man/dockerd.8: assorted formatting fixes

Mostly, this makes sure that literals (such as true, false, host,
private, examples of options usage etc.) are typeset in bold, except for
filenames, which are typeset in italic.

While at it,
 - remove some default values from synopsis as it should not
   be there;
 - fix man pages references (page name in bold, volume number in
   regular).

This is not a complete fix, but a step in the right direction.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
This commit is contained in:
Kir Kolyshkin 2023-04-17 15:44:07 -07:00
parent e3cb324ed9
commit 8ef8f41311
1 changed files with 72 additions and 71 deletions

View File

@ -12,7 +12,7 @@ dockerd - Enable daemon mode
[**-b**|**--bridge**[=*BRIDGE*]] [**-b**|**--bridge**[=*BRIDGE*]]
[**--bip**[=*BIP*]] [**--bip**[=*BIP*]]
[**--cgroup-parent**[=*[]*]] [**--cgroup-parent**[=*[]*]]
[**--config-file**[=*/etc/docker/daemon.json*]] [**--config-file**[=*path*]]
[**--containerd**[=*SOCKET-PATH*]] [**--containerd**[=*SOCKET-PATH*]]
[**--data-root**[=*/var/lib/docker*]] [**--data-root**[=*/var/lib/docker*]]
[**-D**|**--debug**] [**-D**|**--debug**]
@ -29,7 +29,7 @@ dockerd - Enable daemon mode
[**--dns-search**[=*[]*]] [**--dns-search**[=*[]*]]
[**--exec-opt**[=*[]*]] [**--exec-opt**[=*[]*]]
[**--exec-root**[=*/var/run/docker*]] [**--exec-root**[=*/var/run/docker*]]
[**--experimental**[=*false*]] [**--experimental**[=**false**]]
[**--fixed-cidr**[=*FIXED-CIDR*]] [**--fixed-cidr**[=*FIXED-CIDR*]]
[**--fixed-cidr-v6**[=*FIXED-CIDR-V6*]] [**--fixed-cidr-v6**[=*FIXED-CIDR-V6*]]
[**-G**|**--group**[=*docker*]] [**-G**|**--group**[=*docker*]]
@ -37,19 +37,19 @@ dockerd - Enable daemon mode
[**--help**] [**--help**]
[**--http-proxy**[*""*]] [**--http-proxy**[*""*]]
[**--https-proxy**[*""*]] [**--https-proxy**[*""*]]
[**--icc**[=*true*]] [**--icc**[=**true**]]
[**--init**[=*false*]] [**--init**[=**false**]]
[**--init-path**[=*""*]] [**--init-path**[=*""*]]
[**--insecure-registry**[=*[]*]] [**--insecure-registry**[=*[]*]]
[**--ip**[=*0.0.0.0*]] [**--ip**[=*0.0.0.0*]]
[**--ip-forward**[=*true*]] [**--ip-forward**[=**true**]]
[**--ip-masq**[=*true*]] [**--ip-masq**[=**true**]]
[**--iptables**[=*true*]] [**--iptables**[=**true**]]
[**--ipv6**] [**--ipv6**]
[**--isolation**[=*default*]] [**--isolation**[=*default*]]
[**-l**|**--log-level**[=*info*]] [**-l**|**--log-level**[=*info*]]
[**--label**[=*[]*]] [**--label**[=*[]*]]
[**--live-restore**[=*false*]] [**--live-restore**[=**false**]]
[**--log-driver**[=*json-file*]] [**--log-driver**[=*json-file*]]
[**--log-opt**[=*map[]*]] [**--log-opt**[=*map[]*]]
[**--mtu**[=*0*]] [**--mtu**[=*0*]]
@ -72,7 +72,7 @@ dockerd - Enable daemon mode
[**--tlscert**[=*~/.docker/cert.pem*]] [**--tlscert**[=*~/.docker/cert.pem*]]
[**--tlskey**[=*~/.docker/key.pem*]] [**--tlskey**[=*~/.docker/key.pem*]]
[**--tlsverify**] [**--tlsverify**]
[**--userland-proxy**[=*true*]] [**--userland-proxy**[=**true**]]
[**--userland-proxy-path**[=*""*]] [**--userland-proxy-path**[=*""*]]
[**--userns-remap**[=*default*]] [**--userns-remap**[=*default*]]
[**--validate**] [**--validate**]
@ -155,7 +155,8 @@ $ sudo dockerd --add-runtime runc=runc --add-runtime custom=/usr/local/bin/my-ru
driver and "system.slice" for systemd cgroup driver. driver and "system.slice" for systemd cgroup driver.
**--config-file**=*"/etc/docker/daemon.json"* **--config-file**=*"/etc/docker/daemon.json"*
Specifies the JSON file path to load the configuration from. Specifies the JSON file path to load the configuration from. Default is
*/etc/docker/daemon.json*.
**--containerd**="" **--containerd**=""
Path to containerd socket. Path to containerd socket.
@ -163,15 +164,15 @@ $ sudo dockerd --add-runtime runc=runc --add-runtime custom=/usr/local/bin/my-ru
**--data-root**="" **--data-root**=""
Path to the directory used to store persisted Docker data such as Path to the directory used to store persisted Docker data such as
configuration for resources, swarm cluster state, and filesystem data for configuration for resources, swarm cluster state, and filesystem data for
images, containers, and local volumes. Default is `/var/lib/docker`. images, containers, and local volumes. Default is */var/lib/docker*.
**-D**, **--debug**=*true*|*false* **-D**, **--debug**=**true**|**false**
Enable debug mode. Default is false. Enable debug mode. Default is **false**.
**--default-cgroupns-mode**="*host*|*private*" **--default-cgroupns-mode**="**host**|**private**"
Set the default cgroup namespace mode for newly created containers. The argument Set the default cgroup namespace mode for newly created containers. The argument
can either be **host** or **private**. If unset, this defaults to `host` on cgroup v1, can either be **host** or **private**. If unset, this defaults to **host** on cgroup v1,
`private` on cgroup v2. or **private** on cgroup v2.
**--default-gateway**="" **--default-gateway**=""
IPv4 address of the container default gateway; this address must be part of IPv4 address of the container default gateway; this address must be part of
@ -185,21 +186,21 @@ $ sudo dockerd --add-runtime runc=runc --add-runtime custom=/usr/local/bin/my-ru
Example: base=172.30.0.0/16,size=24 will set the default Example: base=172.30.0.0/16,size=24 will set the default
address pools for the selected scope networks to {172.30.[0-255].0/24} address pools for the selected scope networks to {172.30.[0-255].0/24}
**--default-runtime**=*"runc"* **--default-runtime**=*"runtime"*
Set default runtime if there're more than one specified by `--add-runtime`. Set default runtime if there're more than one specified by **--add-runtime**.
**--default-ipc-mode**="*private*|*shareable*" **--default-ipc-mode**="**private**|**shareable**"
Set the default IPC mode for newly created containers. The argument Set the default IPC mode for newly created containers. The argument
can either be **private** or **shareable**. can either be **private** or **shareable**.
**--default-shm-size**=*64MiB* **--default-shm-size**=*size*
Set the daemon-wide default shm size for containers. Default is `64MiB`. Set the daemon-wide default shm *size* for containers. Default is `64MiB`.
**--default-ulimit**=[] **--default-ulimit**=[]
Default ulimits for containers. Default ulimits for containers.
**--dns**="" **--dns**=""
Force Docker to use specific DNS servers Force Docker to use specific DNS servers.
**--dns-opt**="" **--dns-opt**=""
DNS options to use. DNS options to use.
@ -242,10 +243,10 @@ unix://[/path/to/socket] to use.
**--https-proxy***""* **--https-proxy***""*
Proxy URL for HTTPS requests unless overridden by NoProxy. Proxy URL for HTTPS requests unless overridden by NoProxy.
**--icc**=*true*|*false* **--icc**=**true**|**false**
Allow unrestricted inter\-container and Docker daemon host communication. If Allow unrestricted inter\-container and Docker daemon host communication. If
disabled, containers can still be linked together using the **--link** option disabled, containers can still be linked together using the **--link** option
(see **docker-run(1)**). Default is true. (see **docker-run**(1)). Default is **true**.
**--init** **--init**
Run an init process inside containers for signal forwarding and process Run an init process inside containers for signal forwarding and process
@ -269,33 +270,33 @@ unix://[/path/to/socket] to use.
`--insecure-registry`. `--insecure-registry`.
**--ip**="" **--ip**=""
Default IP address to use when binding container ports. Default is `0.0.0.0`. Default IP address to use when binding container ports. Default is **0.0.0.0**.
**--ip-forward**=*true*|*false* **--ip-forward**=**true**|**false**
Enables IP forwarding on the Docker host. The default is `true`. This flag Enables IP forwarding on the Docker host. The default is **true**. This flag
interacts with the IP forwarding setting on your host system's kernel. If interacts with the IP forwarding setting on your host system's kernel. If
your system has IP forwarding disabled, this setting enables it. If your your system has IP forwarding disabled, this setting enables it. If your
system has IP forwarding enabled, setting this flag to `--ip-forward=false` system has IP forwarding enabled, setting this flag to **false**
has no effect. has no effect.
This setting will also enable IPv6 forwarding if you have both This setting will also enable IPv6 forwarding if you have both
`--ip-forward=true` and `--fixed-cidr-v6` set. Note that this may reject **--ip-forward=true** and **--fixed-cidr-v6** set. Note that this may reject
Router Advertisements and interfere with the host's existing IPv6 Router Advertisements and interfere with the host's existing IPv6
configuration. For more information, please consult the documentation about configuration. For more information, please consult the documentation about
"Advanced Networking - IPv6". "Advanced Networking - IPv6".
**--ip-masq**=*true*|*false* **--ip-masq**=**true**|**false**
Enable IP masquerading for bridge's IP range. Default is true. Enable IP masquerading for bridge's IP range. Default is **true**.
**--iptables**=*true*|*false* **--iptables**=**true**|**false**
Enable Docker's addition of iptables rules. Default is true. Enable Docker's addition of iptables rules. Default is **true**.
**--ipv6**=*true*|*false* **--ipv6**=**true**|**false**
Enable IPv6 support. Default is false. Docker will create an IPv6-enabled Enable IPv6 support. Default is **false**. Docker will create an IPv6-enabled
bridge with address fe80::1 which will allow you to create IPv6-enabled bridge with address fe80::1 which will allow you to create IPv6-enabled
containers. Use together with `--fixed-cidr-v6` to provide globally routable containers. Use together with **--fixed-cidr-v6** to provide globally routable
IPv6 addresses. IPv6 forwarding will be enabled if not used with IPv6 addresses. IPv6 forwarding will be enabled if not used with
`--ip-forward=false`. This may collide with your host's current IPv6 **--ip-forward=false**. This may collide with your host's current IPv6
settings. For more information please consult the documentation about settings. For more information please consult the documentation about
"Advanced Networking - IPv6". "Advanced Networking - IPv6".
@ -310,14 +311,14 @@ unix://[/path/to/socket] to use.
**--label**="[]" **--label**="[]"
Set key=value labels to the daemon (displayed in `docker info`) Set key=value labels to the daemon (displayed in `docker info`)
**--live-restore**=*false* **--live-restore**=**false**
Enable live restore of running containers when the daemon starts so that they Enable live restore of running containers when the daemon starts so that they
are not restarted. This option is applicable only for docker daemon running are not restarted. This option is applicable only for docker daemon running
on Linux host. on Linux host.
**--log-driver**="*json-file*|*syslog*|*journald*|*gelf*|*fluentd*|*awslogs*|*splunk*|*etwlogs*|*gcplogs*|*none*" **--log-driver**="**json-file**|**syslog**|**journald**|**gelf**|**fluentd**|**awslogs**|**splunk**|**etwlogs**|**gcplogs**|**none**"
Default driver for container logs. Default is `json-file`. Default driver for container logs. Default is **json-file**.
**Warning**: `docker logs` command works only for `json-file` logging driver. **Warning**: **docker logs** command works only for **json-file** logging driver.
**--log-opt**=[] **--log-opt**=[]
Logging driver specific options. Logging driver specific options.
@ -346,8 +347,8 @@ unix://[/path/to/socket] to use.
--node-generic-resources "NVIDIA-GPU=UUID2"` --node-generic-resources "NVIDIA-GPU=UUID2"`
**-p**, **--pidfile**="" **-p**, **--pidfile**="*path*"
Path to use for daemon PID file. Default is `/var/run/docker.pid` Path to use for daemon PID file. Default is */var/run/docker.pid*.
**--raw-logs** **--raw-logs**
Output daemon logs in full timestamp format without ANSI coloring. If this Output daemon logs in full timestamp format without ANSI coloring. If this
@ -364,23 +365,23 @@ unix://[/path/to/socket] to use.
**--seccomp-profile**="" **--seccomp-profile**=""
Path to seccomp profile. Path to seccomp profile.
**--selinux-enabled**=*true*|*false* **--selinux-enabled**=**true**|**false**
Enable selinux support. Default is false. Enable selinux support. Default is **false**.
**--shutdown-timeout**=*15* **--shutdown-timeout**=*seconds*
Set the shutdown timeout value in seconds. Default is `15`. Set the shutdown timeout value in seconds. Default is **15**.
**--storage-opt**=[] **--storage-opt**=[]
Set storage driver options. See STORAGE DRIVER OPTIONS. Set storage driver options. See STORAGE DRIVER OPTIONS.
**--swarm-default-advertise-addr**=*IP|INTERFACE* **--swarm-default-advertise-addr**=*IP*|*INTERFACE*
Set default address or interface for swarm to advertise as its Set default address or interface for swarm to advertise as its
externally-reachable address to other cluster members. This can be a externally-reachable address to other cluster members. This can be a
hostname, an IP address, or an interface such as `eth0`. A port cannot be hostname, an IP address, or an interface such as `eth0`. A port cannot be
specified with this option. specified with this option.
**--tls**=*true*|*false* **--tls**=**true**|**false**
Use TLS; implied by --tlsverify. Default is false. Use TLS; implied by **--tlsverify**. Default is **false**.
**--tlscacert**=*~/.docker/ca.pem* **--tlscacert**=*~/.docker/ca.pem*
Trust certs signed only by this CA. Trust certs signed only by this CA.
@ -391,13 +392,13 @@ unix://[/path/to/socket] to use.
**--tlskey**=*~/.docker/key.pem* **--tlskey**=*~/.docker/key.pem*
Path to TLS key file. Path to TLS key file.
**--tlsverify**=*true*|*false* **--tlsverify**=**true**|**false**
Use TLS and verify the remote (daemon: verify client, client: verify daemon). Use TLS and verify the remote (daemon: verify client, client: verify daemon).
Default is false. Default is **false**.
**--userland-proxy**=*true*|*false* **--userland-proxy**=**true**|**false**
Rely on a userland proxy implementation for inter-container and Rely on a userland proxy implementation for inter-container and
outside-to-container loopback communications. Default is true. outside-to-container loopback communications. Default is **true**.
**--userland-proxy-path**="" **--userland-proxy-path**=""
Path to the userland proxy binary. Path to the userland proxy binary.
@ -421,18 +422,18 @@ backends use operating system level technologies and can be
configured. configured.
Specify options to the storage backend with **--storage-opt** flags. The Specify options to the storage backend with **--storage-opt** flags. The
backends that currently take options are *devicemapper*, *zfs* and *btrfs*. backends that currently take options are **devicemapper**, **zfs** and **btrfs**.
Options for *devicemapper* are prefixed with *dm*, options for *zfs* Options for **devicemapper** are prefixed with **dm.**, options for **zfs**
start with *zfs* and options for *btrfs* start with *btrfs*. start with **zfs.**, and options for **btrfs** start with **btrfs.**.
Specifically for devicemapper, the default is a "loopback" model which Specifically for devicemapper, the default is a "loopback" model which
requires no pre-configuration, but is extremely inefficient. Do not requires no pre-configuration, but is extremely inefficient. Do not
use it in production. use it in production.
To make the best use of Docker with the devicemapper backend, you must To make the best use of Docker with the devicemapper backend, you must
have a recent version of LVM. Use `lvm` to create a thin pool; for have a recent version of LVM. Use **lvm**(8) to create a thin pool; for
more information see `man lvmthin`. Then, use `--storage-opt more information, see **lvmthin**(7). Then, use **--storage-opt
dm.thinpooldev` to tell the Docker engine to use that pool for dm.thinpooldev** to tell the Docker engine to use that pool for
allocating images and container snapshots. allocating images and container snapshots.
## Devicemapper options ## Devicemapper options
@ -662,28 +663,28 @@ By default, the devicemapper backend attempts to synchronize with the `udev`
device manager for the Linux kernel. This option allows disabling that device manager for the Linux kernel. This option allows disabling that
synchronization, to continue even though the configuration may be buggy. synchronization, to continue even though the configuration may be buggy.
To view the `udev` sync support of a Docker daemon that is using the To view the udev sync support of a Docker daemon that is using the
`devicemapper` driver, run: devicemapper driver, run:
$ docker info $ docker info
[...] [...]
Udev Sync Supported: true Udev Sync Supported: true
[...] [...]
When `udev` sync support is `true`, then `devicemapper` and `udev` can When udev sync support is **true**, then devicemapper and udev can
coordinate the activation and deactivation of devices for containers. coordinate the activation and deactivation of devices for containers.
When `udev` sync support is `false`, a race condition occurs between the When udev sync support is **false**, a race condition occurs between the
`devicemapper` and `udev` during create and cleanup. The race condition results devicemapper and udev during create and cleanup. The race condition results
in errors and failures. (For information on these failures, see in errors and failures. (For information on these failures, see
[docker#4036](https://github.com/docker/docker/issues/4036)) [docker#4036](https://github.com/docker/docker/issues/4036))
To allow the `docker` daemon to start, regardless of whether `udev` sync is To allow the docker daemon to start, regardless of whether udev sync is
`false`, set `dm.override_udev_sync_check` to true: **false**, set **dm.override_udev_sync_check** to **true**:
$ dockerd --storage-opt dm.override_udev_sync_check=true $ dockerd --storage-opt dm.override_udev_sync_check=true
When this value is `true`, the driver continues and simply warns you the errors When this value is **true**, the driver continues and simply warns you the errors
are happening. are happening.
**Note**: The ideal is to pursue a `docker` daemon and environment that does **Note**: The ideal is to pursue a `docker` daemon and environment that does
@ -723,8 +724,8 @@ Specifies the maximum number of retries XFS should attempt to complete IO when
ENOSPC (no space) error is returned by underlying storage device. ENOSPC (no space) error is returned by underlying storage device.
By default XFS retries infinitely for IO to finish and this can result in By default XFS retries infinitely for IO to finish and this can result in
unkillable process. To change this behavior one can set xfs_nospace_max_retries unkillable process. To change this behavior one can set **xfs_nospace_max_retries**
to say 0 and XFS will not retry IO after getting ENOSPC and will shutdown to e.g. **0** and XFS will not retry IO after getting ENOSPC and will shutdown
filesystem. filesystem.
Example use: Example use:
@ -734,7 +735,7 @@ Example use:
##### dm.libdm\_log\_level ##### dm.libdm\_log\_level
Specifies the maxmimum libdm log level that will be forwarded to the dockerd Specifies the maxmimum libdm log level that will be forwarded to the dockerd
log (as specified by --log-level). This option is primarily intended for log (as specified by **--log-level**). This option is primarily intended for
debugging problems involving libdm. Using values other than the defaults may debugging problems involving libdm. Using values other than the defaults may
cause false-positive warnings to be logged. cause false-positive warnings to be logged.