The dind daemon entrypoint script should support generating TLS keys for the daemon and the clients, and set appropriate dockerd flags when an environment variable like DIND_TLS_SAN is specified.
e.g.
$ docker run -d --privileged --name some-docker -e DIND_TLS_SAN=DNS:docker,DNS:localhost docker:dind
$ docker cp some-docker:/certs/for-client ./certs-for-client
$ docker run --rm --link some-docker:docker -v $(pwd)/certs-for-client:/root/.docker -e DOCKER_HOST=tcp://docker:2376 docker info
The dind daemon entrypoint script should support generating TLS keys for the daemon and the clients, and set appropriate dockerd flags when an environment variable like
DIND_TLS_SANis specified.e.g.