码迷,mamicode.com
首页 > Web开发 > 详细

Docker daemon.json 的配置项目合集

时间:2019-09-01 12:25:14      阅读:221      评论:0      收藏:0      [点我收藏+]

标签:evel   some   守护   tom   docker   search   mirrors   userland   secure   

这几天看了一点docker相关的东西, 在学习中:

看了下园友的blog 感觉很好 这里 学习一下.
https://www.cnblogs.com/pzk7788/p/10180197.html

其实也可以从 systemd 里面的 docker.service 进行修改 来处理

但是 docker/daemon 的处理更完善一下 也更安全.

 vim /etc/docker/daemon.json
{
    "authorization-plugins": [],
    "data-root": "",   # 设置docker运行时的根目录
    "dns": [],         # 设置容器的DNS地址
    "dns-opts": [],    # 设置容器的/etc/resolv.conf文件
    "dns-search": [],
    "exec-opts": [],
    "exec-root": "",
    "experimental": false,
    "features": {},
    "storage-driver": "",
    "storage-opts": [],
    "labels": [],
    "live-restore": true,
    "log-driver": "json-file",  
    "log-opts": {
        "max-size": "10m",
        "max-files":"5",
        "labels": "somelabel",
        "env": "os,customer"
    },               # 定义logfile的大小以及限制等
    "mtu": 0,
    "pidfile": "",    # 设置docker守护进程的PID文件
    "cluster-store": "", 
    "cluster-store-opts": {},
    "cluster-advertise": "",
    "max-concurrent-downloads": 3,
    "max-concurrent-uploads": 5,
    "default-shm-size": "64M",
    "shutdown-timeout": 15,
    "debug": true,    # 是否以debug模式启动docker
    "hosts": [],      # 设置容器的hosts
    "log-level": "",
    "tls": true,
    "tlsverify": true,
    "tlscacert": "",
    "tlscert": "",
    "tlskey": "",
    "swarm-default-advertise-addr": "",
    "api-cors-header": "",
    "selinux-enabled": false,    # 设置是否支持SELinux
    "userns-remap": "",
    "group": "",
    "cgroup-parent": "",
    "default-ulimits": {
        "nofile": {
            "Name": "nofile",
            "Hard": 64000,
            "Soft": 64000
        }
    },
    "init": false,
    "init-path": "/usr/libexec/docker-init",
    "ipv6": false,
    "iptables": false,
    "ip-forward": false,    
    "ip-masq": false,
    "userland-proxy": false,
    "userland-proxy-path": "/usr/libexec/docker-proxy",
    "ip": "0.0.0.0",
    "bridge": "",
    "bip": "",
    "fixed-cidr": "",
    "fixed-cidr-v6": "",
    "default-gateway": "",
    "default-gateway-v6": "",
    "icc": false,
    "raw-logs": false,
    "allow-nondistributable-artifacts": [],
    "registry-mirrors": [],       # 设置镜像加速地址  这里面需要设置是https
    "seccomp-profile": "",
    "insecure-registries": [],    # 设置docker的私有仓库地址  可以不是https的 
    "no-new-privileges": false,
    "default-runtime": "runc",
    "oom-score-adjust": -500,
    "node-generic-resources": ["NVIDIA-GPU=UUID1", "NVIDIA-GPU=UUID2"],
    "runtimes": {
        "cc-runtime": {
            "path": "/usr/bin/cc-runtime"
        },
        "custom": {
            "path": "/usr/local/bin/my-runc-replacement",
            "runtimeArgs": [
                "--debug"
            ]
        }
    },
    "default-address-pools":[{"base":"172.80.0.0/16","size":24},
    {"base":"172.90.0.0/16","size":24}]
}

 

Docker daemon.json 的配置项目合集

标签:evel   some   守护   tom   docker   search   mirrors   userland   secure   

原文地址:https://www.cnblogs.com/jinanxiaolaohu/p/11429614.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!