From c2df77647a393a444ee7411e8a2ab4721165cc70 Mon Sep 17 00:00:00 2001 From: Aanand Prasad Date: Fri, 10 Oct 2014 16:02:04 +0100 Subject: [PATCH] Add DOCKER_TLS_VERIFY environment variable, equivalent to --tlsverify flag This makes it possible to make the Docker client "secure by default" without wrapping the binary in a shell alias so that `--tlsverify` is always passed. Signed-off-by: Aanand Prasad Upstream-commit: 57d75938cd20f90022dd719878d6eca51337c798 Component: cli --- components/cli/docs/sources/reference/commandline/cli.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/components/cli/docs/sources/reference/commandline/cli.md b/components/cli/docs/sources/reference/commandline/cli.md index 8a43e20d0d..f83feca923 100644 --- a/components/cli/docs/sources/reference/commandline/cli.md +++ b/components/cli/docs/sources/reference/commandline/cli.md @@ -116,6 +116,14 @@ the `-H` flag for the client. $ sudo docker ps # both are equal +Setting the `DOCKER_TLS_VERIFY` environment variable to any value other than the empty +string is equivalent to setting the `--tlsverify` flag. The following are equivalent: + + $ sudo docker --tlsverify ps + # or + $ export DOCKER_TLS_VERIFY=1 + $ sudo docker ps + IP masquerading uses address translation to allow containers without a public IP to talk to other machines on the Internet. This may interfere with some network topologies and can be disabled with --ip-masq=false.