this morning I woke up to a 'service down' email I have received from watchdog.
After connecting to the server I have found the docker service down.
After little investigation, I have found that this morning Ubuntu made an unattended upgrade of the containerd service and after the upgrade, docker service was not started automatically.
How can I make sure that after the upgrade this will not happen again?
I set Docker and its related packages to hold so they are only upgraded on planned upgrades.
When I want to upgrade Docker I run
apt-mark unhold, upgrade the packages, and hold them again. I have an Ansible playbook to automate this process. My playbook to install and configure Docker sets the packages to hold directly after the installation.We had the same issue. I opted for using a systemd unit file to create a loose dependency between containerd and dockerd.
Here's how:
As root:
Make the override directory (permission 755)
Create the override file in the above directory (permissions 644)
Add the following to the file
Restart systemd daemon
Check it works
Stop containerd
Check dockerd has stopped
Start containerd
Check dockerd has started
++++++++++++++++++++++++++
Some links to other documentation on the subject
https://www.shellhacks.com/systemd-service-file-example/
https://man7.org/linux/man-pages/man5/systemd.service.5.html
The documentation on docker restart policies is helpful, start your containers with the
alwaysorunless-stoppedoptions as appropriate for your use.It also seems reasonable to stop Ubuntu from carrying out unattended upgrades.