✦ For everyone, free.

Practical knowledge for real and everyday life

Home

11.3.2.4 Daemon Context Control

A focused guide to Daemon Context Control, connecting core concepts with practical Docker and container operations.

Daemon context control refers to Docker's context mechanism, which allows the docker CLI to be configured to target a specific, named daemon endpoint, providing a controlled, explicit way to manage connections to multiple daemons (local and remote) without manually reconfiguring connection details each time.

Creating and Switching Between Contexts

A context bundles together the connection details for a specific daemon, switchable by name.

docker context create remote-prod --docker "host=ssh://user@prod-host"
docker context use remote-prod

Subsequent docker commands now target this remote daemon, until the context is switched again.

Why Explicit Context Switching Is Safer Than Ad Hoc Connection Flags

Using a named, deliberately created context makes it clear and explicit which daemon a given command will actually affect, reducing the risk of accidentally running a command against the wrong daemon due to a forgotten or misremembered connection flag.

docker context ls

default        *
remote-prod

Reviewing the current context before running a potentially impactful command helps avoid this kind of accidental misdirection.

Using SSH-Based Contexts to Avoid Direct Network Exposure

A context using SSH for its connection avoids the need to expose the daemon's API directly over the network at all, relying instead on SSH's own established security model.

docker context create remote-host --docker "host=ssh://user@remote-host"

This approach sidesteps the need for separately configured TLS-based daemon network exposure, relying on SSH's authentication and encryption instead.

Removing a Context No Longer Needed

Cleaning up contexts no longer in use keeps the available context list accurate and reduces the risk of accidentally targeting a stale or decommissioned daemon.

docker context rm old-remote-host
Why Daemon Context Control Matters

Docker's context mechanism provides a controlled, explicit way to manage connections to multiple daemons, reducing the risk of accidental misdirection and, when used with an SSH-based connection, avoiding the need for direct network-level daemon exposure altogether.

Related content