Docker remote api don't restart after my computer restart

Question

Last week I struggled to make my docker remote api working. As it is running on VM, I have not restart my VM since then. Today I finally restarted my VM and it is not working any more (docker and docker-compose are working normally, but not docker remote api). My docker init file looks like this: /etc/init/docker.conf.

description     "Docker daemon"

start on filesystem and started lxc-net
stop on runlevel [!2345]

respawn

script
    /usr/bin/docker -H tcp://0.0.0.0:4243 -d
end script

# description "Docker daemon"

# start on (filesystem and net-device-up IFACE!=lo)
# stop on runlevel [!2345]
# limit nofile 524288 1048576
# limit nproc 524288 1048576

respawn

kill timeout 20
.....
.....

Last time I made setting indicated here this

I tried nmap to see if port 4243 is opened.

ubuntu@ubuntu:~$ nmap 0.0.0.0 -p-

Starting Nmap 7.01 ( https://nmap.org ) at 2016-10-12 23:49 CEST
Nmap scan report for 0.0.0.0
Host is up (0.000046s latency).
Not shown: 65531 closed ports
PORT      STATE SERVICE
22/tcp    open  ssh
43978/tcp open  unknown
44672/tcp open  unknown
60366/tcp open  unknown

Nmap done: 1 IP address (1 host up) scanned in 1.11 seconds

as you can see, the port 4232 is not opened.

when I run:

ubuntu@ubuntu:~$ echo -e "GET /images/json HTTP/1.0\r\n" | nc -U
This is nc from the netcat-openbsd package. An alternative nc is available
in the netcat-traditional package.
usage: nc [-46bCDdhjklnrStUuvZz] [-I length] [-i interval] [-O length]
      [-P proxy_username] [-p source_port] [-q seconds] [-s source]
      [-T toskeyword] [-V rtable] [-w timeout] [-X proxy_protocol]
      [-x proxy_address[:port]] [destination] [port]

I run this also:

ubuntu@ubuntu:~$ sudo docker -H=tcp://0.0.0.0:4243 -d
flag provided but not defined: -d
See 'docker --help'.

I restart my computer many times and try a lot of things with no success. I already have a group named docker and my user is in:

ubuntu@ubuntu:~$ groups $USER
ubuntu : ubuntu adm cdrom sudo dip plugdev lpadmin sambashare docker

Please tel me what is wrong.

Answer 1

Your startup script contains an invalid command:

/usr/bin/docker -H tcp://0.0.0.0:4243 -d

Instead you need something like:

/usr/bin/docker daemon -H tcp://0.0.0.0:4243

As of 1.12, this is now (but docker daemon will still work):

/usr/bin/dockerd -H tcp://0.0.0.0:4243

Please note that this is opening a port that gives remote root access without any password to your docker host.

Anyone that wants to take over your machine can run docker run -v /:/target -H your.ip:4243 busybox /bin/sh to get a root shell with your filesystem mounted at /target. If you'd like to secure your host, follow this guide to setting up TLS certificates.

Answer 2

I finally found www.ivankrizsan.se and it is working find now. Thanks to this guy (or girl) ;). This settings work for me on ubuntu 16.04. Here is how to do :

• Edit this file /lib/systemd/system/docker.service and replace the line ExecStart=/usr/bin/dockerd -H fd:// with ExecStart=/usr/bin/docker daemon -H fd:// -H tcp://0.0.0.0:4243
• Save the file
• restart with :sudo service docker restart
• Test with : curl http://localhost:4243/version

• Result: you should see something like this:

  {"Version":"1.11.0","ApiVersion":"1.23","GitCommit":"4dc5990","GoVersion" "go1.5.4","Os":"linux","Arch":"amd64","KernelVersion":"4.4.0-22-generic","BuildTime":"2016-04-13T18:38:59.968579007+00:00"}

Attention : Remain aware that 0.0.0.0 is not good for security, for more security, you should use 127.0.0.1