113 lines
3.4 KiB
Go
113 lines
3.4 KiB
Go
package beans
|
|
|
|
var ContainerdServiceFile = "/lib/systemd/system/containerd.service"
|
|
var DockerSocketFile = "/lib/systemd/system/docker.socket"
|
|
var DockerServiceFile = "/lib/systemd/system/docker.service"
|
|
|
|
var ContainerdDaemonService = `
|
|
# Copyright The containerd Authors.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
[Unit]
|
|
Description=containerd container runtime
|
|
Documentation=https://containerd.io
|
|
After=network.target local-fs.target
|
|
|
|
[Service]
|
|
ExecStartPre=-/sbin/modprobe overlay
|
|
ExecStart=/usr/bin/containerd
|
|
|
|
Type=notify
|
|
Delegate=yes
|
|
KillMode=process
|
|
Restart=always
|
|
RestartSec=5
|
|
# Having non-zero Limit*s causes performance problems due to accounting overhead
|
|
# in the kernel. We recommend using cgroups to do container-local accounting.
|
|
LimitNPROC=infinity
|
|
LimitCORE=infinity
|
|
LimitNOFILE=infinity
|
|
# Comment TasksMax if your systemd version does not supports it.
|
|
# Only systemd 226 and above support this version.
|
|
TasksMax=infinity
|
|
OOMScoreAdjust=-999
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
`
|
|
|
|
var DockerSocketDaemonService = `
|
|
[Unit]
|
|
Description=Docker Socket for the API
|
|
|
|
[Socket]
|
|
ListenStream=/var/run/docker.sock
|
|
SocketMode=0660
|
|
SocketUser=root
|
|
SocketGroup=docker
|
|
|
|
[Install]
|
|
WantedBy=sockets.target
|
|
`
|
|
|
|
var DockerDaemonService = `
|
|
[Unit]
|
|
Description=Docker Application Container Engine
|
|
Documentation=https://docs.docker.com
|
|
After=network-online.target docker.socket firewalld.service containerd.service
|
|
Wants=network-online.target
|
|
Requires=docker.socket containerd.service
|
|
|
|
[Service]
|
|
Type=notify
|
|
# the default is not to use systemd for cgroups because the delegate issues still
|
|
# exists and systemd currently does not support the cgroup feature set required
|
|
# for containers run by docker
|
|
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
|
|
ExecReload=/bin/kill -s HUP $MAINPID
|
|
TimeoutSec=0
|
|
RestartSec=2
|
|
Restart=always
|
|
|
|
# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
|
|
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
|
|
# to make them work for either version of systemd.
|
|
StartLimitBurst=3
|
|
|
|
# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
|
|
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
|
|
# this option work for either version of systemd.
|
|
StartLimitInterval=60s
|
|
|
|
# Having non-zero Limit*s causes performance problems due to accounting overhead
|
|
# in the kernel. We recommend using cgroups to do container-local accounting.
|
|
LimitNOFILE=infinity
|
|
LimitNPROC=infinity
|
|
LimitCORE=infinity
|
|
|
|
# Comment TasksMax if your systemd version does not support it.
|
|
# Only systemd 226 and above support this option.
|
|
TasksMax=infinity
|
|
|
|
# set delegate yes so that systemd does not reset the cgroups of docker containers
|
|
Delegate=yes
|
|
|
|
# kill only the docker process, not all processes in the cgroup
|
|
KillMode=process
|
|
OOMScoreAdjust=-500
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
`
|