Преглед на файлове

Merge pull request #11915 from ZJU-SEL/fix_issue_11676_11754

clarify RLIMIT_AS is disabled, explain how to edit DOCKER_OPTS
moxiegirl преди 10 години
родител
ревизия
d489b91aa9
променени са 2 файла, в които са добавени 23 реда и са изтрити 9 реда
  1. 21 9
      docs/sources/articles/networking.md
  2. 2 0
      docs/sources/reference/commandline/cli.md

+ 21 - 9
docs/sources/articles/networking.md

@@ -121,8 +121,25 @@ Finally, several networking options can only be provided when calling
  *  `-P` or `--publish-all=true|false` — see
  *  `-P` or `--publish-all=true|false` — see
     [Binding container ports](#binding-ports)
     [Binding container ports](#binding-ports)
 
 
-The following sections tackle all of the above topics in an order that
-moves roughly from simplest to most complex.
+To supply networking options to the Docker server at startup, use the
+`DOCKER_OPTS` variable in the Docker upstart configuration file. For Ubuntu, edit the
+variable in `/etc/default/docker` or `/etc/sysconfig/docker` for CentOS.
+
+The following example illustrates how to configure Docker on Ubuntu to recognize a
+newly built bridge. 
+
+Edit the `/etc/default/docker` file:
+
+    $ echo 'DOCKER_OPTS="-b=bridge0"' >> /etc/default/docker 
+
+Then restart the Docker server.
+
+    $ sudo service docker start
+
+For additional information on bridges, see [building your own
+bridge](#building-your-own-bridge) later on this page.
+
+The following sections tackle all of the above topics in an order that we can move roughly from simplest to most complex.
 
 
 ## Configuring DNS
 ## Configuring DNS
 
 
@@ -296,8 +313,7 @@ system level, by two factors.
     policy to `DROP` if `--icc=false`.
     policy to `DROP` if `--icc=false`.
 
 
 It is a strategic question whether to leave `--icc=true` or change it to
 It is a strategic question whether to leave `--icc=true` or change it to
-`--icc=false` (on Ubuntu, by editing the `DOCKER_OPTS` variable in
-`/etc/default/docker` and restarting the Docker server) so that
+`--icc=false` so that
 `iptables` will protect other containers — and the main host — from
 `iptables` will protect other containers — and the main host — from
 having arbitrary ports probed or accessed by a container that gets
 having arbitrary ports probed or accessed by a container that gets
 compromised.
 compromised.
@@ -426,8 +442,7 @@ you can use either `-p IP:host_port:container_port` or `-p IP::port` to
 specify the external interface for one particular binding.
 specify the external interface for one particular binding.
 
 
 Or if you always want Docker port forwards to bind to one specific IP
 Or if you always want Docker port forwards to bind to one specific IP
-address, you can edit your system-wide Docker server settings (on
-Ubuntu, by editing `DOCKER_OPTS` in `/etc/default/docker`) and add the
+address, you can edit your system-wide Docker server settings and add the
 option `--ip=IP_ADDRESS`.  Remember to restart your Docker server after
 option `--ip=IP_ADDRESS`.  Remember to restart your Docker server after
 editing this setting.
 editing this setting.
 
 
@@ -692,9 +707,6 @@ options are configurable at server startup:
 
 
  *  `--mtu=BYTES` — override the maximum packet length on `docker0`.
  *  `--mtu=BYTES` — override the maximum packet length on `docker0`.
 
 
-On Ubuntu you would add these to the `DOCKER_OPTS` setting in
-`/etc/default/docker` on your Docker host and restarting the Docker
-service.
 
 
 Once you have one or more containers up and running, you can confirm
 Once you have one or more containers up and running, you can confirm
 that Docker has properly connected them to the `docker0` bridge by
 that Docker has properly connected them to the `docker0` bridge by

+ 2 - 0
docs/sources/reference/commandline/cli.md

@@ -2198,6 +2198,8 @@ available in the default container, you can set these using the `--ulimit` flag.
 > If you do not provide a `hard limit`, the `soft limit` will be used for both
 > If you do not provide a `hard limit`, the `soft limit` will be used for both
 values. If no `ulimits` are set, they will be inherited from the default `ulimits`
 values. If no `ulimits` are set, they will be inherited from the default `ulimits`
 set on the daemon.
 set on the daemon.
+> `as` option is disabled now. In other words, the following script is not supported:
+>   `$ docker run -it --ulimit as=1024 fedora /bin/bash`
 
 
 ## save
 ## save