default-ulimit should be an arg, not an environment var

2019-10-29 07:56:31 -07:00 · 2019-10-29 07:56:31 -07:00 · f34b51db65
parent 9bacb6a8e4
commit f34b51db65
3 changed files with 37 additions and 6 deletions
--- a/pkg/provision/buildroot.go
+++ b/pkg/provision/buildroot.go
@ -107,9 +107,6 @@ Requires= minikube-automount.service docker.socket

 [Service]
 Type=notify
-
-# Automatically set options
-Environment=default-ulimit=nofile=1048576:1048576
 `
 	if noPivot {
 		log.Warn("Using fundamentally insecure --no-pivot option")
@ -119,7 +116,6 @@ Environment=DOCKER_RAMDISK=yes
 `
 	}
 	engineConfigTmpl += `
-# Passed in-options
 {{range .EngineOptions.Env}}Environment={{.}}
 {{end}}

@ -131,7 +127,7 @@ Environment=DOCKER_RAMDISK=yes
 # will catch this invalid input and refuse to start the service with an error like:
 #  Service has more than one ExecStart= setting, which is only allowed for Type=oneshot services.
 ExecStart=
-ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:{{.DockerPort}} -H unix:///var/run/docker.sock --tlsverify --tlscacert {{.AuthOptions.CaCertRemotePath}} --tlscert {{.AuthOptions.ServerCertRemotePath}} --tlskey {{.AuthOptions.ServerKeyRemotePath}} {{ range .EngineOptions.Labels }}--label {{.}} {{ end }}{{ range .EngineOptions.InsecureRegistry }}--insecure-registry {{.}} {{ end }}{{ range .EngineOptions.RegistryMirror }}--registry-mirror {{.}} {{ end }}{{ range .EngineOptions.ArbitraryFlags }}--{{.}} {{ end }}
+ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:{{.DockerPort}} -H unix:///var/run/docker.sock --default-ulimit=nofile=1048576:1048576 --tlsverify --tlscacert {{.AuthOptions.CaCertRemotePath}} --tlscert {{.AuthOptions.ServerCertRemotePath}} --tlskey {{.AuthOptions.ServerKeyRemotePath}} {{ range .EngineOptions.Labels }}--label {{.}} {{ end }}{{ range .EngineOptions.InsecureRegistry }}--insecure-registry {{.}} {{ end }}{{ range .EngineOptions.RegistryMirror }}--registry-mirror {{.}} {{ end }}{{ range .EngineOptions.ArbitraryFlags }}--{{.}} {{ end }}
 ExecReload=/bin/kill -s HUP $MAINPID

 # Having non-zero Limit*s causes performance problems due to accounting overhead
--- a/test/integration/start_stop_delete_test.go
+++ b/test/integration/start_stop_delete_test.go
@ -123,7 +123,7 @@ func TestStartStop(t *testing.T) {
 					// Arbitrary value set by some container runtimes. If higher, apps like MySQL may make bad decisions.
 					expected := int64(cruntime.OpenFilesMax)
 					if got != expected {
-						t.Errorf("got max-files=%d, expected %d", got, expected)
+						t.Errorf("'ulimit -n' returned %d, expected %d", got, expected)
 					}
 				}

--- a/test/integration/testdata/mysql.yaml
+++ b/test/integration/testdata/mysql.yaml
@ -0,0 +1,35 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: mysql
+spec:
+  ports:
+  - port: 3306
+  selector:
+    app: mysql
+---
+apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
+kind: Deployment
+metadata:
+  name: mysql
+spec:
+  selector:
+    matchLabels:
+      app: mysql
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        app: mysql
+    spec:
+      containers:
+      - image: mysql:5.6
+        name: mysql
+        env:
+          # Use secret in real usage
+        - name: MYSQL_ROOT_PASSWORD
+          value: password
+        ports:
+        - containerPort: 3306
+          name: mysql