github.com/vieux/docker@v0.6.3-0.20161004191708-e097c2a938c7/docs/admin/systemd.md

github.com/vieux/docker@v0.6.3-0.20161004191708-e097c2a938c7/docs/admin/systemd.md (about)

     1  <!--[metadata]>
     2  +++
     3  aliases = ["/engine/articles/systemd/"]
     4  title = "Control and configure Docker with systemd"
     5  description = "Controlling and configuring Docker using systemd"
     6  keywords = ["docker, daemon, systemd,  configuration"]
     7  [menu.main]
     8  parent = "engine_admin"
     9  weight="7"
    10  +++
    11  <![end-metadata]-->
    12  
    13  # Control and configure Docker with systemd
    14  
    15  Many Linux distributions use systemd to start the Docker daemon. This document
    16  shows a few examples of how to customize Docker's settings.
    17  
    18  ## Starting the Docker daemon
    19  
    20  Once Docker is installed, you will need to start the Docker daemon.
    21  
    22      $ sudo systemctl start docker
    23      # or on older distributions, you may need to use
    24      $ sudo service docker start
    25  
    26  If you want Docker to start at boot, you should also:
    27  
    28      $ sudo systemctl enable docker
    29      # or on older distributions, you may need to use
    30      $ sudo chkconfig docker on
    31  
    32  ## Custom Docker daemon options
    33  
    34  There are a number of ways to configure the daemon flags and environment variables
    35  for your Docker daemon.
    36  
    37  The recommended way is to use a systemd drop-in file (as described in
    38  the <a target="_blank"
    39  href="https://www.freedesktop.org/software/systemd/man/systemd.unit.html">systemd.unit</a>
    40  documentation). These are local files named `<something>.conf` in the
    41  `/etc/systemd/system/docker.service.d` directory. This could also be
    42  `/etc/systemd/system/docker.service`, which also works for overriding
    43  the defaults from `/lib/systemd/system/docker.service`.
    44  
    45  However, if you had previously used a package which had an
    46  `EnvironmentFile` (often pointing to `/etc/sysconfig/docker`) then for
    47  backwards compatibility, you drop a file with a `.conf` extension into
    48  the `/etc/systemd/system/docker.service.d` directory including the
    49  following:
    50  
    51      [Service]
    52      EnvironmentFile=-/etc/sysconfig/docker
    53      EnvironmentFile=-/etc/sysconfig/docker-storage
    54      EnvironmentFile=-/etc/sysconfig/docker-network
    55      ExecStart=
    56      ExecStart=/usr/bin/dockerd $OPTIONS \
    57                $DOCKER_STORAGE_OPTIONS \
    58                $DOCKER_NETWORK_OPTIONS \
    59                $BLOCK_REGISTRY \
    60                $INSECURE_REGISTRY
    61  
    62  To check if the `docker.service` uses an `EnvironmentFile`:
    63  
    64      $ systemctl show docker | grep EnvironmentFile
    65      EnvironmentFile=-/etc/sysconfig/docker (ignore_errors=yes)
    66  
    67  Alternatively, find out where the service file is located:
    68  
    69      $ systemctl show --property=FragmentPath docker
    70      FragmentPath=/usr/lib/systemd/system/docker.service
    71      $ grep EnvironmentFile /usr/lib/systemd/system/docker.service
    72      EnvironmentFile=-/etc/sysconfig/docker
    73  
    74  You can customize the Docker daemon options using override files as explained in the
    75  [HTTP Proxy example](#http-proxy) below. The files located in `/usr/lib/systemd/system`
    76  or `/lib/systemd/system` contain the default options and should not be edited.
    77  
    78  ### Runtime directory and storage driver
    79  
    80  You may want to control the disk space used for Docker images, containers
    81  and volumes by moving it to a separate partition.
    82  
    83  In this example, we'll assume that your `docker.service` file looks something like:
    84  
    85      [Unit]
    86      Description=Docker Application Container Engine
    87      Documentation=https://docs.docker.com
    88      After=network.target
    89  
    90      [Service]
    91      Type=notify
    92      # the default is not to use systemd for cgroups because the delegate issues still
    93      # exists and systemd currently does not support the cgroup feature set required
    94      # for containers run by docker
    95      ExecStart=/usr/bin/dockerd
    96      ExecReload=/bin/kill -s HUP $MAINPID
    97      # Having non-zero Limit*s causes performance problems due to accounting overhead
    98      # in the kernel. We recommend using cgroups to do container-local accounting.
    99      LimitNOFILE=infinity
   100      LimitNPROC=infinity
   101      LimitCORE=infinity
   102      # Uncomment TasksMax if your systemd version supports it.
   103      # Only systemd 226 and above support this version.
   104      #TasksMax=infinity
   105      TimeoutStartSec=0
   106      # set delegate yes so that systemd does not reset the cgroups of docker containers
   107      Delegate=yes
   108      # kill only the docker process, not all processes in the cgroup
   109      KillMode=process
   110  
   111      [Install]
   112      WantedBy=multi-user.target
   113  
   114  This will allow us to add extra flags via a drop-in file (mentioned above) by
   115  placing a file containing the following in the `/etc/systemd/system/docker.service.d`
   116  directory:
   117  
   118      [Service]
   119      ExecStart=
   120      ExecStart=/usr/bin/dockerd --graph="/mnt/docker-data" --storage-driver=overlay
   121  
   122  You can also set other environment variables in this file, for example, the
   123  `HTTP_PROXY` environment variables described below.
   124  
   125  To modify the ExecStart configuration, specify an empty configuration followed
   126  by a new configuration as follows:
   127  
   128      [Service]
   129      ExecStart=
   130      ExecStart=/usr/bin/dockerd --bip=172.17.42.1/16
   131  
   132  If you fail to specify an empty configuration, Docker reports an error such as:
   133  
   134      docker.service has more than one ExecStart= setting, which is only allowed for Type=oneshot services. Refusing.
   135  
   136  ### HTTP proxy
   137  
   138  This example overrides the default `docker.service` file.
   139  
   140  If you are behind an HTTP proxy server, for example in corporate settings,
   141  you will need to add this configuration in the Docker systemd service file.
   142  
   143  First, create a systemd drop-in directory for the docker service:
   144  
   145      mkdir /etc/systemd/system/docker.service.d
   146  
   147  Now create a file called `/etc/systemd/system/docker.service.d/http-proxy.conf`
   148  that adds the `HTTP_PROXY` environment variable:
   149  
   150      [Service]
   151      Environment="HTTP_PROXY=http://proxy.example.com:80/"
   152  
   153  If you have internal Docker registries that you need to contact without
   154  proxying you can specify them via the `NO_PROXY` environment variable:
   155  
   156      Environment="HTTP_PROXY=http://proxy.example.com:80/" "NO_PROXY=localhost,127.0.0.1,docker-registry.somecorporation.com"
   157  
   158  Flush changes:
   159  
   160      $ sudo systemctl daemon-reload
   161  
   162  Verify that the configuration has been loaded:
   163  
   164      $ systemctl show --property=Environment docker
   165      Environment=HTTP_PROXY=http://proxy.example.com:80/
   166  
   167  Restart Docker:
   168  
   169      $ sudo systemctl restart docker
   170  
   171  ## Manually creating the systemd unit files
   172  
   173  When installing the binary without a package, you may want
   174  to integrate Docker with systemd. For this, simply install the two unit files
   175  (service and socket) from [the github
   176  repository](https://github.com/docker/docker/tree/master/contrib/init/systemd)
   177  to `/etc/systemd/system`.