How to connect to Docker API from another machine?

Question

I'm trying to use the Docker API to connect to docker daemon from another machine. I am able to do this command successfully:

docker -H=tcp://127.0.0.1:4243 images 

But NOT when I use the real IP address:

docker -H=tcp://192.168.2.123:4243 images 2013/08/04 01:35:53 dial tcp 192.168.2.123:4243: connection refused 

Why can't I connect when using a non-local IP?

I'm using a Vagrant VM with the following in Vagrantfile: config.vm.network :private_network, ip: "192.168.2.123"

The following is iptables:

# Generated by iptables-save v1.4.12 on Sun Aug  4 01:24:46 2013 *filter :INPUT ACCEPT [1974:252013] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1511:932565] -A INPUT -p tcp -m tcp --dport 4243 -j ACCEPT COMMIT # Completed on Sun Aug  4 01:24:46 2013 # Generated by iptables-save v1.4.12 on Sun Aug  4 01:24:46 2013 *nat :PREROUTING ACCEPT [118:8562] :INPUT ACCEPT [91:6204] :OUTPUT ACCEPT [102:7211] :POSTROUTING ACCEPT [102:7211] :DOCKER - [0:0] -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER -A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER -A POSTROUTING -s 172.16.42.0/24 ! -d 172.16.42.0/24 -j MASQUERADE 

Answer 1

Came across a similar issue, one thing I don't see mentioned here is you need to start docker to listen to both the network and a unix socket. All regular docker (command-line) commands on the host assume the socket.

sudo docker -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock -d & 

will start docker listening to any ip address on your host, as well as the typical unix socket.