Docker daemon configuration overview
This page shows you how to customize the Docker daemon, dockerd
.
Note
This page is for users who've installed Docker Engine manually. If you're using Docker Desktop, refer to the following pages instead:
Configure the Docker daemon
There are two ways to configure the Docker daemon:
- Use a JSON configuration file. This is the preferred option, since it keeps all configurations in a single place.
- Use flags when starting
dockerd
.
You can use both of these options together as long as you don't specify the same option both as a flag and in the JSON file. If that happens, the Docker daemon won't start and prints an error message.
To configure the Docker daemon using a JSON file, create a file at
/etc/docker/daemon.json
on Linux systems, or
C:\ProgramData\docker\config\daemon.json
on Windows.
Here's what the configuration file might look like:
{
"builder": {
"gc": {
"defaultKeepStorage": "20GB",
"enabled": true
}
},
"experimental": false
}
In addition to Docker Desktop default values, this configuration enables garbage collection at a 20GB threshold, and enables buildkit.
Using this configuration file, run the Docker daemon in debug mode, using TLS, and
listen for traffic routed to 192.168.59.3
on port 2376
. You can learn what
configuration options are available in the
dockerd reference docs
You can also start the Docker daemon manually and configure it using flags. This can be useful for troubleshooting problems.
Here's an example of how to manually start the Docker daemon, using the same configurations as shown in the previous JSON configuration:
$ dockerd --debug \
--tls=true \
--tlscert=/var/docker/server.pem \
--tlskey=/var/docker/serverkey.pem \
--host tcp://192.168.59.3:2376
You can learn what configuration options are available in the dockerd reference docs, or by running:
$ dockerd --help
Many specific configuration options are discussed throughout the Docker documentation. Some places to go next include:
- Automatically start containers
- Limit a container's resources
- Configure storage drivers
- Container security
You can configure most daemon options using the daemon.json
file. One thing
you can't configure using daemon.json mechanism is an HTTP proxy. For
instructions on using a proxy, see
Configure Docker to use a proxy server.
Daemon data directory
The Docker daemon persists all data in a single directory. This tracks everything related to Docker, including containers, images, volumes, service definition, and secrets.
By default this directory is:
/var/lib/docker
on Linux.C:\ProgramData\docker
on Windows.
You can configure the Docker daemon to use a different directory, using the
data-root
configuration option. For example:
{
"data-root": "/mnt/docker-data"
}
Since the state of a Docker daemon is kept on this directory, make sure you use a dedicated directory for each daemon. If two daemons share the same directory, for example, an NFS share, you are going to experience errors that are difficult to troubleshoot.