diff --git a/README.md b/README.md index c62b82c..1acd43b 100644 --- a/README.md +++ b/README.md @@ -66,170 +66,53 @@ Probably **shouldn't use this in production** yet. If you do, double check that ![Build Status](https://github.com/lavie/runlike/actions/workflows/ci.yaml/badge.svg) -## Supported Run Options +## Supported Docker Run Options -``` - --add-host list Add a custom host-to-IP mapping - (host:ip) - --cap-add list Add Linux capabilities - --cap-drop list Drop Linux capabilities - (0-3, 0,1) - --cpuset-cpus string CPUs in which to allow execution - (0-3, 0,1) - --cpuset-mems string MEMs in which to allow execution - -d, --detach Run container in background and - print container ID - --device list Add a host device to the container - --dns list Set custom DNS servers - --entrypoint string Overwrite the default ENTRYPOINT - of the image - -e, --env list Set environment variables - --expose list Expose a port or a range of ports - -h, --hostname string Container host name - --ip6 string Container IPv6 address (e.g., 2001:db8::33) - --mac-address string Container MAC address (e.g., - 92:d0:c6:0a:29:33) - -l, --label list Set meta data on a container - --log-driver string Logging driver for the container - --log-opt list Log driver options - --link list Add link to another container - -m, --memory bytes Memory limit - --memory-reservation bytes Memory soft limit - --name string Assign a name to the container - --network string Connect a container to a network - (default "default") - --pid string PID namespace to use - --privileged Give extended privileges to this - container - -p, --publish list Publish a container's port(s) to - the host - --restart string Restart policy to apply when a - container exits (default "no") - --rm Automatically remove the container - when it exits - --runtime string Runtime to use for this container - -t, --tty Allocate a pseudo-TTY - -u, --user string Username or UID (format: - [:]) - -v, --volume list Bind mount a volume - --volumes-from list Mount volumes from the specified - container(s) - -w, --workdir string Working directory inside the container +The following `docker run` options are currently supported: +``` + --add-host list Add custom host-to-IP mapping (host:ip) + --cap-add list Add Linux capabilities + --cap-drop list Drop Linux capabilities + --cpuset-cpus string CPUs in which to allow execution (0-3, 0,1) + --cpuset-mems string MEMs in which to allow execution (0-3, 0,1) + -d, --detach Run container in background + --device list Add a host device to the container + --dns list Set custom DNS servers + --entrypoint string Overwrite the default ENTRYPOINT + -e, --env list Set environment variables + --expose list Expose a port or a range of ports + -h, --hostname string Container host name + --ip6 string IPv6 address (e.g., 2001:db8::33) + --mac-address string Container MAC address + -l, --label list Set container metadata + --log-driver string Logging driver for the container + --log-opt list Log driver options + --link list Add link to another container + -m, --memory bytes Memory limit + --memory-reservation Memory soft limit + --name string Assign a name to the container + --network string Connect container to a network + --pid string PID namespace to use + --privileged Give extended privileges to container + -p, --publish list Publish container's port(s) to the host + --restart string Restart policy (no, on-failure[:max-retries], always) + --rm Automatically remove the container when it exits + --runtime string Runtime to use for this container + -t, --tty Allocate a pseudo-TTY + -u, --user string Username or UID + -v, --volume list Bind mount a volume + --volumes-from list Mount volumes from specified container(s) + -w, --workdir string Working directory inside the container ``` -## Not Yet Supported Run Options (PRs are most welcome!) +## Not Yet Supported Options -``` +PRs are welcome to add support for additional Docker run options! Some key options not yet supported include: - -a, --attach list Attach to STDIN, STDOUT or STDERR - --blkio-weight uint16 Block IO (relative weight), - between 10 and 1000, or 0 to - disable (default 0) - --blkio-weight-device list Block IO weight (relative device - weight) (default []) - - --cgroup-parent string Optional parent cgroup for the - container - --cidfile string Write the container ID to the file - --cpu-count int CPU count (Windows only) - --cpu-percent int CPU percent (Windows only) - --cpu-period int Limit CPU CFS (Completely Fair - Scheduler) period - --cpu-quota int Limit CPU CFS (Completely Fair - Scheduler) quota - --cpu-rt-period int Limit CPU real-time period in - microseconds - --cpu-rt-runtime int Limit CPU real-time runtime in - microseconds - -c, --cpu-shares int CPU shares (relative weight) - --cpus decimal Number of CPUs - --detach-keys string Override the key sequence for - detaching a container - --device-cgroup-rule list Add a rule to the cgroup allowed - devices list - --device-read-bps list Limit read rate (bytes per second) - from a device (default []) - --device-read-iops list Limit read rate (IO per second) - from a device (default []) - --device-write-bps list Limit write rate (bytes per - second) to a device (default []) - --device-write-iops list Limit write rate (IO per second) - to a device (default []) - --disable-content-trust Skip image verification (default true) - --dns-option list Set DNS options - --dns-search list Set custom DNS search domains - --env-file list Read in a file of environment variables - --group-add list Add additional groups to join - --health-cmd string Command to run to check health - --health-interval duration Time between running the check - (ms|s|m|h) (default 0s) - --health-retries int Consecutive failures needed to - report unhealthy - --health-start-period duration Start period for the container to - initialize before starting - health-retries countdown - (ms|s|m|h) (default 0s) - --health-timeout duration Maximum time to allow one check to - run (ms|s|m|h) (default 0s) - --help Print usage - --init Run an init inside the container - that forwards signals and reaps - processes - -i, --interactive Keep STDIN open even if not attached - --io-maxbandwidth bytes Maximum IO bandwidth limit for the - system drive (Windows only) - --io-maxiops uint Maximum IOps limit for the system - drive (Windows only) - --ip string IPv4 address (e.g., 172.30.100.104) - --ip6 string IPv6 address (e.g., 2001:db8::33) - --ipc string IPC mode to use - --isolation string Container isolation technology - --kernel-memory bytes Kernel memory limit - --label-file list Read in a line delimited file of labels - --link-local-ip list Container IPv4/IPv6 link-local - addresses - - --memory-swap bytes Swap limit equal to memory plus - swap: '-1' to enable unlimited swap - --memory-swappiness int Tune container memory swappiness - (0 to 100) (default -1) - --mount mount Attach a filesystem mount to the - container - - --network-alias list Add network-scoped alias for the - container - --no-healthcheck Disable any container-specified - HEALTHCHECK - --oom-kill-disable Disable OOM Killer - --oom-score-adj int Tune host's OOM preferences (-1000 - to 1000) - --pids-limit int Tune container pids limit (set -1 - for unlimited) - --platform string Set platform if server is - multi-platform capable - - -P, --publish-all Publish all exposed ports to - random ports - --read-only Mount the container's root - filesystem as read only - - --security-opt list Security Options - --shm-size bytes Size of /dev/shm - --sig-proxy Proxy received signals to the - process (default true) - --stop-signal string Signal to stop a container - (default "SIGTERM") - --stop-timeout int Timeout (in seconds) to stop a - container - --storage-opt list Storage driver options for the - container - --sysctl map Sysctl options (default map[]) - --tmpfs list Mount a tmpfs directory - --ulimit ulimit Ulimit options (default []) - - --userns string User namespace to use - --uts string UTS namespace to use - --volume-driver string Optional volume driver for the - container -``` +- Container resource limits (--cpu-*, --memory-swap, etc) +- Health checks (--health-*) +- Security options (--security-opt, --userns, etc) +- Advanced networking (--network-alias, --link-local-ip) +- Platform/isolation options (--platform, --isolation) +- And various others - see Docker run docs for full list