1. 容器管理:
      • 后台程序和前台交互程序
      • 器的定义
    2. 网络设置
    3. CPU和内存的runtime
    4. 权限和LXC配置
    2. --add-host=[]               Add a custom host-to-IP mapping (host:ip)
    3. --blkio-weight=0            Block IO (relative weight), between 10 and 1000
    4. -c, --cpu-shares=0          CPU shares (relative weight)
    5. --cap-add=[]                Add Linux capabilities
    6. --cap-drop=[]               Drop Linux capabilities
    7. --cgroup-parent=            Optional parent cgroup for the container
    8. --cidfile=                  Write the container ID to the file
    9. --cpu-period=0              Limit CPU CFS (Completely Fair Scheduler) period
    10. --cpu-quota=0               Limit the CPU CFS quota
    11. --cpuset-cpus=              CPUs in which to allow execution (0-3, 0,1)
    12. --cpuset-mems=              MEMs in which to allow execution (0-3, 0,1)
    13. -d, --detach=false          Run container in background and print container ID
    14. --dns=[]                    Set custom DNS servers
    15. --dns-search=[]             Set custom DNS search domains
    16. -e, --env=[]                Set environment variables
    18. --env-file=[]               Read in a file of environment variables
    19. --expose=[]                 Expose a port or a range of ports
    20. -h, --hostname=             Container host name
    21. --help=false                Print usage
    22. -i, --interactive=false     Keep STDIN open even if not attached
    23. --init=                     Run container following specified init system container method (systemd)
    24. --ipc=                      IPC namespace to use
    25. -l, --label=[]              Set meta data on a container
    26. --label-file=[]             Read in a line delimited file of labels
    27. --link=[]                   Add link to another container
    28. --log-driver=               Logging driver for container
    29. --log-opt=[]                Log driver options
    30. --lxc-conf=[]               Add custom lxc options
    31. -m, --memory=               Memory limit
    32. --mac-address=              Container MAC address (e.g. 92:d0:c6:0a:29:33)
    34. --net=bridge                Set the Network mode for the container
    35. --oom-kill-disable=false    Disable OOM Killer
    36. -P, --publish-all=false     Publish all exposed ports to random ports
    37. -p, --publish=[]            Publish a container's port(s) to the host
    38. --pid=                      PID namespace to use
    39. --privileged=false          Give extended privileges to this container
    40. --read-only=false           Mount the container's root filesystem as read only
    41. --restart=no                Restart policy to apply when a container exits
    42. --rm=false                  Automatically remove the container when it exits
    43. --security-opt=[]           Security Options
    44. --sig-proxy=true            Proxy received signals to the process
    45. -t, --tty=false             Allocate a pseudo-TTY
    46. -u, --user=                 Username or UID (format: <name|uid>[:<group|gid>])
    47. --ulimit=[]                 Ulimit options
    48. --uts=                      UTS namespace to use
    49. -v, --volume=[]             Bind mount a volume
    51. -w, --workdir=              Working directory inside the container