clarify --insecure-registry in man docker

Signed-off-by: Sally O'Malley <somalley@redhat.com>
This commit is contained in:
Sally O'Malley 2015-09-03 14:10:41 -04:00
Родитель d9065fcdb5
Коммит 2d9ea188d4
1 изменённых файлов: 5 добавлений и 1 удалений

Просмотреть файл

@ -90,7 +90,11 @@ unix://[/path/to/socket] to use.
Allow unrestricted inter\-container and Docker daemon host communication. If disabled, containers can still be linked together using **--link** option (see **docker-run(1)**). Default is true.
**--insecure-registry**=[]
Enable insecure registry communication.
Enable insecure registry communication, i.e., enable un-encrypted and/or untrusted communication.
List of insecure registries can contain an element with CIDR notation to specify a whole subnet. Insecure registries accept HTTP and/or accept HTTPS with certificates from unknown CAs.
Enabling `--insecure-registry` is useful when running a local registry. However, because its use creates security vulnerabilities it should ONLY be enabled for testing purposes. For increased security, users should add their CA to their system's list of trusted CAs instead of using `--insecure-registry`.
**--ip**=""
Default IP address to use when binding container ports. Default is `0.0.0.0`.