From 91c6df4f04bb9611d98858d0190349b3615d2289 Mon Sep 17 00:00:00 2001
From: Ciprian Hacman <ciprian.hacman@sematext.com>
Date: Tue, 15 Dec 2020 07:04:36 +0200
Subject: [PATCH] Update docker.service file

---
 nodeup/pkg/model/docker.go                                 | 7 +++----
 .../model/tests/dockerbuilder/docker_18.06.3/tasks.yaml    | 3 ++-
 .../model/tests/dockerbuilder/docker_19.03.11/tasks.yaml   | 4 ++--
 .../pkg/model/tests/dockerbuilder/healthcheck/tasks.yaml   | 3 ++-
 nodeup/pkg/model/tests/dockerbuilder/logflags/tasks.yaml   | 3 ++-
 nodeup/pkg/model/tests/dockerbuilder/simple/tasks.yaml     | 3 ++-
 6 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/nodeup/pkg/model/docker.go b/nodeup/pkg/model/docker.go
index 52696f08f7..f99da04da5 100644
--- a/nodeup/pkg/model/docker.go
+++ b/nodeup/pkg/model/docker.go
@@ -187,7 +187,6 @@ func (b *DockerBuilder) buildSystemdService(dockerVersion semver.Version) *nodet
 	manifest.Set("Unit", "Description", "Docker Application Container Engine")
 	manifest.Set("Unit", "Documentation", "https://docs.docker.com")
 	if dockerVersion.GTE(semver.MustParse("18.9.0")) {
-		manifest.Set("Unit", "BindsTo", "containerd.service")
 		manifest.Set("Unit", "After", "network-online.target firewalld.service containerd.service")
 	} else {
 		manifest.Set("Unit", "After", "network-online.target firewalld.service")
@@ -198,19 +197,18 @@ func (b *DockerBuilder) buildSystemdService(dockerVersion semver.Version) *nodet
 	manifest.Set("Service", "EnvironmentFile", "/etc/sysconfig/docker")
 	manifest.Set("Service", "EnvironmentFile", "/etc/environment")
 
+	manifest.Set("Service", "Type", "notify")
 	// Restore the default SELinux security contexts for the Docker binaries
 	if b.Distribution.IsRHELFamily() && b.Cluster.Spec.Docker != nil && fi.BoolValue(b.Cluster.Spec.Docker.SelinuxEnabled) {
 		manifest.Set("Service", "ExecStartPre", "/bin/sh -c 'restorecon -v /usr/bin/docker*'")
 	}
-
 	// the default is not to use systemd for cgroups because the delegate issues still
 	// exists and systemd currently does not support the cgroup feature set required
 	// for containers run by docker
-	manifest.Set("Service", "Type", "notify")
 	manifest.Set("Service", "ExecStart", "/usr/bin/dockerd -H fd:// \"$DOCKER_OPTS\"")
 	manifest.Set("Service", "ExecReload", "/bin/kill -s HUP $MAINPID")
 	manifest.Set("Service", "TimeoutSec", "0")
-	manifest.Set("Service", "RestartSec", "2s")
+	manifest.Set("Service", "RestartSec", "2")
 	manifest.Set("Service", "Restart", "always")
 
 	// Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
@@ -237,6 +235,7 @@ func (b *DockerBuilder) buildSystemdService(dockerVersion semver.Version) *nodet
 
 	// kill only the docker process, not all processes in the cgroup
 	manifest.Set("Service", "KillMode", "process")
+	manifest.Set("Service", "OOMScoreAdjust", "-500")
 
 	manifest.Set("Install", "WantedBy", "multi-user.target")
 
diff --git a/nodeup/pkg/model/tests/dockerbuilder/docker_18.06.3/tasks.yaml b/nodeup/pkg/model/tests/dockerbuilder/docker_18.06.3/tasks.yaml
index ade0854131..9127c39393 100644
--- a/nodeup/pkg/model/tests/dockerbuilder/docker_18.06.3/tasks.yaml
+++ b/nodeup/pkg/model/tests/dockerbuilder/docker_18.06.3/tasks.yaml
@@ -389,7 +389,7 @@ definition: |
   ExecStart=/usr/bin/dockerd -H fd:// "$DOCKER_OPTS"
   ExecReload=/bin/kill -s HUP $MAINPID
   TimeoutSec=0
-  RestartSec=2s
+  RestartSec=2
   Restart=always
   StartLimitBurst=3
   StartLimitInterval=60s
@@ -399,6 +399,7 @@ definition: |
   TasksMax=infinity
   Delegate=yes
   KillMode=process
+  OOMScoreAdjust=-500
 
   [Install]
   WantedBy=multi-user.target
diff --git a/nodeup/pkg/model/tests/dockerbuilder/docker_19.03.11/tasks.yaml b/nodeup/pkg/model/tests/dockerbuilder/docker_19.03.11/tasks.yaml
index 4d758d6dd7..57f71c330c 100644
--- a/nodeup/pkg/model/tests/dockerbuilder/docker_19.03.11/tasks.yaml
+++ b/nodeup/pkg/model/tests/dockerbuilder/docker_19.03.11/tasks.yaml
@@ -273,7 +273,6 @@ definition: |
   [Unit]
   Description=Docker Application Container Engine
   Documentation=https://docs.docker.com
-  BindsTo=containerd.service
   After=network-online.target firewalld.service containerd.service
   Wants=network-online.target
   Requires=docker.socket
@@ -285,7 +284,7 @@ definition: |
   ExecStart=/usr/bin/dockerd -H fd:// "$DOCKER_OPTS"
   ExecReload=/bin/kill -s HUP $MAINPID
   TimeoutSec=0
-  RestartSec=2s
+  RestartSec=2
   Restart=always
   StartLimitBurst=3
   StartLimitInterval=60s
@@ -295,6 +294,7 @@ definition: |
   TasksMax=infinity
   Delegate=yes
   KillMode=process
+  OOMScoreAdjust=-500
 
   [Install]
   WantedBy=multi-user.target
diff --git a/nodeup/pkg/model/tests/dockerbuilder/healthcheck/tasks.yaml b/nodeup/pkg/model/tests/dockerbuilder/healthcheck/tasks.yaml
index ade0854131..9127c39393 100644
--- a/nodeup/pkg/model/tests/dockerbuilder/healthcheck/tasks.yaml
+++ b/nodeup/pkg/model/tests/dockerbuilder/healthcheck/tasks.yaml
@@ -389,7 +389,7 @@ definition: |
   ExecStart=/usr/bin/dockerd -H fd:// "$DOCKER_OPTS"
   ExecReload=/bin/kill -s HUP $MAINPID
   TimeoutSec=0
-  RestartSec=2s
+  RestartSec=2
   Restart=always
   StartLimitBurst=3
   StartLimitInterval=60s
@@ -399,6 +399,7 @@ definition: |
   TasksMax=infinity
   Delegate=yes
   KillMode=process
+  OOMScoreAdjust=-500
 
   [Install]
   WantedBy=multi-user.target
diff --git a/nodeup/pkg/model/tests/dockerbuilder/logflags/tasks.yaml b/nodeup/pkg/model/tests/dockerbuilder/logflags/tasks.yaml
index ade0854131..9127c39393 100644
--- a/nodeup/pkg/model/tests/dockerbuilder/logflags/tasks.yaml
+++ b/nodeup/pkg/model/tests/dockerbuilder/logflags/tasks.yaml
@@ -389,7 +389,7 @@ definition: |
   ExecStart=/usr/bin/dockerd -H fd:// "$DOCKER_OPTS"
   ExecReload=/bin/kill -s HUP $MAINPID
   TimeoutSec=0
-  RestartSec=2s
+  RestartSec=2
   Restart=always
   StartLimitBurst=3
   StartLimitInterval=60s
@@ -399,6 +399,7 @@ definition: |
   TasksMax=infinity
   Delegate=yes
   KillMode=process
+  OOMScoreAdjust=-500
 
   [Install]
   WantedBy=multi-user.target
diff --git a/nodeup/pkg/model/tests/dockerbuilder/simple/tasks.yaml b/nodeup/pkg/model/tests/dockerbuilder/simple/tasks.yaml
index ade0854131..9127c39393 100644
--- a/nodeup/pkg/model/tests/dockerbuilder/simple/tasks.yaml
+++ b/nodeup/pkg/model/tests/dockerbuilder/simple/tasks.yaml
@@ -389,7 +389,7 @@ definition: |
   ExecStart=/usr/bin/dockerd -H fd:// "$DOCKER_OPTS"
   ExecReload=/bin/kill -s HUP $MAINPID
   TimeoutSec=0
-  RestartSec=2s
+  RestartSec=2
   Restart=always
   StartLimitBurst=3
   StartLimitInterval=60s
@@ -399,6 +399,7 @@ definition: |
   TasksMax=infinity
   Delegate=yes
   KillMode=process
+  OOMScoreAdjust=-500
 
   [Install]
   WantedBy=multi-user.target