This repository was archived by the owner on Feb 16, 2025. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 122
Expand file tree
/
Copy pathdockerd.ini
More file actions
454 lines (359 loc) · 10.8 KB
/
dockerd.ini
File metadata and controls
454 lines (359 loc) · 10.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
[]
meta:/mountpoint = /dockerd/daemon.json
meta:/infos/plugins = yajl
[runtimes/_]
meta:/type = string
meta:/description = Additional OCI compatible runtime
meta:/example = custom
[runtimes/_/path]
meta:/type = string
meta:/description = The path to the OCI compatible runtime
meta:/example = /usr/local/bin/my-runc-replacement
[runtimes/_/runtimeArgs]
meta:/array/min = 0
meta:/description = List of runtime arguments for the OCI compatible runtime
meta:/example = --debug
[allow/nondistributable/artifacts]
meta:/array/min = 0
meta:/description = Allow push of nondistributable artifacts to registry (list)
[api/cors/header]
meta:/type = string
meta:/description = Set CORS headers in the Engine API
[authorization/plugins]
meta:/array/min = 0
meta:/description = Authorization plugins to load
[bip]
meta:/type = string
meta:/description = Specify network bridge IP
[bridge]
meta:/type = string
meta:/description = Attach containers to a network bridge
[cgroup/parent]
meta:/type = string
meta:/description = Set parent cgroup for all containers
[config/file]
meta:/type = string
meta:/description = Daemon configuration file
meta:/default = /etc/docker/daemon.json
[containerd]
meta:/type = string
meta:/description = containerd grpc address
[containerd/namespace]
meta:/type = string
meta:/description = Containerd namespace to use
meta:/default = moby
[containerd/plugins/namespace]
meta:/type = string
meta:/description = Containerd namespace to use for plugins
meta:/default = plugins.moby
[cpu-rt/period]
meta:/type = long
meta:/description = Limit the CPU real-time period in microseconds for the parent cgroup for all containers (not supported with cgroups v2)
[cpu-rt/runtime]
meta:/type = long
meta:/description = Limit the CPU real-time runtime in microseconds for the parent cgroup for all containers (not supported with cgroups v2)
[cri/containerd]
meta:/type = boolean
meta:/description = start containerd with cri
[data/root]
meta:/type = string
meta:/description = Root directory of persistent Docker state
meta:/default = /var/lib/docker
[debug]
meta:/type = boolean
meta:/description = Enable debug mode
[default/address/pools]
meta:/array/min = 0
meta:/description = Default address pools for node specific local networks (list)
[default/address/pools/#/base]
meta:/type = string
meta:/description = Ip address (ipv4) + subnet
meta:/example = 172.30.0.0/16
[default/address/pools/#/size]
meta:/type = short
meta:/description = Number of ip addresses in this pool with base
meta:/example = 24
[default/cgroupns/mode]
meta:/type = enum
meta:/description = Default mode for containers cgroup namespace
meta:/default = private
meta:/check/enum = #1
meta:/check/enum/#0 = host
meta:/check/enum/#1 = private
[default/gateway]
meta:/type = string
meta:/description = Container default gateway IPv4 address
[default/gateway/v6]
meta:/type = string
meta:/description = Container default gateway IPv6 address
[default/ipc/mode]
meta:/type = enum
meta:/description = Default mode for containers ipc
meta:/check/enum = #1
meta:/default = private
meta:/check/enum/#0 = shareable
meta:/check/enum/#1 = private
[default/runtime]
meta:/type = string
meta:/description = Default OCI runtime for containers
meta:/default = runc
[default/shm/size]
meta:/type = string
meta:/description = Default shm size for containers
meta:/default = 64MiB
[default/ulimits/_]
meta:/type = long
meta:/description = Default ulimits for containers
meta:/example = 64000
[default/ulimits/_/Hard]
meta:/type = string
meta:/description = Hard limit for ulimit
meta:/example = 64000
[default/ulimits/_/Name]
meta:/type = string
meta:/description = Name for the ulimit. Matches the globbing _ name in default/ulimits/_
meta:/example = nofile
[default/ulimits/_/Soft]
meta:/type = string
meta:/description = Soft limit for ulimit
[dns/_]
meta:/type = string
meta:/description = DNS server to use
[dns/opt/_]
meta:/type = string
meta:/description = DNS options to use
[dns/search/_]
meta:/type = string
meta:/description = DNS search domains to use
[exec/opt/_]
meta:/type = string
meta:/description = Runtime execution options
[exec/root/_]
meta:/type = string
meta:/description = Root directory for execution state files
meta:/default = /var/run/docker
[experimental]
meta:/type = boolean
meta:/description = Enable experimental features
meta:/default = 0
[fixed/cidr]
meta:/type = string
meta:/description = IPv4 subnet for fixed IPs
[fixed/cidr/v6]
meta:/type = string
meta:/description = IPv6 subnet for fixed IPs
[group]
meta:/type = string
meta:/description = Group for the unix socket
meta:/default = docker
[host/_]
meta:/type = string
meta:/description = Daemon socket(s) to connect to
[host/gateway/ip]
meta:/type = string
meta:/description = IP address that the special 'host-gateway' string in add-host resolves to. Defaults to the IP address of the default bridge.
[http/proxy]
meta:/type = string
meta:/description = HTTP proxy URL to use for outgoing traffic
[https/proxy]
meta:/type = string
meta:/description = HTTPS proxy URL to use for outgoing traffic
[icc]
meta:/type = boolean
meta:/description = Enable stringer-container communication
meta:/default = 1
[init]
meta:/type = boolean
meta:/description = Run an init in the container to forward signals and reap processes
meta:/default = 0
[init/path]
meta:/type = string
meta:/description = Path to the docker-init binary
[insecure/registries]
meta:/array/min = 0
meta:/description = Enable insecure registry communication by specifying the insecure-registries. (list)
[ip]
meta:/type = string
meta:/description = Default IP when binding container ports
meta:/default = 0.0.0.0
[ip/forward]
meta:/type = boolean
meta:/description = Enable net.ipv4.ip_forward
meta:/default = 1
[ip/masq]
meta:/type = boolean
meta:/description = Enable IP masquerading
meta:/default = 1
[iptables]
meta:/type = boolean
meta:/description = Enable addition of ip6tables rules
meta:/default = ß
[iptables]
meta:/type = boolean
meta:/description = Enable addition of iptables rules
meta:/default = 1
[ipv6]
meta:/type = boolean
meta:/description = Enable IPv6 networking
meta:/default = 0
[labels/_]
meta:/type = string
meta:/description = Set key=value labels to the daemon
[live/restore]
meta:/type = boolean
meta:/description = Enable live restore of docker when containers are still running
meta:/default = 0
[log/driver]
meta:/type = string
meta:/description = Default driver for container logs
meta:/default = json-file
[log/level]
meta:/type = enum
meta:/description = Set the logging level
meta:/check/enum = #4
meta:/check/enum/#0 = debug
meta:/check/enum/#1 = info
meta:/check/enum/#2 = warn
meta:/check/enum/#3 = error
meta:/check/enum/#4 = fatal
meta:/default = info
[log/opts/cache/disabled]
meta:/type = boolean
meta:/description = Log option to disable cache
meta:/example = 0
[log/opts/cache/max/file]
meta:/type = short
meta:/description = Log option to specify max file of cache
meta:/example = 4
[log/opts/cache/max/size]
meta:/type = string
meta:/description = Log option to specify max size of cache
meta:/example = 20m
[log/opts/cache/compress]
meta:/type = boolean
meta:/description = Log option to specify if cache needs to be compressed
meta:/example = 1
[log/opts/env]
meta:/type = string
meta:/description = Log option to specify environment of log file
meta:/example = os,customer
[log/opts/labels]
meta:/type = string
meta:/description = Log option to specify labels
meta:/example = labels
[log/opts/max/file]
meta:/type = string
meta:/description = Log option to specify max file
meta:/example = 4
[log/opts/max/size]
meta:/type = string
meta:/description = Log option to specify max size
meta:/example = 10m
[max/concurrent/downloads]
meta:/type = short
meta:/description = Set the max concurrent downloads
meta:/default = 3
[max/concurrent/uploads]
meta:/type = short
meta:/description = Set the max concurrent uploads
meta:/default = 5
[max/download/attempts]
meta:/type = short
meta:/description = Set the max download attempts for each pull
meta:/default = 5
[metrics/addr]
meta:/type = string
meta:/description = Set default address and port to serve the metrics api on
[mtu]
meta:/type = short
meta:/description = Set the containers network MTU
meta:/default = 1500
[network/control/plane/mtu]
meta:/type = short
meta:/description = Network Control plane MTU
meta:/default = 1500
[no/new/privileges]
meta:/type = boolean
meta:/description = Set no-new-privileges by default for new containers
meta:/default = false
[no/proxy]
meta:/type = string
meta:/description = List of hosts or IP addresses for which the proxy is skipped
meta:/array/min = 0
[node/generic/resource]
meta:/array/min = 0
meta:/description = List of advertise user-defined resources
meta:/example = NVIDIA-GPU=UUID1
[oom/score/adjust]
meta:/type = long
meta:/description = Set the oom_score_adj for the daemon
[pidfile]
meta:/type = string
meta:/description = Path to use for daemon PID file
meta:/default = /var/run/docker.pid
[raw/logs]
meta:/type = boolean
meta:/description = Full timestamps without ANSI coloring
meta:/default = 0
[registry/mirrors]
meta:/array/min = 0
meta:/description = List of preferred registry mirror
[rootless]
meta:/type = boolean
meta:/description = Enable rootless mode; typically used with RootlessKit
meta:/default = 0
[seccomp/profile]
meta:/type = string
meta:/description = Path to seccomp profile. Use "unconfined" to disable the default seccomp profile.
meta:/default = builtin
[selinux/enabled]
meta:/type = boolean
meta:/description = Enable selinux support
meta:/default = 0
[shutdown/timeout]
meta:/type = short
meta:/description = Set the default shutdown timeout
meta:/default = 15
[storage/driver]
meta:/type = string
meta:/description = Storage driver to use
[storage/opts]
meta:/array/min = 0
meta:/description = List of storage driver options
[swarm/default/advertise/addr]
meta:/type = string
meta:/description = Set default address or interface for swarm advertised address
[tls]
meta:/type = boolean
meta:/description = Use TLS; implied by tls/verify
meta:/default = 0
[tls/cacert]
meta:/type = string
meta:/description = Trust certs signed only by this CA
meta:/default = ~/.docker/ca.pem
[tls/cert]
meta:/type = string
meta:/description = Path to TLS certificate file
meta:/default = ~/.docker/cert.pem
[tls/key]
meta:/type = string
meta:/description = Path to TLS key file
meta:/default = ~/.docker/key.pem
[tls/verify]
meta:/type = boolean
meta:/description = Use TLS and verify the remote
meta:/default = 0
[userland/proxy]
meta:/type = boolean
meta:/description = Use userland proxy for loopback traffic
meta:/default = 1
[userland/proxy/path]
meta:/type = string
meta:/description = Path to the userland proxy binary
[userns/remap]
meta:/type = string
meta:/description = User/Group setting for user namespaces
[validate]
meta:/type = boolean
meta:/description = Validate daemon configuration and exit
meta:/default = 0