Docker Community Forums

Share and learn in the Docker community.

Using Docker socket WITHOUT tcp for user credentials?

docker
#1

Attempting to run a Docker daemon using ONLY the unix socket (i.e. -H fd://)

All of the authorization plugins that I have seen use a loopback address and TCP (ie. -H tcp://127.0.0.1:2376)

I want to know if it is possible to pass user credentials (i.e. tlskey/cert) from the Docker client through the unix socket.

For example, if I run the daemon and LISTEN on -H tcp://127.0.0.1:2376 and -H fd://

docker -H tcp://127.0.0.1:2376/ --tls=false --tlsverify=false --tlscert ~/.docker/cert.pem --tlskey ~/.docker/key.pem --tlscacert ~/.docker/ca.pem -l=debug --debug=true info THIS WORKS

docker --tls=false --tlsverify=false --tlscert ~/.docker/cert.pem --tlskey ~/.docker/key.pem --tlscacert ~/.docker/ca.pem -l=debug --debug=true info THIS WORKS

However, if I listen on ONLY -H fd://
docker --tls=false --tlsverify=false --tlscert ~/.docker/cert.pem --tlskey ~/.docker/key.pem --tlscacert ~/.docker/ca.pem -l=debug --debug=true info FAILS
The error message indicates that it is trying to use the standard port (tcp://localhost:2376)

This leads me to believe that docker NEEDS to use TCP as opposed to the unix socket.