BestHub
Sign in
Cloud Native 6 min read

Using a Remote Docker Service Without Adding the -H Parameter

This tutorial explains how to configure Docker on a Kubernetes node to transparently use a remote Docker daemon by modifying the systemd service, creating a custom Docker image with helper scripts, and committing it, so users can run Docker commands without explicitly specifying the remote host.

360 Quality & Efficiency
360 Quality & Efficiency
360 Quality & Efficiency
Using a Remote Docker Service Without Adding the -H Parameter

In Kubernetes clusters, using the node's local Docker daemon can quickly fill disk space with abandoned images and expose the cluster to risky operations; therefore, separating Docker services by using a remote Docker daemon is recommended.

The article shows how to make Docker automatically connect to a remote daemon without requiring users to add the -H flag each time, by adjusting the Docker systemd unit.

First, edit /lib/systemd/system/docker.service and replace the ExecStart line with:

ExecStart=/usr/bin/dockerd -H unix://var/run/docker.sock -H tcp://0.0.0.0:2375

Then reload the daemon and restart Docker: systemctl daemon-reload<br/>service docker restart Next, build a base image (e.g., CentOS or Ubuntu) that already has Docker installed, or create one via a Dockerfile. Inside a container created from this image, add three helper files to /usr/bin: /usr/bin/docker-client – a wrapper that appends -H 192.168.0.58 (the remote Docker IP) to every Docker command. /usr/bin/docker-entrypoint.sh – a script that rewrites Docker sub‑commands so they are executed against the remote daemon transparently.

The original Docker client binary.

Example of the docker-client wrapper: /usr/bin/docker-client -H 192.168.0.58 $@ Example of docker-entrypoint.sh (truncated for brevity):

#!/bin/sh
set -e
if [ "${1#-}" != "$1" ]; then
  set -- docker "$@"
fi
if docker help "$1" > /dev/null 2>&1; then
  set -- docker "$@"
fi
if [ -z "$DOCKER_HOST" -a "$DOCKER_PORT_2375_TCP" ]; then
  export DOCKER_HOST='tcp://docker:2375'
fi
exec "$@"

After placing these files, exit the container and commit it as a new image:

docker commit -a "peishunwu" -m "add docker and tools" d5884406725a dockerubuntu

Verify the new image with docker images. When a container is launched from this image, any Docker command runs against the remote Docker server (e.g., 192.168.0.58) without the user noticing, thereby protecting the cluster’s security and stability while allowing independent configuration of the remote daemon.

In summary, this method provides a seamless, user‑transparent way to use a remote Docker service, improving isolation and manageability in container‑orchestrated environments.

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

ContainerImagescriptsystemdremote-docker
360 Quality & Efficiency
Written by

360 Quality & Efficiency

360 Quality & Efficiency focuses on seamlessly integrating quality and efficiency in R&D, sharing 360’s internal best practices with industry peers to foster collaboration among Chinese enterprises and drive greater efficiency value.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment