Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
systemd: wymyślmy jeszcze jedno koło
Search
Tomasz
January 15, 2011
Technology
0
170
systemd: wymyślmy jeszcze jedno koło
Prezentacja w ramach Zimowiska TLUG 2011. Wprowadzenie do systemd.
http://vimeo.com/20205771
Tomasz
January 15, 2011
Tweet
Share
More Decks by Tomasz
See All by Tomasz
The Song of JBoss and Chef
ttorcz
0
180
Home, Smart Home
ttorcz
0
310
FreeIPA: zintegrowane zarządzanie użytkownikami
ttorcz
0
230
systemd – ściągawka
ttorcz
0
150
Solaris? meh.
ttorcz
0
100
Podziel się wiedzą: systemd
ttorcz
0
71
Wirtualizacja od podszewki
ttorcz
0
270
Wprowadzenie do DTrace
ttorcz
0
110
Zastosowanie swarmingu do dystrybucji danych
ttorcz
0
89
Other Decks in Technology
See All in Technology
OPENLOGI Company Profile for engineer
hr01
1
33k
WordPressから ヘッドレスCMSへ! Storyblokへの移行プロセス
nyata
0
340
ネットワーク保護はどう変わるのか?re:Inforce 2025最新アップデート解説
tokushun
0
150
マーケットプレイス版Oracle WebCenter Content For OCI
oracle4engineer
PRO
3
940
KubeCon + CloudNativeCon Japan 2025 Recap
ren510dev
1
300
2025-06-26_Lightning_Talk_for_Lightning_Talks
_hashimo2
2
110
「Chatwork」の認証基盤の移行とログ活用によるプロダクト改善
kubell_hr
1
240
【5分でわかる】セーフィー エンジニア向け会社紹介
safie_recruit
0
26k
rubygem開発で鍛える設計力
joker1007
2
270
事業成長の裏側:エンジニア組織と開発生産性の進化 / 20250703 Rinto Ikenoue
shift_evolve
PRO
1
310
論文紹介:LLMDet (CVPR2025 Highlight)
tattaka
0
240
プロダクトエンジニアリング組織への歩み、その現在地 / Our journey to becoming a product engineering organization
hiro_torii
0
140
Featured
See All Featured
Speed Design
sergeychernyshev
32
1k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
20
1.3k
GitHub's CSS Performance
jonrohan
1031
460k
Six Lessons from altMBA
skipperchong
28
3.9k
Building an army of robots
kneath
306
45k
Designing for humans not robots
tammielis
253
25k
YesSQL, Process and Tooling at Scale
rocio
173
14k
The Invisible Side of Design
smashingmag
300
51k
Building Adaptive Systems
keathley
43
2.6k
The World Runs on Bad Software
bkeepers
PRO
69
11k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
138
34k
StorybookのUI Testing Handbookを読んだ
zakiyama
30
5.9k
Transcript
systemd: wymyślmy jeszcze jedno koło Zimowisko TLUG 2011 Zimowisko TLUG
2011 Tomasz Torcz Tomasz Torcz <
[email protected]
> <
[email protected]
>
Rozdzielnik co to jest init? jaką ma rolę? dlaczego systemd?
SystemV init PID 1 /etc/inittab sysinit: initdefault: http://en.wikipedia.org/wiki/Init#Other_styles
Mamo, skąd się biorą procesy? - boot - cron, at
- inetd - D-Bus activation
Autorzy systemd% git log --format=%an | sort -u | wc
-l 47 >10 commitów: Michael Biebl, Kay Sievers, Lennart Pöttering Pomysły: reszta świata
Usługi to nie wszystko usługi gniazda punkty mountowania pliki, katalogi
upływ czasu urządzenia, cele
Ale my już mamy koło!
Ale my już mamy koło! /etc/init.d/* /etc/fstab /etc/init/* kernel command
line (emergency, single itp.)
Usługi zależności (implicit) restartowanie demonizacja limity i kontrola (CPU, I/O,
mem)
Usługi - kontrola WorkingDirectory= RootDirectory= User= Group= SupplementaryGroups= Nice= OOMScoreAdjust=
IOSchedulingClass= IOSchedulingPriority= CPUSchedulingPolicy= CPUSchedulingPriority= CPUSchedulingResetOnFork= CPUAffinity= UMask= Environment= EnvironmentFile= StandardInput= StandardOutput= StandardError= TTYPath= SyslogIdentifer= SyslogFacility= SyslogLevel= SyslogLevelPrefix= TimerSlackNSec= LimitCPU= LimitFSIZE= LimitDATA= LimitSTACK= LimitCORE= LimitRSS= LimitNOFILE= LimitAS= LimitNPROC= LimitMEMLOCK= LimitLOCKS= LimitSIGPENDING= LimitMSGQUEUE= LimitNICE= LimitRTPRIO= LimitRTTIME= PAMName= TCPWrapName= Capabilities= SecureBits= CapabilityBoundingSetDrop= ControlGroup= ReadWriteDirectories= ReadOnlyDirectories= InaccessibleDirectories= PrivateTmp= MountFlags=
Usługi - kontrola WorkingDirectory= RootDirectory= User= Group= SupplementaryGroups= Nice= OOMScoreAdjust=
IOSchedulingClass= IOSchedulingPriority= CPUSchedulingPolicy= CPUSchedulingPriority= CPUSchedulingResetOnFork= CPUAffinity= UMask= Environment= EnvironmentFile= StandardInput= StandardOutput= StandardError= TTYPath= SyslogIdentifer= SyslogFacility= SyslogLevel= SyslogLevelPrefix= TimerSlackNSec= LimitCPU= LimitFSIZE= LimitDATA= LimitSTACK= LimitCORE= LimitRSS= LimitNOFILE= LimitAS= LimitNPROC= LimitMEMLOCK= LimitLOCKS= LimitSIGPENDING= LimitMSGQUEUE= LimitNICE= LimitRTPRIO= LimitRTTIME= PAMName= TCPWrapName= Capabilities= SecureBits= CapabilityBoundingSetDrop= ControlGroup= ReadWriteDirectories= ReadOnlyDirectories= InaccessibleDirectories= PrivateTmp= MountFlags=
Usługi - kontrola WorkingDirectory= RootDirectory= User= Group= SupplementaryGroups= Nice= OOMScoreAdjust=
IOSchedulingClass= IOSchedulingPriority= CPUSchedulingPolicy= CPUSchedulingPriority= CPUSchedulingResetOnFork= CPUAffinity= UMask= Environment= EnvironmentFile= StandardInput= StandardOutput= StandardError= TTYPath= SyslogIdentifer= SyslogFacility= SyslogLevel= SyslogLevelPrefix= TimerSlackNSec= LimitCPU= LimitFSIZE= LimitDATA= LimitSTACK= LimitCORE= LimitRSS= LimitNOFILE= LimitAS= LimitNPROC= LimitMEMLOCK= LimitLOCKS= LimitSIGPENDING= LimitMSGQUEUE= LimitNICE= LimitRTPRIO= LimitRTTIME= PAMName= TCPWrapName= Capabilities= SecureBits= CapabilityBoundingSetDrop= ControlGroup= ReadWriteDirectories= ReadOnlyDirectories= InaccessibleDirectories= PrivateTmp= MountFlags=
Usługi - kontrola WorkingDirectory= RootDirectory= User= Group= SupplementaryGroups= Nice= OOMScoreAdjust=
IOSchedulingClass= IOSchedulingPriority= CPUSchedulingPolicy= CPUSchedulingPriority= CPUSchedulingResetOnFork= CPUAffinity= UMask= Environment= EnvironmentFile= StandardInput= StandardOutput= StandardError= TTYPath= SyslogIdentifer= SyslogFacility= SyslogLevel= SyslogLevelPrefix= TimerSlackNSec= LimitCPU= LimitFSIZE= LimitDATA= LimitSTACK= LimitCORE= LimitRSS= LimitNOFILE= LimitAS= LimitNPROC= LimitMEMLOCK= LimitLOCKS= LimitSIGPENDING= LimitMSGQUEUE= LimitNICE= LimitRTPRIO= LimitRTTIME= PAMName= TCPWrapName= Capabilities= SecureBits= CapabilityBoundingSetDrop= ControlGroup= ReadWriteDirectories= ReadOnlyDirectories= InaccessibleDirectories= PrivateTmp= MountFlags=
Usługi - kontrola WorkingDirectory= RootDirectory= User= Group= SupplementaryGroups= Nice= OOMScoreAdjust=
IOSchedulingClass= IOSchedulingPriority= CPUSchedulingPolicy= CPUSchedulingPriority= CPUSchedulingResetOnFork= CPUAffinity= UMask= Environment= EnvironmentFile= StandardInput= StandardOutput= StandardError= TTYPath= SyslogIdentifer= SyslogFacility= SyslogLevel= SyslogLevelPrefix= TimerSlackNSec= LimitCPU= LimitFSIZE= LimitDATA= LimitSTACK= LimitCORE= LimitRSS= LimitNOFILE= LimitAS= LimitNPROC= LimitMEMLOCK= LimitLOCKS= LimitSIGPENDING= LimitMSGQUEUE= LimitNICE= LimitRTPRIO= LimitRTTIME= PAMName= TCPWrapName= Capabilities= SecureBits= CapabilityBoundingSetDrop= ControlGroup= ReadWriteDirectories= ReadOnlyDirectories= InaccessibleDirectories= PrivateTmp= MountFlags=
Usługi - kontrola man systemd.exec man systemd.unit man systemd.service
Usługi - sysvinit #!/bin/bash # # ladvd Startup script for
the [cefn]dp/lldp sender # # chkconfig: - 85 15 # description: ladvd uses [cefn]dp / lldp frames to inform switches \ # about connected hosts, which simplifies ethernet \ # switch management. # processname: ladvd # pidfile: /var/run/ladvd.pid # ### BEGIN INIT INFO # Provides: ladvd # Required-Start: $local_fs $network # Required-Stop: $local_fs $network # Short-Description: start and stop cdp/lldp sender # Description: ladvd uses [cefn]dp / lldp frames to inform switches # about connected hosts, which simplifies ethernet # switch management. ### END INIT INFO # Source function library. . /etc/rc.d/init.d/functions [ -f /etc/sysconfig/network ] && . /etc/sysconfig/network [ "${NETWORKING}" = "yes" ] || exit 0 [ -r /etc/sysconfig/ladvd ] && . /etc/sysconfig/ladvd start() { [ -z "$ARGS" ] && exit 6 echo -n $"Starting ladvd: " [ ! -d "/var/run/ladvd" ] && mkdir /var/run/ladvd && chown ladvd.ladvd /var/run/ladvd daemon /usr/sbin/ladvd $ARGS $LADVDARGS RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/ladvd return $RETVAL } stop() { echo -n $"Shutting down ladvd: " killproc ladvd RETVAL=$? rm -f /var/lock/subsys/ladvd echo return $RETVAL } [ -f /usr/sbin/ladvd ] || exit 0 # See how we were called. case "$1" in start) start ;; stop) stop ;; force-reload|restart|reload) stop start ;; try-restart|condrestart) [ -e /var/lock/subsys/ladvd ] && (stop; start) ;; status) status ladvd RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|status|restart|reload|condrestart}" exit 3 esac exit $RETVAL
Usługi - sysvinit #!/bin/bash # # ladvd Startup script for
the [cefn]dp/lldp sender # # chkconfig: - 85 15 # description: ladvd uses [cefn]dp / lldp frames to inform switches \ # about connected hosts, which simplifies ethernet \ # switch management. # processname: ladvd # pidfile: /var/run/ladvd.pid # ### BEGIN INIT INFO # Provides: ladvd # Required-Start: $local_fs $network # Required-Stop: $local_fs $network # Short-Description: start and stop cdp/lldp sender # Description: ladvd uses [cefn]dp / lldp frames to inform switches # about connected hosts, which simplifies ethernet # switch management. ### END INIT INFO
Usługi - sysvinit [ -r /etc/sysconfig/ladvd ] && . /etc/sysconfig/ladvd
start() { [ -z "$ARGS" ] && exit 6 echo -n $"Starting ladvd: " [ ! -d "/var/run/ladvd" ] && mkdir /var/run/ladvd && chown ladvd.ladvd /var/run/ladvd daemon /usr/sbin/ladvd $ARGS $LADVDARGS RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/ladvd return $RETVAL } stop() { echo -n $"Shutting down ladvd: " killproc ladvd RETVAL=$? rm -f /var/lock/subsys/ladvd echo return $RETVAL } [ -f /usr/sbin/ladvd ] || exit 0
Usługi - sysvinit # See how we were called. case
"$1" in start) start ;; stop) stop ;; force-reload|restart|reload) stop start ;; try-restart|condrestart) [ -e /var/lock/subsys/ladvd ] && (stop; start) ;; status) status ladvd RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|status|restart|reload|condrestart}" exit 3 esac exit $RETVAL
Usługi - systemd [Unit] Description=uses [cefn]dp / lldp frames to
inform switches about connected hosts [Service] EnvironmentFile=/etc/sysconfig/ladvd ExecStart=/usr/sbin/ladvd -a -f $LADVD_OPTIONS PIDFile=/var/run/ladvd.pid StandardOutput=syslog
Usługi - pilnowanie systemctl status (DEMO)
Gniazda kompatybilność (x)inetd niezrywalne połączenia przykład: syslog pełna kontrola
Gniazda - kontrola BindIPv6Only= Backlog= BindToDevice= SocketMode= MaxConnections= KeepAlive= Priority=
ReceiveBuffer= SendBuffer= IPTOS= IPTTL= Mark= PipeSize= FreeBind= TCPCongestion=
Gniazda (DEMO)
Gniazda – vsftpd.socket [Unit] Description=vsftpd incoming socket [Socket] ListenStream=21 Accept=yes
[Install] WantedBy=multi-user.target
Gniazda –
[email protected]
[Unit] Description=vsftpd instance service [Service] Type=simple ExecStart=-/usr/sbin/vsftpd
StandardInput=socket
Urządzenia współpraca z udev start aplikacji zależny od sprzętu
Urządzenia – 99-hdapsd.rules # cat /etc/udev/rules.d/99-hdapsd.rules SUBSYSTEM=="block", KERNEL=="sd[ab]", ATTRS{removable}=="0", TAG="systemd",
ENV{SYSTEMD_WANTS}="hdapsd@%k.service" (DEMO)
Urządzenia –
[email protected]
[Unit] Description=%I shock protection daemon [Service] EnvironmentFile=/etc/sysconfig/hdapsd
StandardOutput=syslog SyslogIdentifier=%p(%I) Nice=-5 ExecStart=/usr/sbin/hdapsd -d %I $HDAPSD_OPTIONS (DEMO)
Timery cykliczne czynności: czyszczenie raportowanie w przyszłości cron
Timery – rrd_hddtemp.timer [Timer] OnBootSec=3m OnUnitActiveSec=5m [Install] WantedBy=multi-user.target
Timery – rrd_hddtemp.service [Service] ExecStart=/root/bin/rrd_hddtemp.pl Type=oneshot StandardError=syslog
Wymagania jądro 2.6.32 devtmpfs D-Bus 1.4.0 udev 151
Podsumowując lepsza kontrola – restarty, limity OnFailure= pilnowanie zależności mniej
kodu: demonizowanie, sockety
Podsumowując 2 zintegrowanie usług dystrybucyjnych (random seed, clock, API mounts)
ujednolicenie skryptów startowych szybki start, zintegrowany readahead
avahi-daemon.socket [Unit] Description=Avahi mDNS/DNS-SD Stack Activation Socket [Socket] ListenStream=/var/run/avahi-daemon/socket [Install]
WantedBy=sockets.target
avahi-daemon.service [Unit] Description=Avahi mDNS/DNS-SD Stack Requires=avahi-daemon.socket After=syslog.target [Service] Type=dbus BusName=org.freedesktop.Avahi
ExecStart=/usr/sbin/avahi-daemon -s ExecReload=/usr/sbin/avahi-daemon -r NotifyAccess=main [Install] WantedBy=multi-user.target Also=avahi-daemon.socket
systemctl status # systemctl status avahi-daemon.service avahi-daemon.service - Avahi mDNS/DNS-SD
Stack Loaded: loaded (/lib/systemd/system/avahi-daemon.service) Active: active (running) since [Sat, 18 Sep 2010 23:32:54 +0200; 16h ago] Main PID: 3300 (avahi-daemon) Status: "Server startup complete. Host name is dhartha.local. Local service cookie is 966442585." CGroup: name=systemd:/systemd-1/avahi-daemon.service ├ 3300 avahi-daemon: running [dhartha.local] └ 3305 avahi-daemon: chroot helper
systemctl status # systemctl status avahi-daemon.service avahi-daemon.service - Avahi mDNS/DNS-SD
Stack Loaded: loaded (/lib/systemd/system/avahi-daemon.service) Active: active (running) since [Sat, 18 Sep 2010 23:32:54 +0200; 16h ago] Main PID: 3300 (avahi-daemon) Status: "Server startup complete. Host name is dhartha.local. Local service cookie is 966442585." CGroup: name=systemd:/systemd-1/avahi-daemon.service ├ 3300 avahi-daemon: running [dhartha.local] ├ 3305 avahi-daemon: chroot helper
status mount # systemctl status boot.mount boot.mount - /boot Loaded:
loaded Active: active (mounted) since [Sat, 18 Sep 2010 23:32:54 +0200; 16h ago] Where: /boot CGroup: name=systemd:/systemd-1/boot.mount
systemd: wymyślmy jeszcze jedno koło Zimowisko TLUG 2011 Zimowisko TLUG
2011 Tomasz Torcz Tomasz Torcz <
[email protected]
> <
[email protected]
>
systemctl -t URL Strona: http://www.freedesktop.org/wiki/Software/systemd Dokumentacja: http://0pointer.de/public/systemd-man/ Definicje jednostek: https://fedoraproject.org/wiki/User:Johannbg/QA/Systemd/compatability
None