[Unit]
Description=Docker Application Container Engine
-After=connman.service dbus.socket
+Documentation=https://docs.docker.com
+After=connman.service docker-engine.socket
+Requires=docker-engine.socket
[Service]
+Type=notify
SmackProcessLabel=System::Privileged
-ExecStart=/usr/bin/dockerd -s overlay2 --userland-proxy=false -H unix:///var/run/docker.sock -H tcp://0.0.0.0:2375
-Sockets=docker-engine.socket
-Restart=always
-RestartSec=0
+ExecStart=/usr/bin/dockerd --userland-proxy=false -H fd:// -H tcp://0.0.0.0:2375
+ExecReload=/bin/kill -s HUP $MAINPID
+LimitNOFILE=1048576
+# Having non-zero Limit*s causes performance problems due to accounting overhead
+# in the kernel. We recommend using cgroups to do container-local accounting.
+LimitNPROC=infinity
+LimitCORE=infinity
+# Uncomment TasksMax if your systemd version supports it.
+# Only systemd 226 and above support this version.
+#TasksMax=infinity
+TimeoutStartSec=0
+# set delegate yes so that systemd does not reset the cgroups of docker containers
+Delegate=yes
+# kill only the docker process, not all processes in the cgroup
+KillMode=process
+# restart the docker process if it exits prematurely
+Restart=on-failure
+StartLimitBurst=3
+StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
+
[Unit]
Description=Docker Socket for the API
-PartOf=docker-engine.service
[Socket]
+# If /var/run is not implemented as a symlink to /run, you may need to
+# specify ListenStream=/var/run/docker.sock instead.
ListenStream=/run/docker.sock
-SocketMode=0777
+SocketMode=0660
SocketUser=root
+# SocketGroup=docker
SmackLabelIPIn=*
SmackLabelIPOut=@