How do you create a context for a remote tls daemon?

I have a remote docker daemon that I can access using:

docker -H my.remote.docker:2376 --tls --tlscacert C:\Users<user>.docker\RootCA.pem --tlscert=C:\Users<user>.docker\cert.pem --tlskey=C:\Users<user>.docker\key.pem

Is there a way to convert that into a docker context?

1 Like

I checked and it does not seem possible which surprises me. You can create a docker context without TLS keys and copy the keys into the .docker folder.

The other option I can see and what I actually prefer is using SSH for the context.

docker context create --docker="host=ssh://myuser@mydomain:22" mycontext

It also works on Windows. I have just tried.

2 Likes

Actualy you might want to try this:

docker context create my-context --description "some description" --docker "host=tcp:/my.remote.docker:2376,ca=C:\Users<user>.docker\RootCA.pem,cert=C:\Users<user>.docker\cert.pem,key=C:\Users<user>.docker\key.pem"

The help text of docker context create --help shows it as a linux example.

Though, I personaly opt for the same approach @rimelek does, in combination with serving the ssh private keys using pagent (more precisely the keeagent plugin of keepass that implements the pagent protocoll)

3 Likes

How could I miss that?` :open_mouth: I tried the help first and could not see that line

Good you did :slight_smile: Normaly when I see evidence of Windows, I shy away. Without your post I wouldn’t have taken a closer look. If I am not mistaken, the web based documentation itself does not cover it - or I couldn’t spot it right away.

Guys,

Thanks for the direction, in particular the obvious suggestion docker context create --help.

The trick in your example was enclosing the docker endpoint in double quotes and separating the individual arguments with a comma. Additional windows tips: If you want to neat it up use ctrl-6(^) for line continuation