Accepting request 447279 from home:cyphar:containers

Remove socket activation from Docker, to match upstream.

OBS-URL: https://build.opensuse.org/request/show/447279
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=159
This commit is contained in:
Jordi Massaguer 2016-12-21 09:44:20 +00:00 committed by Git OBS Bridge
parent 3d7280619a
commit e7c95c3802
5 changed files with 24 additions and 52 deletions

View File

@ -1,3 +1,12 @@
-------------------------------------------------------------------
Tue Dec 20 05:08:54 UTC 2016 - asarai@suse.com
- Remove old flags from dockerd's command-line, to be more inline with
upstream (now that docker-runc is provided by the runc package). -H is
dropped because upstream dropped it due to concerns with socket
activation.
- Remove socket activation entirely.
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Dec 19 12:41:13 UTC 2016 - jmassaguerpla@suse.com Mon Dec 19 12:41:13 UTC 2016 - jmassaguerpla@suse.com

View File

@ -1,21 +1,16 @@
[Unit] [Unit]
Description=Docker Application Container Engine Description=Docker Application Container Engine
Documentation=http://docs.docker.com Documentation=http://docs.docker.com
After=network.target docker.socket containerd.socket After=network.target containerd.socket
Requires=docker.socket containerd.socket Requires=containerd.socket
[Service] [Service]
EnvironmentFile=/etc/sysconfig/docker EnvironmentFile=/etc/sysconfig/docker
# Quick rundown of options, so we can keep track of them. Upstream's # While Docker has support for socket activation (-H fd://), this is not
# service file only contains -H. # enabled by default because enabling socket activation means that on boot your
# # containers won't start until someone tries to administer the Docker daemon.
# * -H tells Docker that it's running as a socket-activated service. ExecStart=/usr/bin/dockerd $DOCKER_NETWORK_OPTIONS $DOCKER_OPTS
# * --containerd tells Docker to not manage the running of containerd.
# * --add-runtime and --default-runtime tell Docker to not try to use
# its "bundled" runC version (which is not shipped by us) but rather use
# the runC version provided as by the runc package.
ExecStart=/usr/bin/dockerd -H fd:// --containerd /run/containerd/containerd.sock --add-runtime oci=/usr/sbin/runc --default-runtime oci $DOCKER_NETWORK_OPTIONS $DOCKER_OPTS
ExecReload=/bin/kill -s HUP $MAINPID ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead # Having non-zero Limit*s causes performance problems due to accounting overhead
@ -32,7 +27,7 @@ LimitCORE=infinity
# Only systemd 218 and above support this property. # Only systemd 218 and above support this property.
#Delegate=yes #Delegate=yes
# Tis is not necessary because of how we set up containerd. # This is not necessary because of how we set up containerd.
#KillMode=process #KillMode=process
[Install] [Install]

View File

@ -1,12 +0,0 @@
[Unit]
Description=Docker Socket for the API
PartOf=docker.service
[Socket]
ListenStream=/var/run/docker.sock
SocketMode=0660
SocketUser=root
SocketGroup=docker
[Install]
WantedBy=sockets.target

View File

@ -37,7 +37,6 @@
%define docker_graph %{docker_store}/graph %define docker_graph %{docker_store}/graph
%define git_version 8eab29e %define git_version 8eab29e
%define version_unconverted 1.12.5 %define version_unconverted 1.12.5
%define docker_version 1.12.1
%define __arch_install_post export NO_BRP_STRIP_DEBUG=true %define __arch_install_post export NO_BRP_STRIP_DEBUG=true
# When upgrading to a new version requires the service not to be restarted # When upgrading to a new version requires the service not to be restarted
# Due to a long migration process update last_migration_version to the new version # Due to a long migration process update last_migration_version to the new version
@ -105,11 +104,6 @@ Recommends: docker-image-migrator
Conflicts: lxc < 1.0 Conflicts: lxc < 1.0
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
ExcludeArch: %ix86 s390 ppc ExcludeArch: %ix86 s390 ppc
%if 0%{?suse_version} > 1320
Source5: docker.socket
%else
Source5: docker_systemd_lt_214.socket
%endif
%ifarch %{go_arches} %ifarch %{go_arches}
BuildRequires: go >= 1.5 BuildRequires: go >= 1.5
BuildRequires: go-go-md2man BuildRequires: go-go-md2man
@ -321,7 +315,6 @@ cp -av tests.main tests.sh %{buildroot}%{_prefix}/src/docker/hack/
# systemd service # systemd service
# #
install -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service install -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
install -D -m 0644 %{SOURCE5} %{buildroot}%{_unitdir}/%{name}.socket
ln -sf service %{buildroot}%{_sbindir}/rcdocker ln -sf service %{buildroot}%{_sbindir}/rcdocker
# #
@ -372,7 +365,7 @@ if [[ -d "%{docker_store}" && -n "$(find "%{docker_graph}" -maxdepth 1 -type d 2
fi fi
getent group docker >/dev/null || groupadd -r docker getent group docker >/dev/null || groupadd -r docker
%service_add_pre %{name}.service %{name}.socket %service_add_pre %{name}.service
%post %post
if [ -e %{docker_migration_testfile} ]; then if [ -e %{docker_migration_testfile} ]; then
@ -382,18 +375,18 @@ else
rm %{docker_migration_warnfile} rm %{docker_migration_warnfile}
fi fi
fi fi
%service_add_post %{name}.service %{name}.socket %service_add_post %{name}.service
%{fillup_only -n docker} %{fillup_only -n docker}
%preun %preun
%service_del_preun %{name}.service %{name}.socket %service_del_preun %{name}.service
%postun %postun
if [ -e %{docker_migration_testfile} ]; then if [ -e %{docker_migration_testfile} ]; then
rm %{docker_migration_testfile} rm %{docker_migration_testfile}
export DISABLE_RESTART_ON_UPDATE=yes export DISABLE_RESTART_ON_UPDATE=yes
fi fi
%service_del_postun %{name}.service %{name}.socket %service_del_postun %{name}.service
%files %files
%defattr(-,root,root) %defattr(-,root,root)
@ -404,7 +397,6 @@ fi
%{_sbindir}/rcdocker %{_sbindir}/rcdocker
%{_libexecdir}/docker/ %{_libexecdir}/docker/
%{_unitdir}/%{name}.service %{_unitdir}/%{name}.service
%{_unitdir}/%{name}.socket
%config %{_sysconfdir}/audit/rules.d/%{name}.rules %config %{_sysconfdir}/audit/rules.d/%{name}.rules
%{_udevrulesdir}/80-%{name}.rules %{_udevrulesdir}/80-%{name}.rules
%{_localstatedir}/adm/fillup-templates/sysconfig.docker %{_localstatedir}/adm/fillup-templates/sysconfig.docker

View File

@ -1,12 +0,0 @@
[Unit]
Description=Docker Socket for the API
PartOf=docker.service
[Socket]
ListenStream=/var/run/docker.sock
SocketMode=0660
# A Socket(User|Group) replacement workaround for systemd <= 214
ExecStartPost=/usr/bin/chown root:docker /var/run/docker.sock
[Install]
WantedBy=sockets.target