docker.service

163主机
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
BindsTo=containerd.service
After=network-online.target containerd.service
Wants=network-online.target
Requires=docker.socket

[Service]
Type=notify
#the default is not to use systemd for cgroups because the delegate issues still
#exists and systemd currently does not support the cgroup feature set required
#for containers run by docker
ExecStart=/usr/bin/dockerd
ExecStartPost=/usr/sbin/iptables -P FORWARD ACCEPT
ExecReload=/bin/kill -s HUP $MAINPID
Restart=always

#Note that StartLimit* options were moved from “Service” to “Unit” in systemd 229.
#Both the old, and new location are accepted by systemd 229 and up, so using the old location
#to make them work for either version of systemd.

#Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
#Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
#this option work for either version of systemd.

#Having non-zero Limit*s causes performance problems due to accounting overhead
#in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity

#Comment TasksMax if your systemd version does not supports it.
#Only systemd 226 and above support this option.
TasksMax=infinity

#set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes

#kill only the docker process, not all processes in the cgroup
KillMode=process

[Install]
WantedBy=multi-user.target

160主机：
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
BindsTo=containerd.service
After=network-online.target containerd.service
Wants=network-online.target
Requires=docker.socket

[Service]
Type=notify
#the default is not to use systemd for cgroups because the delegate issues still
#exists and systemd currently does not support the cgroup feature set required
#for containers run by docker
ExecStart=/usr/bin/dockerd -H fd://
ExecStartPost=/usr/sbin/iptables -P FORWARD ACCEPT
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always

#Note that StartLimit* options were moved from “Service” to “Unit” in systemd 229.
#Both the old, and new location are accepted by systemd 229 and up, so using the old location
#to make them work for either version of systemd.
StartLimitBurst=3

#Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
#Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
#this option work for either version of systemd.
StartLimitInterval=60s

#Having non-zero Limit*s causes performance problems due to accounting overhead
#in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity

#Comment TasksMax if your systemd version does not supports it.
#Only systemd 226 and above support this option.
TasksMax=infinity

#set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes

#kill only the docker process, not all processes in the cgroup
KillMode=process

[Install]
WantedBy=multi-user.target