Systemd 215 does not support delegate=yes

[deric]

systemd[1]: [/lib/systemd/system/docker.service:24] Unknown lvalue 'Delegate' in section 'Service'

Debian Jessie 8.5 ships with systemd 215:

# systemd --version
systemd 215
+PAM +AUDIT +SELINUX +IMA +SYSVINIT +LIBCRYPTSETUP +GCRYPT +ACL +XZ -SECCOMP -APPARMOR

Prior to systemd 218 delegate flag is not supported. The change was introduced in f484e78 to fix #20152.

Is it possible to update systemd packages for Debian (I guess same issue applies to CentOS, RedHat)?

[tonistiigi]

cc @crosbymichael

[crosbymichael]

@deric we have separate service files for debs and rpms. I think it should be pretty straight forward to make one for the specific version of debian.

[thaJeztah]

Are you using systemd cgroups instead of the default cgroupfs? Looks like a possible duplicate of #23374

[deric]

@crosbymichael yeah, that would be nice.

Centos 7 is running already on systemd 219, so the fix might be needed just for Debian Jessie.

@thaJeztah how can I check that?

$ mount | grep cgroup
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset,clone_children)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)

[thaJeztah]

@deric the default should be cgroupfs, but it can be changed using --exec-opt native.cgroupdriver=systemd for dockerd

[ccuchai]

@thaJeztah Is there a solution to docker unit on systemd 215 version now? I found 2 contrary workaround as following:

1. set --exec-opt native.cgroupdriver=systemd for dockerd (this issue)
2. set --exec-opt native.cgroupdriver=systemd for cgroupfs (Random "Cannot start container" Errors on 1.9.0-rc5 CentOS7 #17653)

Have no idea which one is recommended . Is there any official method you can provide for docker on systemd 215 version?
I have to use linux with systemd 215 currently. Hope docker could work on it.

Thank you.

[thaJeztah]

@ccuchai Yes, it's a bit "between a rock and a hard place"; systemd 215 has a bug (this issue), and systemd cgroups are known to be buggy (#17653). I'm not sure I can give the right answer here; perhaps you don't run into systemd-cgroup bugs, and they work for you; You can try switching to the systemd cgroup driver, but it's known to have issues of its own; switching can be done through a daemon.json configuration file

Assuming you don't have other options in /etc/docker/daemon.json, create the file, and put this content in there;

{"exec-opts": ["native.cgroupdriver=systemd"]}

After that, restart the daemon to have it take effect (I don't know from the top of my head if it takes effect on existing containers)

But the best solution is to make sure you have an up-to-date system that supports a more recent version of systemd that supports "Delegate=yes", and use the default cgroupfs cgroup driver

[bsousaa]

It looks like this issue went stale. Let me close it.