.com/engine/admin/configuring/

sudo mkdir /etc/systemd/system/docker.service.d
sudo vi /etc/systemd/system/docker.service.d/docker.conf

[Service]
ExecStart=
ExecStart=/usr/bin/docker daemon -H fd:// -D -H tcp://127.0.0.1:4243

sudo systemctl daemon-reload
sudo systemctl restart docker

1、edit /usr/lib/systemd/system/docker.service to add two param in the service section:

# vim /usr/lib/systemd/system/docker.service

[Service]

ExecStart=

ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock

2、reload the configuration,and then restart docker。

# systemctl daemon-reload
# systemctl restart docker

3、to check for success, see if the return the following response。

# ps -ef|grep docker

root 26208 1 0 23:51 ? 00:00:00 /usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock

reference from Expose the Docker Remote API on Centos 7?

I believe things have changed now, this answer by Brian Ogden had worked for me earlier but didn't work on my environment today, probably with the updated versions of the docker, kernel, and OS.

CentOS 7.4.1708 (on AWS)
Docker 17.03.2-ce
API 1.27

This is what worked after few hit and trials. I could not find it documented anywhere.

In file /etc/systemd/system/docker.service.d/execstart.conf, replace the last ExecStart (there are two) with below

ExecStart=/usr/bin/dockerd --graph=/var/lib/docker --storage-driver=overlay -H tcp://0.0.0.0:4243 -H unix:///var/run/docker.sock

Now, my files looks like this

# cat /etc/systemd/system/docker.service.d/execstart.conf
[Service]
Restart=always
StartLimitInterval=0
RestartSec=15
ExecStartPre=-/sbin/ip link del docker0
ExecStart=
ExecStart=/usr/bin/dockerd --graph=/var/lib/docker --storage-driver=overlay -H tcp://0.0.0.0:4243 -H unix:///var/run/docker.sock
#

Once, the above file is changed just the run the below command to activate the changes.

# systemctl daemon-reload && systemctl stop docker && rm -f /var/run/docker.sock && systemctl start docker

To verify if everything is working fine, you can run any (or all) of below commands

# systemctl status docker.service | grep tcp
           ├─21812 /usr/bin/dockerd --graph=/var/lib/docker --storage-driver=overlay -H tcp://0.0.0.0:4243 -H unix:///var/run/docker.sock
#
# netstat -an | grep 4243
tcp6       0      0 :::4243                 :::*                    LISTEN
#
# ps aux | grep [4]243
root     21812  1.0  0.8 1017512 67876 ?       Ssl  15:11   0:06 /usr/bin/dockerd --graph=/var/lib/docker --storage-driver=overlay -H tcp://0.0.0.0:4243 -H unix:///var/run/docker.sock
#
# docker -H :4243 info