From 59e2c5754026ec93e422833dfa4d8f065537b66b Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 7 Jul 2016 14:22:12 -0700 Subject: [PATCH] add iptables=false to docs for multiple daemons Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/dockerd.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/reference/commandline/dockerd.md b/docs/reference/commandline/dockerd.md index 5eb79c4c0b..a881b62ac6 100644 --- a/docs/reference/commandline/dockerd.md +++ b/docs/reference/commandline/dockerd.md @@ -1154,6 +1154,7 @@ The following daemon options must be configured for each daemon: -g, --graph=/var/lib/docker Root of the Docker runtime -p, --pidfile=/var/run/docker.pid Path to use for daemon PID file -H, --host=[] Daemon socket(s) to connect to +--iptables=true Enable addition of iptables rules --config-file=/etc/docker/daemon.json Daemon configuration file --tlscacert="~/.docker/ca.pem" Trust certs signed only by this CA --tlscert="~/.docker/cert.pem" Path to TLS certificate file @@ -1172,6 +1173,10 @@ set this parameter separately for each daemon. - `-p, --pidfile=/var/run/docker.pid` is the path where the process ID of the daemon is stored. Specify the path for your pid file here. - `--host=[]` specifies where the Docker daemon will listen for client connections. If unspecified, it defaults to `/var/run/docker.sock`. +- `--iptables=false` prevents the Docker daemon from adding iptables rules. If + multiple daemons manage iptables rules, they may overwrite rules set by + another daemon. Be aware that disabling this option requires you to manually + add iptables rules to expose container ports. - `--config-file=/etc/docker/daemon.json` is the path where configuration file is stored. You can use it instead of daemon flags. Specify the path for each daemon. - `--tls*` Docker daemon supports `--tlsverify` mode that enforces encrypted and authenticated remote connections.