github.com/kobeld/docker@v1.12.0-rc1/docs/admin/configuring.md (about) 1 <!--[metadata]> 2 +++ 3 aliases = ["/engine/articles/configuring/"] 4 title = "Configuring and running Docker" 5 description = "Configuring and running the Docker daemon on various distributions" 6 keywords = ["docker, daemon, configuration, running, process managers"] 7 [menu.main] 8 parent = "engine_admin" 9 weight = 3 10 +++ 11 <![end-metadata]--> 12 13 # Configuring and running Docker on various distributions 14 15 After successfully installing Docker, the `docker` daemon runs with its default 16 configuration. 17 18 In a production environment, system administrators typically configure the 19 `docker` daemon to start and stop according to an organization's requirements. In most 20 cases, the system administrator configures a process manager such as `SysVinit`, `Upstart`, 21 or `systemd` to manage the `docker` daemon's start and stop. 22 23 ### Running the docker daemon directly 24 25 The `docker` daemon can be run directly using the `dockerd` command. By default it listens on 26 the Unix socket `unix:///var/run/docker.sock` 27 28 $ dockerd 29 30 INFO[0000] +job init_networkdriver() 31 INFO[0000] +job serveapi(unix:///var/run/docker.sock) 32 INFO[0000] Listening for HTTP on unix (/var/run/docker.sock) 33 ... 34 ... 35 36 ### Configuring the docker daemon directly 37 38 If you're running the `docker` daemon directly by running `docker daemon` instead 39 of using a process manager, you can append the configuration options to the `docker` run 40 command directly. Other options can be passed to the `docker` daemon to configure it. 41 42 Some of the daemon's options are: 43 44 | Flag | Description | 45 |-----------------------|-----------------------------------------------------------| 46 | `-D`, `--debug=false` | Enable or disable debug mode. By default, this is false. | 47 | `-H`,`--host=[]` | Daemon socket(s) to connect to. | 48 | `--tls=false` | Enable or disable TLS. By default, this is false. | 49 50 51 Here is an example of running the `docker` daemon with configuration options: 52 53 $ dockerd -D --tls=true --tlscert=/var/docker/server.pem --tlskey=/var/docker/serverkey.pem -H tcp://192.168.59.3:2376 54 55 These options : 56 57 - Enable `-D` (debug) mode 58 - Set `tls` to true with the server certificate and key specified using `--tlscert` and `--tlskey` respectively 59 - Listen for connections on `tcp://192.168.59.3:2376` 60 61 The command line reference has the [complete list of daemon flags](../reference/commandline/dockerd.md) 62 with explanations. 63 64 ### Daemon debugging 65 66 As noted above, setting the log level of the daemon to "debug" or enabling debug mode 67 with `-D` allows the administrator or operator to gain much more knowledge about the 68 runtime activity of the daemon. If faced with a non-responsive daemon, the administrator 69 can force a full stack trace of all threads to be added to the daemon log by sending the 70 `SIGUSR1` signal to the Docker daemon. A common way to send this signal is using the `kill` 71 command on Linux systems. For example, `kill -USR1 <daemon-pid>` sends the `SIGUSR1` 72 signal to the daemon process, causing the stack dump to be added to the daemon log. 73 74 > **Note:** The log level setting of the daemon must be at least "info" level and above for 75 > the stack trace to be saved to the logfile. By default the daemon's log level is set to 76 > "info". 77 78 The daemon will continue operating after handling the `SIGUSR1` signal and dumping the stack 79 traces to the log. The stack traces can be used to determine the state of all goroutines and 80 threads within the daemon. 81 82 ## Ubuntu 83 84 As of `14.04`, Ubuntu uses Upstart as a process manager. By default, Upstart jobs 85 are located in `/etc/init` and the `docker` Upstart job can be found at `/etc/init/docker.conf`. 86 87 After successfully [installing Docker for Ubuntu](../installation/linux/ubuntulinux.md), 88 you can check the running status using Upstart in this way: 89 90 $ sudo status docker 91 92 docker start/running, process 989 93 94 ### Running Docker 95 96 You can start/stop/restart the `docker` daemon using 97 98 $ sudo start docker 99 100 $ sudo stop docker 101 102 $ sudo restart docker 103 104 105 ### Configuring Docker 106 107 The instructions below depict configuring Docker on a system that uses `upstart` 108 as the process manager. As of Ubuntu 15.04, Ubuntu uses `systemd` as its process 109 manager. For Ubuntu 15.04 and higher, refer to [control and configure Docker with systemd](systemd.md). 110 111 You configure the `docker` daemon in the `/etc/default/docker` file on your 112 system. You do this by specifying values in a `DOCKER_OPTS` variable. 113 114 To configure Docker options: 115 116 1. Log into your host as a user with `sudo` or `root` privileges. 117 118 2. If you don't have one, create the `/etc/default/docker` file on your host. Depending on how 119 you installed Docker, you may already have this file. 120 121 3. Open the file with your favorite editor. 122 123 ``` 124 $ sudo vi /etc/default/docker 125 ``` 126 127 4. Add a `DOCKER_OPTS` variable with the following options. These options are appended to the 128 `docker` daemon's run command. 129 130 ``` 131 DOCKER_OPTS="-D --tls=true --tlscert=/var/docker/server.pem --tlskey=/var/docker/serverkey.pem -H tcp://192.168.59.3:2376" 132 ``` 133 134 These options : 135 136 - Enable `-D` (debug) mode 137 - Set `tls` to true with the server certificate and key specified using `--tlscert` and `--tlskey` respectively 138 - Listen for connections on `tcp://192.168.59.3:2376` 139 140 The command line reference has the [complete list of daemon flags](../reference/commandline/dockerd.md) 141 with explanations. 142 143 144 5. Save and close the file. 145 146 6. Restart the `docker` daemon. 147 148 ``` 149 $ sudo restart docker 150 ``` 151 152 7. Verify that the `docker` daemon is running as specified with the `ps` command. 153 154 ``` 155 $ ps aux | grep docker | grep -v grep 156 ``` 157 158 ### Logs 159 160 By default logs for Upstart jobs are located in `/var/log/upstart` and the logs for `docker` daemon 161 can be located at `/var/log/upstart/docker.log` 162 163 $ tail -f /var/log/upstart/docker.log 164 INFO[0000] Loading containers: done. 165 INFO[0000] Docker daemon commit=1b09a95-unsupported graphdriver=aufs version=1.11.0-dev 166 INFO[0000] +job acceptconnections() 167 INFO[0000] -job acceptconnections() = OK (0) 168 INFO[0000] Daemon has completed initialization 169 170 171 ## CentOS / Red Hat Enterprise Linux / Fedora 172 173 As of `7.x`, CentOS and RHEL use `systemd` as the process manager. As of `21`, Fedora uses 174 `systemd` as its process manager. 175 176 After successfully installing Docker for [CentOS](../installation/linux/centos.md)/[Red Hat Enterprise Linux](../installation/linux/rhel.md)/[Fedora](../installation/linux/fedora.md), you can check the running status in this way: 177 178 $ sudo systemctl status docker 179 180 ### Running Docker 181 182 You can start/stop/restart the `docker` daemon using 183 184 $ sudo systemctl start docker 185 186 $ sudo systemctl stop docker 187 188 $ sudo systemctl restart docker 189 190 If you want Docker to start at boot, you should also: 191 192 $ sudo systemctl enable docker 193 194 ### Configuring Docker 195 196 For CentOS 7.x and RHEL 7.x you can [control and configure Docker with systemd](systemd.md). 197 198 Previously, for CentOS 6.x and RHEL 6.x you would configure the `docker` daemon in 199 the `/etc/sysconfig/docker` file on your system. You would do this by specifying 200 values in a `other_args` variable. For a short time in CentOS 7.x and RHEL 7.x you 201 would specify values in a `OPTIONS` variable. This is no longer recommended in favor 202 of using systemd directly. 203 204 For this section, we will use CentOS 7.x as an example to configure the `docker` daemon. 205 206 To configure Docker options: 207 208 1. Log into your host as a user with `sudo` or `root` privileges. 209 210 2. Create the `/etc/systemd/system/docker.service.d` directory. 211 212 ``` 213 $ sudo mkdir /etc/systemd/system/docker.service.d 214 ``` 215 216 3. Create a `/etc/systemd/system/docker.service.d/docker.conf` file. 217 218 4. Open the file with your favorite editor. 219 220 ``` 221 $ sudo vi /etc/systemd/system/docker.service.d/docker.conf 222 ``` 223 224 5. Override the `ExecStart` configuration from your `docker.service` file to customize 225 the `docker` daemon. To modify the `ExecStart` configuration you have to specify 226 an empty configuration followed by a new one as follows: 227 228 ``` 229 [Service] 230 ExecStart= 231 ExecStart=/usr/bin/dockerd -H fd:// -D --tls=true --tlscert=/var/docker/server.pem --tlskey=/var/docker/serverkey.pem -H tcp://192.168.59.3:2376 232 ``` 233 234 These options : 235 236 - Enable `-D` (debug) mode 237 - Set `tls` to true with the server certificate and key specified using `--tlscert` and `--tlskey` respectively 238 - Listen for connections on `tcp://192.168.59.3:2376` 239 240 The command line reference has the [complete list of daemon flags](../reference/commandline/dockerd.md) 241 with explanations. 242 243 6. Save and close the file. 244 245 7. Flush changes. 246 247 ``` 248 $ sudo systemctl daemon-reload 249 ``` 250 251 8. Restart the `docker` daemon. 252 253 ``` 254 $ sudo systemctl restart docker 255 ``` 256 257 9. Verify that the `docker` daemon is running as specified with the `ps` command. 258 259 ``` 260 $ ps aux | grep docker | grep -v grep 261 ``` 262 263 ### Logs 264 265 systemd has its own logging system called the journal. The logs for the `docker` daemon can 266 be viewed using `journalctl -u docker` 267 268 $ sudo journalctl -u docker 269 May 06 00:22:05 localhost.localdomain systemd[1]: Starting Docker Application Container Engine... 270 May 06 00:22:05 localhost.localdomain docker[2495]: time="2015-05-06T00:22:05Z" level="info" msg="+job serveapi(unix:///var/run/docker.sock)" 271 May 06 00:22:05 localhost.localdomain docker[2495]: time="2015-05-06T00:22:05Z" level="info" msg="Listening for HTTP on unix (/var/run/docker.sock)" 272 May 06 00:22:06 localhost.localdomain docker[2495]: time="2015-05-06T00:22:06Z" level="info" msg="+job init_networkdriver()" 273 May 06 00:22:06 localhost.localdomain docker[2495]: time="2015-05-06T00:22:06Z" level="info" msg="-job init_networkdriver() = OK (0)" 274 May 06 00:22:06 localhost.localdomain docker[2495]: time="2015-05-06T00:22:06Z" level="info" msg="Loading containers: start." 275 May 06 00:22:06 localhost.localdomain docker[2495]: time="2015-05-06T00:22:06Z" level="info" msg="Loading containers: done." 276 May 06 00:22:06 localhost.localdomain docker[2495]: time="2015-05-06T00:22:06Z" level="info" msg="Docker daemon commit=1b09a95-unsupported graphdriver=aufs version=1.11.0-dev" 277 May 06 00:22:06 localhost.localdomain docker[2495]: time="2015-05-06T00:22:06Z" level="info" msg="+job acceptconnections()" 278 May 06 00:22:06 localhost.localdomain docker[2495]: time="2015-05-06T00:22:06Z" level="info" msg="-job acceptconnections() = OK (0)" 279 280 _Note: Using and configuring journal is an advanced topic and is beyond the scope of this article._ 281 282 283 ### Daemonless Containers 284 285 Starting with Docker 1.12 containers can run without Docker or containerd running. This allows the 286 Docker daemon to exit, be upgraded, or recover from a crash without affecting running containers 287 on the system. To enable this functionality you need to add the `--live-restore` flag when 288 launching `dockerd`. This will ensure that Docker does not kill containers on graceful shutdown or 289 on restart leaving the containers running. 290 291 While the Docker daemon is down logging will still be captured, however, it will be capped at the kernel's pipe buffer size before the buffer fills up, blocking the process. 292 Docker will need to be restarted to flush these buffers. 293 You can modify the kernel's buffer size by changing `/proc/sys/fs/pipe-max-size`.