@@ -94,20 +94,41 @@ The Docker daemon is the persistent process that manages containers.

 Docker uses the same binary for both the daemon and client. To run the

 daemon you provide the `-d` flag.

-To force Docker to use devicemapper as the storage driver, use

-`docker -d -s devicemapper`.

-To set the DNS server for all Docker containers, use

-`docker -d --dns 8.8.8.8`.

+To run the daemon with debug output, use `docker -d -D`.

-To set the DNS search domain for all Docker containers, use

-`docker -d --dns-search example.com`.

+### Daemon socket option

-To run the daemon with debug output, use `docker -d -D`.

+The Docker daemon can listen for [Docker Remote API](reference/api/docker_remote_api/)

+requests via three different types of Socket: `unix`, `tcp`, and `fd`.

+

+By default, a `unix` domain socket (or IPC socket) is created at `/var/run/docker.sock`,

+requiring either `root` permission, or `docker` group membership.

+

+If you need to access the Docker daemon remotely, you need to enable the `tcp`

+Socket. Beware that the default setup provides un-encrypted and un-authenticated

+direct access to the Docker daemon - and should be secured either using the

+[built in https encrypted socket](/articles/https/), or by putting a secure web

+proxy in front of it. You can listen on port `2375` on all network interfaces

+with `-H tcp://0.0.0.0:2375`, or on a particular network interface using its IP

+address: `-H tcp://192.168.59.103:2375`.

-To use lxc as the execution driver, use `docker -d -e lxc`.

+On Systemd based systems, you can communicate with the daemon via 

+[systemd socket activation](http://0pointer.de/blog/projects/socket-activation.html), use

+`docker -d -H fd://`. Using `fd://` will work perfectly for most setups but

+you can also specify individual sockets: `docker -d -H fd://3`. If the

+specified socket activated files aren't found, then Docker will exit. You

+can find examples of using Systemd socket activation with Docker and

+Systemd in the [Docker source tree](

+https://github.com/docker/docker/tree/master/contrib/init/systemd/).

+

+You can configure the Docker daemon to listen to multiple sockets at the same

+time using multiple `-H` options:

-The docker client will also honor the `DOCKER_HOST` environment variable to set

+    # listen using the default unix socket, and on 2 specific IP addresses on this host.

+    docker -d -H unix:///var/run/docker.sock -H tcp://192.168.59.106 -H tcp://10.10.10.2

+

+The Docker client will honor the `DOCKER_HOST` environment variable to set

 the `-H` flag for the client.

     $ sudo docker -H tcp://0.0.0.0:2375 ps

@@ -124,18 +145,55 @@ string is equivalent to setting the `--tlsverify` flag. The following are equiva

     $ export DOCKER_TLS_VERIFY=1

     $ sudo docker ps

+### Daemon storage-driver option

+

+The Docker daemon has support for three different image layer storage drivers: `aufs`,

+`devicemapper`, and `btrfs`.

+

+The `aufs` driver is the oldest, but is based on a Linux kernel patch-set that

+is unlikely to be merged into the main kernel. These are also known to cause some

+serious kernel crashes. However, `aufs` is also the only storage driver that allows

+containers to share executable and shared library memory, so is a useful choice

+when running thousands of containers with the same program or libraries.

+

+The `devicemapper` driver uses thin provisioning and Copy on Write (CoW) snapshots.

+This driver will create a 100GB sparse file containing all your images and

+containers.  Each container will be limited to a 10 GB thin volume, and either of

+these will require tuning - see [~jpetazzo/Resizing Docker containers with the

+Device Mapper plugin]( http://jpetazzo.github.io/2014/01/29/docker-device-mapper-resize/)

+To tell the Docker daemon to use `devicemapper`, use

+`docker -d -s devicemapper`.

+

+The `btrfs` driver is very fast for `docker build` - but like `devicemapper` does not

+share executable memory between devices. Use `docker -d -s btrfs -g /mnt/btrfs_partition`.

+

+

+### Docker exec-driver option

+

+The Docker daemon uses a specifically built `libcontainer` execution driver as its

+interface to the Linux kernel `namespaces`, `cgroups`, and `SELinux`.

+

+There is still legacy support for the original [LXC userspace tools](

+https://linuxcontainers.org/) via the `lxc` execution driver, however, this is

+not where the primary development of new functionality is taking place.

+Add `-e lxc` to the daemon flags to use the `lxc` execution driver.

+

+

+### Daemon DNS options

+

+To set the DNS server for all Docker containers, use

+`docker -d --dns 8.8.8.8`.

+

+To set the DNS search domain for all Docker containers, use

+`docker -d --dns-search example.com`.

+

+### Miscellaneous options

+

 IP masquerading uses address translation to allow containers without a public IP to talk

 to other machines on the Internet. This may interfere with some network topologies and

 can be disabled with --ip-masq=false.

-To run the daemon with [systemd socket activation](

-http://0pointer.de/blog/projects/socket-activation.html), use

-`docker -d -H fd://`. Using `fd://` will work perfectly for most setups but

-you can also specify individual sockets too `docker -d -H fd://3`. If the

-specified socket activated files aren't found then docker will exit. You

-can find examples of using systemd socket activation with docker and

-systemd in the [docker source tree](

-https://github.com/docker/docker/tree/master/contrib/init/systemd/).

+

 Docker supports softlinks for the Docker data directory

 (`/var/lib/docker`) and for `/var/lib/docker/tmp`. The `DOCKER_TMPDIR` and the data directory can be set like this:

@@ -145,6 +203,7 @@ Docker supports softlinks for the Docker data directory

     export DOCKER_TMPDIR=/mnt/disk2/tmp

     /usr/local/bin/docker -d -D -g /var/lib/docker -H unix:// > /var/lib/boot2docker/docker.log 2>&1

+

 ## attach

     Usage: docker attach [OPTIONS] CONTAINER