|
|
@@ -49,7 +49,7 @@ weight=1
|
|
|
--log-driver="json-file" Default driver for container logs
|
|
|
--log-opt=[] Log driver specific options
|
|
|
--mtu=0 Set the containers network MTU
|
|
|
- --no-legacy-registry=false Do not contact legacy registries
|
|
|
+ --disable-legacy-registry=false Do not contact legacy registries
|
|
|
-p, --pidfile="/var/run/docker.pid" Path to use for daemon PID file
|
|
|
--registry-mirror=[] Preferred Docker registry mirror
|
|
|
-s, --storage-driver="" Storage driver to use
|
|
|
@@ -187,7 +187,7 @@ options for `zfs` start with `zfs`.
|
|
|
|
|
|
If using a block device for device mapper storage, it is best to use `lvm`
|
|
|
to create and manage the thin-pool volume. This volume is then handed to Docker
|
|
|
- to exclusively create snapshot volumes needed for images and containers.
|
|
|
+ to exclusively create snapshot volumes needed for images and containers.
|
|
|
|
|
|
Managing the thin-pool outside of Docker makes for the most feature-rich
|
|
|
method of having Docker utilize device mapper thin provisioning as the
|
|
|
@@ -198,7 +198,7 @@ options for `zfs` start with `zfs`.
|
|
|
|
|
|
As a fallback if no thin pool is provided, loopback files will be
|
|
|
created. Loopback is very slow, but can be used without any
|
|
|
- pre-configuration of storage. It is strongly recommended that you do
|
|
|
+ pre-configuration of storage. It is strongly recommended that you do
|
|
|
not use loopback in production. Ensure your Docker daemon has a
|
|
|
`--storage-opt dm.thinpooldev` argument provided.
|
|
|
|
|
|
@@ -229,7 +229,7 @@ options for `zfs` start with `zfs`.
|
|
|
* `dm.loopdatasize`
|
|
|
|
|
|
>**Note**: This option configures devicemapper loopback, which should not be used in production.
|
|
|
-
|
|
|
+
|
|
|
Specifies the size to use when creating the loopback file for the
|
|
|
"data" device which is used for the thin pool. The default size is
|
|
|
100G. The file is sparse, so it will not initially take up this
|
|
|
@@ -453,14 +453,14 @@ automatically marked as insecure as of Docker 1.3.2. It is not recommended to
|
|
|
rely on this, as it may change in the future.
|
|
|
|
|
|
Enabling `--insecure-registry`, i.e., allowing un-encrypted and/or untrusted
|
|
|
-communication, can be useful when running a local registry. However,
|
|
|
+communication, can be useful when running a local registry. However,
|
|
|
because its use creates security vulnerabilities it should ONLY be enabled for
|
|
|
-testing purposes. For increased security, users should add their CA to their
|
|
|
+testing purposes. For increased security, users should add their CA to their
|
|
|
system's list of trusted CAs instead of enabling `--insecure-registry`.
|
|
|
|
|
|
## Legacy Registries
|
|
|
|
|
|
-Enabling `--no-legacy-registry` forces a docker daemon to only interact with registries which support the V2 protocol. Specifically, the daemon will not attempt `push`, `pull` and `login` to v1 registries. The exception to this is `search` which can still be performed on v1 registries.
|
|
|
+Enabling `--disable-legacy-registry` forces a docker daemon to only interact with registries which support the V2 protocol. Specifically, the daemon will not attempt `push`, `pull` and `login` to v1 registries. The exception to this is `search` which can still be performed on v1 registries.
|
|
|
|
|
|
## Running a Docker daemon behind a HTTPS_PROXY
|
|
|
|
|
|
@@ -484,7 +484,7 @@ use the proxy
|
|
|
`--default-ulimit` allows you to set the default `ulimit` options to use for
|
|
|
all containers. It takes the same options as `--ulimit` for `docker run`. If
|
|
|
these defaults are not set, `ulimit` settings will be inherited, if not set on
|
|
|
-`docker run`, from the Docker daemon. Any `--ulimit` options passed to
|
|
|
+`docker run`, from the Docker daemon. Any `--ulimit` options passed to
|
|
|
`docker run` will overwrite these defaults.
|
|
|
|
|
|
Be careful setting `nproc` with the `ulimit` flag as `nproc` is designed by Linux to
|
Jessica Frazelle