These days things looked a little docker relevant in the study:
read the next blog Friends of the Park feel good here to learn about.
https://www.cnblogs.com/pzk7788/p/10180197.html
In fact, it can also be modified from inside docker.service systemd to deal with
but the processing docker / daemon is better and more secure about.
Vim / etc / docker / daemon.json { " Authorization-plugins " : [], " Data-the root " : "" , the root directory # Set runtime docker " DNS " : [], provided the container # DNS address " the opts-DNS " : [], provided the container # / etc / Resolv.conf document " DNS-Search " : [], " Exec-the opts " : [], " Exec-the root " : " " , " Experimental " :false, "features": {}, "storage-driver": "", "storage-opts": [], "labels": [], "live-restore": true, "log-driver": "json-file", "log-opts": { "max-size": "10m", "max-files":"5", " Labels " : " somelabel " , " env " : " os, the Customer " }, # define logfile size and restrictions " MTU " : 0 , " the PidFile " : "" , # Set docker daemon PID file " Store-Cluster " : " " , " Cluster-Store-the opts " : {}, " Cluster-advertise " :"", "max-concurrent-downloads": 3, "max-concurrent-uploads": 5, "default-shm-size": "64M", "shutdown-timeout": 15, "debug": true, # 是否以debug模式启动docker "hosts": [], # 设置容器的hosts "log-level": "", "tls": true, "tlsverify": true, "tlscacert": "", "tlscert": "", "tlskey": "", "swarm-default-advertise-addr": "", "api-cors-header": "", "selinux-enabled": false, # 设置是否支持SELinux "userns-remap": "", "group": "", "cgroup-parent": "", "default-ulimits": { "nofile": { "Name": "nofile", "Hard": 64000, "Soft": 64000 } }, "init": false, "init-path": "/usr/libexec/docker-init", "ipv6": false, "iptables": false, "ip-forward": false, "ip-masq": false, "userland-proxy": false, "userland-proxy-path": "/usr/libexec/docker-proxy", "ip": "0.0.0.0", "bridge": "", "bip": "", "fixed-cidr": "", "fixed-cidr-v6": "", "default-gateway": "", "default-gateway-v6": "", "icc": false, "raw-logs": false, " The allow-nondistributable-Artifacts " : [], " Registry-Mirrors " : [], # Set mirror acceleration address there is need to set a HTTPS " Seccomp-Profile " : "" , " in the insecure-Registries " : [], # set docker private warehouse can not address the https " NO-new new-privileges " : false , " default-Runtime " : " runc " , " OOM-Score-the ADJUST " : - 500 , "node-generic-resources": ["NVIDIA-GPU=UUID1", "NVIDIA-GPU=UUID2"], "runtimes": { "cc-runtime": { "path": "/usr/bin/cc-runtime" }, "custom": { "path": "/usr/local/bin/my-runc-replacement", "runtimeArgs": [ "--debug" ] } }, "default-address-pools":[{"base":"172.80.0.0/16","size":24}, {"base":"172.90.0.0/16","size":24}] }