From e735f7578ae3fc56957c77caf93d142b30d38dae Mon Sep 17 00:00:00 2001 From: Luca Di Stefano Date: Fri, 17 May 2019 11:54:33 +0100 Subject: Fixed docker config for Ubuntu 18.04 Change-Id: I430cac70dae54de6cda83e590ca1367b79dee131 --- playbooks/roles/tcwg-docker/files/docker-sysd-1804 | 49 ++++++++++++++++++++++ playbooks/roles/tcwg-docker/handlers/main.yml | 5 +++ playbooks/roles/tcwg-docker/tasks/main.yml | 14 ++++++- 3 files changed, 66 insertions(+), 2 deletions(-) create mode 100644 playbooks/roles/tcwg-docker/files/docker-sysd-1804 diff --git a/playbooks/roles/tcwg-docker/files/docker-sysd-1804 b/playbooks/roles/tcwg-docker/files/docker-sysd-1804 new file mode 100644 index 0000000..c7dce4b --- /dev/null +++ b/playbooks/roles/tcwg-docker/files/docker-sysd-1804 @@ -0,0 +1,49 @@ +[Unit] +Description=Docker Application Container Engine +Documentation=https://docs.docker.com +#BindsTo=containerd.service +After=network-online.target firewalld.service +Wants=network-online.target +Requires=docker.socket + +[Service] +Type=notify +# the default is not to use systemd for cgroups because the delegate issues still +# exists and systemd currently does not support the cgroup feature set required +# for containers run by docker +EnvironmentFile=-/etc/default/docker +ExecStart=/usr/bin/dockerd -H fd:// $DOCKER_OPTS +ExecReload=/bin/kill -s HUP $MAINPID +TimeoutSec=0 +RestartSec=2 +Restart=always + +# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229. +# Both the old, and new location are accepted by systemd 229 and up, so using the old location +# to make them work for either version of systemd. +StartLimitBurst=3 + +# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230. +# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make +# this option work for either version of systemd. +StartLimitInterval=60s + +# Having non-zero Limit*s causes performance problems due to accounting overhead +# in the kernel. We recommend using cgroups to do container-local accounting. +LimitNOFILE=infinity +LimitNPROC=infinity +LimitCORE=infinity + +# Comment TasksMax if your systemd version does not supports it. +# Only systemd 226 and above support this option. +TasksMax=infinity + +# set delegate yes so that systemd does not reset the cgroups of docker containers +Delegate=yes + +# kill only the docker process, not all processes in the cgroup +KillMode=process + +[Install] +WantedBy=multi-user.target + diff --git a/playbooks/roles/tcwg-docker/handlers/main.yml b/playbooks/roles/tcwg-docker/handlers/main.yml index d087181..6c0a496 100644 --- a/playbooks/roles/tcwg-docker/handlers/main.yml +++ b/playbooks/roles/tcwg-docker/handlers/main.yml @@ -2,3 +2,8 @@ - name: restart docker service: name=docker state=restarted + + + - name: systemd reload + systemd: + daemon_reload: yes diff --git a/playbooks/roles/tcwg-docker/tasks/main.yml b/playbooks/roles/tcwg-docker/tasks/main.yml index 9289fab..4ef67e0 100644 --- a/playbooks/roles/tcwg-docker/tasks/main.yml +++ b/playbooks/roles/tcwg-docker/tasks/main.yml @@ -3,10 +3,20 @@ - name: Install docker.io apt: name=docker.io state=present - - name: Enable TCP access to docker + - name: Configure systemd Ubuntu 18.04 + copy: src=docker-sysd-1804 dest=/lib/systemd/system/docker.service owner=root group=root mode=0644 + notify: systemd reload + when: + - ansible_cmdline.tegraid is not defined + - ansible_lsb.id == "Ubuntu" + - ansible_lsb.release >= 18.04 + + - name: Enable TCP access to docker copy: src=docker dest=/etc/default/docker owner=root group=root mode=0644 notify: restart docker - when: ansible_cmdline.tegraid is not defined + when: + - ansible_cmdline.tegraid is not defined + - ansible_lsb.id == "Ubuntu" - name: Enable TCP access to docker on Tegra copy: src=tegra-docker dest=/etc/default/docker owner=root group=root mode=0644 -- cgit v1.2.3