/
docker.service.j2
59 lines (50 loc) · 2.02 KB
/
docker.service.j2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# {{ ansible_managed }}
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
{% if docker__register_version.stdout is version('18.09', '>=') %}
BindsTo=containerd.service
{% else %}
Requires=docker.socket
{% endif %}
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
{% if docker__register_version.stdout is version('1.12', '>=') %}
ExecStart=/usr/bin/dockerd {{ docker__options | join(" ") }}
{% elif docker__register_version.stdout is version('1.10', '>=') %}
ExecStart=/usr/bin/docker daemon {{ docker__options | join(" ") }}
{% else %}
EnvironmentFile=-/etc/default/docker
ExecStart=/usr/bin/docker -d -H fd:// $DOCKER_OPTS
{% endif %}
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3
# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Comment TasksMax if your systemd version does not supports it.
# Only systemd 226 and above support this option.
TasksMax=infinity
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
[Install]
WantedBy=multi-user.target