Docker入门
Docker overview
容器监控方式
- prometheus + grafana+cAdvisor监控容器
Dockerfile指令
docker-compose.yaml文件中常用指令
- compose文件结构和示例
- 服务配置参考
  build
  dockerfile
  context
  shm_size
  network
  labels
  cache_from
  args
  target
  cap_add, cap_drop
  cgroup_parent
  command
  configs
  短语法形式
  长语法形式
  container_name
  credential_spec
  EXAMPLE GMSA CONFIGURATION
  depends_on
  deploy
  endpoint_mode
  labels
  mode
  placement
  max_replicas_per_node
  replicas
  resource
  restart_policy
  rollback_config
  Update_config
  Not supported for docker stack deploy
  devices
  dns
  dns_search
  entrypoint
  env_file
  environment
  expose
  external_links
  extra_hosts
  healthcheck
  image
  init
  isolation
  labels
  links
  logging
  network_mode
  networks
  alias
  IPV4_ADDRESS, IPV6_ADDRESS
  pid
  ports
  长语法
  短语法
  profiles
  restart
  secrets
  长语法
  短语法
  security_opt
  stop_grace_period
  stop_signal
  sysctls
  tmpfs
  ulimits
  userns_mode
  volumes
  长语法
  短语法
  VOLUMES FOR SERVICES, SWARMS, AND STACK FILES
  domainname, hostname, ipc, mac_address, privileged, read_only, shm_size, stdin_open, tty, user, work
  Specifying durations
  Specifying byte values
  Volume configuration reference
  driver
  driver_opts
  external
  labels
  name
  Network configuration reference
  name
  external
  labels
  internal
  ipam
  enable_ipv6
  driver
  overlay
  bridge
  host或者none
  driver_opts
  attachable
  configs configuration reference
  secrets configuration reference
  Variable substitution
  Extension fields
docker-compose示例
Dockerfile最佳实践

Powered by GitBook

cap_add, cap_drop

添加或丢弃容器具有的能力。

 cap_add:
   - ALL
 
 cap_drop:
   - NET_ADMIN
   - SYS_ADMIN

Previoustarget Nextcgroup_parent

Last updated 3 years ago

On this page

Was this helpful?