docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Formatting

This commit is contained in:
Misty Stanley-Jones 2016-10-25 11:51:57 -07:00 committed by GitHub
parent 5d0e42e911
commit 25a9bcf2d0
1 changed files with 98 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

171
engine/admin/systemd.md
View File

@ -4,10 +4,6 @@ aliases:
description: Controlling and configuring Docker using systemd description: Controlling and configuring Docker using systemd
keywords: keywords:
- docker, daemon, systemd, configuration - docker, daemon, systemd, configuration
menu:
main:
parent: engine_admin
weight: "7"
title: Control and configure Docker with systemd title: Control and configure Docker with systemd
--- ---
@ -19,17 +15,17 @@ shows a few examples of how to customize Docker's settings.
## Starting the Docker daemon ## Starting the Docker daemon
Once Docker is installed, you will need to start the Docker daemon. Once Docker is installed, you will need to start the Docker daemon.
```bash
$ sudo systemctl start docker $ sudo systemctl start docker
# or on older distributions, you may need to use # or on older distributions, you may need to use
$ sudo service docker start $ sudo service docker start
```
If you want Docker to start at boot, you should also: If you want Docker to start at boot, you should also:
```bash
$ sudo systemctl enable docker $ sudo systemctl enable docker
# or on older distributions, you may need to use # or on older distributions, you may need to use
$ sudo chkconfig docker on $ sudo chkconfig docker on
```
## Custom Docker daemon options ## Custom Docker daemon options
There are a number of ways to configure the daemon flags and environment variables There are a number of ways to configure the daemon flags and environment variables
@ -49,28 +45,38 @@ backwards compatibility, you drop a file with a `.conf` extension into
the `/etc/systemd/system/docker.service.d` directory including the the `/etc/systemd/system/docker.service.d` directory including the
following: following:
[Service] ```conf
EnvironmentFile=-/etc/sysconfig/docker [Service]
EnvironmentFile=-/etc/sysconfig/docker-storage EnvironmentFile=-/etc/sysconfig/docker
EnvironmentFile=-/etc/sysconfig/docker-network EnvironmentFile=-/etc/sysconfig/docker-storage
ExecStart= EnvironmentFile=-/etc/sysconfig/docker-network
ExecStart=/usr/bin/dockerd $OPTIONS \ ExecStart=
$DOCKER_STORAGE_OPTIONS \ ExecStart=/usr/bin/dockerd $OPTIONS \
$DOCKER_NETWORK_OPTIONS \ $DOCKER_STORAGE_OPTIONS \
$BLOCK_REGISTRY \ $DOCKER_NETWORK_OPTIONS \
$INSECURE_REGISTRY $BLOCK_REGISTRY \
$INSECURE_REGISTRY
```
To check if the `docker.service` uses an `EnvironmentFile`: To check if the `docker.service` uses an `EnvironmentFile`:
$ systemctl show docker | grep EnvironmentFile ```bash
EnvironmentFile=-/etc/sysconfig/docker (ignore_errors=yes) $ systemctl show docker | grep EnvironmentFile
EnvironmentFile=-/etc/sysconfig/docker (ignore_errors=yes)
```
Alternatively, find out where the service file is located: Alternatively, find out where the service file is located:
$ systemctl show --property=FragmentPath docker ```bash
FragmentPath=/usr/lib/systemd/system/docker.service $ systemctl show --property=FragmentPath docker
$ grep EnvironmentFile /usr/lib/systemd/system/docker.service
EnvironmentFile=-/etc/sysconfig/docker FragmentPath=/usr/lib/systemd/system/docker.service
$ grep EnvironmentFile /usr/lib/systemd/system/docker.service
EnvironmentFile=-/etc/sysconfig/docker
```
You can customize the Docker daemon options using override files as explained in the You can customize the Docker daemon options using override files as explained in the
[HTTP Proxy example](systemd.md#http-proxy) below. The files located in `/usr/lib/systemd/system` [HTTP Proxy example](systemd.md#http-proxy) below. The files located in `/usr/lib/systemd/system`
@ -83,42 +89,46 @@ and volumes by moving it to a separate partition.
In this example, we'll assume that your `docker.service` file looks something like: In this example, we'll assume that your `docker.service` file looks something like:
[Unit] ```conf
Description=Docker Application Container Engine [Unit]
Documentation=https://docs.docker.com Description=Docker Application Container Engine
After=network.target Documentation=https://docs.docker.com
After=network.target
[Service] [Service]
Type=notify Type=notify
# the default is not to use systemd for cgroups because the delegate issues still # the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required # exists and systemd currently does not support the cgroup feature set required
# for containers run by docker # for containers run by docker
ExecStart=/usr/bin/dockerd ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead # Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting. # in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity LimitNOFILE=infinity
LimitNPROC=infinity LimitNPROC=infinity
LimitCORE=infinity LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it. # Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version. # Only systemd 226 and above support this version.
#TasksMax=infinity #TasksMax=infinity
TimeoutStartSec=0 TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers # set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes Delegate=yes
# kill only the docker process, not all processes in the cgroup # kill only the docker process, not all processes in the cgroup
KillMode=process KillMode=process
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target
```
This will allow us to add extra flags via a drop-in file (mentioned above) by This will allow us to add extra flags via a drop-in file (mentioned above) by
placing a file containing the following in the `/etc/systemd/system/docker.service.d` placing a file containing the following in the `/etc/systemd/system/docker.service.d`
directory: directory:
[Service] ```conf
ExecStart= [Service]
ExecStart=/usr/bin/dockerd --graph="/mnt/docker-data" --storage-driver=overlay ExecStart=
ExecStart=/usr/bin/dockerd --graph="/mnt/docker-data" --storage-driver=overlay
```
You can also set other environment variables in this file, for example, the You can also set other environment variables in this file, for example, the
`HTTP_PROXY` environment variables described below. `HTTP_PROXY` environment variables described below.
@ -126,13 +136,17 @@ You can also set other environment variables in this file, for example, the
To modify the ExecStart configuration, specify an empty configuration followed To modify the ExecStart configuration, specify an empty configuration followed
by a new configuration as follows: by a new configuration as follows:
[Service] ```conf
ExecStart= [Service]
ExecStart=/usr/bin/dockerd --bip=172.17.42.1/16 ExecStart=
ExecStart=/usr/bin/dockerd --bip=172.17.42.1/16
```
If you fail to specify an empty configuration, Docker reports an error such as: If you fail to specify an empty configuration, Docker reports an error such as:
docker.service has more than one ExecStart= setting, which is only allowed for Type=oneshot services. Refusing. ```conf
docker.service has more than one ExecStart= setting, which is only allowed for Type=oneshot services. Refusing.
```
### HTTP proxy ### HTTP proxy
@ -141,33 +155,44 @@ This example overrides the default `docker.service` file.
If you are behind an HTTP proxy server, for example in corporate settings, If you are behind an HTTP proxy server, for example in corporate settings,
you will need to add this configuration in the Docker systemd service file. you will need to add this configuration in the Docker systemd service file.
First, create a systemd drop-in directory for the docker service: 1. Create a systemd drop-in directory for the docker service:
mkdir /etc/systemd/system/docker.service.d ```bash
$ mkdir /etc/systemd/system/docker.service.d
```
Now create a file called `/etc/systemd/system/docker.service.d/http-proxy.conf` 2. Create a file called `/etc/systemd/system/docker.service.d/http-proxy.conf`
that adds the `HTTP_PROXY` environment variable: that adds the `HTTP_PROXY` environment variable:
```conf
[Service] [Service]
Environment="HTTP_PROXY=http://proxy.example.com:80/" Environment="HTTP_PROXY=http://proxy.example.com:80/"
```
If you have internal Docker registries that you need to contact without 3. If you have internal Docker registries that you need to contact without
proxying you can specify them via the `NO_PROXY` environment variable: proxying you can specify them via the `NO_PROXY` environment variable:
```conf
Environment="HTTP_PROXY=http://proxy.example.com:80/" "NO_PROXY=localhost,127.0.0.1,docker-registry.somecorporation.com" Environment="HTTP_PROXY=http://proxy.example.com:80/" "NO_PROXY=localhost,127.0.0.1,docker-registry.somecorporation.com"
```
Flush changes: 4. Flush changes:
```bash
$ sudo systemctl daemon-reload $ sudo systemctl daemon-reload
```
Verify that the configuration has been loaded: 5. Verify that the configuration has been loaded:
```bash
$ systemctl show --property=Environment docker $ systemctl show --property=Environment docker
Environment=HTTP_PROXY=http://proxy.example.com:80/ Environment=HTTP_PROXY=http://proxy.example.com:80/
```
6. Restart Docker:
Restart Docker: ```bash
$ sudo systemctl restart docker $ sudo systemctl restart docker
```
## Manually creating the systemd unit files ## Manually creating the systemd unit files