• Docker daemon.json 的配置项目合集


    这几天看了一点docker相关的东西, 在学习中:

    看了下园友的blog 感觉很好 这里 学习一下.
    https://www.cnblogs.com/pzk7788/p/10180197.html

    其实也可以从 systemd 里面的 docker.service 进行修改 来处理

    但是 docker/daemon 的处理更完善一下 也更安全.

     vim /etc/docker/daemon.json
    {
        "authorization-plugins": [],
        "data-root": "",   # 设置docker运行时的根目录
        "dns": [],         # 设置容器的DNS地址
        "dns-opts": [],    # 设置容器的/etc/resolv.conf文件
        "dns-search": [],
        "exec-opts": [],
        "exec-root": "",
        "experimental": false,
        "features": {},
        "storage-driver": "",
        "storage-opts": [],
        "labels": [],
        "live-restore": true,
        "log-driver": "json-file",  
        "log-opts": {
            "max-size": "10m",
            "max-files":"5",
            "labels": "somelabel",
            "env": "os,customer"
        },               # 定义logfile的大小以及限制等
        "mtu": 0,
        "pidfile": "",    # 设置docker守护进程的PID文件
        "cluster-store": "", 
        "cluster-store-opts": {},
        "cluster-advertise": "",
        "max-concurrent-downloads": 3,
        "max-concurrent-uploads": 5,
        "default-shm-size": "64M",
        "shutdown-timeout": 15,
        "debug": true,    # 是否以debug模式启动docker
        "hosts": [],      # 设置容器的hosts
        "log-level": "",
        "tls": true,
        "tlsverify": true,
        "tlscacert": "",
        "tlscert": "",
        "tlskey": "",
        "swarm-default-advertise-addr": "",
        "api-cors-header": "",
        "selinux-enabled": false,    # 设置是否支持SELinux
        "userns-remap": "",
        "group": "",
        "cgroup-parent": "",
        "default-ulimits": {
            "nofile": {
                "Name": "nofile",
                "Hard": 64000,
                "Soft": 64000
            }
        },
        "init": false,
        "init-path": "/usr/libexec/docker-init",
        "ipv6": false,
        "iptables": false,
        "ip-forward": false,    
        "ip-masq": false,
        "userland-proxy": false,
        "userland-proxy-path": "/usr/libexec/docker-proxy",
        "ip": "0.0.0.0",
        "bridge": "",
        "bip": "",
        "fixed-cidr": "",
        "fixed-cidr-v6": "",
        "default-gateway": "",
        "default-gateway-v6": "",
        "icc": false,
        "raw-logs": false,
        "allow-nondistributable-artifacts": [],
        "registry-mirrors": [],       # 设置镜像加速地址  这里面需要设置是https
        "seccomp-profile": "",
        "insecure-registries": [],    # 设置docker的私有仓库地址  可以不是https的 
        "no-new-privileges": false,
        "default-runtime": "runc",
        "oom-score-adjust": -500,
        "node-generic-resources": ["NVIDIA-GPU=UUID1", "NVIDIA-GPU=UUID2"],
        "runtimes": {
            "cc-runtime": {
                "path": "/usr/bin/cc-runtime"
            },
            "custom": {
                "path": "/usr/local/bin/my-runc-replacement",
                "runtimeArgs": [
                    "--debug"
                ]
            }
        },
        "default-address-pools":[{"base":"172.80.0.0/16","size":24},
        {"base":"172.90.0.0/16","size":24}]
    }
  • 相关阅读:
    jQuery火箭图标返回顶部代码
    jQuery火箭图标返回顶部代码
    jQuery火箭图标返回顶部代码
    redis被攻击,怎么预防
    Redis3.2.12单节点安装
    Linux安装Redis、后台运行、系统自启动
    Redis 密码设置和查看密码
    Redis protected-mode属性解读
    SpringCloud(9)----mysql实现配置中心
    SpringCloud(8)----zuul权限校验、接口限流
  • 原文地址:https://www.cnblogs.com/jinanxiaolaohu/p/11429614.html
Copyright © 2020-2023  润新知