“host(s)” flag doesn't work in daemon.json, but work fine in dockerd -H

[Eroyi]

For Portainer's remote endpoint access freture.
on Ver 18.09 in CentOS 7.5, If I run
dockerd -H unix:///var/run/docker.sock -H tcp://0.0.0.0:2375 &
The log shows

INFO[2018-12-03T16:39:20.721535513+08:00] API listen on [::]:2375                      
INFO[2018-12-03T16:39:20.721559701+08:00] API listen on /var/run/docker.sock 

The whole connection work just fine, can be telnet, and can be access by Portainer.

But, if I configure /etc/docker/daemon.json with
{ "host": ["tcp://0.0.0.0:2375"],"host": ["unix:///var/run/docker.sock"] }
or some other similar way, the log shows

localhost.localdomain dockerd[10349]: time="2018-12-03T16:47:00.735319699+08:00" level=info msg="API listen on /var/run/docker.sock"

the port is missing in log yes, and the port is also dead.

So is there any way to make this configuration right with daemon.json?

[Eroyi]

Okay, problem solve.
The default docker.service script contain these argument:

ExecStart=/usr/bin/dockerd -H

That's why the daemon.json doesn't work, because these broken argument, the "host(s)" config in "daemon.json" cannot work properly, just delete the "-H" and restart.

And for the reply: @olljanat

@Civarey Can you share why you would like enable unencrypted and unsecure TCP port to Docker engine? Portainer works just fine with default docker socket.

I got multiple docker instance in LAN, its too inconvenient and unnecessary to SSL everything,

[olljanat]

I got multiple docker instance in LAN, its too inconvenient and unnecessary to SSL everything,

I highly recommend that you check Portainer agent deployment ( https://portainer.readthedocs.io/en/stable/agent.html ) which allow you to connect multiple docker nodes to one Portainer without enabling TCP port to Docker daemon.

[thaJeztah]

Closing because of age. Also might be a duplicate / closely related to #25471