VSCode remote Docker

Heya,

By default, Docker only listens to local connections for security. You’ll need to configure it to accept remote connections.

• Edit the Docker Daemon Configuration: Connect to your DigitalOcean droplet via SSH and Open the Docker daemon configuration file:

sudo nano /etc/docker/daemon.json

Add the following configuration, replacing YOUR_IP with your droplet’s IP address:

{
  "hosts": ["unix:///var/run/docker.sock", "tcp://0.0.0.0:2376"],
  "tls": true,
  "tlsverify": true,
  "tlscacert": "/etc/docker/certs/ca.pem",
  "tlscert": "/etc/docker/certs/server-cert.pem",
  "tlskey": "/etc/docker/certs/server-key.pem"
}

• • hosts: Tells Docker to listen on TCP port 2376.
  • tls and tlsverify: Enable TLS encryption and verification to secure the connection.

• Create and Install TLS Certificates: You’ll need to generate TLS certificates to securely connect to Docker remotely.

  On the droplet:

mkdir -p /etc/docker/certs
cd /etc/docker/certs
openssl genrsa -out ca-key.pem 4096
openssl req -new -x509 -days 365 -key ca-key.pem -sha256 -out ca.pem
openssl genrsa -out server-key.pem 4096
openssl req -subj "/CN=YOUR_IP" -sha256 -new -key server-key.pem -out server.csr
openssl x509 -req -days 365 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out server-cert.pem

after that restart Docker

sudo systemctl restart docker

2. Install Docker Desktop and Configure for Remote Connection

• Configure Docker Desktop: Open Docker Desktop on Windows.
• Settings > General: Enable Expose daemon on tcp://localhost:2375 without TLS.
• Settings > Resources > WSL Integration: Make sure Docker is integrated with your WSL 2 distributions.

3. Configure VSCode for Remote Docker Development

• Install the Remote - Containers and Docker extensions in VSCode.
• Open the Command Palette (Ctrl+Shift+P), then select Remote-Containers: Attach to Running Container.

4. Connect to Docker Desktop from VSCode

Now, in VSCode, open the Docker extension and select Connect to Host using the IP of your droplet with port 2376. With Docker Desktop configured for remote development, you can seamlessly work with containers on your DigitalOcean server while managing from your local machine.

Let me know if you’d like help with further configurations or any troubleshooting tips!

Heya,

The instructions for the setup are pretty much covered by KFSys. Here are some important topics to note as well.

Docker Desktop on WSL2 offers native Docker support for a seamless experience on Windows. You can develop locally on Docker Desktop and only push containers to the droplet when needed. This approach keeps development fast and responsive, with the option to deploy easily on your DigitalOcean instance.

You can use TLS to encrypt connections to the Docker API. This requires creating certificates for the Docker daemon and configuring Docker Desktop and VSCode to use these certificates. This setup keeps your connection secure but adds a bit of complexity to the initial configuration.

Rather than exposing the Docker API on an open port, set up an SSH tunnel. You can create an SSH connection from your local machine to your droplet and then connect VSCode and Docker Desktop through this tunnel. This keeps Docker accessible only to your local machine, reducing exposure risks.

For example, you can create an SSH tunnel like this on your Windows machine:

ssh -L 2375:localhost:2375 root@your_droplet_ip

Then, in VSCode or Docker Desktop, point to tcp://localhost:2375.

Regards

Hey!

Yep, that is doable. You would need to first set up remote access for Docker daemon on your Droplet as described here:

https://docs.docker.com/engine/daemon/remote-access/

Here is a quick overview of what you need to do:

Install Docker

• You can use the 1-Click Docker Droplet from the DigitalOcean Marketplace:

https://marketplace.digitalocean.com/apps/docker

• Or follow the steps here on how to install Docker on Ubuntu manually:

https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-20-04

Configure Docker for Remote Access on the Droplet

• Edit Docker’s configuration file to allow remote connections:

  sudo nano /etc/docker/daemon.json
  

• Add the following JSON configuration, replacing <your_droplet_ip> with the Droplet’s IP address:

  {
    "hosts": ["tcp://0.0.0.0:2375", "unix:///var/run/docker.sock"]
  }
  

• Restart Docker to apply changes:

  sudo systemctl restart docker
  

Note: By enabling remote access over TCP, your Docker server is open to anyone with your IP and port 2375. You should use a firewall or SSH tunneling to secure the connection. Here’s how to set up a firewall on DigitalOcean and close port 2375 for public access and only allow your IP:

https://docs.digitalocean.com/products/networking/firewalls/

Install VS Code Remote - Containers Extension

• In VS Code, install the Remote - Containers extension from the Extensions Marketplace. This extension lets you work with containers on a remote server.

Configure Docker CLI in WSL2 for Remote Docker Host

• Open your .bashrc or .zshrc in WSL2 and add this line to point Docker commands to your remote server:

  export DOCKER_HOST=tcp://<your_droplet_ip>:2375
  

• Restart your WSL2 session or source the file to apply:

  source ~/.bashrc
  

Use Docker Desktop with Remote Server

• Open Docker Desktop, go to Settings > Docker Engine, and add the remote host configuration:

  {
    "hosts": ["tcp://<your_droplet_ip>:2375"]
  }
  

• Save and restart Docker Desktop. Now, Docker Desktop will point to your DigitalOcean Droplet, allowing you to manage containers remotely from Windows.

This setup allows VS Code and Docker Desktop to communicate with the remote Docker instance on your DigitalOcean Droplet for containerized development.

Make sure to secure the Docker socket, especially if using it over the internet, by setting up a firewall or considering SSH tunneling for added security!

- Bobby