layout: post
title: docker所支持的配置文件项目
date: 2018-04-20
tags: [“Docker”,”自动化运维工具”]
docker守护进程dockerd配置文档 https://docs.docker.com/engine/reference/commandline/dockerd/#daemon-configuration-file
Linux上配置文件的默认位置是/etc/docker/daemon.json。 —config-file标志可用于指定非默认位置。
- {
- "authorization-plugins": [],
- "data-root": "",
- "dns": [],
- "dns-opts": [],
- "dns-search": [],
- "exec-opts": [],
- "exec-root": "",
- "experimental": false,
- "storage-driver": "", #存储驱动:aufs、devicemapper、overlay、overlay2
- "storage-opts": [], #存储选项
- "labels": [],
- "live-restore": true,
- "log-driver": "", #日志存储驱动
- "log-opts": {}, #存储驱动选项
- "mtu": 0, #Ethernet最大协议传输单元(1500),在使用隧道技术的时候需要修改(Vxlan),因其在传输的过程中会再次添加一层首部封装,可能会超过1500限制。
- "pidfile": "",
- "cluster-store": "",
- "cluster-store-opts": {},
- "cluster-advertise": "",
- "max-concurrent-downloads": 3,
- "max-concurrent-uploads": 5,
- "default-shm-size": "64M",
- "shutdown-timeout": 15,
- "debug": true,
- "hosts": [], #docker自己所监听的地址和端口,默认使用的socket文件,/run/docker/docker.sock,连接远程客户端需要配置该项的监听地址与端口
- "log-level": "",
- "tls": true, #配置使用HTTPS
- "tlsverify": true,
- "tlscacert": "",
- "tlscert": "",
- "tlskey": "",
- "swarm-default-advertise-addr": "",
- "api-cors-header": "",
- "selinux-enabled": false,
- "userns-remap": "",
- "group": "",
- "cgroup-parent": "",
- "default-ulimits": {},
- "init": false,
- "init-path": "/usr/libexec/docker-init",
- "ipv6": false,
- "iptables": false, #配置是否默认启用
- "ip-forward": false, #配置是否允许转发
- "ip-masq": false, #配置是否使用伪装
- "userland-proxy": false,
- "userland-proxy-path": "/usr/libexec/docker-proxy",
- "ip": "0.0.0.0", #ip
- "bridge": "", #指定网桥名称
- "bip": "", #指定网桥地址,默认172.17.0.1/16
- "fixed-cidr": "", #接入桥默认的地址是什么
- "fixed-cidr-v6": "", #ipv6的
- "default-gateway": "", #默认网关地址
- "default-gateway-v6": "",
- "icc": false,
- "raw-logs": false,
- "allow-nondistributable-artifacts": [],
- "registry-mirrors": [], #指定镜像地址(否则部分镜像需要翻墙)
- "seccomp-profile": "",
- "insecure-registries": [], #不安全的registries,通常我们用在私有仓库。
- "no-new-privileges": false,
- "default-runtime": "runc", #容器运行环境(容器引擎),最开始是lxc、libcontainer、现在是runc(被google逼得)
- "oom-score-adjust": -500, #允许oom被杀死的分数
- "node-generic-resources": ["NVIDIA-GPU=UUID1", "NVIDIA-GPU=UUID2"],
- "runtimes": {
- "cc-runtime": { #runc的参数
- "path": "/usr/bin/cc-runtime"
- },
- "custom": { #runc的自定义参数
- "path": "/usr/local/bin/my-runc-replacement",
- "runtimeArgs": [
- "--debug"
- ]
- }
- }
- }
网络配置示例:
自定义docker0桥的网络属性信息:/etc/docker/daemon.json文件
- {
- "bip": "192.168.1.5/24", #网桥的地址
- "fixed-cidr": "10.20.0.0/16", #绑定的网段
- "fixed-cidr-v6": "2001:db8::/64",
- "mtu": 1500,
- "default-gateway": "10.20.1.1", #默认网关地址
- "default-gateway-v6": "2001:db8:abcd::89",
- "dns": ["10.20.1.2","10.20.1.3"] #dns地址
- }
远程主机管理配置示例:
- /etc/docker/daemon.json:
- {
- "hosts":["tcp://0.0.0.0:2375","unix:///var/run/docker.sock"]
- }
连接远程docker引擎,需要使用”-H”选项。
文档更新时间: 2020-03-27 13:42 作者:张尚
