Docker 的配置文件说明

由于 Linux 不同发行版所采用的默认管理框架的不同,Docker 在不同环境下所使用的默认配置文件也有所不同。这给初学者带来了极大的困惑和不便。好消息是,Docker 官方也意识到了这个问题,所以从 V1.12 开始,引入了并行通用配置文件 /etc/docker/daemon.json 。从此以后,用户可以在所有平台统一通过调整该配置文件来调整 Docker Engine。本文对此进行简要说明。

配置文件

通用配置文件 /etc/docker/daemon.json

Docker Engine V1.12 之后版本,用户可以自行创建 daemon.json 文件对 Docker Engine 进行配置和调整。要点如下:

  • 该文件作为 Docker Engine 的配置管理文件, 里面几乎涵盖了所有 docker 命令行启动可以配置的参数。
  • 不管是在哪个平台以何种方式启动, Docker 默认都会来这里读取配置。使用户可以统一管理不同系统下的 docker daemon 配置。
  • 相关参数的使用说明,可以参阅 man dockerd 帮助信息,或者参阅官方文档
  • 默认配置文件目录及支持的参数说明:

    • Linux: /etc/docker/daemon.json, 支持的完成参数配置示例如下(最新的支持参数列表可以参阅官方文档):
{
    "authorization-plugins": [],
    "data-root": "",
    "dns": [],
    "dns-opts": [],
    "dns-search": [],
    "exec-opts": [],
    "exec-root": "",
    "experimental": false,
    "storage-driver": "",
    "storage-opts": [],
    "labels": [],
    "live-restore": true,
    "log-driver": "",
    "log-opts": {},
    "mtu": 0,
    "pidfile": "",
    "cluster-store": "",
    "cluster-store-opts": {},
    "cluster-advertise": "",
    "max-concurrent-downloads": 3,
    "max-concurrent-uploads": 5,
    "default-shm-size": "64M",
    "shutdown-timeout": 15,
    "debug": true,
    "hosts": [],
    "log-level": "",
    "tls": true,
    "tlsverify": true,
    "tlscacert": "",
    "tlscert": "",
    "tlskey": "",
    "swarm-default-advertise-addr": "",
    "api-cors-header": "",
    "selinux-enabled": false,
    "userns-remap": "",
    "group": "",
    "cgroup-parent": "",
    "default-ulimits": {},
    "init": false,
    "init-path": "/usr/libexec/docker-init",
    "ipv6": false,
    "iptables": false,
    "ip-forward": false,
    "ip-masq": false,
    "userland-proxy": false,
    "userland-proxy-path": "/usr/libexec/docker-proxy",
    "ip": "0.0.0.0",
    "bridge": "",
    "bip": "",
    "fixed-cidr": "",
    "fixed-cidr-v6": "",
    "default-gateway": "",
    "default-gateway-v6": "",
    "icc": false,
    "raw-logs": false,
    "allow-nondistributable-artifacts": [],
    "registry-mirrors": [],
    "seccomp-profile": "",
    "insecure-registries": [],
    "disable-legacy-registry": false,
    "no-new-privileges": false,
    "default-runtime": "runc",
    "oom-score-adjust": -500,
    "runtimes": {
        "runc": {
            "path": "runc"
        },
        "custom": {
            "path": "/usr/local/bin/my-runc-replacement",
            "runtimeArgs": [
                "--debug"
            ]
        }
    }
}
- Windows: ```%programdata%\docker\config\daemon.json```,支持的完成参数配置示例如下(最新的支持参数列表可以参阅[官方文档](https://docs.docker.com/engine/reference/commandline/dockerd/#on-linux)):
{
    "authorization-plugins": [],
    "data-root": "",
    "dns": [],
    "dns-opts": [],
    "dns-search": [],
    "exec-opts": [],
    "experimental": false,
    "storage-driver": "",
    "storage-opts": [],
    "labels": [],
    "log-driver": "",
    "mtu": 0,
    "pidfile": "",
    "cluster-store": "",
    "cluster-advertise": "",
    "max-concurrent-downloads": 3,
    "max-concurrent-uploads": 5,
    "shutdown-timeout": 15,
    "debug": true,
    "hosts": [],
    "log-level": "",
    "tlsverify": true,
    "tlscacert": "",
    "tlscert": "",
    "tlskey": "",
    "swarm-default-advertise-addr": "",
    "group": "",
    "default-ulimits": {},
    "bridge": "",
    "fixed-cidr": "",
    "raw-logs": false,
    "allow-nondistributable-artifacts": [],
    "registry-mirrors": [],
    "insecure-registries": [],
    "disable-legacy-registry": false
}

不同框架的配置文件

不同 Linux 发行版本默认使用的管理框架可能存在不同。而不同管理框架下配置文件的架构差异,最终导致了不同环境下默认 Docker 配置文件目录和文件名的不同。Linux 常见管理框架下的默认配置文件说明如下:

| 管理框架类型 | 默认使用该框架的操作系统 | Docker 默认配置文件 | 相关操作指令 |
| - | - | - | - |
| Sysvinit | CentOS 6.x, Ubuntu 12.04 等| /etc/default/docker | CentOS: service docker restart
Ubuntu: /etc/init.d/docker restart |
| Upstart | Ubuntu 14.x,15.x 等| /etc/default/docker| restart docker |
| Systemd | CentOS 7+,Ubunt 16+,Debian,RHEl 7, Fedora, Archlinux 等| Ubuntu/CentOS/: /lib/systemd/system/docker.service
RHEL/CentOS: /usr/lib/systemd/system/docker.service | systemctl restart docker.service |

配置文件修改说明

参阅前述说明,对配置文件调整后,注意如下要点:

  • 修改配置后,需要重启 docker 服务生效。当前主流的 Sytemd 框架相关平台(CentOS 7+,Ubunt 16+ 等)的重启指令如下:
systemctl daemon-reolad
systemctl restart docker.service
  • 配置冲突
    如果通用配置文件 /etc/docker/daemon.json 和上述默认配置文件中有配置冲突(相同配置项分别配置了不同值),那么 Docker daemon 启动时会报错。比如,如果在 Ubuntu 16.04 系统中,同时在 /etc/docker/daemon.json 和 /lib/systemd/system/docker.service 中指定了 --dns= 属性,那么 Docker daemon 会启动失败,相关错误信息示例如下:
[root@node3 ~]# systemctl start docker.service
Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details.

[root@node3 ~]# systemctl status docker.service
● docker.service - Docker Application Container Engine
   Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Wed 2017-11-15 15:57:16 CST; 2min 29s ago
     Docs: https://docs.docker.com
  Process: 30610 ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0 -H fd:// --dns=223.5.5.5 --dns=223.6.6.6 (code=exited,
 Main PID: 30610 (code=exited, status=1/FAILURE)

Nov 15 15:57:16 c400e32b9e7cd46aea0d484ad260f4e4a-node3 systemd[1]: Starting Docker Application Container Engine...
Nov 15 15:57:16 c400e32b9e7cd46aea0d484ad260f4e4a-node3 dockerd[30610]: unable to configure the Docker daemon with file /etc/docker/daemon.json: the following directives are specified both as a flag and in the configuration file: dns: (from flag: [223.5.5.5  223.6.6.6], from file: [114.114.114.114 8.8.8.8])
Nov 15 15:57:16 c400e32b9e7cd46aea0d484ad260f4e4a-node3 systemd[1]: docker.service: Main process exited, code=exite
Nov 15 15:57:16 c400e32b9e7cd46aea0d484ad260f4e4a-node3 systemd[1]: Failed to start Docker Application Container En
Nov 15 15:57:16 c400e32b9e7cd46aea0d484ad260f4e4a-node3 systemd[1]: docker.service: Unit entered failed state.
Nov 15 15:57:16 c400e32b9e7cd46aea0d484ad260f4e4a-node3 systemd[1]: docker.service: Failed with result 'exit-code'.
lines 1-13/13 (END)
上一篇:[技术点]SQL 多条件查询


下一篇:Docker --format 格式化输出概要操作说明