colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docker module: fix kernel module loading

Browse Source 
The docker module used different code for socket-activated docker daemon than for the non-socket activated daemon.
In particular, if the socket-activated daemon is used, then modprobe wasn't set up to be usable and in PATH for
the docker daemon, which resulted in a failure to start the daemon with overlayfs as storageDriver if the
`overlay` kernel module wasn't already loaded. This commit fixes that bug (which only appears if socket
activation is used), and also reduces the duplication between code paths so that it's easier to keep
both in sync in future.
This commit is contained in:
Benno Fünfstück 2015-12-24 12:07:45 +01:00
parent 0fda4ff715
commit 79b4e5a8d7
1 changed files with 16 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
nixos/modules/virtualisation/docker.nix
View File

@ -69,7 +69,8 @@ in
description = ''
The postStart phase of the systemd service. You may need to
override this if you are passing in flags to docker which
don't cause the socket file to be created.
don't cause the socket file to be created. This option is ignored
if socket activation is used.
'';
};
@ -81,22 +82,29 @@ in
config = mkIf cfg.enable (mkMerge [
{ environment.systemPackages = [ pkgs.docker ];
users.extraGroups.docker.gid = config.ids.gids.docker;
}
(mkIf cfg.socketActivation {
systemd.services.docker = {
description = "Docker Application Container Engine";
after = [ "network.target" "docker.socket" ];
requires = [ "docker.socket" ];
wantedBy = optional (!cfg.socketActivation) "multi-user.target";
after = [ "network.target" ] ++ (optional cfg.socketActivation "docker.socket") ;
requires = optional cfg.socketActivation "docker.socket";
serviceConfig = {
ExecStart = "${pkgs.docker}/bin/docker daemon --host=fd:// --group=docker --storage-driver=${cfg.storageDriver} ${cfg.extraOptions}";
ExecStart = "${pkgs.docker}/bin/docker daemon --group=docker --storage-driver=${cfg.storageDriver} ${optionalString cfg.socketActivation "--host=fd://"} ${cfg.extraOptions}";
# I'm not sure if that limits aren't too high, but it's what
# goes in config bundled with docker itself
LimitNOFILE = 1048576;
LimitNPROC = 1048576;
} // proxy_env;
};
path = [ pkgs.kmod ] ++ (optional (cfg.storageDriver == "zfs") pkgs.zfs);
environment.MODULE_DIR = "/run/current-system/kernel-modules/lib/modules";
postStart = if cfg.socketActivation then "" else cfg.postStart;
# Presumably some containers are running we don't want to interrupt
restartIfChanged = false;
};
}
(mkIf cfg.socketActivation {
systemd.sockets.docker = {
description = "Docker Socket for the API";
wantedBy = [ "sockets.target" ];
@ -108,29 +116,6 @@ in
};
};
})
(mkIf (!cfg.socketActivation) {
systemd.services.docker = {
description = "Docker Application Container Engine";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
ExecStart = "${pkgs.docker}/bin/docker daemon --group=docker --storage-driver=${cfg.storageDriver} ${cfg.extraOptions}";
# I'm not sure if that limits aren't too high, but it's what
# goes in config bundled with docker itself
LimitNOFILE = 1048576;
LimitNPROC = 1048576;
} // proxy_env;
path = [ pkgs.kmod ] ++ (optional (cfg.storageDriver == "zfs") pkgs.zfs);
environment.MODULE_DIR = "/run/current-system/kernel-modules/lib/modules";
postStart = cfg.postStart;
# Presumably some containers are running we don't want to interrupt
restartIfChanged = false;
};
})
]);
}