Task #17438
closed[deployment][packer] compute-images script fixes
Description
a few more fixes to the packer compute-image script:
1. The script edits the /lib/systemd/system/docker.service
file in place. The recommended way to customize systemd service files is to place the modified files in /etc/systemd/system/
instead, so they're not accidentally overwritten on updates.
2. The script requires a resolver
variable and forces modifying docker
's DNS settings. This is not required/advisable/desired in some environments like cloud, where DNS resolvers might be changed and propagated correctly by the underlying infrastructure.
Related issues
Updated by Javier Bértoli about 3 years ago
- Copied from Task #17435: [deployment][packer] compute-images script fixes added
Updated by Javier Bértoli about 3 years ago
Submit PR commit 99524c2ef@arvados, branch 17438-compute-images-script-fixes
Updated by Ward Vandewege about 3 years ago
Javier Bértoli wrote:
Submit PR commit 99524c2ef@arvados, branch 17438-compute-images-script-fixes
This code doesn't seem right, the sed is just going to create an empty file because there is nothing on its stdin (and the -i flag was removed).
-# Set a higher ulimit for docker -$SUDO sed -i "s/ExecStart=\(.*\)/ExecStart=\1 --default-ulimit nofile=10000:10000 --dns ${RESOLVER}/g" /lib/systemd/system/docker.service +# Set a higher ulimit and the resolver (if set) for docker +if [ "x$RESOLVER" != "x" ]; then + SET_RESOLVER="--dns ${RESOLVER}" +fi + +$SUDO sed "s/ExecStart=\(.*\)/ExecStart=\1 --default-ulimit nofile=10000:10000 ${SET_RESOLVER}/g" > /etc/systemd/system/docker.service
Instead, I think you want to drop a new file in `/etc/systemd/system/docker.service.d/`, with just these contents:
[Service] ExecStart= ExecStart=(copy from /lib/systemd/system/docker.service at image generation time, and modify like in the sed line from the script)
Note that we need to clear the existing ExecStart value (it is parsed as a list), which is what the empty assignment is for on line 2.
Or you can copy the file from `/lib/systemd/system/` to `/etc/systemd/system/` like you were planning and edit it in place.