docker.service 修改指南
2024-08-28 23:36:37
vi /lib/systemd/system/docker.service
docker.service默认内容如下:
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
BindsTo=containerd.service
After=network-online.target firewalld.service containerd.service
Wants=network-online.target
Requires=docker.socket
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3
# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
[Install]
WantedBy=multi-user.target
下面的配置都是在[Service]节点下的ExecStart属性后面加参数值,docker.service文件被修改后请执行systemctl daemon-reload && systemctl restart docker,如果配置未生效,请执行systemctl status docker查看服务状态。
开启远程API访问端口
添加-H 0.0.0.0:2375,端口可以随意指定,修改后的ExecStart如下:
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -H 0.0.0.0:2375
重新加载配置并重启docker
systemctl daemon-reload && systemctl restart docker
访问http://127.0.0.1:2375/info进行验证
修改bridge网络的ip段
执行docker network inspect bridge命令可以发现bridge网络默认的IP段是172.17.0.0/16,添加--bip 10.0.0.1/16修改默认IP段
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --bip 10.0.0.1/16
重新加载配置并重启docker
systemctl daemon-reload && systemctl restart docker
启动一个nginx容器进行验证
docker run -dP --name nginx nginx
docker inspect --format '{{ .NetworkSettings.IPAddress }}' nginx
docker rm -f nginx
配置私有镜像仓库
以下示例配置develop-harbor.geostar.com.cn,test-harbor.geostar.com.cn,release-harbor.geostar.com.cn三个私有镜像仓库
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock \
--insecure-registry develop-harbor.geostar.com.cn \
--insecure-registry test-harbor.geostar.com.cn \
--insecure-registry release-harbor.geostar.com.cn \
重新加载配置并重启docker
systemctl daemon-reload && systemctl restart docker
手动拉取私有镜像仓库中的镜像验证
配置dns
以下示例配置114.114.114.114 和8.8.8.8两个dns服务器地址
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock \
--dns 114.114.114.114 \
--dns 8.8.8.8
重新加载配置并重启docker
systemctl daemon-reload && systemctl restart docker
启动一个alpine容器镜像验证resolv.conf配置文件是否成功修改
docker run --rm alpine cat /etc/resolv.conf
最新文章
- django入门之模板的用法
- Android下LayoutInflater的使用
- Java Socket Server的演进 (一)
- 无法启动此程序,因为计算机中丢失AdbWinApi.dll。尝试重新安装该程序以解决此问题
- 【C#】第3章补充(一)如何在WPF中绘制正弦曲线
- day5--<装饰器、模块、字符串格式化、生成器、迭代器>logging模块
- 人民币大写金额转换C#方法
- SPJS Upload for SharePoint: Custom upload page for uploading documents to various document libraries in a site collection
- JS的强大
- ServletContext的用途
- Android设备上i-jetty环境的搭建-手机上的web服务器
- 重新注册IE组件
- qt实现-给SQLITE添加自定义函数
- The `XXXX` target overrides the `HEADER_SEARCH_PATHS` build setting defined in `Pods/Target Support Files/Pods-game-desktop/Pods-game-desktop.release.xcconfig'. This can lead to prob
- python2和python3 安装pip冲突问题
- python_day1_python简单介绍
- digital ocean 内存不足时增加swap文件的方法
- 老猪带你玩转android自定义控件二——自定义索引栏listview
- Codeforces 937 D. Sleepy Game(DFS 判断环)
- 关于IPointerEnterHandler和IpointerExitHandler的简单说明