Docker Server Configuration

From NovaOrdis Knowledge Base
Jump to navigation Jump to search

External

Internal

Overview

Docker Server Startup Sequence

RedHat/Centos systemd

systemd Docker Unit File: /usr/lib/systemd/system/docker.service

Docker Server Startup Configuration

Server Configuration Options

--insecure-registry

This option instructs the Docker daemon to trust any Docker registry on the indicated subnet, rather than requiring a certificate. The default value is []. For OpenShift-integrated Docker, the subnet where Docker expects this registry is the OpenShift SDN services subnet. 

... --insecure-registry <list> ...

--insecure-registry 172.30.0.0/16

The same option can be configured in daemon.json with insecure-registries.

--net

Also see:

Docker Networking Concepts

--selinux-enabled

--add-registry

When asked to search for or pull images, the docker runtime uses the Docker registry (docker.io) to complete those activities. Additional registries can be added to the list with --add-registry.

Also see

Docker Image Registry

--block-registry

To prevent users from pulling images from the Docker registry, after presumably other registry has been configured with --add-registry, use 

--block-registry docker.io

--log-driver

--signature-verification

daemon.json

daemon.json

Docker Container Configuration

Docker Container Configuration
Retrieved from "https://kb.novaordis.com/index.php?title=Docker_Server_Configuration&oldid=42285"