From 0062b35f973d1d274f1766f82cbeaf776c107ebf Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Tue, 2 Aug 2016 10:55:42 +0200 Subject: [PATCH] Rework systemd service units * Add for docker system units: ExecReload=/bin/kill -s HUP $MAINPID Delegate=yes KillMode=process. * Add missed DOCKER_OPTIONS for calico/weave docker systemd unit. * Change Requires= to a less strict and non-faily Wants=, add missing Wants= for After=. * Align wants/after in a wat if Wants=foo, After= has foo as well. * Make wants/after docker.service to ask for the docker.socket as well. * Move "docker rm -f" commands from ExecStartPre= to ExecStopPost=. hooks to ensure non-destructive start attempts issued by Wants=. Signed-off-by: Bogdan Dobrelya --- roles/etcd/templates/etcd-docker.service.j2 | 6 +++--- roles/etcd/templates/etcd-proxy-docker.service.j2 | 6 +++--- roles/kubernetes/node/templates/kubelet.service.j2 | 8 +++++--- .../calico/templates/calico-node.service.j2 | 4 ++-- .../calico/templates/systemd-docker.service | 7 +++++-- .../flannel/templates/systemd-docker.service | 10 +++++++--- .../weave/templates/systemd-docker.service | 8 ++++++-- roles/network_plugin/weave/templates/weave.service.j2 | 4 ++-- .../weave/templates/weaveexpose.service.j2 | 6 ++---- .../weave/templates/weaveproxy.service.j2 | 4 ++-- 10 files changed, 37 insertions(+), 26 deletions(-) diff --git a/roles/etcd/templates/etcd-docker.service.j2 b/roles/etcd/templates/etcd-docker.service.j2 index a37759fec..4b6cec5c9 100644 --- a/roles/etcd/templates/etcd-docker.service.j2 +++ b/roles/etcd/templates/etcd-docker.service.j2 @@ -1,7 +1,7 @@ [Unit] Description=etcd docker wrapper -Wants=docker.socket -After=docker.service +Wants=docker.service docker.socket +After=docker.service docker.socket [Service] User=root @@ -18,7 +18,7 @@ ExecStart={{ docker_bin_dir | default("/usr/bin") }}/docker run --restart=always {% if etcd_after_v3 %} {{ etcd_container_bin_dir }}etcd {% endif %} -ExecStartPre=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_member_name | default("etcd-proxy") }} +ExecStopPost=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_member_name | default("etcd-proxy") }} ExecReload={{ docker_bin_dir | default("/usr/bin") }}/docker restart {{ etcd_member_name | default("etcd-proxy") }} ExecStop={{ docker_bin_dir | default("/usr/bin") }}/docker stop {{ etcd_member_name | default("etcd-proxy") }} Restart=always diff --git a/roles/etcd/templates/etcd-proxy-docker.service.j2 b/roles/etcd/templates/etcd-proxy-docker.service.j2 index bf70f0e7f..939e6fd35 100644 --- a/roles/etcd/templates/etcd-proxy-docker.service.j2 +++ b/roles/etcd/templates/etcd-proxy-docker.service.j2 @@ -1,7 +1,7 @@ [Unit] Description=etcd-proxy docker wrapper -Wants=docker.socket -After=docker.service +Wants=docker.service docker.socket +After=docker.service docker.socket [Service] User=root @@ -18,7 +18,7 @@ ExecStart={{ docker_bin_dir | default("/usr/bin") }}/docker run --restart=always {% if etcd_after_v3 %} {{ etcd_container_bin_dir }}etcd {% endif %} -ExecStartPre=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_proxy_member_name | default("etcd-proxy") }} +ExecStopPost=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_proxy_member_name | default("etcd-proxy") }} ExecReload={{ docker_bin_dir | default("/usr/bin") }}/docker restart {{ etcd_proxy_member_name | default("etcd-proxy") }} ExecStop={{ docker_bin_dir | default("/usr/bin") }}/docker stop {{ etcd_proxy_member_name | default("etcd-proxy") }} Restart=always diff --git a/roles/kubernetes/node/templates/kubelet.service.j2 b/roles/kubernetes/node/templates/kubelet.service.j2 index acad42e1f..e92f71d51 100644 --- a/roles/kubernetes/node/templates/kubelet.service.j2 +++ b/roles/kubernetes/node/templates/kubelet.service.j2 @@ -2,9 +2,11 @@ Description=Kubernetes Kubelet Server Documentation=https://github.com/GoogleCloudPlatform/kubernetes {% if kube_network_plugin is defined and kube_network_plugin == "calico" %} -After=docker.service calico-node.service +After=docker.service docker.socket calico-node.service +Wants=docker.service docker.socket calico-node.service {% else %} -After=docker.service +After=docker.service docker.socket +Wants=docker.service docker.socket {% endif %} [Service] @@ -22,7 +24,7 @@ ExecStart={{ bin_dir }}/kubelet \ $KUBELET_REGISTER_NODE \ $KUBELET_NETWORK_PLUGIN \ $KUBELET_CLOUDPROVIDER -ExecStartPre=-/usr/bin/docker rm -f kubelet +ExecStopPost=-/usr/bin/docker rm -f kubelet ExecReload=/usr/bin/docker restart kubelet Restart=always RestartSec=10s diff --git a/roles/network_plugin/calico/templates/calico-node.service.j2 b/roles/network_plugin/calico/templates/calico-node.service.j2 index 115da35ae..152ecce64 100644 --- a/roles/network_plugin/calico/templates/calico-node.service.j2 +++ b/roles/network_plugin/calico/templates/calico-node.service.j2 @@ -1,8 +1,8 @@ [Unit] Description=Calico per-node agent Documentation=https://github.com/projectcalico/calico-docker -After=docker.service etcd-proxy.service -Wants=docker.socket +After=docker.service docker.socket etcd-proxy.service +Wants=docker.service docker.socket etcd-proxy.service [Service] User=root diff --git a/roles/network_plugin/calico/templates/systemd-docker.service b/roles/network_plugin/calico/templates/systemd-docker.service index 01383d772..d20a2fbe0 100644 --- a/roles/network_plugin/calico/templates/systemd-docker.service +++ b/roles/network_plugin/calico/templates/systemd-docker.service @@ -2,11 +2,11 @@ Description=Docker Application Container Engine Documentation=http://docs.docker.com {% if ansible_os_family == "RedHat" %} -After=network.target +After=network.target docker-storage-setup.service Wants=docker-storage-setup.service {% elif ansible_os_family == "Debian" %} After=network.target docker.socket -Requires=docker.socket +Wants=docker.socket {% endif %} [Service] @@ -20,6 +20,9 @@ EnvironmentFile=-/etc/sysconfig/docker-storage EnvironmentFile=-/etc/default/docker {% endif %} Environment=GOTRACEBACK=crash +ExecReload=/bin/kill -s HUP $MAINPID +Delegate=yes +KillMode=process ExecStart=/usr/bin/docker daemon \ $OPTIONS \ $DOCKER_STORAGE_OPTIONS \ diff --git a/roles/network_plugin/flannel/templates/systemd-docker.service b/roles/network_plugin/flannel/templates/systemd-docker.service index 3275c6e24..21790dd6f 100644 --- a/roles/network_plugin/flannel/templates/systemd-docker.service +++ b/roles/network_plugin/flannel/templates/systemd-docker.service @@ -2,22 +2,26 @@ Description=Docker Application Container Engine Documentation=http://docs.docker.com {% if ansible_os_family == "RedHat" %} -After=network.target +After=network.target docker-storage-setup.service Wants=docker-storage-setup.service {% elif ansible_os_family == "Debian" %} After=network.target docker.socket -Requires=docker.socket +Wants=docker.socket {% endif %} [Service] Type=notify EnvironmentFile=-/etc/default/docker Environment=GOTRACEBACK=crash +ExecReload=/bin/kill -s HUP $MAINPID +Delegate=yes +KillMode=process ExecStart=/usr/bin/docker daemon \ $OPTIONS \ $DOCKER_STORAGE_OPTIONS \ $DOCKER_NETWORK_OPTIONS \ - $INSECURE_REGISTRY + $INSECURE_REGISTRY \ + $DOCKER_OPTS LimitNOFILE=1048576 LimitNPROC=1048576 LimitCORE=infinity diff --git a/roles/network_plugin/weave/templates/systemd-docker.service b/roles/network_plugin/weave/templates/systemd-docker.service index 3275c6e24..96dd6cd05 100644 --- a/roles/network_plugin/weave/templates/systemd-docker.service +++ b/roles/network_plugin/weave/templates/systemd-docker.service @@ -6,18 +6,22 @@ After=network.target Wants=docker-storage-setup.service {% elif ansible_os_family == "Debian" %} After=network.target docker.socket -Requires=docker.socket +Wants=docker.socket {% endif %} [Service] Type=notify EnvironmentFile=-/etc/default/docker Environment=GOTRACEBACK=crash +ExecReload=/bin/kill -s HUP $MAINPID +Delegate=yes +KillMode=process ExecStart=/usr/bin/docker daemon \ $OPTIONS \ $DOCKER_STORAGE_OPTIONS \ $DOCKER_NETWORK_OPTIONS \ - $INSECURE_REGISTRY + $INSECURE_REGISTRY \ + $DOCKER_OPTS LimitNOFILE=1048576 LimitNPROC=1048576 LimitCORE=infinity diff --git a/roles/network_plugin/weave/templates/weave.service.j2 b/roles/network_plugin/weave/templates/weave.service.j2 index a4e9e8d8e..46d9434fe 100644 --- a/roles/network_plugin/weave/templates/weave.service.j2 +++ b/roles/network_plugin/weave/templates/weave.service.j2 @@ -1,8 +1,8 @@ [Unit] Description=Weave Network Documentation=http://docs.weave.works/weave/latest_release/ -Requires=docker.service -After=docker.service +Wants=docker.service docker.socket +After=docker.service docker.socket [Service] EnvironmentFile=-/etc/weave.env diff --git a/roles/network_plugin/weave/templates/weaveexpose.service.j2 b/roles/network_plugin/weave/templates/weaveexpose.service.j2 index 03446ee0f..912ed1fee 100644 --- a/roles/network_plugin/weave/templates/weaveexpose.service.j2 +++ b/roles/network_plugin/weave/templates/weaveexpose.service.j2 @@ -1,9 +1,7 @@ [Unit] Documentation=http://docs.weave.works/ -Requires=docker.service -Requires=weave.service -After=weave.service -After=docker.service +Wants=docker.service docker.socket weave.service +After=docker.service docker.socket weave.service [Service] Type=oneshot diff --git a/roles/network_plugin/weave/templates/weaveproxy.service.j2 b/roles/network_plugin/weave/templates/weaveproxy.service.j2 index fe5032893..f37120f1c 100644 --- a/roles/network_plugin/weave/templates/weaveproxy.service.j2 +++ b/roles/network_plugin/weave/templates/weaveproxy.service.j2 @@ -1,8 +1,8 @@ [Unit] Description=Weave proxy for Docker API Documentation=http://docs.weave.works/ -Requires=docker.service -After=docker.service +Wants=docker.service docker.socket +After=docker.service docker.socket [Service] EnvironmentFile=-/etc/weave.%H.env