|
|
@@ -1108,6 +1108,7 @@ The following daemon options must be configured for each daemon:
|
|
|
-g, --graph=/var/lib/docker Root of the Docker runtime
|
|
|
-p, --pidfile=/var/run/docker.pid Path to use for daemon PID file
|
|
|
-H, --host=[] Daemon socket(s) to connect to
|
|
|
+--iptables=true Enable addition of iptables rules
|
|
|
--config-file=/etc/docker/daemon.json Daemon configuration file
|
|
|
--tlscacert="~/.docker/ca.pem" Trust certs signed only by this CA
|
|
|
--tlscert="~/.docker/cert.pem" Path to TLS certificate file
|
|
|
@@ -1126,6 +1127,10 @@ set this parameter separately for each daemon.
|
|
|
- `-p, --pidfile=/var/run/docker.pid` is the path where the process ID of the daemon is stored. Specify the path for your
|
|
|
pid file here.
|
|
|
- `--host=[]` specifies where the Docker daemon will listen for client connections. If unspecified, it defaults to `/var/run/docker.sock`.
|
|
|
+- `--iptables=false` prevents the Docker daemon from adding iptables rules. If
|
|
|
+ multiple daemons manage iptables rules, they may overwrite rules set by
|
|
|
+ another daemon. Be aware that disabling this option requires you to manually
|
|
|
+ add iptables rules to expose container ports.
|
|
|
- `--config-file=/etc/docker/daemon.json` is the path where configuration file is stored. You can use it instead of
|
|
|
daemon flags. Specify the path for each daemon.
|
|
|
- `--tls*` Docker daemon supports `--tlsverify` mode that enforces encrypted and authenticated remote connections.
|
Sebastiaan van Stijn