We use cookies to ensure you get the best experience on our website
首頁 探索 說明
註冊 登入
0ct0pu5
/
moby
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
瀏覽代碼

Merge pull request #41146 from AkihiroSuda/dockerd-rootless-sh-port-driver

dockerd-rootless.sh: allow specifying DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER
Brian Goff 5 年之前
父節點
95e92d6c78 6743320a12
當前提交
d0ec81dbb2
共有 1 個文件被更改,包括 9 次插入3 次删除
分割檢視 顯示文件統計
  1. 9 3
      contrib/dockerd-rootless.sh

+ 9 - 3
contrib/dockerd-rootless.sh
查看文件 

@@ -7,8 +7,13 @@
 
 # * newuidmap and newgidmap needs to be installed.
 
 # * /etc/subuid and /etc/subgid needs to be configured for the current user.
 
 # * Either one of slirp4netns (>= v0.4.0), VPNKit, lxc-user-nic needs to be installed.
 
-#   slirp4netns is used by default if installed. Otherwise fallsback to VPNKit.
 
-#   The default value can be overridden with $DOCKERD_ROOTLESS_ROOTLESSKIT_NET=(slirp4netns|vpnkit|lxc-user-nic)
 
+#
 
+# Recognized environment variables:
 
+# * DOCKERD_ROOTLESS_ROOTLESSKIT_NET=(slirp4netns|vpnkit|lxc-user-nic): the rootlesskit network driver. Defaults to "slirp4netns" if slirp4netns (>= v0.4.0) is installed. Otherwise defaults to "vpnkit".
 
+# * DOCKERD_ROOTLESS_ROOTLESSKIT_MTU=NUM: the MTU value for the rootlesskit network driver. Defaults to 65520 for slirp4netns, 1500 for other drivers.
 
+# * DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER=(builtin|slirp4netns): the rootlesskit port driver. Defaults to "builtin".
 
+# * DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SANDBOX=(auto|true|false): whether to protect slirp4netns with a dedicated mount namespace. Defaults to "auto".
 
+# * DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SECCOMP=(auto|true|false): whether to protect slirp4netns with seccomp. Defaults to "auto".
 
 #
 
 # See the documentation for the further information: https://docs.docker.com/engine/security/rootless/
 
 
@@ -36,6 +41,7 @@ fi
 
 
 : "${DOCKERD_ROOTLESS_ROOTLESSKIT_NET:=}"
 
 : "${DOCKERD_ROOTLESS_ROOTLESSKIT_MTU:=}"
 
+: "${DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER:=builtin}"
 
 : "${DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SANDBOX:=auto}"
 
 : "${DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SECCOMP:=auto}"
 
 net=$DOCKERD_ROOTLESS_ROOTLESSKIT_NET
 
@@ -79,7 +85,7 @@ if [ -z $_DOCKERD_ROOTLESS_CHILD ]; then
 
 		--net=$net --mtu=$mtu \
 
 		--slirp4netns-sandbox=$DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SANDBOX \
 
 		--slirp4netns-seccomp=$DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SECCOMP \
 
-		--disable-host-loopback --port-driver=builtin \
 
+		--disable-host-loopback --port-driver=$DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER \
 
 		--copy-up=/etc --copy-up=/run \
 
 		--propagation=rslave \
 
 		$DOCKERD_ROOTLESS_ROOTLESSKIT_FLAGS \

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5