Remote Docker Management: Time to Ditch Manual Methods
Previously, every time I needed to check a container on a VPS, I had to perform a repetitive series of steps. First, open the Terminal, type ssh root@ip-server, enter the password, and only then could I run the docker ps command. This process became increasingly tedious as the number of servers grew beyond five.
Hopping between multiple SSH windows makes it very easy to get confused. I once intended to stop a container on a test server but accidentally typed it into the production server because I wasn’t paying attention to the command prompt. This is a critical mistake that many DevOps engineers have encountered.
Many people choose to open Docker API ports (2375 or 2376) for faster remote connections. However, if you forget to configure TLS, scanning tools like Shodan will find your server within minutes. Once exposed, the server can easily be hijacked for crypto mining. Docker Context is the perfect alternative, allowing you to control the Docker Engine via SSH with absolute security.
After six months of using Docker Context, I’ve noticed a significant increase in productivity. I save about 15-20 minutes a day on manual login tasks. The most interesting part is the ability to deploy a docker-compose.yml file directly from my personal machine to a VPS without using SCP or running a Git pull on the server.
Environment Setup
To get started, your local machine and server need to meet a few basic requirements. Most modern systems already support these components out of the box.
1. Install Docker Locally
Your personal computer (Windows, macOS, or Linux) must have Docker installed. Check your current version using the command:
docker version2. Set up SSH Keys (Required)
Docker Context works best when you use SSH Keys for automatic login. If you don’t have an SSH Key yet, create a new one and push it to the server using the following commands:
# Generate a new key
ssh-keygen -t ed25519
# Push the key to the server (replace 1.2.3.4 with your server IP)
ssh-copy-id [email protected]The goal is to be able to access the server using the command ssh [email protected] without being prompted for a password.
Detailed Docker Context Configuration
By default, the docker command uses a context named default which points to your local machine. We will create new contexts to represent remote servers.
Initialize Context via SSH
Suppose I have a VPS running a staging environment at IP 1.2.3.4. I will name this context staging-server:
docker context create staging-server --docker "host=ssh://[email protected]" --description "Staging Server"For the Production server, perform the same step with the corresponding IP:
docker context create prod-server --docker "host=ssh://[email protected]" --description "Production Server"Manage Context List
To check your configured environments, use the command:
docker context lsThe system will display a list. An asterisk (*) next to a row indicates that the context is currently active.
Switching Fluidly Between Environments
This is the most valuable feature. To switch control from your local machine to the staging server, simply type:
docker context use staging-serverImmediately, every docker ps or docker logs command you type will execute directly on the remote server. The experience is as smooth and consistent as working on your local machine.
Practical Tips and Security Considerations
Working with Docker Context requires a bit of finesse to avoid mistakes and optimize speed.
Monitoring and Debugging Tips
When I need to check detailed responses from the Docker API, I often use the inspect command. If the JSON output is too long, I use toolcraft.app/en/tools/developer/json-formatter to reformat it for easier reading. Command to get detailed info:
docker context inspect staging-serverRemote Docker Compose Deployment
Docker Compose supports Context exceptionally well. You don’t need to install Docker Compose on the target server. Simply stay on your local machine, switch to the desired context, and run:
docker-compose up -dDocker will automatically package the instructions and send them over SSH. This makes manual CI/CD processes much more professional.
Important Considerations
- Permissions: Use a user belonging to the
dockergroup instead ofrootto minimize security risks. - Latency: Since data travels over SSH, commands may be 1-2 seconds slower if the server is very far away (e.g., connecting from Vietnam to the US).
- Avoid Confusion: You should configure your Terminal to display the current context name directly in the command prompt. This ensures you always know whether you are operating on Staging or Production.
Switching Back to the Local Environment
After finishing work on the server, don’t forget to switch back to your local machine to avoid accidentally running test containers on the live server:
docker context use defaultUsing Docker Context instead of old methods has made my system management much cleaner. Instead of opening dozens of SSH windows, I now only need a single terminal to coordinate all Docker nodes. If you are managing two or more servers, try setting it up today.
