Cannot override default socket for docker swarm cloud formation

[jsirianni]

Expected behavior

I want the docker daemon to listen over the default UNIX socket and a TCP socket

Actual behavior

Failure to start or ignores my TCP override

Information

I have added this to the userdata section that builds /etc/docker/daemon.json right before \"experimental\":

\"hosts\": [\"unix:///var/run/docker.sock\", \"tcp://0.0.0.0:2376\"],

The swarm manager starts docker but the log output shows it passing -H unix:///var/run/docker.sock which appears to override daemon.json.

Is there a way to override the default startup behavior of dockerd?

[FrenchBen]

By default, we keep the daemon from exposing itself to the world; with that said, the host config is a list, which means that it can have multiple settings, which we used to expose with the same info in the beta of Docker for AWS.

Failure to start and ignoring the TCP override is a sign of invalid JSON. I would validate the json first, before concluding that it's an issue at the docker level.

[jsirianni]

Sorry if I was not clear. I do not believe this is a Docker issue, I believe it is an issue with the cloud formation template and the AMI it uses. Additionally, I fully understand the security implications of allowing the Docker Daemon to listen on a TCP interface.

From the AWS console log, it appears that dockerd is started with the -H flag specifying a Unix socket. It is my understanding that any command line flags will override anything that resides in daemon.json. This means that any hosts parameters that I place in the json will be ignored.

Is this not the case? It is possible I am simply doing it wrong.

My current solution is this (and I am not happy with it but its working) replaced this

"rc-service docker restart\n"   // line 1681

with this

"rc-service docker stop\n",
"dockerd -H unix:///var/run/docker.sock -H tcp://0.0.0.0 &\n",