I have docker-ce.repo setup that is managed by docker for some Rocky 9 units and Centos 7 units. I have docker.service modified
from : ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
to : ExecStart=/usr/bin/dockerd --data-root /u2/var/lib/docker -H fd:// --containerd=/run/containerd/containerd.sock
The purpose of the change is so that the docker volumes are built on a file system that is larger than /var/lib/docker/
The problem I am having is that when there are dnf updates of docker, the docker.service file is updated and the --data-root qualifiers are removed which breaks the docker containers. I have not found the right place to report the bug to docker. I was wondering if any of you have had this problem with the docker.service file and how you have solved it.
So, are you altering the original SystemD service file in /var/… or are you creating an override file for the ExecStart?
Because you need to create a override file, or it will be “corrected” by dnf on the update, because you altered a applicationfile which is not marked as config file.
This clears the current state of ExecStart and then writes it as you want to have it.
(there is also systemctl edit docker.service --full to override the whole service file, or you can also insert the override file manually and run a daemon-reload afterwards)
Thanks for your response Iumarel. However, my problem is not the edit process my problem is that the edits I enter and save and work, are changed when the docker-ce.repo does and update of the whole docker system that happened on 10/13/2022. When docker replaces the docker.service file it removes the --data-root switch and then my containers that have been working perfect become broken.
Just looked at the update that got released for docker-ce, which has the /usr/lib/systemd/docker.service file in it,
very odd there was no change of that file, but yeah that’s a dnf managed file which will be overwritten on every update (looked in 20.10.18 → 20.10.19)
Well, there may be things I do not understand with systemctl. What I am doing is editing the docker.service file with vim, saving it, and doing a systemctl daemon-reload. Everything works fine for me until docker does an update and the docker.service file is changed with a new time stamp by the dnf update process.
If I use systemctl edit docker.service to make the original changes does that protect the docker.service file from changes during a dnf update. Does this process secure the override file during a dnf update ?
So you run vi /etc/systemd/system/multi-user.wants/docker.service and alter the file?
This will alter the /usr/lib/systemd/docker.service file as the first one is just a symlink.
If you either do a systemctl edit docker.service or a systemctl edit docker.service --full it will write a override file in /etc/systemd/system/docker.service.d/override.conf, which will not be changed on updates
We had the same issue at $work before I took over the dev systems
No worries!
The snippet I posted up there should be everything you need, but if you want to understand the stuff more in depth, search for systemd edit override execstart, there are some good articles which explain what’s going on
