How to enable Docker API access from Windows running Docker Toolbox (docker machine)

@CarlosRafaelRamirez mentioned the right place, but I will add a few details and provide more detailed, step-by-step instructions, because Windows devs are often not fluent in Linux ecosystem.

Disclaimer: following steps make it possible to hit Docker Remote API from Windows host, but please keep in mind two things:

1. This should not be done in production as it makes Docker machine very not secure.
2. Current solution disables most of the docker-machine and all docker CLI functionality. docker-machine ssh remains operational, forcing one to SSH into docker machine to access docker commands.

SolutionNow, here are the steps necessary to switch Docker API to non-TLS port. (Docker machine name is assumed to be "default". If your machine name has a different name, you will need to specify it in the commands below.)

1. Start "Docker Quickstart Terminal". It starts Bash shell and is the place where all following commands will be run. Run docker-machine ip command and note the IP address of the docker host machine. Then do
2. docker-machine ssh
3. cd /var/lib/boot2docker
4. sudo vi profile This starts "vi" editor in elevated privileges mode required for editing "profile" file, where Docker host settings are. (If as a Windows user you are not familiar with vi, here's is super-basic crash course on it. When file is open in the vi, vi is not in editing mode. Press "i" to start edit mode. Now you can make changes. After you made all the changes, hit Esc and then ZZ to save changes and exit vi. If you need to exit vi without saving changes, after Esc please type :q! and hit Enter. ":" turns on vi's command mode, and "q!" command means exit without saving. Detailed vi command info is here.)
5. Using vi, change DOCKER_HOST to be DOCKER_HOST='-H tcp://0.0.0.0:2375', and set DOCKER_TLS=no. Save changes as described above.
6. exit to leave SSH session.
7. docker-machine restart

After doocker machine has restarted, your sould be able to hit docker API URL, like http://dokerMachineIp:2375/containers/json?all=1, and get valid JSON back.

This is the end of steps required to achieve the main goal.

However, if at this point you try to run docker-machine config or docker images, you will see an error message indicating that docker CLI client is trying to get to the Docker through the old port/TLS settings, which is understandable. What was not expected to me though, is that even after I followed all the Getting Started directions, and ran export DOCKER_HOST=tcp://192.168.99.101:2375 and export DOCKER_TLS_VERIFY=0, resulting in

$ env | grep DOCKERDOCKER_HOST=tcp://192.168.99.101:2375DOCKER_MACHINE_NAME=defaultDOCKER_TLS_VERIFY=0DOCKER_TOOLBOX_INSTALL_PATH=C:\Program Files\Docker ToolboxDOCKER_CERT_PATH=C:\Users\USERNAME\.docker\machine\machines\default

the result was the same:

$ docker-machine env

Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.99.101:2376"

If you see a problem with how I changed environment variables to point Docker CLI to the new Docker host address, please comment.

To work around this problem, use docker-machine ssh command and run your docker commands after that.

I encountered the same problem and thanks to @VladH made it working not changing any internal Docker profile properties. All you have to do is correctly define Windows local env variables (or configure maven plugin properties, if you use io.fabric8 docker-maven-plugin).

Note that 2375 port is used for non-TLS connections, and 2376 only for TLS connections.

DOCKER_HOST=tcp://192.168.99.100:2376DOCKER_TLS_VERIFY=0DOCKER_TOOLBOX_INSTALL_PATH=C:\Program Files\Docker ToolboxDOCKER_CERT_PATH=C:\Users\USERNAME\.docker\machine\machines\default