docker creates "docker" sub-directory in all cgroups at the start of containers.
watchdog cgroup is one of them, Even if you do not want it,
notify_on_release is set to 1, and handler operates when a container is terminated.
non-root service cannot change the notify_on_release setting,
so set it to 0 immediately after docker-engine service is executed.
Change-Id: I285e1de785eb2868babcf98db6fa855ca52f3d25
Type=notify
SmackProcessLabel=System::Privileged
ExecStart=/usr/bin/dockerd --userland-proxy=false --data-root /opt/var/lib/docker -H fd:// -H tcp://0.0.0.0:2375 --bridge none
+ExecStartPost=-/bin/sh -c "mkdir /sys/fs/cgroup/watchdog/docker; test -d /sys/fs/cgroup/watchdog/docker && echo 0 > /sys/fs/cgroup/watchdog/docker/notify_on_release"
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=1048576
# Having non-zero Limit*s causes performance problems due to accounting overhead
projects / platform / upstream / docker-engine.git / commitdiff