From e7c95c3802934f3a1c9a16e5f72a7361175a1e11d025bedf4c11e1282a432a48 Mon Sep 17 00:00:00 2001 From: Jordi Massaguer Date: Wed, 21 Dec 2016 09:44:20 +0000 Subject: [PATCH] Accepting request 447279 from home:cyphar:containers Remove socket activation from Docker, to match upstream. OBS-URL: https://build.opensuse.org/request/show/447279 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=159 --- docker.changes | 17 +++++++++++++---- docker.service | 19 +++++++------------ docker.socket | 12 ------------ docker.spec | 16 ++++------------ docker_systemd_lt_214.socket | 12 ------------ 5 files changed, 24 insertions(+), 52 deletions(-) delete mode 100644 docker.socket delete mode 100644 docker_systemd_lt_214.socket diff --git a/docker.changes b/docker.changes index e87ed89..95f053f 100644 --- a/docker.changes +++ b/docker.changes @@ -1,13 +1,22 @@ +------------------------------------------------------------------- +Tue Dec 20 05:08:54 UTC 2016 - asarai@suse.com + +- Remove old flags from dockerd's command-line, to be more inline with + upstream (now that docker-runc is provided by the runc package). -H is + dropped because upstream dropped it due to concerns with socket + activation. +- Remove socket activation entirely. + ------------------------------------------------------------------- Mon Dec 19 12:41:13 UTC 2016 - jmassaguerpla@suse.com - update docker to 1.12.5 (bsc#1016307). - This fixes bsc#1015661 + This fixes bsc#1015661 ------------------------------------------------------------------- Mon Dec 5 14:52:02 UTC 2016 - jmassaguerpla@suse.com -- fix bash-completion +- fix bash-completion ------------------------------------------------------------------- Tue Nov 29 21:57:08 UTC 2016 - jimmy@boombatower.com @@ -18,7 +27,7 @@ Tue Nov 29 21:57:08 UTC 2016 - jimmy@boombatower.com Thu Nov 24 16:09:52 UTC 2016 - jmassaguerpla@suse.com - fix runc and containerd revisions - fix bsc#1009961 + fix bsc#1009961 ------------------------------------------------------------------- Thu Oct 27 11:13:56 UTC 2016 - jmassaguerpla@suse.com @@ -33,7 +42,7 @@ Thu Oct 13 11:15:17 UTC 2016 - jmassaguerpla@suse.com - update docker to 1.12.2 (bsc#1004490). See changelog -https://github.com/docker/docker/blob/v1.12.2/CHANGELOG.md +https://github.com/docker/docker/blob/v1.12.2/CHANGELOG.md - update docker-mount-secrets.patch to 1.12.2 code diff --git a/docker.service b/docker.service index 352933c..71846cc 100644 --- a/docker.service +++ b/docker.service @@ -1,21 +1,16 @@ [Unit] Description=Docker Application Container Engine Documentation=http://docs.docker.com -After=network.target docker.socket containerd.socket -Requires=docker.socket containerd.socket +After=network.target containerd.socket +Requires=containerd.socket [Service] EnvironmentFile=/etc/sysconfig/docker -# Quick rundown of options, so we can keep track of them. Upstream's -# service file only contains -H. -# -# * -H tells Docker that it's running as a socket-activated service. -# * --containerd tells Docker to not manage the running of containerd. -# * --add-runtime and --default-runtime tell Docker to not try to use -# its "bundled" runC version (which is not shipped by us) but rather use -# the runC version provided as by the runc package. -ExecStart=/usr/bin/dockerd -H fd:// --containerd /run/containerd/containerd.sock --add-runtime oci=/usr/sbin/runc --default-runtime oci $DOCKER_NETWORK_OPTIONS $DOCKER_OPTS +# While Docker has support for socket activation (-H fd://), this is not +# enabled by default because enabling socket activation means that on boot your +# containers won't start until someone tries to administer the Docker daemon. +ExecStart=/usr/bin/dockerd $DOCKER_NETWORK_OPTIONS $DOCKER_OPTS ExecReload=/bin/kill -s HUP $MAINPID # Having non-zero Limit*s causes performance problems due to accounting overhead @@ -32,7 +27,7 @@ LimitCORE=infinity # Only systemd 218 and above support this property. #Delegate=yes -# Tis is not necessary because of how we set up containerd. +# This is not necessary because of how we set up containerd. #KillMode=process [Install] diff --git a/docker.socket b/docker.socket deleted file mode 100644 index bed29c5..0000000 --- a/docker.socket +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=Docker Socket for the API -PartOf=docker.service - -[Socket] -ListenStream=/var/run/docker.sock -SocketMode=0660 -SocketUser=root -SocketGroup=docker - -[Install] -WantedBy=sockets.target diff --git a/docker.spec b/docker.spec index 56b04cd..2c1f72c 100644 --- a/docker.spec +++ b/docker.spec @@ -37,7 +37,6 @@ %define docker_graph %{docker_store}/graph %define git_version 8eab29e %define version_unconverted 1.12.5 -%define docker_version 1.12.1 %define __arch_install_post export NO_BRP_STRIP_DEBUG=true # When upgrading to a new version requires the service not to be restarted # Due to a long migration process update last_migration_version to the new version @@ -105,11 +104,6 @@ Recommends: docker-image-migrator Conflicts: lxc < 1.0 BuildRoot: %{_tmppath}/%{name}-%{version}-build ExcludeArch: %ix86 s390 ppc -%if 0%{?suse_version} > 1320 -Source5: docker.socket -%else -Source5: docker_systemd_lt_214.socket -%endif %ifarch %{go_arches} BuildRequires: go >= 1.5 BuildRequires: go-go-md2man @@ -321,7 +315,6 @@ cp -av tests.main tests.sh %{buildroot}%{_prefix}/src/docker/hack/ # systemd service # install -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service -install -D -m 0644 %{SOURCE5} %{buildroot}%{_unitdir}/%{name}.socket ln -sf service %{buildroot}%{_sbindir}/rcdocker # @@ -372,7 +365,7 @@ if [[ -d "%{docker_store}" && -n "$(find "%{docker_graph}" -maxdepth 1 -type d 2 fi getent group docker >/dev/null || groupadd -r docker -%service_add_pre %{name}.service %{name}.socket +%service_add_pre %{name}.service %post if [ -e %{docker_migration_testfile} ]; then @@ -382,18 +375,18 @@ else rm %{docker_migration_warnfile} fi fi -%service_add_post %{name}.service %{name}.socket +%service_add_post %{name}.service %{fillup_only -n docker} %preun -%service_del_preun %{name}.service %{name}.socket +%service_del_preun %{name}.service %postun if [ -e %{docker_migration_testfile} ]; then rm %{docker_migration_testfile} export DISABLE_RESTART_ON_UPDATE=yes fi -%service_del_postun %{name}.service %{name}.socket +%service_del_postun %{name}.service %files %defattr(-,root,root) @@ -404,7 +397,6 @@ fi %{_sbindir}/rcdocker %{_libexecdir}/docker/ %{_unitdir}/%{name}.service -%{_unitdir}/%{name}.socket %config %{_sysconfdir}/audit/rules.d/%{name}.rules %{_udevrulesdir}/80-%{name}.rules %{_localstatedir}/adm/fillup-templates/sysconfig.docker diff --git a/docker_systemd_lt_214.socket b/docker_systemd_lt_214.socket deleted file mode 100644 index 94b9e4d..0000000 --- a/docker_systemd_lt_214.socket +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=Docker Socket for the API -PartOf=docker.service - -[Socket] -ListenStream=/var/run/docker.sock -SocketMode=0660 -# A Socket(User|Group) replacement workaround for systemd <= 214 -ExecStartPost=/usr/bin/chown root:docker /var/run/docker.sock - -[Install] -WantedBy=sockets.target