diff options
Diffstat (limited to 'roles/docker')
| -rw-r--r-- | roles/docker/templates/crio.conf.j2 | 2 | ||||
| -rw-r--r-- | roles/docker/templates/custom.conf.j2 | 6 |
2 files changed, 7 insertions, 1 deletions
diff --git a/roles/docker/templates/crio.conf.j2 b/roles/docker/templates/crio.conf.j2 index cce790a60..b715c2ffa 100644 --- a/roles/docker/templates/crio.conf.j2 +++ b/roles/docker/templates/crio.conf.j2 @@ -98,7 +98,7 @@ apparmor_profile = "crio-default" # cgroup_manager is the cgroup management implementation to be used # for the runtime. -cgroup_manager = "cgroupfs" +cgroup_manager = "systemd" # hooks_dir_path is the oci hooks directory for automatically executed hooks hooks_dir_path = "/usr/share/containers/oci/hooks.d" diff --git a/roles/docker/templates/custom.conf.j2 b/roles/docker/templates/custom.conf.j2 index 9b47cb6ab..713412473 100644 --- a/roles/docker/templates/custom.conf.j2 +++ b/roles/docker/templates/custom.conf.j2 @@ -3,3 +3,9 @@ [Unit] Wants=iptables.service After=iptables.service + +# The following line is a work-around to ensure docker is restarted whenever +# iptables is restarted. This ensures the proper iptables rules will be in +# place for docker. +# Note: This will also cause docker to be stopped if iptables is stopped. +PartOf=iptables.service |