Docker daemon.json collection of configuration items

These days things looked a little docker relevant in the study: 

read the next blog Friends of the Park feel good here to learn about.

https://www.cnblogs.com/pzk7788/p/10180197.html

In fact, it can also be modified from inside docker.service systemd to deal with 

but the processing docker / daemon is better and more secure about.

Vim / etc / docker / daemon.json 
{ 
    " Authorization-plugins " : [],
     " Data-the root " : "" , the root directory # Set runtime docker
     " DNS " : [], provided the container # DNS address
     " the opts-DNS " : [], provided the container # / etc / Resolv.conf document
     " DNS-Search " : [],
     " Exec-the opts " : [],
     " Exec-the root " : " " ,
     " Experimental " :false,
    "features": {},
    "storage-driver": "",
    "storage-opts": [],
    "labels": [],
    "live-restore": true,
    "log-driver": "json-file",  
    "log-opts": {
        "max-size": "10m",
        "max-files":"5",
         " Labels " : " somelabel " ,
         " env " : " os, the Customer " 
    }, # define logfile size and restrictions 
    " MTU " : 0 ,
     " the PidFile " : "" , # Set docker daemon PID file
     " Store-Cluster " : " " , 
     " Cluster-Store-the opts " : {},
     " Cluster-advertise " :"",
    "max-concurrent-downloads": 3,
    "max-concurrent-uploads": 5,
    "default-shm-size": "64M",
    "shutdown-timeout": 15,
    "debug": true,    # 是否以debug模式启动docker
    "hosts": [],      # 设置容器的hosts
    "log-level": "",
    "tls": true,
    "tlsverify": true,
    "tlscacert": "",
    "tlscert": "",
    "tlskey": "",
    "swarm-default-advertise-addr": "",
    "api-cors-header": "",
    "selinux-enabled": false,    # 设置是否支持SELinux
    "userns-remap": "",
    "group": "",
    "cgroup-parent": "",
    "default-ulimits": {
        "nofile": {
            "Name": "nofile",
            "Hard": 64000,
            "Soft": 64000
        }
    },
    "init": false,
    "init-path": "/usr/libexec/docker-init",
    "ipv6": false,
    "iptables": false,
    "ip-forward": false,    
    "ip-masq": false,
    "userland-proxy": false,
    "userland-proxy-path": "/usr/libexec/docker-proxy",
    "ip": "0.0.0.0",
    "bridge": "",
    "bip": "",
    "fixed-cidr": "",
    "fixed-cidr-v6": "",
    "default-gateway": "",
    "default-gateway-v6": "",
    "icc": false,
    "raw-logs": false,
    " The allow-nondistributable-Artifacts " : [],
     " Registry-Mirrors " : [], # Set mirror acceleration address there is need to set a HTTPS
     " Seccomp-Profile " : "" ,
     " in the insecure-Registries " : [], # set docker private warehouse can not address the https 
     " NO-new new-privileges " : false ,
     " default-Runtime " : " runc " ,
     " OOM-Score-the ADJUST " : - 500 ,
     "node-generic-resources": ["NVIDIA-GPU=UUID1", "NVIDIA-GPU=UUID2"],
    "runtimes": {
        "cc-runtime": {
            "path": "/usr/bin/cc-runtime"
        },
        "custom": {
            "path": "/usr/local/bin/my-runc-replacement",
            "runtimeArgs": [
                "--debug"
            ]
        }
    },
    "default-address-pools":[{"base":"172.80.0.0/16","size":24},
    {"base":"172.90.0.0/16","size":24}]
}