Upstream systemd unit files from docker-ce-packaging repo #42373
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Eli Uriegas <[email protected]>
Signed-off-by: Eli Uriegas <[email protected]>
Signed-off-by: Eli Uriegas <[email protected]>
Signed-off-by: Eli Uriegas <[email protected]>
Signed-off-by: Eli Uriegas <[email protected]>
Signed-off-by: Eli Uriegas <[email protected]>
Old versions of things on CentOS 7 strike again! infinity is not a thing for TimeoutSec on systemd < 229 Signed-off-by: Eli Uriegas <[email protected]>
The daemon won't actually start without containerd Signed-off-by: Eli Uriegas <[email protected]>
Set containerd to be a systemd bind for docker
Merging the develop changes into master
Signed-off-by: Michael Crosby <[email protected]>
Signed-off-by: Andrew Hsu <[email protected]> (cherry picked from commit 51879873897afe298cbb736acef34b5a0b500424) Signed-off-by: Andrew Hsu <[email protected]>
[master] bring in changes that went first to 18.09 branch
set LimitCORE=infinity to ensure complete core creation, allows extraction of as much information as possible. Signed-off-by: Sebastiaan van Stijn <[email protected]>
There is a not-insignificant performance overhead for all containers (if containerd is a child of Docker, which is the current setup) if systemd sets rlimits on the main Docker daemon process (because the limits propogate to all children). Signed-off-by: Sebastiaan van Stijn <[email protected]>
Systemd sets a default of 512 tasks, which is far too low to run many containers. Note that TasksMax is only supported on systemd 226 and above. Signed-off-by: Sebastiaan van Stijn <[email protected]>
We need to add delegate yes to docker's service file so that it can
manage the cgroups of the processes that it launches without systemd
interfering with them and moving the processes after it is reloaded.
Delegate=
Turns on delegation of further resource control partitioning to
processes of the unit. For unprivileged services (i.e. those
using the User= setting), this allows processes to create a
subhierarchy beneath its control group path. For privileged
services and scopes, this ensures the processes will have all
control group controllers enabled.
This is the proper fix for issue moby#20152
Signed-off-by: Sebastiaan van Stijn <[email protected]>
Change the kill mode to process so that systemd does not kill container processes when the daemon is shutdown but only the docker daemon Signed-off-by: Sebastiaan van Stijn <[email protected]>
This adds support for reloading the docker daemon
(SIGHIUP) so that changes in '/etc/docker/daemon.json'
can be loaded at runtime by reloading the service
through systemd ('systemctl reload docker')
Before this change, systemd would output an error
that "reloading" is not supported for the docker
service;
systemctl reload docker
Failed to reload docker.service: Job type reload is not applicable for unit docker.service.
After this change, the docker daemon can be reloaded
through 'systemctl reload docker', which reloads
the configuration;
journalctl -f -u docker.service
May 02 03:49:20 testing systemd[1]: Reloading Docker Application Container Engine.
May 02 03:49:20 testing docker[28496]: time="2016-05-02T03:49:20.143964103-04:00" level=info msg="Got signal to reload configuration, reloading from: /etc/docker/daemon.json"
May 02 03:49:20 testing systemd[1]: Reloaded Docker Application Container Engine.
Signed-off-by: Sebastiaan van Stijn <[email protected]>
Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229 (systemd/systemd@6bf0f40) both the old, and new location are accepted by systemd 229 and up, so using the old location to make them work for either version of systemd. StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230 (systemd/systemd@f0367da) both the old, and new name are accepted by systemd 230 and up, so using the old name to make this option work for either version of systemd. Signed-off-by: Sebastiaan van Stijn <[email protected]>
Removes the need for the offline installer to install the shim process and instead installs the shim process as part of the packaging. May be easier in the future to just package the shim process on it's own but that'll come after this 18.09 release Signed-off-by: Eli Uriegas <[email protected]>
Remove offline installer to install shim-process
iptables is sometimes placed in `/usr/sbin` Signed-off-by: Eli Uriegas <[email protected]>
Set the PATH to what appears to be the standard on latest Ubuntu (18.04) and Debian (9), fixing the following two issues: 1. PATH did not contain /bin (leading to ContainerTop/ps not working on newer distros, among the other things). 2. $PATH can't be specified in Environment directives in .service files. While at it, also: 3. Remove the comment about RPM as it looks misleading on deb-based systems. Signed-off-by: Kir Kolyshkin <[email protected]>
[master] systemd/docker.service: fix PATH
Signed-off-by: Eli Uriegas <[email protected]>
Use image artifacts as daemon and dependencies
Member
Author
|
Looks like one PR was merged in docker-ce-packaging that misses a DCO; (docker/docker-ce-packaging#304)
|
thaJeztah
commented
May 12, 2021
contrib/init/systemd/docker.service
Outdated
Member
Author
There was a problem hiding this comment.
Actually; I should probably pick the one from this repository; looks like TimeoutSec is deprecated in favour of TimeoutStartSec; systemd/systemd#11155
Member
Author
There was a problem hiding this comment.
Changed this one to TimeoutStartSec
thaJeztah
commented
May 12, 2021
contrib/init/systemd/docker.service
Outdated
Member
Author
There was a problem hiding this comment.
There was a merge conflict here, because the unit file in docker-ce-packaging did not have docker.socket here; that was added in this repository through #7257, so I opted to keep that in the list and append the containerd.service from the docker-ce-packaging repository
…temd_units Signed-off-by: Sebastiaan van Stijn <[email protected]>
This unit file was created when we packaged rpms without the socket activation unit, but that's no longer the case. Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah
force-pushed
the
upstream_systemd_units
branch
from
3bc1c83 to
35c1542
Compare
Member
Author
|
One notable difference between this repo and docker-ce-packaging is in the moby/contrib/init/systemd/docker.socket Lines 5 to 7 in 7af0344 That change was contributed in #39275, but has not been used in docker-ce packages so far, so we need to double-check if we anticipate problems because of that change |
Member
Author
|
@AkihiroSuda @cpuguy83 PTAL for the record: I ran CI with "skip DCO" (because of the one commit that was missing a DCO); CI only validates "new" commits, so after this is merged that should not (fingers crossed) cause a problem |
AkihiroSuda
approved these changes
May 19, 2021
thaJeztah
added a commit
to thaJeztah/docker-ce-packaging
that referenced
this pull request
May 20, 2021
The packaging repository was maintaining its own version of the systemd units. These files were originally based on the units in the upstream docker / moby repository, but diverged. PR moby/moby#42373 merged back the units from this repository to upstream, so we can now consume those files instead of the ones that were maintained in this repository. Signed-off-by: Sebastiaan van Stijn <[email protected]>
docker-jenkins
pushed a commit
to docker-archive/docker-ce
that referenced
this pull request
May 21, 2021
The packaging repository was maintaining its own version of the systemd units. These files were originally based on the units in the upstream docker / moby repository, but diverged. PR moby/moby#42373 merged back the units from this repository to upstream, so we can now consume those files instead of the ones that were maintained in this repository. Signed-off-by: Sebastiaan van Stijn <[email protected]> Upstream-commit: c4c2d89 Component: packaging
HeroCC
pushed a commit
to HeroCC/docker-ce-packaging
that referenced
this pull request
Oct 6, 2021
The packaging repository was maintaining its own version of the systemd units. These files were originally based on the units in the upstream docker / moby repository, but diverged. PR moby/moby#42373 merged back the units from this repository to upstream, so we can now consume those files instead of the ones that were maintained in this repository. Signed-off-by: Sebastiaan van Stijn <[email protected]>
This was referenced Feb 3, 2023
This was referenced Mar 6, 2023
sir-xw
pushed a commit
to openkylin/docker.io
that referenced
this pull request
Apr 22, 2025
Origin: upstream, cherry-picked parts of moby/moby#42373 and moby/moby#42622 Bug-Debian: https://bugs.debian.org/989490 Fixes proper shutdown of containers. Gbp-Pq: Name engine-systemd-service-after-containerd.patch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
13 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The docker-ce-packaging repo currently maintains its own copy of the systemd unit files for docker; https://github.com/docker/docker-ce-packaging/tree/6857538d997e58d7b941c65522c9c0526c5fc9da/systemd
This PR moves the changes from those files back to the ones in this repository. There were some conflicts, so needs a review.
I also removed the (now unused)
.rpmversion of the systemd unit.I tried to preserve history from the docker-ce-packaging repository, taking this approach;
After this is merged, I'll update the containerd-packaging repository to remove the systemd unit files from that repository and to consume the unit files from this repository instead.
Differences between the results in this branch, and the units currently in docker-ce-packaging;
in
docker.service:in
docker.socket: