Date post: | 11-Jan-2017 |
Category: |
Technology |
Upload: | julien-pivotto |
View: | 1,091 times |
Download: | 5 times |
systemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config management
Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto
systemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confNovember 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015
user-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto
• Sysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.eu
• FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004• systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010
I EEEEEEEEEEEEEEEEExherbo Linux
• DevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believer• @roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie on irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/github
inuits.eu
IntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionLicensed under a Creative Commons Attribution-2.0 License
https://www.flickr.com/photos/cote/13932690487
The DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movement
• DDDDDDDDDDDDDDDDDevOps is a movement born in 2009• CCCCCCCCCCCCCCCCCollaboration between Developers andOperations
• NNNNNNNNNNNNNNNNNothing new, just common sense• DDDDDDDDDDDDDDDDDevOpsDays, a serie of conferences allaround the world
#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS
• CCCCCCCCCCCCCCCCCulture• (((((((((((((((((Lean)• AAAAAAAAAAAAAAAAAutomation• MMMMMMMMMMMMMMMMMeasurement• SSSSSSSSSSSSSSSSSharing
John Willis and Damon Edwards
The A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMS
• AAAAAAAAAAAAAAAAAutomation reduces human mistakes• CCCCCCCCCCCCCCCCContinuous Integration/Delivery• RRRRRRRRRRRRRRRRReproducable build• RRRRRRRRRRRRRRRRReproducable infrastructure• Infrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as Code
Infrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as Code
• AAAAAAAAAAAAAAAAAutomate your infrastructure with code• MMMMMMMMMMMMMMMMModel your infrastructure• MMMMMMMMMMMMMMMMMonitoring, security, applications andbackups are part of the process
• SSSSSSSSSSSSSSSSScripts are not IaC
IaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practices
• RRRRRRRRRRRRRRRRRun tests against that code• PPPPPPPPPPPPPPPPPut it under version control• DDDDDDDDDDDDDDDDDeploy with CI/CD: dev, uat, prodenvironments…
Configuration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management tools
Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?
• bbbbbbbbbbbbbbbbbare-metal• vvvvvvvvvvvvvvvvvirtualization• cccccccccccccccccloud• ……………………………………………
Heterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environments
• LLLLLLLLLLLLLLLLLinux distributions are different• IIIIIIIIIIIIIIIIInit systems, File hierarchy• EEEEEEEEEEEEEEEEEven between different releases of the samedistro
• CCCCCCCCCCCCCCCCConfiguration manegement tools try toabstract that
systemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picture
what people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people see
• bbbbbbbbbbbbbbbbbefore: distinction between distributions• nnnnnnnnnnnnnnnnnow: distinction between distributions andsystemd or not
• tttttttttttttttttomorrow: it will be hard to provide the allthe features of systemd to old distros
systemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distros
• RRRRRRRRRRRRRRRRReaching Debian Stable and RHEL 7• CCCCCCCCCCCCCCCCConfig management needs to learn it• IIIIIIIIIIIIIIIIIt brings lots of new patterns
Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)
• rrrrrrrrrrrrrrrrresource: description of a small piece (file,service) with desired state
• mmmmmmmmmmmmmmmmmodule: collection of resources (e.g. amodule to setup Mysql)
ServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServices
ServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServices
• SSSSSSSSSSSSSSSSServices are basic resources in traditional IT• sssssssssssssssssystemd changes a lot of things in that area• ssssssssssssssssservices are now part of the "units" concept
Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)
• WWWWWWWWWWWWWWWWWritten from scratch or templates• DDDDDDDDDDDDDDDDDifferent patterns• SSSSSSSSSSSSSSSSSometimes very long, hard to read
Changing old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scripts
• WWWWWWWWWWWWWWWWWhy? Solve bugs, ajust niceness, changecommand…
• CCCCCCCCCCCCCCCCChange the full file!• TTTTTTTTTTTTTTTTTemplate OS and version dependant
Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)
Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)
• iiiiiiiiiiiiiiiiini-like syntax• SSSSSSSSSSSSSSSSSelf-explanatory• SSSSSSSSSSSSSSSSStandardized accross distros
Here is the rule:Packaged files go in /lib. Config
management tools override in /etc.
No conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor files
• CCCCCCCCCCCCCCCCCan be overriden in /etc/systemd/system• NNNNNNNNNNNNNNNNNot afraid of package updates• PPPPPPPPPPPPPPPPPartial override possible
Partial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override example
/etc/systemd/system/httpd.service.d/niceness.conf[Service]Nice=3
The surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surprise
• CCCCCCCCCCCCCCCCCreating the file is not enough• sssssssssssssssssystemctl daemon-reload
Notice: /Service[mariadb]/ensure: ensure changed’stopped’ to ’running’
Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)
daemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetfile {
'/etc/systemd/system/mariadb.service.d/niceness.conf ':ensure => present ,content => template('systemd/niceness.erb'),notify => [ Exec['systemctl−daemon−reload '],
Service['mariadb '], ]}exec {
'systemctl−daemon−reload ':command => '/usr/bin/systemctl reload−daemon ',refreshonly => true,
}service {
'mariadb ':ensure => running ,require => Exec['systemctl−daemon−reload '],
}
systemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reload
systemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reload
systemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reload
systemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload ordering
Prevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to start
• CCCCCCCCCCCCCCCCClassic init allows to disable services• CCCCCCCCCCCCCCCCConfigmgmt tools do not care• ccccccccccccccccchmod 000 /etc/init.d/mysqld
Masking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking services
• llllllllllllllllln -s /dev/null/etc/systemd/system/mysqld.service
• sssssssssssssssssystemctl daemon-reload• DDDDDDDDDDDDDDDDDone. It can't be started anymore
masking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppet
file {'/etc/systemd/system/mariadb.service ':
ensure => link,target => '/dev/null',notify => Exec['systemctl daemon−reload '],
}
(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) filesLicensed under a Creative Commons Attribution-ShareAlike 2.0 License
https://www.flickr.com/photos/brightmeadow/3748310435
tmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemd
Several techniques: tmpfs, tmpwatch
#! /bin/shflags=−umc/usr/sbin/tmpwatch "$flags" −x /tmp/.X11−unix −x /tmp/.
XIM−unix \−x /tmp/.font−unix −x /tmp/.ICE−unix −x /tmp/.
Test−unix \−X '/tmp/hsperfdata_*' 10d /tmp
/usr/sbin/tmpwatch "$flags" 30d /var/tmpfor d in /var/{cache/man,catman}/{cat?,X11R6/cat?,local/
cat?}; doif [ −d "$d" ]; then
/usr/sbin/tmpwatch "$flags" −f 30d "$d"fi
done
tmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemd
systemd-tmpfiles
v /tmp 1777 root root 10dv /var/tmp 1777 root root 30d
tmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemd
• AAAAAAAAAAAAAAAAAgain, simple text files• CCCCCCCCCCCCCCCCCan be overwritten in /etc• YYYYYYYYYYYYYYYYYet another command to launch
tmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppetaugeas {
"tmpfiles.d−${path}":context => "/files/etc/tmpfiles.d/my.conf/*[path = '
${path}']",changes => [
"set type 'd'","set gid '${group}'","set uid '${owner}'","set mode '${mode}'",
],}exec {"systemd−tmpfiles−${path}":
command => '/usr/bin/systemd−tmpfiles −−create ',creates => $path ,requires => Augeas["tmpfiles.d−${path}"],
}
TimersTimersTimersTimersTimersTimersTimersTimersTimersTimersTimersTimersTimersTimersTimersTimersTimersLicensed under a Creative Commons Attribution 2.0 License
https://www.flickr.com/photos/southbeachcars/15110111516
Traditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cron
AMQP_BROKER_HOST=10.1.40.19MAILTO="[email protected]"ORACLE_HOME="/opt/example/part/python−oracle"PG_HOSTNAME="10.1.30.10"PG_NAME="example"WS_URL=https://prod.example.com/ws/inputLD_LIBRARY_PATH="$LD_LIBRARY_PATH:/opt/example/lib"CUPS_HOSTNAME="10.1.40.1"LOGGING_HOST="10.0.50.16"LOGGING_PORT="5544"0 * * * * /opt/example/bin/cron−hourly
30 times.
What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?
• NNNNNNNNNNNNNNNNNo one reads those mails• DDDDDDDDDDDDDDDDDo not keep track of exit code• HHHHHHHHHHHHHHHHHard to read that crontab• HHHHHHHHHHHHHHHHHow to reproduce the script?
The systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timers
• DDDDDDDDDDDDDDDDDescribe the job in a service file• AAAAAAAAAAAAAAAAAdd a timer file• EEEEEEEEEEEEEEEEEnable/start the timer service
Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?
• EEEEEEEEEEEEEEEEEasy to reproduce (launch the service unit)• LLLLLLLLLLLLLLLLLogs go to the journal, isolated by unit• AAAAAAAAAAAAAAAAAll the advantages of systemd units
NetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingLicensed under a Creative Commons Attribution-ShareAlike 2.0 License
https://www.flickr.com/photos/clonedmilkmen/4391670988
NetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworking
• NNNNNNNNNNNNNNNNNew name interfaces• MMMMMMMMMMMMMMMMMakes sense because it is reliable• DDDDDDDDDDDDDDDDDoes not really meet configmgmtrequirements
ConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusion
systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…
• IIIIIIIIIIIIIIIIIt drags in a bunch of new pattern• IIIIIIIIIIIIIIIIIt supports a lot of scenarios• IIIIIIIIIIIIIIIIIt can do really advanced things
…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks
• IIIIIIIIIIIIIIIIIni-like file format• EEEEEEEEEEEEEEEEEasy to read, to change• CCCCCCCCCCCCCCCCConfig management tools have all the basebricks to manage that
There are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprises
• sssssssssssssssssystemctl daemon-reload• sssssssssssssssssystemd-tmpfiles• tttttttttttttttttimers
You need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rules
• TTTTTTTTTTTTTTTTTake time to learn how this works• TTTTTTTTTTTTTTTTThere is a gap between systemd devs andsysadmins
• TTTTTTTTTTTTTTTTThere are new non-obvious patterns forsysadmins
• BBBBBBBBBBBBBBBBBut at the end eveyone can win
The tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools side
• TTTTTTTTTTTTTTTTThe tools natively supports systemdservices
• CCCCCCCCCCCCCCCCChef goes a lot further• hhhhhhhhhhhhhhhhhttps://github.com/nathwill/chef-systemd
A Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gaps
• Gap between systemd and configmgmttools
• Gap between systemd community andcfgmgmt tools community
• Together we can close those gaps
Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?
ContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContact
Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien [email protected]@[email protected]@[email protected]@[email protected]@[email protected]@[email protected]@[email protected]@[email protected]@[email protected]@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie
inuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitshttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.eu
[email protected]@[email protected]@[email protected]@[email protected]@[email protected]@[email protected]@[email protected]@[email protected]@[email protected]+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636