| From 67f891c8a7abcb02accb6b69fd61661c5e70edd1 Mon Sep 17 00:00:00 2001 |
| From: Varsha Teratipally <teratipally@google.com> |
| Date: Tue, 31 Jan 2023 05:08:19 +0000 |
| Subject: [PATCH] Customize docker.service for COS |
| |
| --- |
| contrib/init/systemd/docker.service | 19 ++++++------------- |
| 1 file changed, 6 insertions(+), 13 deletions(-) |
| |
| diff --git a/contrib/init/systemd/docker.service b/contrib/init/systemd/docker.service |
| index 8275401b1a..aa9ae0b6b4 100644 |
| --- a/contrib/init/systemd/docker.service |
| +++ b/contrib/init/systemd/docker.service |
| @@ -10,22 +10,15 @@ Type=notify |
| # the default is not to use systemd for cgroups because the delegate issues still |
| # exists and systemd currently does not support the cgroup feature set required |
| # for containers run by docker |
| -ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock |
| +EnvironmentFile=-/etc/default/docker |
| +ExecStartPre=/bin/sh -c 'if [[ -f /var/lib/docker/daemon.json ]]; then cp -f /var/lib/docker/daemon.json /etc/docker/daemon.json; fi' |
| +ExecStart=/usr/bin/dockerd --registry-mirror=https://mirror.gcr.io --host=fd:// --containerd=/var/run/containerd/containerd.sock $DOCKER_OPTS |
| ExecReload=/bin/kill -s HUP $MAINPID |
| +ExecStopPost=/bin/echo "docker daemon exited" |
| TimeoutStartSec=0 |
| -RestartSec=2 |
| +RestartSec=10 |
| Restart=always |
| |
| -# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229. |
| -# Both the old, and new location are accepted by systemd 229 and up, so using the old location |
| -# to make them work for either version of systemd. |
| -StartLimitBurst=3 |
| - |
| -# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230. |
| -# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make |
| -# this option work for either version of systemd. |
| -StartLimitInterval=60s |
| - |
| # Having non-zero Limit*s causes performance problems due to accounting overhead |
| # in the kernel. We recommend using cgroups to do container-local accounting. |
| LimitNOFILE=infinity |
| @@ -41,7 +34,7 @@ Delegate=yes |
| |
| # kill only the docker process, not all processes in the cgroup |
| KillMode=process |
| -OOMScoreAdjust=-500 |
| +OOMScoreAdjust=-999 |
| |
| [Install] |
| WantedBy=multi-user.target |
| -- |
| 2.39.1.456.gfc5497dd1b-goog |