docker 的daem.json 和 key.json

最新推荐文章于 2024-01-17 17:54:10 发布

拙者

最新推荐文章于 2024-01-17 17:54:10 发布

阅读量1.1k

点赞数

分类专栏： docker

本文链接：https://blog.csdn.net/harry_haiwei/article/details/119280486

版权

docker 专栏收录该内容

1 篇文章 0 订阅

订阅专栏

daem.json 是docker的配置文件,默认安装docker后是没有的，可以手动创建

[root@localhost ~]$ vim /etc/docker/daemon.json
{
    "authorization-plugins": [],
    "data-root": "",   # 设置docker运行时的根目录
    "dns": [],         # 设置容器的DNS地址
    "dns-opts": [],    # 设置容器的/etc/resolv.conf文件
    "dns-search": [],
    "exec-opts": [],
    "exec-root": "",
    "experimental": false,
    "features": {},
    "storage-driver": "",
    "storage-opts": [],
    "labels": [],
    "live-restore": true,
    "log-driver": "json-file",
    "log-opts": {
        "max-size": "10m",
        "max-files":"5",
        "labels": "somelabel",
        "env": "os,customer"
    },
    "mtu": 0,
    "pidfile": "",    # 设置docker守护进程的PID文件
    "cluster-store": "", 
    "cluster-store-opts": {},
    "cluster-advertise": "",
    "max-concurrent-downloads": 3,
    "max-concurrent-uploads": 5,
    "default-shm-size": "64M",
    "shutdown-timeout": 15,
    "debug": true,    # 是否以debug模式启动docker
    "hosts": [],      # 设置容器的hosts
    "log-level": "",
    "tls": true,
    "tlsverify": true,
    "tlscacert": "",
    "tlscert": "",
    "tlskey": "",
    "swarm-default-advertise-addr": "",
    "api-cors-header": "",
    "selinux-enabled": false,    # 设置是否支持SELinux
    "userns-remap": "",
    "group": "",
    "cgroup-parent": "",
    "default-ulimits": {
        "nofile": {
            "Name": "nofile",
            "Hard": 64000,
            "Soft": 64000
        }
    },
    "init": false,
    "init-path": "/usr/libexec/docker-init",
    "ipv6": false,
    "iptables": false,
    "ip-forward": false,    
    "ip-masq": false,
    "userland-proxy": false,
    "userland-proxy-path": "/usr/libexec/docker-proxy",
    "ip": "0.0.0.0",
    "bridge": "",
    "bip": "",
    "fixed-cidr": "",
    "fixed-cidr-v6": "",
    "default-gateway": "",
    "default-gateway-v6": "",
    "icc": false,
    "raw-logs": false,
    "allow-nondistributable-artifacts": [],
    "registry-mirrors": [],       # 设置镜像加速地址
    "seccomp-profile": "",
    "insecure-registries": [],    # 设置docker的私有仓库地址
    "no-new-privileges": false,
    "default-runtime": "runc",
    "oom-score-adjust": -500,
    "node-generic-resources": ["NVIDIA-GPU=UUID1", "NVIDIA-GPU=UUID2"],
    "runtimes": {
        "cc-runtime": {
            "path": "/usr/bin/cc-runtime"
        },
        "custom": {
            "path": "/usr/local/bin/my-runc-replacement",
            "runtimeArgs": [
                "--debug"
            ]
        }
    },
    "default-address-pools":[{"base":"172.80.0.0/16","size":24},
    {"base":"172.90.0.0/16","size":24}]
}

key.json /etc/docker/daemon.json

这是 TLS 连接的 dockerd 密钥。

以 web 格式，该 docker 在连接到其他 TLS 服务器（如注册表）时使用。

它是由 docker 引擎在启动时自动生成的，因此删除没有风险。

您应该将其视为敏感的，因为使用公开密钥的 TLS 连接不安全。

拙者

关注

0
点赞
踩
2

收藏

觉得还不错? 一键收藏
0
评论
docker 的daem.json 和 key.json

daem.json是docker的配置文件,默认安装docker后是没有的，可以手动创建[root@localhost ~]$ vim /etc/docker/daemon.json{ "authorization-plugins": [], "data-root": "", # 设置docker运行时的根目录 "dns": [], # 设置容器的DNS地址 "dns-opts": [], # 设置容器的/etc/resolv.conf文件.
复制链接

扫一扫