diff options
Diffstat (limited to 'roles/docker')
| -rw-r--r-- | roles/docker/templates/crio.conf.j2 | 2 | ||||
| -rw-r--r-- | roles/docker/templates/custom.conf.j2 | 6 | 
2 files changed, 7 insertions, 1 deletions
| diff --git a/roles/docker/templates/crio.conf.j2 b/roles/docker/templates/crio.conf.j2 index cce790a60..b715c2ffa 100644 --- a/roles/docker/templates/crio.conf.j2 +++ b/roles/docker/templates/crio.conf.j2 @@ -98,7 +98,7 @@ apparmor_profile = "crio-default"  # cgroup_manager is the cgroup management implementation to be used  # for the runtime. -cgroup_manager = "cgroupfs" +cgroup_manager = "systemd"  # hooks_dir_path is the oci hooks directory for automatically executed hooks  hooks_dir_path = "/usr/share/containers/oci/hooks.d" diff --git a/roles/docker/templates/custom.conf.j2 b/roles/docker/templates/custom.conf.j2 index 9b47cb6ab..713412473 100644 --- a/roles/docker/templates/custom.conf.j2 +++ b/roles/docker/templates/custom.conf.j2 @@ -3,3 +3,9 @@  [Unit]  Wants=iptables.service  After=iptables.service + +# The following line is a work-around to ensure docker is restarted whenever +# iptables is restarted.  This ensures the proper iptables rules will be in +# place for docker. +# Note:  This will also cause docker to be stopped if iptables is stopped. +PartOf=iptables.service | 
