Getting Dockerd to behave with Snap

When you install docker using snap on Ubuntu you can’t configure it using the default config files dues to the isolated nature of snapd.

Here is how you can configure dockerd to listen on a network socket when using snap on Ubuntu

First, edit /var/snap/docker/current/config/daemon.json and add a hosts line like so:

1{
2    "log-level":        "error",
3    "storage-driver":   "overlay2",
4    "hosts": ["tcp://1.2.3.4:2376"]
5}
Copy

Then run :

1snap restart docker
Copy

You can now connect to Dockerd over the network (remember to set the TLS cert and secure the service appropriately) by specifying the socket

1docker -H tcp://1.2.3.4:2376
Copy

Additionally if you are running Docker on Ubuntu you can’t change options in /etc/docker/daemon.json This is due to (as per https://docs.docker.com/config/daemon/#configure-the-docker-daemon) :

“You can use both of these options together as long as you don’t specify the same option both as a flag and in the JSON file. If that happens, the Docker daemon won’t start and prints an error message.”

Put simply you can make changes to /etc/docker/daemon.json, but only if it is not a the hosts entry.

Since you’re using Ubuntu dockerd starts up with the flag set to -H fd:// due to a limitation of systemd, as per /etc/systemd/system/multi-user.target.wants/docker.service

Additionally if you are running Docker on Ubuntu you can’t change options in /etc/docker/daemon.json This is due to (as per https://docs.docker.com/config/daemon/#configure-the-docker-daemon) :

“You can use both of these options together as long as you don’t specify the same option both as a flag and in the JSON file. If that happens, the Docker daemon won’t start and prints an error message.”

Put simply you can make changes to /etc/docker/daemon.json, but only if it is not a the hosts entry.

Since you’re using Ubuntu dockerd starts up with the flag set to -H fd:// due to a limitation of systemd, as per /etc/systemd/system/multi-user.target.wants/docker.service

1# the default is not to use systemd for cgroups because the delegate issues still
2# exists and systemd currently does not support the cgroup feature set required
3# for containers run by docker
Copy

Therefore you need to edit /etc/systemd/systemd/system/multi-user.target.wants/docker.service if you want to change which socket dockerd listens on (for example if you want to connect to docker from another host).

Time will tell whether this is a good idea or whether the change will be overwritten by package updates.