|
|
@@ -1336,10 +1336,14 @@ set this parameter separately for each daemon.
|
|
|
- `-p, --pidfile=/var/run/docker.pid` is the path where the process ID of the daemon is stored. Specify the path for your
|
|
|
pid file here.
|
|
|
- `--host=[]` specifies where the Docker daemon will listen for client connections. If unspecified, it defaults to `/var/run/docker.sock`.
|
|
|
-- `--iptables=false` prevents the Docker daemon from adding iptables rules. If
|
|
|
- multiple daemons manage iptables rules, they may overwrite rules set by
|
|
|
- another daemon. Be aware that disabling this option requires you to manually
|
|
|
- add iptables rules to expose container ports.
|
|
|
+- `--iptables=false` prevents the Docker daemon from adding iptables rules. If
|
|
|
+multiple daemons manage iptables rules, they may overwrite rules set by another
|
|
|
+daemon. Be aware that disabling this option requires you to manually add
|
|
|
+iptables rules to expose container ports. If you prevent Docker from adding
|
|
|
+iptables rules, Docker will also not add IP masquerading rules, even if you set
|
|
|
+`--ip-masq` to `true`. Without IP masquerading rules, Docker containers will not be
|
|
|
+able to connect to external hosts or the internet when using network other than
|
|
|
+default bridge.
|
|
|
- `--config-file=/etc/docker/daemon.json` is the path where configuration file is stored. You can use it instead of
|
|
|
daemon flags. Specify the path for each daemon.
|
|
|
- `--tls*` Docker daemon supports `--tlsverify` mode that enforces encrypted and authenticated remote connections.
|
bbayani