Docker daemon配置

配置Docker daemon 官网推荐方法是修改daemon.json文件，默认位于/etc/docker/目录下 默认情况下该文件是空的。 下面是所有的在linux中可支持的配置 { "authorization-plugins": [], "data-root": "", "dns": [], "dns-opts": [], "dns-search": [], "exec-opts": [], "exec-root": "", "experimental": false, "storage-driver": "", "storage-opts": [], "labels": [], "live-restore": true, "log-driver": "", "log-opts": {}, "mtu": 0, "pidfile": "", "cluster-store": "", "cluster-store-opts": {}, "cluster-advertise": "", "max-concurrent-downloads": 3, "max-concurrent-uploads": 5, "default-shm-size": "64M", "shutdown-timeout": 15, "debug": true, "hosts": [], "log-level": "", "tls": true, "tlsverify": true, "tlscacert": "", "tlscert": "", "tlskey": "", "swarm-default-advertise-addr": "", "api-cors-header": "", "selinux-enabled": false, "userns-remap": "", "group": "", "cgroup-parent": "", "default-ulimits": {}, "init": false, "init-path": "/usr/libexec/docker-init", "ipv6": false, "iptables": false, "ip-forward": false, "ip-masq": false, "userland-proxy": false, "userland-proxy-path": "/usr/libexec/docker-proxy", "ip": "0.0.0.0", "bridge": "", "bip": "", "fixed-cidr": "", "fixed-cidr-v6": "", "default-gateway": "", "default-gateway-v6": "", "icc": false, "raw-logs": false, "allow-nondistributable-artifacts": [], "registry-mirrors": [], "seccomp-profile": "", "insecure-registries": [], "disable-legacy-registry": false, "no-new-privileges": false, "default-runtime": "runc", "oom-score-adjust": -500, "runtimes": { "runc": { "path": "runc" }, "custom": { "path": "/usr/local/bin/my-runc-replacement", "runtimeArgs": [ "--debug" ] } } }

如果启动时使用了上述配置中的某一项那么在该配置文件中不要再重复使用。 可平滑重启的配置选项： • debug: it changes the daemon to debug mode when set to true. • cluster-store: it reloads the discovery store with the new address. • cluster-store-opts: it uses the new options to reload the discovery store. • cluster-advertise: it modifies the address advertised after reloading. • labels: it replaces the daemon labels with a new set of labels. • live-restore: Enables keeping containers alive during daemon downtime. • max-concurrent-downloads: it updates the max concurrent downloads for each pull. • max-concurrent-uploads: it updates the max concurrent uploads for each push. • default-runtime: it updates the runtime to be used if not is specified at container creation. It defaults to “default” which is the runtime shipped with the official docker packages. • runtimes: it updates the list of available OCI runtimes that can be used to run containers • authorization-plugin: specifies the authorization plugins to use. • allow-nondistributable-artifacts: Replaces the set of registries to which the daemon will push nondistributable artifacts with a new set of registries. • insecure-registries: it replaces the daemon insecure registries with a new set of insecure registries. If some existing insecure registries in daemon’s configuration are not in newly reloaded insecure resgitries, these existing ones will be removed from daemon’s config. • registry-mirrors: it replaces the daemon registry mirrors with a new set of registry mirrors. If some existing registry mirrors in daemon’s configuration are not in newly reloaded registry mirrors, these existing ones will be removed from daemon’s config. 注意：官网对上述的可reconfigured的options，有如下说明： Updating and reloading the cluster configurations such as --cluster-store, --cluster-advertise and --cluster-store-opts will take effect only if these configurations were not previously configured. If --cluster-store has been provided in flags and cluster-advertise not, cluster-advertise can be added in the configuration file without accompanied by --cluster-store. Configuration reload will log a warning message if it detects a change in previously configured cluster configurations. 除了上述中在配置文件中修改启动项，也可以通过命令加参数直接启动 如下（启动一个没有网络的Docker daemon）： dockerd
-H unix:///var/run/docker-bootstrap.sock
-p /var/run/docker-bootstrap.pid
--iptables=false
--ip-masq=false
--bridge=none
--data-root=/var/lib/docker-bootstrap
--exec-root=/var/run/docker-bootstrap 关于启动项的配置：由于有些参数并不能完全成功（在有些场景中），但是目前还在开发解决中（这一点需要注意）