It's generally bad-form to generate two identically named package files
that are actually different, so we should name our packages based on
the distro and version, not just the distro.
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
(cherry picked from commit 13bde85f0067a751f775d31919705645ecc0a6d7)
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
Upstream-commit: 3c757b281bb623d9622c74143340fd892c8655ad
Component: packaging
Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229
(6bf0f408e4)
both the old, and new location are accepted by systemd 229 and up, so using the old location
to make them work for either version of systemd.
StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230
(f0367da7d1)
both the old, and new name are accepted by systemd 230 and up, so using the old name to make
this option work for either version of systemd.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 2c2bfea5d009fb884f5c61b62e3c85bd88e7909e)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 5963decd1502e5012692a1f958bfdc5403f02920
Component: packaging
This adds support for reloading the docker daemon
(SIGHIUP) so that changes in '/etc/docker/daemon.json'
can be loaded at runtime by reloading the service
through systemd ('systemctl reload docker')
Before this change, systemd would output an error
that "reloading" is not supported for the docker
service;
systemctl reload docker
Failed to reload docker.service: Job type reload is not applicable for unit docker.service.
After this change, the docker daemon can be reloaded
through 'systemctl reload docker', which reloads
the configuration;
journalctl -f -u docker.service
May 02 03:49:20 testing systemd[1]: Reloading Docker Application Container Engine.
May 02 03:49:20 testing docker[28496]: time="2016-05-02T03:49:20.143964103-04:00" level=info msg="Got signal to reload configuration, reloading from: /etc/docker/daemon.json"
May 02 03:49:20 testing systemd[1]: Reloaded Docker Application Container Engine.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 3e1b508e5f70b35869d9c8417d3b65a141820af9)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 127426fc693a882b670339391da5d12f08c1438d
Component: packaging
Change the kill mode to process so that systemd does not kill container
processes when the daemon is shutdown but only the docker daemon
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit d736ae9da7401f582469fa7e943adde9f2163024)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 784c5936ec984b5525ac71eca3b7731e49eb6b37
Component: packaging
We need to add delegate yes to docker's service file so that it can
manage the cgroups of the processes that it launches without systemd
interfering with them and moving the processes after it is reloaded.
Delegate=
Turns on delegation of further resource control partitioning to
processes of the unit. For unprivileged services (i.e. those
using the User= setting), this allows processes to create a
subhierarchy beneath its control group path. For privileged
services and scopes, this ensures the processes will have all
control group controllers enabled.
This is the proper fix for issue moby/moby#20152
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit e134e666a585b1f13e9e5e371dd93e5ce04a4b34)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 1120496ca0492d29731befd1460a934ac115e7f8
Component: packaging
Systemd sets a default of 512 tasks, which is far
too low to run many containers.
Note that TasksMax is only supported on systemd 226
and above.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 82fe96733f551d36018c3840cf21d813807e9b76)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: c42e4736e055c472284fd09ca05d405d31c4516a
Component: packaging
There is a not-insignificant performance overhead for all containers (if
containerd is a child of Docker, which is the current setup) if systemd
sets rlimits on the main Docker daemon process (because the limits
propogate to all children).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 68e15413dce8d6e8f428ac286641a9482d30aabc)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 1246dedcd55058a2856c7042509fb0badcefbf91
Component: packaging
set LimitCORE=infinity to ensure complete core creation,
allows extraction of as much information as possible.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit da69663b9ccd72d95ec60007ef707d82a35324fa)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: f93f4525173e3a32d315794344d44bae780de00e
Component: packaging
While testing on older ubuntu images we discovered
we do depend on a newer version of libseccomp2.
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
Upstream-commit: f2ceca98823548e401c6cca125b7057df28c4892
Component: packaging
This encodes the platform as "Docker Engine - Community"
for community engines
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
Upstream-commit: 4d9fd7d17f3aab3463baf6030072f5789a003a74
Component: packaging
This should make it easier to change downstream builds
to change the scope.
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
Upstream-commit: 72406691244c12d5360889f8658bd4989b588364
Component: packaging
The other way was not working.
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
(cherry picked from commit f00df1bf1efa2ed1ea508ea7b1c291500441571d)
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
Upstream-commit: a9b0387bb0f40bd7687d8653a0714724eb66f3b9
Component: packaging
Should rely on list in the daemon
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
(cherry picked from commit 605758124d0750c14d24bfb1ebcf77d102591f4a)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 6cc81c2e8c95127baac275750bc544452fec7799
Component: packaging
The daemon won't actually start without containerd
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 16037618282dc5076089c7b749cdd07376650f8d
Component: packaging
Makes it so that you can overwrite them better if you include this
makefile in another makefile...
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 446f8d31394ae35fc38187aa5e40627b33a95a27
Component: packaging
Was reporting 404's using the old url for some reason, might have to
refactor this in the future to just use a git clone...
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 763ad6aa7ac24c269dc1dfa223771671acffc8fc
Component: packaging
Allows us to switch out debian files and rpm specs on the fly and also
gives us an out to have ARCH specific dockerfiles if we need them for
RPM's. The same strategy can be used for DEB's if need be
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: b72dc2edb8329151bfe2df6989fb329f41e720fb
Component: packaging
Get's rid of architecture specific dockerfiles (yay manifest lists),
also follows very closely to what the RPM makefile does with the
sources.
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: ab1ba336ad1720a166e8ed4469c616851d89a8d1
Component: packaging
Old versions of things on CentOS 7 strike again!
infinity is not a thing for TimeoutSec on systemd < 229
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 86dafe5391e2ef298248536cd038e27230a4df63
Component: packaging
Why didn't we do this the whole time? `¯\_(ツ)_/¯`
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: df2a0d6fc5a59a7a8b352689238eddf5a46d3ed4
Component: packaging
rpmlint checks can be re-added later
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: c245ce12c1e0a092ef21094b287b8cb94a51ee1e
Component: packaging
