daemontools-kobanashi

1.

daemontoolsখ࿩ @yudoufu 2015/08/11 ෦಺ษڧձ ͓ͬ͞ΜͬΆ͍࿩Λ͠·͢

2.

daemontoolsͬͯͬͯ͠Δʁ • αʔϏεͷdaemonӬଓԽπʔϧͱͯ͠༗໊ • ͓ͬ͞Μ͸ΈΜͳ͓ੈ࿩ʹͳͬͯΔ • ࠷ۙ͸supervisord ೿ൊ;͑ͨͶ

3.

ͦ΋ͦ΋daemontoolsͱ͸ • UNIX/LinuxͷαʔϏε؅ཧπʔϧ܈ͷ૯শ • djb࡞ • qmail / tcpserver౳ͷ࡞ऀͰ΋͋Δ •
http://cr.yp.to/daemontools.html

4.

daemontoolsͷத਎ • daemonӬଓԽπʔϧ (svscan/supervise) • daemontoolsͬͯݴ͏ͱී௨͜ΕΛࢦ͢ • ҆શͳϩάه࿥πʔϧ (multilog) •
αʔϏε/daemonԽͷิॿɾศརπʔϧ • ࠓ೔͸͔͜͜ΒϐοΫΞοϓͯ͠঺հ

5.

daemontoolsͷิॿπʔϧ܈ • ͍͍ͪͪ໘౗ͩΑͶɺΛ࣮ݱͯ͘͠ΕΔখ෺ • ୯඼Ͱ࢖͑Δ΋ͷ͕ଟͯ͘UNIXత

6.

setlock % setlock -n /path/to/hoge.lock command • command࣮ߦલʹlockΛߦ͍ɺϓϩηεͷॏ ෳىಈΛ๷͍Ͱ͘ΕΔ •
-n: ॏෳىಈ͸command࣮ߦͤͣଈऴྃ • -N: ॏෳىಈ͸ϩοΫͷղ์Λ଴࣮ͬͯߦ • cronͱ૊Έ߹Θͤͯ࢖͏ͱศར

7.

setlock - ࢖༻ྫ 00 * * * * setlock -n
/var/run/cron.lock hugeprocess.sh • ͍͢͝Ͱ͔͍ॲཧΛຖ࣌΍Δ৔߹ • ສ͕Ұ࣍ͷ࣮ߦ͕࣌ؒདྷͯ΋ɺ࣍ͷϓϩηε ͸࣮ߦ͞Εͣऴྃ͢Δ setlock: fatal: unable to lock /var/run/cron.lock: temporary failure

8.

setlock - ࢖༻ྫ 00 * * * * setlock -N
/var/run/cron.lock preprocess.sh 30 * * * * setlock -N /var/run/cron.lock postprocess.sh • લॲཧͷ݁ՌΛड͚ͯޙॲཧΛ࣮ߦ͍ͨ͠ɺ ͱ͍͏ͷΛຖ࣌΍Δ৔߹ͳͲ • ಉ͡lockϑΝΠϧͳΒίϚϯυ͕ҧͬͯ΋ॲཧ Λ଴ͬͯ͘ΕΔ

9.

envdir % envdir /path/to/env command • ୈ1Ҿ਺Ͱࢦఆͨ͠σΟϨΫτϦ಺ͷϑΝΠϧ Λɺ؀ڥม਺ͱͯ͠ઃఆͯ͘͠ΕΔ

10.

envdir - ࣮ߦྫ % cat /tmp/env/IP 192.168.1.1 % cat /tmp/env/LOGDIR
/var/log/hoge % envdir /tmp/env env | egrep "(IP|LOGIDIR)" IP=192.168.1.1 LOGDIR=/var/log/hoge • dir಺ͷϑΝΠϧ໊Λม਺໊ʹɺ಺༰Λvalueʹ • ؀ڥม਺ͱεΫϦϓτΛผ؅ཧ͠΍͘͢ͳΔ

11.

envuidgid % envuidgid user command • envͷ UID / GIDʹୈ1Ҿ਺ͷuserΛઃఆ
• ࣮ߦϢʔβʔΛม͑ΔΘ͚͡Όͳ͍ envuidgid www-data env |egrep "(GID|UID|USER)" USER=yudoufu GID=33 UID=33

12.

setuidgid % setuidgid user command • ࣮ߦ࣌ݖݶΛߜΓ͍ͨ৔߹ʹ࢖͏ • جຊతʹ͸root࣮ߦͷεΫϦϓτ಺Ͱ࢖͏ •
αϒάϧʔϓΛ൓ө͠ͳ͍ͷͰͨ·ʹਏ͍ • https://github.com/bruceg/daemontools- encore • ༗ࢤ͕௚ͨ͠Γͯ͠Δ

13.

softlimit % softlimit [-p… n] command • commandʹରͯ͠Ϧιʔε੍ݶΛ͔͚ΒΕΔ • ϓϩηε͝ͱͷdataηάϝϯτ੍ݶ
• ಉҰUIDͰͷϓϩηε਺੍ݶ • etc…

14.

༨ஊ • εϥΠυΛmd2keyΛ࢖ͬͯ࡞ͬͯΈͨ • https://github.com/k0kubun/md2key • ίϚϯυͷhighlight͍͍ײ͡ • จͷ੔ܗ͸΍ͬͺΓਓ͕Կͱ͔͢Δ •
·ͩେࡶ೺ʹ͋ͯ͜Ήπʔϧɺͱ͍͏ײ͡

15.

·ͱΊ • daemontoolsͷαϙʔτπʔϧ܈͸ؾ͕ޮ͍ ͯͯศར

daemontools-kobanashi

daemontools-kobanashi

yudoufu

Want more?

Transcript

daemontoolsখ࿩ @yudoufu 2015/08/11 ෦಺ษڧձ ͓ͬ͞ΜͬΆ͍࿩Λ͠·͢

daemontoolsͬͯͬͯ͠Δʁ • αʔϏεͷdaemonӬଓԽπʔϧͱͯ͠༗໊ • ͓ͬ͞Μ͸ΈΜͳ͓ੈ࿩ʹͳͬͯΔ • ࠷ۙ͸supervisord ೿ൊ;͑ͨͶ

ͦ΋ͦ΋daemontoolsͱ͸ • UNIX/LinuxͷαʔϏε؅ཧπʔϧ܈ͷ૯শ • djb࡞ • qmail / tcpserver౳ͷ࡞ऀͰ΋͋Δ •

daemontoolsͷத਎ • daemonӬଓԽπʔϧ (svscan/supervise) • daemontoolsͬͯݴ͏ͱී௨͜ΕΛࢦ͢ • ҆શͳϩάه࿥πʔϧ (multilog) •

daemontoolsͷิॿπʔϧ܈ • ͍͍ͪͪ໘౗ͩΑͶɺΛ࣮ݱͯ͘͠ΕΔখ෺ • ୯඼Ͱ࢖͑Δ΋ͷ͕ଟͯ͘UNIXత

setlock % setlock -n /path/to/hoge.lock command • command࣮ߦલʹlockΛߦ͍ɺϓϩηεͷॏ ෳىಈΛ๷͍Ͱ͘ΕΔ •

setlock - ࢖༻ྫ 00 * * * * setlock -n

setlock - ࢖༻ྫ 00 * * * * setlock -N

envdir % envdir /path/to/env command • ୈ1Ҿ਺Ͱࢦఆͨ͠σΟϨΫτϦ಺ͷϑΝΠϧ Λɺ؀ڥม਺ͱͯ͠ઃఆͯ͘͠ΕΔ

envdir - ࣮ߦྫ % cat /tmp/env/IP 192.168.1.1 % cat /tmp/env/LOGDIR

envuidgid % envuidgid user command • envͷ UID / GIDʹୈ1Ҿ਺ͷuserΛઃఆ

setuidgid % setuidgid user command • ࣮ߦ࣌ݖݶΛߜΓ͍ͨ৔߹ʹ࢖͏ • جຊతʹ͸root࣮ߦͷεΫϦϓτ಺Ͱ࢖͏ •

softlimit % softlimit [-p… n] command • commandʹରͯ͠Ϧιʔε੍ݶΛ͔͚ΒΕΔ • ϓϩηε͝ͱͷdataηάϝϯτ੍ݶ

༨ஊ • εϥΠυΛmd2keyΛ࢖ͬͯ࡞ͬͯΈͨ • https://github.com/k0kubun/md2key • ίϚϯυͷhighlight͍͍ײ͡ • จͷ੔ܗ͸΍ͬͺΓਓ͕Կͱ͔͢Δ •

·ͱΊ • daemontoolsͷαϙʔτπʔϧ܈͸ؾ͕ޮ͍ ͯͯศར