428d7337e8
There is a not-insignificant performance overhead for all containers (if
containerd is a child of Docker, which is the current setup) if rlimits are
set on the main Docker daemon process (because the limits
propogate to all children).
We recommend using cgroups to do container-local accounting.
This applies the change added in 8db61095a3
to other init scripts.
Note that nfile cannot be set to unlimited, and the limit
is hardcoded to 1048576 (2^20) , see:
http://stackoverflow.com/a/1213069/1811501
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
22 lines
724 B
Text
22 lines
724 B
Text
#!/sbin/openrc-run
|
|
# Copyright 1999-2013 Gentoo Foundation
|
|
# Distributed under the terms of the GNU General Public License v2
|
|
|
|
command="${DOCKERD_BINARY:-/usr/bin/dockerd}"
|
|
pidfile="${DOCKER_PIDFILE:-/run/${RC_SVCNAME}.pid}"
|
|
command_args="-p \"${pidfile}\" ${DOCKER_OPTS}"
|
|
DOCKER_LOGFILE="${DOCKER_LOGFILE:-/var/log/${RC_SVCNAME}.log}"
|
|
start_stop_daemon_args="--background \
|
|
--stderr \"${DOCKER_LOGFILE}\" --stdout \"${DOCKER_LOGFILE}\""
|
|
|
|
start_pre() {
|
|
checkpath -f -m 0644 -o root:docker "$DOCKER_LOGFILE"
|
|
|
|
ulimit -n 1048576
|
|
|
|
# Having non-zero limits causes performance problems due to accounting overhead
|
|
# in the kernel. We recommend using cgroups to do container-local accounting.
|
|
ulimit -u unlimited
|
|
|
|
return 0
|
|
}
|