Upgrade to Pro — share decks privately, control downloads, hide ads and more …

systemd: wymyślmy jeszcze jedno koło

Tomasz
January 15, 2011
Technology
0
70

systemd: wymyślmy jeszcze jedno koło

Prezentacja w ramach Zimowiska TLUG 2011. Wprowadzenie do systemd.
http://vimeo.com/20205771

Tomasz

January 15, 2011
Tweet

More Decks by Tomasz

See All by Tomasz
The Song of JBoss and Chef
ttorcz
0
120
Home, Smart Home
ttorcz
0
87
FreeIPA: zintegrowane zarządzanie użytkownikami
ttorcz
0
180
systemd – ściągawka
ttorcz
0
90
Solaris? meh.
ttorcz
0
50
Podziel się wiedzą: systemd
ttorcz
0
46
Wirtualizacja od podszewki
ttorcz
0
83
Wprowadzenie do DTrace
ttorcz
0
60
Zastosowanie swarmingu do dystrybucji danych
ttorcz
0
51

Other Decks in Technology

See All in Technology
データ分析基盤の要件分析の話(202201_JEDAI)
yabooun
0
260
ML PM, DS PMってどんな仕事をしているの?
line_developers
PRO
1
240
証明書って何だっけ? 〜AWSの中間CA移行に備える〜
minorun365
3
2.1k
PCI DSS に準拠したシステム開発
yutadayo
0
310
ROS_Japan_UG_#49_LT
maeharakeisuke
0
220
ChatGPT for Hacking
anugrahsr
0
4.4k
MarvelClient Upgrade 64bit クライアントへの自動アップグレード設定
mitsuru_katoh
0
150
Deep Neural Networkの共同学習
hf149
0
290
WebLogic Server for OCI 概要
oracle4engineer
PRO
3
880
SignalR を使ったアプリケーション開発をより快適に!
nenonaninu
0
630
SSMパラメーターストアでクロススタック参照の罠を回避する
shuyakinjo
0
6.9k
創業1年目のスタートアップでAWSコストを抑えるために取り組んでいること / How to Keep AWS Costs Down at a Startup
yuj1osm
3
2.2k

Featured

See All Featured
Documentation Writing (for coders)
carmenintech
51
2.9k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
7
580
Design by the Numbers
sachag
271
18k
Building an army of robots
kneath
301
40k
For a Future-Friendly Web
brad_frost
166
7.8k
Build your cross-platform service in a week with App Engine
jlugia
221
17k
VelocityConf: Rendering Performance Case Studies
addyosmani
317
22k
Writing Fast Ruby
sferik
613
58k
Teambox: Starting and Learning
jrom
124
7.9k
GitHub's CSS Performance
jonrohan
1020
430k
Fashionably flexible responsive web design (full day workshop)
malarkey
396
63k
Why Our Code Smells
bkeepers
PRO
326
55k

Transcript

  1. systemd: wymyślmy jeszcze jedno koło Zimowisko TLUG 2011 Zimowisko TLUG

    2011 Tomasz Torcz Tomasz Torcz <[email protected]> <[email protected]>

  2. Rozdzielnik co to jest init? jaką ma rolę? dlaczego systemd?

  3. SystemV init PID 1 /etc/inittab sysinit: initdefault: http://en.wikipedia.org/wiki/Init#Other_styles

  4. Mamo, skąd się biorą procesy? - boot - cron, at

    - inetd - D-Bus activation

  5. Autorzy systemd% git log --format=%an | sort -u | wc

    -l 47 >10 commitów: Michael Biebl, Kay Sievers, Lennart Pöttering Pomysły: reszta świata

  6. Usługi to nie wszystko usługi gniazda punkty mountowania pliki, katalogi

    upływ czasu urządzenia, cele

  7. Ale my już mamy koło!

  8. Ale my już mamy koło! /etc/init.d/* /etc/fstab /etc/init/* kernel command

    line (emergency, single itp.)

  9. Usługi zależności (implicit) restartowanie demonizacja limity i kontrola (CPU, I/O,

    mem)

  10. Usługi - kontrola WorkingDirectory= RootDirectory= User= Group= SupplementaryGroups= Nice= OOMScoreAdjust=

    IOSchedulingClass= IOSchedulingPriority= CPUSchedulingPolicy= CPUSchedulingPriority= CPUSchedulingResetOnFork= CPUAffinity= UMask= Environment= EnvironmentFile= StandardInput= StandardOutput= StandardError= TTYPath= SyslogIdentifer= SyslogFacility= SyslogLevel= SyslogLevelPrefix= TimerSlackNSec= LimitCPU= LimitFSIZE= LimitDATA= LimitSTACK= LimitCORE= LimitRSS= LimitNOFILE= LimitAS= LimitNPROC= LimitMEMLOCK= LimitLOCKS= LimitSIGPENDING= LimitMSGQUEUE= LimitNICE= LimitRTPRIO= LimitRTTIME= PAMName= TCPWrapName= Capabilities= SecureBits= CapabilityBoundingSetDrop= ControlGroup= ReadWriteDirectories= ReadOnlyDirectories= InaccessibleDirectories= PrivateTmp= MountFlags=

  11. Usługi - kontrola WorkingDirectory= RootDirectory= User= Group= SupplementaryGroups= Nice= OOMScoreAdjust=

    IOSchedulingClass= IOSchedulingPriority= CPUSchedulingPolicy= CPUSchedulingPriority= CPUSchedulingResetOnFork= CPUAffinity= UMask= Environment= EnvironmentFile= StandardInput= StandardOutput= StandardError= TTYPath= SyslogIdentifer= SyslogFacility= SyslogLevel= SyslogLevelPrefix= TimerSlackNSec= LimitCPU= LimitFSIZE= LimitDATA= LimitSTACK= LimitCORE= LimitRSS= LimitNOFILE= LimitAS= LimitNPROC= LimitMEMLOCK= LimitLOCKS= LimitSIGPENDING= LimitMSGQUEUE= LimitNICE= LimitRTPRIO= LimitRTTIME= PAMName= TCPWrapName= Capabilities= SecureBits= CapabilityBoundingSetDrop= ControlGroup= ReadWriteDirectories= ReadOnlyDirectories= InaccessibleDirectories= PrivateTmp= MountFlags=

  12. Usługi - kontrola WorkingDirectory= RootDirectory= User= Group= SupplementaryGroups= Nice= OOMScoreAdjust=

    IOSchedulingClass= IOSchedulingPriority= CPUSchedulingPolicy= CPUSchedulingPriority= CPUSchedulingResetOnFork= CPUAffinity= UMask= Environment= EnvironmentFile= StandardInput= StandardOutput= StandardError= TTYPath= SyslogIdentifer= SyslogFacility= SyslogLevel= SyslogLevelPrefix= TimerSlackNSec= LimitCPU= LimitFSIZE= LimitDATA= LimitSTACK= LimitCORE= LimitRSS= LimitNOFILE= LimitAS= LimitNPROC= LimitMEMLOCK= LimitLOCKS= LimitSIGPENDING= LimitMSGQUEUE= LimitNICE= LimitRTPRIO= LimitRTTIME= PAMName= TCPWrapName= Capabilities= SecureBits= CapabilityBoundingSetDrop= ControlGroup= ReadWriteDirectories= ReadOnlyDirectories= InaccessibleDirectories= PrivateTmp= MountFlags=

  13. Usługi - kontrola WorkingDirectory= RootDirectory= User= Group= SupplementaryGroups= Nice= OOMScoreAdjust=

    IOSchedulingClass= IOSchedulingPriority= CPUSchedulingPolicy= CPUSchedulingPriority= CPUSchedulingResetOnFork= CPUAffinity= UMask= Environment= EnvironmentFile= StandardInput= StandardOutput= StandardError= TTYPath= SyslogIdentifer= SyslogFacility= SyslogLevel= SyslogLevelPrefix= TimerSlackNSec= LimitCPU= LimitFSIZE= LimitDATA= LimitSTACK= LimitCORE= LimitRSS= LimitNOFILE= LimitAS= LimitNPROC= LimitMEMLOCK= LimitLOCKS= LimitSIGPENDING= LimitMSGQUEUE= LimitNICE= LimitRTPRIO= LimitRTTIME= PAMName= TCPWrapName= Capabilities= SecureBits= CapabilityBoundingSetDrop= ControlGroup= ReadWriteDirectories= ReadOnlyDirectories= InaccessibleDirectories= PrivateTmp= MountFlags=

  14. Usługi - kontrola WorkingDirectory= RootDirectory= User= Group= SupplementaryGroups= Nice= OOMScoreAdjust=

    IOSchedulingClass= IOSchedulingPriority= CPUSchedulingPolicy= CPUSchedulingPriority= CPUSchedulingResetOnFork= CPUAffinity= UMask= Environment= EnvironmentFile= StandardInput= StandardOutput= StandardError= TTYPath= SyslogIdentifer= SyslogFacility= SyslogLevel= SyslogLevelPrefix= TimerSlackNSec= LimitCPU= LimitFSIZE= LimitDATA= LimitSTACK= LimitCORE= LimitRSS= LimitNOFILE= LimitAS= LimitNPROC= LimitMEMLOCK= LimitLOCKS= LimitSIGPENDING= LimitMSGQUEUE= LimitNICE= LimitRTPRIO= LimitRTTIME= PAMName= TCPWrapName= Capabilities= SecureBits= CapabilityBoundingSetDrop= ControlGroup= ReadWriteDirectories= ReadOnlyDirectories= InaccessibleDirectories= PrivateTmp= MountFlags=

  15. Usługi - kontrola man systemd.exec man systemd.unit man systemd.service

  16. Usługi - sysvinit #!/bin/bash # # ladvd Startup script for

    the [cefn]dp/lldp sender # # chkconfig: - 85 15 # description: ladvd uses [cefn]dp / lldp frames to inform switches \ # about connected hosts, which simplifies ethernet \ # switch management. # processname: ladvd # pidfile: /var/run/ladvd.pid # ### BEGIN INIT INFO # Provides: ladvd # Required-Start: $local_fs $network # Required-Stop: $local_fs $network # Short-Description: start and stop cdp/lldp sender # Description: ladvd uses [cefn]dp / lldp frames to inform switches # about connected hosts, which simplifies ethernet # switch management. ### END INIT INFO # Source function library. . /etc/rc.d/init.d/functions [ -f /etc/sysconfig/network ] && . /etc/sysconfig/network [ "${NETWORKING}" = "yes" ] || exit 0 [ -r /etc/sysconfig/ladvd ] && . /etc/sysconfig/ladvd start() { [ -z "$ARGS" ] && exit 6 echo -n $"Starting ladvd: " [ ! -d "/var/run/ladvd" ] && mkdir /var/run/ladvd && chown ladvd.ladvd /var/run/ladvd daemon /usr/sbin/ladvd $ARGS $LADVDARGS RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/ladvd return $RETVAL } stop() { echo -n $"Shutting down ladvd: " killproc ladvd RETVAL=$? rm -f /var/lock/subsys/ladvd echo return $RETVAL } [ -f /usr/sbin/ladvd ] || exit 0 # See how we were called. case "$1" in start) start ;; stop) stop ;; force-reload|restart|reload) stop start ;; try-restart|condrestart) [ -e /var/lock/subsys/ladvd ] && (stop; start) ;; status) status ladvd RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|status|restart|reload|condrestart}" exit 3 esac exit $RETVAL

  17. Usługi - sysvinit #!/bin/bash # # ladvd Startup script for

    the [cefn]dp/lldp sender # # chkconfig: - 85 15 # description: ladvd uses [cefn]dp / lldp frames to inform switches \ # about connected hosts, which simplifies ethernet \ # switch management. # processname: ladvd # pidfile: /var/run/ladvd.pid # ### BEGIN INIT INFO # Provides: ladvd # Required-Start: $local_fs $network # Required-Stop: $local_fs $network # Short-Description: start and stop cdp/lldp sender # Description: ladvd uses [cefn]dp / lldp frames to inform switches # about connected hosts, which simplifies ethernet # switch management. ### END INIT INFO

  18. Usługi - sysvinit [ -r /etc/sysconfig/ladvd ] && . /etc/sysconfig/ladvd

    start() { [ -z "$ARGS" ] && exit 6 echo -n $"Starting ladvd: " [ ! -d "/var/run/ladvd" ] && mkdir /var/run/ladvd && chown ladvd.ladvd /var/run/ladvd daemon /usr/sbin/ladvd $ARGS $LADVDARGS RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/ladvd return $RETVAL } stop() { echo -n $"Shutting down ladvd: " killproc ladvd RETVAL=$? rm -f /var/lock/subsys/ladvd echo return $RETVAL } [ -f /usr/sbin/ladvd ] || exit 0

  19. Usługi - sysvinit # See how we were called. case

    "$1" in start) start ;; stop) stop ;; force-reload|restart|reload) stop start ;; try-restart|condrestart) [ -e /var/lock/subsys/ladvd ] && (stop; start) ;; status) status ladvd RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|status|restart|reload|condrestart}" exit 3 esac exit $RETVAL

  20. Usługi - systemd [Unit] Description=uses [cefn]dp / lldp frames to

    inform switches about connected hosts [Service] EnvironmentFile=/etc/sysconfig/ladvd ExecStart=/usr/sbin/ladvd -a -f $LADVD_OPTIONS PIDFile=/var/run/ladvd.pid StandardOutput=syslog

  21. Usługi - pilnowanie systemctl status (DEMO)

  22. Gniazda kompatybilność (x)inetd niezrywalne połączenia przykład: syslog pełna kontrola

  23. Gniazda - kontrola BindIPv6Only= Backlog= BindToDevice= SocketMode= MaxConnections= KeepAlive= Priority=

    ReceiveBuffer= SendBuffer= IPTOS= IPTTL= Mark= PipeSize= FreeBind= TCPCongestion=

  24. Gniazda (DEMO)

  25. Gniazda – vsftpd.socket [Unit] Description=vsftpd incoming socket [Socket] ListenStream=21 Accept=yes

    [Install] WantedBy=multi-user.target

  26. Gniazda – [email protected] [Unit] Description=vsftpd instance service [Service] Type=simple ExecStart=-/usr/sbin/vsftpd

    StandardInput=socket

  27. Urządzenia współpraca z udev start aplikacji zależny od sprzętu

  28. Urządzenia – 99-hdapsd.rules # cat /etc/udev/rules.d/99-hdapsd.rules SUBSYSTEM=="block", KERNEL=="sd[ab]", ATTRS{removable}=="0", TAG="systemd",

    ENV{SYSTEMD_WANTS}="[email protected]%k.service" (DEMO)

  29. Urządzenia – [email protected] [Unit] Description=%I shock protection daemon [Service] EnvironmentFile=/etc/sysconfig/hdapsd

    StandardOutput=syslog SyslogIdentifier=%p(%I) Nice=-5 ExecStart=/usr/sbin/hdapsd -d %I $HDAPSD_OPTIONS (DEMO)

  30. Timery cykliczne czynności: czyszczenie raportowanie w przyszłości cron

  31. Timery – rrd_hddtemp.timer [Timer] OnBootSec=3m OnUnitActiveSec=5m [Install] WantedBy=multi-user.target

  32. Timery – rrd_hddtemp.service [Service] ExecStart=/root/bin/rrd_hddtemp.pl Type=oneshot StandardError=syslog

  33. Wymagania jądro 2.6.32 devtmpfs D-Bus 1.4.0 udev 151

  34. Podsumowując lepsza kontrola – restarty, limity OnFailure= pilnowanie zależności mniej

    kodu: demonizowanie, sockety

  35. Podsumowując 2 zintegrowanie usług dystrybucyjnych (random seed, clock, API mounts)

    ujednolicenie skryptów startowych szybki start, zintegrowany readahead

  36. avahi-daemon.socket [Unit] Description=Avahi mDNS/DNS-SD Stack Activation Socket [Socket] ListenStream=/var/run/avahi-daemon/socket [Install]

    WantedBy=sockets.target

  37. avahi-daemon.service [Unit] Description=Avahi mDNS/DNS-SD Stack Requires=avahi-daemon.socket After=syslog.target [Service] Type=dbus BusName=org.freedesktop.Avahi

    ExecStart=/usr/sbin/avahi-daemon -s ExecReload=/usr/sbin/avahi-daemon -r NotifyAccess=main [Install] WantedBy=multi-user.target Also=avahi-daemon.socket

  38. systemctl status # systemctl status avahi-daemon.service avahi-daemon.service - Avahi mDNS/DNS-SD

    Stack Loaded: loaded (/lib/systemd/system/avahi-daemon.service) Active: active (running) since [Sat, 18 Sep 2010 23:32:54 +0200; 16h ago] Main PID: 3300 (avahi-daemon) Status: "Server startup complete. Host name is dhartha.local. Local service cookie is 966442585." CGroup: name=systemd:/systemd-1/avahi-daemon.service ├ 3300 avahi-daemon: running [dhartha.local] └ 3305 avahi-daemon: chroot helper

  39. systemctl status # systemctl status avahi-daemon.service avahi-daemon.service - Avahi mDNS/DNS-SD

    Stack Loaded: loaded (/lib/systemd/system/avahi-daemon.service) Active: active (running) since [Sat, 18 Sep 2010 23:32:54 +0200; 16h ago] Main PID: 3300 (avahi-daemon) Status: "Server startup complete. Host name is dhartha.local. Local service cookie is 966442585." CGroup: name=systemd:/systemd-1/avahi-daemon.service ├ 3300 avahi-daemon: running [dhartha.local] ├ 3305 avahi-daemon: chroot helper

  40. status mount # systemctl status boot.mount boot.mount - /boot Loaded:

    loaded Active: active (mounted) since [Sat, 18 Sep 2010 23:32:54 +0200; 16h ago] Where: /boot CGroup: name=systemd:/systemd-1/boot.mount

  41. systemd: wymyślmy jeszcze jedno koło Zimowisko TLUG 2011 Zimowisko TLUG

    2011 Tomasz Torcz Tomasz Torcz <[email protected]> <[email protected]>

  42. systemctl -t URL Strona: http://www.freedesktop.org/wiki/Software/systemd Dokumentacja: http://0pointer.de/public/systemd-man/ Definicje jednostek: https://fedoraproject.org/wiki/User:Johannbg/QA/Systemd/compatability

  43. None