|
@@ -1,34 +1,47 @@
|
|
|
[Unit]
|
|
[Unit]
|
|
|
Description=Docker Application Container Engine
|
|
Description=Docker Application Container Engine
|
|
|
Documentation=https://docs.docker.com
|
|
Documentation=https://docs.docker.com
|
|
|
-After=network-online.target docker.socket firewalld.service
|
|
|
|
|
|
|
+After=network-online.target docker.socket firewalld.service containerd.service
|
|
|
Wants=network-online.target
|
|
Wants=network-online.target
|
|
|
-Requires=docker.socket
|
|
|
|
|
|
|
+Requires=docker.socket containerd.service
|
|
|
|
|
|
|
|
[Service]
|
|
[Service]
|
|
|
Type=notify
|
|
Type=notify
|
|
|
# the default is not to use systemd for cgroups because the delegate issues still
|
|
# the default is not to use systemd for cgroups because the delegate issues still
|
|
|
# exists and systemd currently does not support the cgroup feature set required
|
|
# exists and systemd currently does not support the cgroup feature set required
|
|
|
# for containers run by docker
|
|
# for containers run by docker
|
|
|
-ExecStart=/usr/bin/dockerd -H fd://
|
|
|
|
|
|
|
+ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
|
|
|
ExecReload=/bin/kill -s HUP $MAINPID
|
|
ExecReload=/bin/kill -s HUP $MAINPID
|
|
|
-LimitNOFILE=1048576
|
|
|
|
|
|
|
+TimeoutStartSec=0
|
|
|
|
|
+RestartSec=2
|
|
|
|
|
+Restart=always
|
|
|
|
|
+
|
|
|
|
|
+# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
|
|
|
|
|
+# Both the old, and new location are accepted by systemd 229 and up, so using the old location
|
|
|
|
|
+# to make them work for either version of systemd.
|
|
|
|
|
+StartLimitBurst=3
|
|
|
|
|
+
|
|
|
|
|
+# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
|
|
|
|
|
+# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
|
|
|
|
|
+# this option work for either version of systemd.
|
|
|
|
|
+StartLimitInterval=60s
|
|
|
|
|
+
|
|
|
# Having non-zero Limit*s causes performance problems due to accounting overhead
|
|
# Having non-zero Limit*s causes performance problems due to accounting overhead
|
|
|
# in the kernel. We recommend using cgroups to do container-local accounting.
|
|
# in the kernel. We recommend using cgroups to do container-local accounting.
|
|
|
|
|
+LimitNOFILE=infinity
|
|
|
LimitNPROC=infinity
|
|
LimitNPROC=infinity
|
|
|
LimitCORE=infinity
|
|
LimitCORE=infinity
|
|
|
-# Uncomment TasksMax if your systemd version supports it.
|
|
|
|
|
-# Only systemd 226 and above support this version.
|
|
|
|
|
-#TasksMax=infinity
|
|
|
|
|
-TimeoutStartSec=0
|
|
|
|
|
|
|
+
|
|
|
|
|
+# Comment TasksMax if your systemd version does not support it.
|
|
|
|
|
+# Only systemd 226 and above support this option.
|
|
|
|
|
+TasksMax=infinity
|
|
|
|
|
+
|
|
|
# set delegate yes so that systemd does not reset the cgroups of docker containers
|
|
# set delegate yes so that systemd does not reset the cgroups of docker containers
|
|
|
Delegate=yes
|
|
Delegate=yes
|
|
|
|
|
+
|
|
|
# kill only the docker process, not all processes in the cgroup
|
|
# kill only the docker process, not all processes in the cgroup
|
|
|
KillMode=process
|
|
KillMode=process
|
|
|
-# restart the docker process if it exits prematurely
|
|
|
|
|
-Restart=on-failure
|
|
|
|
|
-StartLimitBurst=3
|
|
|
|
|
-StartLimitInterval=60s
|
|
|
|
|
|
|
+OOMScoreAdjust=-500
|
|
|
|
|
|
|
|
[Install]
|
|
[Install]
|
|
|
WantedBy=multi-user.target
|
|
WantedBy=multi-user.target
|
Sebastiaan van Stijn