From 65de719cd9bfbb8d25f7572e954ae31c5e855189 Mon Sep 17 00:00:00 2001 From: xu_lei_123 Date: Wed, 8 Mar 2023 23:16:40 +0800 Subject: [PATCH] enhance container behavior --- ...nterface-temporarily-allow-builtable.patch | 26 ------------------- docker.service | 9 ++++--- docker.sysconfig | 7 +++++ moby.spec | 21 +++++++++++---- 4 files changed, 28 insertions(+), 35 deletions(-) delete mode 100644 0001-revert-any-to-interface-temporarily-allow-builtable.patch create mode 100644 docker.sysconfig diff --git a/0001-revert-any-to-interface-temporarily-allow-builtable.patch b/0001-revert-any-to-interface-temporarily-allow-builtable.patch deleted file mode 100644 index 26d1897..0000000 --- a/0001-revert-any-to-interface-temporarily-allow-builtable.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 402a2c8ed1e509a917cf7a22609e49aea2bc0921 Mon Sep 17 00:00:00 2001 -From: wanglimin -Date: Wed, 21 Dec 2022 09:49:14 +0800 -Subject: [PATCH] revert any to interface{} temporarily to allow builtable with - golang-1.17.x it will be withdrawed if golang upgrade to 1.18.x in the branch - ---- - vendor/archive/tar/common.go | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/vendor/archive/tar/common.go b/vendor/archive/tar/common.go -index c99b5c1..595de64 100644 ---- a/vendor/archive/tar/common.go -+++ b/vendor/archive/tar/common.go -@@ -538,7 +538,7 @@ type headerFileInfo struct { - func (fi headerFileInfo) Size() int64 { return fi.h.Size } - func (fi headerFileInfo) IsDir() bool { return fi.Mode().IsDir() } - func (fi headerFileInfo) ModTime() time.Time { return fi.h.ModTime } --func (fi headerFileInfo) Sys() any { return fi.h } -+func (fi headerFileInfo) Sys() interface{} { return fi.h } - - // Name returns the base name of the file. - func (fi headerFileInfo) Name() string { --- -2.21.0 - diff --git a/docker.service b/docker.service index b5400bb..f3da344 100644 --- a/docker.service +++ b/docker.service @@ -1,16 +1,17 @@ [Unit] Description=Docker Application Container Engine Documentation=https://docs.docker.com -After=network-online.target docker.socket firewalld.service containerd.service +After=network-online.target docker.socket firewalld.service Wants=network-online.target -Requires=docker.socket containerd.service +Requires=docker.socket [Service] Type=notify +EnvironmentFile=-/etc/sysconfig/docker # the default is not to use systemd for cgroups because the delegate issues still # exists and systemd currently does not support the cgroup feature set required # for containers run by docker -ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock +ExecStart=/usr/bin/dockerd -H fd:// $OPTIONS ExecReload=/bin/kill -s HUP $MAINPID TimeoutSec=0 RestartSec=2 @@ -24,7 +25,7 @@ StartLimitBurst=3 # Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230. # Both the old, and new name are accepted by systemd 230 and up, so using the old name to make # this option work for either version of systemd. -StartLimitInterval=60s +StartLimitInterval=5s # Having non-zero Limit*s causes performance problems due to accounting overhead # in the kernel. We recommend using cgroups to do container-local accounting. diff --git a/docker.sysconfig b/docker.sysconfig new file mode 100644 index 0000000..426ec3c --- /dev/null +++ b/docker.sysconfig @@ -0,0 +1,7 @@ +# /etc/sysconfig/docker + +# Modify these options if you want to change the way the docker daemon runs +OPTIONS="--log-driver=journald \ + --live-restore \ + --default-ulimit nofile=1024:1024 \ +" diff --git a/moby.spec b/moby.spec index 8db65cf..fcf87cc 100644 --- a/moby.spec +++ b/moby.spec @@ -7,7 +7,7 @@ Name: docker Version: 20.10.21 -Release: 3 +Release: 4 Summary: The open-source application container engine License: ASL 2.0 URL: https://www.docker.com @@ -21,8 +21,8 @@ Source2: tini-0.19.0.tar.gz Source3: libnetwork-dcdf8f17.tar.gz Source4: docker.service Source5: docker.socket +Source6: docker.sysconfig -Patch0001: 0001-revert-any-to-interface-temporarily-allow-builtable.patch Requires: %{name}-engine = %{version}-%{release} Requires: %{name}-client = %{version}-%{release} @@ -70,7 +70,7 @@ BuildRequires: selinux-policy-devel BuildRequires: systemd-devel BuildRequires: tar BuildRequires: which -BuildRequires: golang >= 1.17.3 +BuildRequires: golang >= 1.18.0 %description engine Docker daemon binary and related utilities @@ -87,7 +87,6 @@ Docker client binary and related utilities %prep %setup -q -n %{_source_client} %setup -q -T -n %{_source_engine} -b 1 -%patch0001 -p1 %setup -q -T -n %{_source_docker_init} -b 2 %setup -q -T -n %{_source_docker_proxy} -b 3 @@ -152,6 +151,9 @@ install -D -p -m 755 %{_builddir}/%{_source_docker_init}/tini-static %{buildroot install -D -m 0644 %{SOURCE4} %{buildroot}%{_unitdir}/docker.service install -D -m 0644 %{SOURCE5} %{buildroot}%{_unitdir}/docker.socket +# for additional args +install -Dpm 644 %{SOURCE6} %{buildroot}%{_sysconfdir}/sysconfig/docker + # install docker client install -p -m 0755 $(readlink -f %{_builddir}/%{_source_client}/build/docker) %{buildroot}%{_bindir}/docker @@ -171,6 +173,7 @@ install -p -m 644 %{_builddir}/%{_source_client}/{LICENSE,MAINTAINERS,NOTICE,REA # empty as it depends on engine and client %files engine +%config(noreplace) %{_sysconfdir}/sysconfig/docker %{_bindir}/dockerd %{_bindir}/docker-proxy %{_bindir}/docker-init @@ -191,12 +194,20 @@ if ! getent group docker > /dev/null; then fi %preun -%systemd_preun docker.service +%systemd_preun docker.service docker.socket %postun %systemd_postun_with_restart docker.service %changelog +* Wed Mar 8 2023 xulei - 20.10.21-4 +- DESC: enhance container behavior + 1.stop docker.socket before uninstall docker. + 2.container keep running when restart docker service. + 3.when containerd exits abnormally, it can be automatically pulled up. + 4.add some dockerd options. + 5.change to BuildRequires golang-1.18.0 + * Wed Dec 28 2022 xulei - 20.10.21-3 - DESC: change to BuildRequires golang-1.17.3 -- Gitee