/etc/docker/daemon.json

The /etc/docker/daemon.json file is used to configure various settings for the Docker daemon on Unix-based operating systems. This file allows administrators to customize Docker's behavior by specifying options such as storage drivers, logging configurations, network settings, and more.

Structure of /etc/docker/daemon.json

The file is written in JSON format and contains key-value pairs that define Docker's configuration. If the file doesn't exist by default, it can be created manually.

Example /etc/docker/daemon.json File

{
  "data-root": "/new/docker",
  "storage-driver": "overlay2",
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "10m",
    "max-file": "3"
  },
  "bip": "192.168.1.5/24",
  "insecure-registries": ["my-registry.local:5000"]
}

Common Configuration Options

Here are some of the most commonly used options in /etc/docker/daemon.json:

1. data-root

• Description: Specifies the directory where Docker stores its data, such as images, containers, and volumes. By default, this is set to /var/lib/docker.

• Example:

  "data-root": "/mnt/docker-data"

2. storage-driver

• Description: Specifies the storage driver Docker should use for managing container images. Common drivers include overlay2, aufs, and btrfs.

• Example:

  "storage-driver": "overlay2"

3. log-driver

• Description: Specifies the logging driver for Docker containers. Popular options include json-file, syslog, and journald.

• Example:

  "log-driver": "json-file"

4. log-opts

• Description: Specifies options for the chosen log driver, such as log rotation settings.

• Example:

  "log-opts": {
    "max-size": "10m",
    "max-file": "3"
  }

5. bip

• Description: Configures the IP address range for Docker's default bridge network. This is useful for avoiding conflicts with other networks on the system.

• Example:

  "bip": "192.168.1.5/24"

6. insecure-registries

• Description: Specifies a list of insecure Docker registries, which Docker will allow connections to over HTTP (without TLS). Use with caution.

• Example:

  "insecure-registries": ["my-registry.local:5000"]

7. max-concurrent-downloads

• Description: Limits the number of concurrent downloads for images during a pull.

• Example:

  "max-concurrent-downloads": 3

8. default-runtime

• Description: Specifies the default runtime for containers. Common runtimes include runc and nvidia for GPU support.

• Example:

  "default-runtime": "runc"

9. exec-opts

• Description: Configures additional execution options for the Docker container engine.

• Example:

  "exec-opts": ["native.cgroupdriver=cgroupfs"]

10. icc

• Description: Controls whether inter-container communication is allowed by default. By default, Docker allows containers to communicate with each other across the same network.

• Example:

  "icc": false

Managing Docker Configuration

After making changes to the /etc/docker/daemon.json file, the Docker daemon must be restarted for the changes to take effect.

Restart Docker Daemon

sudo systemctl restart docker

Verify Docker Configuration

To check if the Docker daemon is using the correct configuration, use the following command:

docker info

This will display detailed information about the Docker daemon, including its storage driver, network settings, and other configurations.

Conclusion

The /etc/docker/daemon.json file provides a convenient way to configure the Docker daemon. By modifying this file, administrators can fine-tune Docker's behavior, such as storage locations, logging settings, network configurations, and runtime options. Proper management of this configuration file is essential for optimizing Docker environments for performance and security.