diff --git a/basic.sh b/basic.sh index 9860be5..b518004 100755 --- a/basic.sh +++ b/basic.sh @@ -48,5 +48,8 @@ for SERVICE in consolefont crond nginx ntpd sshd; do rc-update add ${SERVICE} boot service ${SERVICE} start done + +# Configure Docker service +cp ${SOURCE_DIR}/etc/init.d/docker /etc/init.d/docker rc-update add docker service docker start diff --git a/basic/etc/init.d/docker b/basic/etc/init.d/docker new file mode 100755 index 0000000..72a5cbc --- /dev/null +++ b/basic/etc/init.d/docker @@ -0,0 +1,42 @@ +#!/sbin/openrc-run +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +command="${DOCKERD_BINARY:-/usr/bin/dockerd}" +pidfile="${DOCKER_PIDFILE:-/run/${RC_SVCNAME}.pid}" +command_args="-p \"${pidfile}\" ${DOCKER_OPTS}" +DOCKER_LOGFILE="${DOCKER_LOGFILE:-/var/log/${RC_SVCNAME}.log}" +DOCKER_ERRFILE="${DOCKER_ERRFILE:-${DOCKER_LOGFILE}}" +DOCKER_OUTFILE="${DOCKER_OUTFILE:-${DOCKER_LOGFILE}}" +start_stop_daemon_args="--background \ + --stderr \"${DOCKER_ERRFILE}\" --stdout \"${DOCKER_OUTFILE}\"" + +grsecdir=/proc/sys/kernel/grsecurity + +depend() { + need sysfs +} + +start_pre() { + checkpath -f -m 0644 -o root:docker "$DOCKER_LOGFILE" + + for i in $disable_grsec; do + if [ -e "$grsecdir/$i" ]; then + einfo " Disabling $i" + echo 0 > "$grsecdir/$i" + fi + done + ulimit -n 1048576 + + # Having non-zero limits causes performance problems due to accounting overhead + # in the kernel. We recommend using cgroups to do container-local accounting. + ulimit -p unlimited + + return 0 +} + +start_post() { + until [ -e /var/run/docker.sock ]; do + usleep 100000 + done +}