systemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config managementsystemd and config management

Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto

systemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confsystemd.confNovember 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015November 6, 2015

user-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceuser-1000.sliceJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto

• Sysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.eu

• FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004• systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010

I EEEEEEEEEEEEEEEEExherbo Linux

• DevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believer• @roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie on irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/github

inuits.eu

IntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionIntroductionLicensed under a Creative Commons Attribution-2.0 License

https://www.flickr.com/photos/cote/13932690487

The DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movementThe DevOps movement

• DDDDDDDDDDDDDDDDDevOps is a movement born in 2009• CCCCCCCCCCCCCCCCCollaboration between Developers andOperations

• NNNNNNNNNNNNNNNNNothing new, just common sense• DDDDDDDDDDDDDDDDDevOpsDays, a serie of conferences allaround the world

#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS#DevOps ' C(L)AMS

• CCCCCCCCCCCCCCCCCulture• (((((((((((((((((Lean)• AAAAAAAAAAAAAAAAAutomation• MMMMMMMMMMMMMMMMMeasurement• SSSSSSSSSSSSSSSSSharing

John Willis and Damon Edwards

The A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMSThe A of C(L)AMS

• AAAAAAAAAAAAAAAAAutomation reduces human mistakes• CCCCCCCCCCCCCCCCContinuous Integration/Delivery• RRRRRRRRRRRRRRRRReproducable build• RRRRRRRRRRRRRRRRReproducable infrastructure• Infrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as Code

Infrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as CodeInfrastructure as Code

• AAAAAAAAAAAAAAAAAutomate your infrastructure with code• MMMMMMMMMMMMMMMMModel your infrastructure• MMMMMMMMMMMMMMMMMonitoring, security, applications andbackups are part of the process

• SSSSSSSSSSSSSSSSScripts are not IaC

IaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practicesIaC best practices

• RRRRRRRRRRRRRRRRRun tests against that code• PPPPPPPPPPPPPPPPPut it under version control• DDDDDDDDDDDDDDDDDeploy with CI/CD: dev, uat, prodenvironments…

Configuration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management toolsConfiguration Management tools

Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?Which world is this?

• bbbbbbbbbbbbbbbbbare-metal• vvvvvvvvvvvvvvvvvirtualization• cccccccccccccccccloud• ……………………………………………

Heterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environmentsHeterogeneous environments

• LLLLLLLLLLLLLLLLLinux distributions are different• IIIIIIIIIIIIIIIIInit systems, File hierarchy• EEEEEEEEEEEEEEEEEven between different releases of the samedistro

• CCCCCCCCCCCCCCCCConfiguration manegement tools try toabstract that

systemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picturesystemd in that picture

what people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people seewhat people see

• bbbbbbbbbbbbbbbbbefore: distinction between distributions• nnnnnnnnnnnnnnnnnow: distinction between distributions andsystemd or not

• tttttttttttttttttomorrow: it will be hard to provide the allthe features of systemd to old distros

systemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distrossystemd hit majors distros

• RRRRRRRRRRRRRRRRReaching Debian Stable and RHEL 7• CCCCCCCCCCCCCCCCConfig management needs to learn it• IIIIIIIIIIIIIIIIIt brings lots of new patterns

Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)Terminology (puppet, simplified)

• rrrrrrrrrrrrrrrrresource: description of a small piece (file,service) with desired state

• mmmmmmmmmmmmmmmmmodule: collection of resources (e.g. amodule to setup Mysql)

ServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServices

ServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServices

• SSSSSSSSSSSSSSSSServices are basic resources in traditional IT• sssssssssssssssssystemd changes a lot of things in that area• ssssssssssssssssservices are now part of the "units" concept

Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)Init scripts (without systemd)

• WWWWWWWWWWWWWWWWWritten from scratch or templates• DDDDDDDDDDDDDDDDDifferent patterns• SSSSSSSSSSSSSSSSSometimes very long, hard to read

Changing old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scriptsChanging old init scripts

• WWWWWWWWWWWWWWWWWhy? Solve bugs, ajust niceness, changecommand…

• CCCCCCCCCCCCCCCCChange the full file!• TTTTTTTTTTTTTTTTTemplate OS and version dependant

Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)Ordering (without systemd)

Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)Unit files (with systemd)

• iiiiiiiiiiiiiiiiini-like syntax• SSSSSSSSSSSSSSSSSelf-explanatory• SSSSSSSSSSSSSSSSStandardized accross distros

Here is the rule:Packaged files go in /lib. Config

management tools override in /etc.

No conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor filesNo conflict with vendor files

• CCCCCCCCCCCCCCCCCan be overriden in /etc/systemd/system• NNNNNNNNNNNNNNNNNot afraid of package updates• PPPPPPPPPPPPPPPPPartial override possible

Partial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override examplePartial override example

/etc/systemd/system/httpd.service.d/niceness.conf[Service]Nice=3

The surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surpriseThe surprise

• CCCCCCCCCCCCCCCCCreating the file is not enough• sssssssssssssssssystemctl daemon-reload

Notice: /Service[mariadb]/ensure: ensure changed’stopped’ to ’running’

Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)Ordering (with systemd)

daemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetdaemon-reload in Puppetfile {

'/etc/systemd/system/mariadb.service.d/niceness.conf ':ensure => present ,content => template('systemd/niceness.erb'),notify => [ Exec['systemctl−daemon−reload '],

Service['mariadb '], ]}exec {

'systemctl−daemon−reload ':command => '/usr/bin/systemctl reload−daemon ',refreshonly => true,

}service {

'mariadb ':ensure => running ,require => Exec['systemctl−daemon−reload '],

}

systemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reload

systemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reload

systemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reloadsystemctl daemon-reload

systemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload orderingsystemctl daemon-reload ordering

Prevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to startPrevent a service to start

• CCCCCCCCCCCCCCCCClassic init allows to disable services• CCCCCCCCCCCCCCCCConfigmgmt tools do not care• ccccccccccccccccchmod 000 /etc/init.d/mysqld

Masking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking servicesMasking services

• llllllllllllllllln -s /dev/null/etc/systemd/system/mysqld.service

• sssssssssssssssssystemctl daemon-reload• DDDDDDDDDDDDDDDDDone. It can't be started anymore

masking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppetmasking in Puppet

file {'/etc/systemd/system/mariadb.service ':

ensure => link,target => '/dev/null',notify => Exec['systemctl daemon−reload '],

}

(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) files(tmp) filesLicensed under a Creative Commons Attribution-ShareAlike 2.0 License

https://www.flickr.com/photos/brightmeadow/3748310435

tmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemdtmpfiles before systemd

Several techniques: tmpfs, tmpwatch

#! /bin/shflags=−umc/usr/sbin/tmpwatch "$flags" −x /tmp/.X11−unix −x /tmp/.

XIM−unix \−x /tmp/.font−unix −x /tmp/.ICE−unix −x /tmp/.

Test−unix \−X '/tmp/hsperfdata_*' 10d /tmp

/usr/sbin/tmpwatch "$flags" 30d /var/tmpfor d in /var/{cache/man,catman}/{cat?,X11R6/cat?,local/

cat?}; doif [ −d "$d" ]; then

/usr/sbin/tmpwatch "$flags" −f 30d "$d"fi

done

tmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemd

systemd-tmpfiles

v /tmp 1777 root root 10dv /var/tmp 1777 root root 30d

tmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemdtmpfiles with systemd

• AAAAAAAAAAAAAAAAAgain, simple text files• CCCCCCCCCCCCCCCCCan be overwritten in /etc• YYYYYYYYYYYYYYYYYet another command to launch

tmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppettmpfiles with systemd and Puppetaugeas {

"tmpfiles.d−${path}":context => "/files/etc/tmpfiles.d/my.conf/*[path = '

${path}']",changes => [

"set type 'd'","set gid '${group}'","set uid '${owner}'","set mode '${mode}'",

],}exec {"systemd−tmpfiles−${path}":

command => '/usr/bin/systemd−tmpfiles −−create ',creates => $path ,requires => Augeas["tmpfiles.d−${path}"],

}

TimersTimersTimersTimersTimersTimersTimersTimersTimersTimersTimersTimersTimersTimersTimersTimersTimersLicensed under a Creative Commons Attribution 2.0 License

https://www.flickr.com/photos/southbeachcars/15110111516

Traditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cron

AMQP_BROKER_HOST=10.1.40.19MAILTO="sysadmin@example.com"ORACLE_HOME="/opt/example/part/python−oracle"PG_HOSTNAME="10.1.30.10"PG_NAME="example"WS_URL=https://prod.example.com/ws/inputLD_LIBRARY_PATH="$LD_LIBRARY_PATH:/opt/example/lib"CUPS_HOSTNAME="10.1.40.1"LOGGING_HOST="10.0.50.16"LOGGING_PORT="5544"0 * * * * /opt/example/bin/cron−hourly

30 times.

What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?

• NNNNNNNNNNNNNNNNNo one reads those mails• DDDDDDDDDDDDDDDDDo not keep track of exit code• HHHHHHHHHHHHHHHHHard to read that crontab• HHHHHHHHHHHHHHHHHow to reproduce the script?

The systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timersThe systemd approach: timers

• DDDDDDDDDDDDDDDDDescribe the job in a service file• AAAAAAAAAAAAAAAAAdd a timer file• EEEEEEEEEEEEEEEEEnable/start the timer service

Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?Why is it better?

• EEEEEEEEEEEEEEEEEasy to reproduce (launch the service unit)• LLLLLLLLLLLLLLLLLogs go to the journal, isolated by unit• AAAAAAAAAAAAAAAAAll the advantages of systemd units

NetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingLicensed under a Creative Commons Attribution-ShareAlike 2.0 License

https://www.flickr.com/photos/clonedmilkmen/4391670988

NetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworkingNetworking

• NNNNNNNNNNNNNNNNNew name interfaces• MMMMMMMMMMMMMMMMMakes sense because it is reliable• DDDDDDDDDDDDDDDDDoes not really meet configmgmtrequirements

ConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusion

systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…systemd is complex…

• IIIIIIIIIIIIIIIIIt drags in a bunch of new pattern• IIIIIIIIIIIIIIIIIt supports a lot of scenarios• IIIIIIIIIIIIIIIIIt can do really advanced things

…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks…but based on simple bricks

• IIIIIIIIIIIIIIIIIni-like file format• EEEEEEEEEEEEEEEEEasy to read, to change• CCCCCCCCCCCCCCCCConfig management tools have all the basebricks to manage that

There are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprisesThere are surprises

• sssssssssssssssssystemctl daemon-reload• sssssssssssssssssystemd-tmpfiles• tttttttttttttttttimers

You need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rulesYou need to know the rules

• TTTTTTTTTTTTTTTTTake time to learn how this works• TTTTTTTTTTTTTTTTThere is a gap between systemd devs andsysadmins

• TTTTTTTTTTTTTTTTThere are new non-obvious patterns forsysadmins

• BBBBBBBBBBBBBBBBBut at the end eveyone can win

The tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools sideThe tools side

• TTTTTTTTTTTTTTTTThe tools natively supports systemdservices

• CCCCCCCCCCCCCCCCChef goes a lot further• hhhhhhhhhhhhhhhhhttps://github.com/nathwill/chef-systemd

A Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gapsA Story of gaps

• Gap between systemd and configmgmttools

• Gap between systemd community andcfgmgmt tools community

• Together we can close those gaps

Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?Any Question?

ContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContact

Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivottojulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eu@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie

inuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitshttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.eu

info@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.eu+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636