c1870c571b
There is a not-insignificant performance overhead for all containers (if containerd is a child of Docker, which is the current setup) if rlimits are set on the main Docker daemon process (because the limits propogate to all children). We recommend using cgroups to do container-local accounting. This applies the change added in 8db61095a3d0bcb0733580734ba5d54bc27a614d to other init scripts. Note that nfile cannot be set to unlimited, and the limit is hardcoded to 1048576 (2^20) , see: http://stackoverflow.com/a/1213069/1811501 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Upstream-commit: 428d7337e808ec5f4dba1b0aceda002f295cc320 Component: engine
30 lines
1019 B
Desktop File
30 lines
1019 B
Desktop File
[Unit]
|
|
Description=Docker Application Container Engine
|
|
Documentation=https://docs.docker.com
|
|
After=network.target docker.socket
|
|
Requires=docker.socket
|
|
|
|
[Service]
|
|
Type=notify
|
|
# the default is not to use systemd for cgroups because the delegate issues still
|
|
# exists and systemd currently does not support the cgroup feature set required
|
|
# for containers run by docker
|
|
ExecStart=/usr/bin/dockerd -H fd://
|
|
ExecReload=/bin/kill -s HUP $MAINPID
|
|
LimitNOFILE=1048576
|
|
# Having non-zero Limit*s causes performance problems due to accounting overhead
|
|
# in the kernel. We recommend using cgroups to do container-local accounting.
|
|
LimitNPROC=infinity
|
|
LimitCORE=infinity
|
|
# Uncomment TasksMax if your systemd version supports it.
|
|
# Only systemd 226 and above support this version.
|
|
#TasksMax=infinity
|
|
TimeoutStartSec=0
|
|
# set delegate yes so that systemd does not reset the cgroups of docker containers
|
|
Delegate=yes
|
|
# kill only the docker process, not all processes in the cgroup
|
|
KillMode=process
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|