systemd - Red Hatpeople.redhat.com/phess/2011-12-seminarios_internos-systemd.pdf · PABLO N. HESS...

PABLO N. HESSInstructorRed Hat São PauloDecember 2011

systemdour next-generation init system

General info & History

Authors:

Lennart Poettering (Red Hat)Pulseaudio, Avahi

Kay Sievers (openSUSE)Udev

Current default init for:

Fedora

openSUSE

Mandriva

Future default init for:

Gentoo

Arch

Mageia

Probably everyone else

Spelling:

It’s systemd,

not system Dnot System Dnot SystemDnot system d

Replaces Upstart and SysVinit

Replaces (x)inetd

Replaces fstab and autofs

Better than Upstart

Major features

Massively parallel service initialization

On-demand network service initialization

On-demand fsck’ing & mounting

On-demand socket-based initialization

Motivation:What current init systems

do not/can not provide

Reliable supervisioning

Reliable dependencies

Parallel serviceinitialization

Socket-basedinitialization

Better-than-shellscriptspeeds

Code deduplication/sanitization

Low first user PIDs

Path-based initialization

Daemon process

double fork()

Re-parentedto init

daemon stopp ed

Childnot stopped







Low first user PIDs


SysV/Upstart

Daemon process

double fork()

Re-parentedto init

daemon stopp ed

Whole cgroupstopped

daemon’s cgroupReliable supervisioning






Low first user PIDs


systemd

D-bus started,open socket

CUPS may sendD-bus messages

CUPS starts,needs D-bus

init star ts D-bu s

tell

CU

PS







Low first user PIDs


SysV/Upstart

D-bus started,retrieves messages

CUPS starts,needs D-bus

systemd starts D

-bus

systemd has alreadyopened needed sockets

CUPS may sendD-bus messages







Low first user PIDs


systemd

start() { [ -x $exec ] || exit 5 # Source config if [ -f /etc/sysconfig/rsyslog ] ; then . /etc/sysconfig/rsyslog fi umask 077 echo -n $"Starting system logger: " daemon --pidfile="${PIDFILE}" \ $exec $SYSLOGD_OPTIONS RETVAL=$? echo [ $RETVAL -eq 0 ] && touch $lockfile return $RETVAL}

ExecStartPre=/bin/systemctl stop \ systemd-kmsg-syslogd.serviceExecStart=/usr/sbin/rsyslogd -n -c5Sockets=syslog.socketStandardOutput=null







Low first user PIDs


SystemV

systemd

Rsyslog as an example

sysvinit script

106 lines

75 lines of code

systemd “unit file”

11 lines

9 lines of code







Low first user PIDs


CUPS as an example

CUPS started,processes job

File created in/var/spool/cups

systemd starts C

UP

S







Low first user PIDs


Working with systemd

Everything is a unit:home.automountrsyslog.servicesshd.socketcups.path

Targets “want” unitsmulti-user.target.wants/

postfix.servicecron.targetsysinit.target

sysinit.target.wants/remount-rootfs.servicequotaon.service

auto-mounted FSregular service

socket definitionpath definition

# service sshd start # systemctl start sshd.service

# chkconfig sshd on # systemctl enable sshd.service

add autofs map # systemctl enable home.automount

add fstab entry # systemctl enable home.mount

# init 5 # systemctl isolate graphical.target

Invocation: systemd versus SystemV

SystemV systemd

Unit files example: automount & mount

[Unit]Description=My home directory

[Mount]#What=UUID=fd6e2ed9-d430-45b3-9...What=/dev/sdb9Where=/homeType=ext4Options=noatime,discard,nobarrier

[Unit]Description=Automount my /home

[Automount]Where=/home

[Install]WantedBy=sysinit.target

triggers home.mount

home.automount

home.mount

man systemd.automount

man systemd.mount

Unit files example: swap

[Unit]Description=Swap on /dev/sda5

[Swap]What=/dev/sda5Priority=1TimeoutSec=5

[Install]WantedBy=swap.target

dev-sda5.swap

man systemd.swap

Unit files example: services

[Unit]Description=OpenSSH server daemon.After=syslog.target network.target auditd.service

[Service]Type=simpleExecStart=/usr/sbin/sshd -DExecReload=/bin/kill -HUP $MAINPID

[Install]WantedBy=multi-user.target

sshd.service

or

man systemd.service


# systemctl --full --no-pager |grep getty

[email protected]@[email protected]@[email protected]

or

...[Service]Environment=TERM=linuxExecStart=-/sbin/agetty %I 38400Restart=alwaysRestartSec=0UtmpIdentifier=%ITTYPath=/dev/%I...

[email protected]

man systemd.service


[Unit]Description=SSH Per-Connection ServerAfter=syslog.target

[Service]ExecStart=/usr/sbin/sshd -iStandardInput=socket

[Unit]Conflicts=sshd.service

[Socket]ListenStream=22ListenStream=2200Accept=yes

[Install]WantedBy=sockets.target

sshd.socket

[email protected]

# systemctl --full --no-pager |grep sshd

[email protected]:22-192.168.123.100:[email protected]:22-192.168.123.245:[email protected]:22-192.168.123.245:[email protected]:22-192.168.123.245:[email protected]:2200-66.187.233.202:11574.service

man systemd.service man systemd.socket

Unit files example: services (oneshot)

[Unit]Description=IPv4 firewall with iptablesAfter=syslog.targetConditionPathExists=/etc/sysconfig/iptables

[Service]Type=oneshotRemainAfterExit=yesExecStart=/usr/libexec/iptables.init startExecStop=/usr/libexec/iptables.init stopEnvironment=BOOTUP=serialEnvironment=CONSOLETYPE=serialStandardOutput=syslogStandardError=syslog

[Install]WantedBy=basic.target

iptables.service

external scripts!

Unit files example: services (forking)

[Unit]Description=DNS caching server.After=syslog.target network.target

[Service]Type=forkingPIDFile=/var/run/dnsmasq.pidEnvironmentFile=-/etc/sysconfig/networkExecStart=/usr/sbin/dnsmasq -s $HOSTNAME

[Install]WantedBy=multi-user.target

dnsmasq.service

the choice for legacy SysV init scripts

One dir for the packager

$ ls /lib/systemd/systemabrt-ccpp.service poweroff.serviceabrtd.service poweroff.targetabrt-oops.service poweroff.target.wantsabrt-vmcore.service pppoe-server.serviceaccounts-daemon.service prefdm.servicealsa-restore.service printer.targetalsa-store.service [email protected] proc-sys-fs-binfmt_misc.mountanaconda.target psacct.servicearp-ethers.service quotacheck.serviceatd.service quotaon.serviceauditd.service [email protected] rdisc.serviceavahi-daemon.service reboot.serviceavahi-daemon.socket reboot.targetbasic.target reboot.target.wantsbasic.target.wants remote-fs.targetbluetooth.service remount-rootfs.servicebluetooth.target rescue.servicecanberra-system-bootup.service rescue.targetcanberra-system-shutdown-reboot.service restorecond.servicecanberra-system-shutdown.service rpcbind.targetchronyd.service rsyslog.servicechrony-wait.service rtkit-daemon.serviceconsole-kit-daemon.service runlevel0.targetconsole-kit-log-system-restart.service runlevel1.targetconsole-kit-log-system-start.service runlevel1.target.wantsconsole-kit-log-system-stop.service runlevel2.targetconsole-shell.service runlevel2.target.wantscrond.service runlevel3.targetcryptsetup.target runlevel3.target.wantsctrl-alt-del.target runlevel4.targetcups.path runlevel4.target.wantscups.service runlevel5.targetcups.socket runlevel5.target.wantsdbus-org.freedesktop.hostname1.service runlevel6.targetdbus-org.freedesktop.locale1.service saslauthd.servicedbus-org.freedesktop.login1.service sendmail.servicedbus-org.freedesktop.timedate1.service [email protected] shutdown.targetdbus.socket shutdown.target.wantsdbus.target.wants sigpwr.targetdefault.target single.servicedefault.target.wants smartcard.targetdev-hugepages.mount sm-client.servicedev-mqueue.mount sockets.targetdisplay-manager.service sockets.target.wantsdm-event.service sound.targetdm-event.socket speech-dispatcherd.servicednsmasq.service sshd-keygen.serviceemergency.service sshd.serviceemergency.target sssd.servicefcoe.service swap.targetfedora-autorelabel-mark.service sys-fs-fuse-connections.mountfedora-autorelabel.service sysinit.targetfedora-configure.service sysinit.target.wantsfedora-loadmodules.service sys-kernel-config.mountfedora-readonly.service sys-kernel-debug.mountfedora-storage-init-late.service sys-kernel-security.mountfedora-storage-init.service syslog.socketfedora-wait-storage.service syslog.targetfinal.target syslog.target.wantsfinal.target.wants systemd-ask-password-console.pathfirstboot-graphical.service systemd-ask-password-console.servicefsck-root.service [email protected] [email protected] systemd-ask-password-wall.pathgetty.target systemd-ask-password-wall.servicegraphical.target systemd-binfmt.servicegraphical.target.wants systemd-hostnamed.servicehalt-local.service systemd-initctl.servicehalt.service systemd-initctl.sockethalt.target systemd-kmsg-syslogd.servicehalt.target.wants systemd-localed.servicehttp-daemon.target systemd-logind.serviceinstperf.service systemd-modules-load.serviceip6tables.service systemd-random-seed-load.serviceiptables.service systemd-random-seed-save.serviceirda.service systemd-readahead-collect.serviceirqbalance.service systemd-readahead-done.servicekexec.service systemd-readahead-done.timerkexec.target systemd-readahead-replay.servicekexec.target.wants systemd-remount-api-vfs.servicelldpad.service systemd-shutdownd.serviceloader.service systemd-shutdownd.socketlocal-fs.target systemd-stdout-syslog-bridge.servicelocal-fs.target.wants systemd-stdout-syslog-bridge.socketlvm2-monitor.service systemd-sysctl.servicemail-transfer-agent.target systemd-timedated.servicemcelog.service systemd-tmpfiles-clean.servicemdmonitor.service systemd-tmpfiles-clean.timermdmonitor-takeover.service systemd-tmpfiles-setup.servicemedia.mount systemd-update-utmp-runlevel.servicemessagebus.service systemd-update-utmp-shutdown.servicemultipathd.service systemd-user-sessions.servicemulti-user.target systemd-vconsole-setup.servicemulti-user.target.wants system-setup-keyboard.serviceNetworkManager.service time-sync.targetNetworkManager-wait-online.service udev-configure-printer.servicenetwork.target udev-control.socketnss-lookup.target [email protected] udev.serviceplymouth-halt.service udev-settle.serviceplymouth-kexec.service udev-trigger.serviceplymouth-poweroff.service umount.targetplymouth-quit.service [email protected] var-lock.mountplymouth-read-write.service var-run.mountplymouth-reboot.service wpa_supplicant.serviceplymouth-start.service

One dir for the packager

$ ls /lib/systemd/systemabrt-ccpp.service poweroff.serviceabrtd.service poweroff.targetabrt-oops.service poweroff.target.wantsabrt-vmcore.service pppoe-server.serviceaccounts-daemon.service prefdm.servicealsa-restore.service printer.targetalsa-store.service [email protected] proc-sys-fs-binfmt_misc.mountanaconda.target psacct.servicearp-ethers.service quotacheck.serviceatd.service quotaon.serviceauditd.service [email protected] rdisc.serviceavahi-daemon.service reboot.serviceavahi-daemon.socket reboot.targetbasic.target reboot.target.wantsbasic.target.wants remote-fs.targetbluetooth.service remount-rootfs.servicebluetooth.target rescue.servicecanberra-system-bootup.service rescue.targetcanberra-system-shutdown-reboot.service restorecond.servicecanberra-system-shutdown.service rpcbind.targetchronyd.service rsyslog.servicechrony-wait.service rtkit-daemon.serviceconsole-kit-daemon.service runlevel0.targetconsole-kit-log-system-restart.service runlevel1.targetconsole-kit-log-system-start.service runlevel1.target.wantsconsole-kit-log-system-stop.service runlevel2.targetconsole-shell.service runlevel2.target.wantscrond.service runlevel3.targetcryptsetup.target runlevel3.target.wantsctrl-alt-del.target runlevel4.targetcups.path runlevel4.target.wantscups.service runlevel5.targetcups.socket runlevel5.target.wantsdbus-org.freedesktop.hostname1.service runlevel6.targetdbus-org.freedesktop.locale1.service saslauthd.servicedbus-org.freedesktop.login1.service sendmail.servicedbus-org.freedesktop.timedate1.service [email protected] shutdown.targetdbus.socket shutdown.target.wantsdbus.target.wants sigpwr.targetdefault.target single.servicedefault.target.wants smartcard.targetdev-hugepages.mount sm-client.servicedev-mqueue.mount sockets.targetdisplay-manager.service sockets.target.wantsdm-event.service sound.targetdm-event.socket speech-dispatcherd.servicednsmasq.service sshd-keygen.serviceemergency.service sshd.serviceemergency.target sssd.servicefcoe.service swap.targetfedora-autorelabel-mark.service sys-fs-fuse-connections.mountfedora-autorelabel.service sysinit.targetfedora-configure.service sysinit.target.wantsfedora-loadmodules.service sys-kernel-config.mountfedora-readonly.service sys-kernel-debug.mountfedora-storage-init-late.service sys-kernel-security.mountfedora-storage-init.service syslog.socketfedora-wait-storage.service syslog.targetfinal.target syslog.target.wantsfinal.target.wants systemd-ask-password-console.pathfirstboot-graphical.service systemd-ask-password-console.servicefsck-root.service [email protected] [email protected] systemd-ask-password-wall.pathgetty.target systemd-ask-password-wall.servicegraphical.target systemd-binfmt.servicegraphical.target.wants systemd-hostnamed.servicehalt-local.service systemd-initctl.servicehalt.service systemd-initctl.sockethalt.target systemd-kmsg-syslogd.servicehalt.target.wants systemd-localed.servicehttp-daemon.target systemd-logind.serviceinstperf.service systemd-modules-load.serviceip6tables.service systemd-random-seed-load.serviceiptables.service systemd-random-seed-save.serviceirda.service systemd-readahead-collect.serviceirqbalance.service systemd-readahead-done.servicekexec.service systemd-readahead-done.timerkexec.target systemd-readahead-replay.servicekexec.target.wants systemd-remount-api-vfs.servicelldpad.service systemd-shutdownd.serviceloader.service systemd-shutdownd.socketlocal-fs.target systemd-stdout-syslog-bridge.servicelocal-fs.target.wants systemd-stdout-syslog-bridge.socketlvm2-monitor.service systemd-sysctl.servicemail-transfer-agent.target systemd-timedated.servicemcelog.service systemd-tmpfiles-clean.servicemdmonitor.service systemd-tmpfiles-clean.timermdmonitor-takeover.service systemd-tmpfiles-setup.servicemedia.mount systemd-update-utmp-runlevel.servicemessagebus.service systemd-update-utmp-shutdown.servicemultipathd.service systemd-user-sessions.servicemulti-user.target systemd-vconsole-setup.servicemulti-user.target.wants system-setup-keyboard.serviceNetworkManager.service time-sync.targetNetworkManager-wait-online.service udev-configure-printer.servicenetwork.target udev-control.socketnss-lookup.target [email protected] udev.serviceplymouth-halt.service udev-settle.serviceplymouth-kexec.service udev-trigger.serviceplymouth-poweroff.service umount.targetplymouth-quit.service [email protected] var-lock.mountplymouth-read-write.service var-run.mountplymouth-reboot.service wpa_supplicant.serviceplymouth-start.service

...and one for the sysadmin

$ ls /etc/systemd/systemhome.automount home.mountbasic.target.wants graphical.target.wantsbluetooth.target.wants multi-user.target.wantsmy-own-target.target.wants network.target.wantsdbus-org.freedesktop.NetworkManager.service printer.target.wantsdefault.target sockets.target.wantsdefault.target.wants sysinit.target.wantsgetty.target.wants

Troubleshooting

Select a target (“runlevel”) at boot time:

kernel /vmlinuz-3.1 (...) systemd.target=emergency.target

loads the basic stuff

kernel /vmlinuz-3.1 (...) systemd.target=multi-user.target

equivalent to runlevel 3

kernel /vmlinuz-3.1 (...) systemd.log_level=debug

sets log level

kernel /vmlinuz-3.1 (...) systemd.log_target=kmsg

logs to dmesg

Benchmarking

# systemd-analyze time

Startup finished in 1812ms (kernel) + 3722ms (initramfs) + 3912ms (userspace) = 9446ms

# systemd-analyze blame

9682ms sshd-keygen.service4483ms abrtd.service4382ms plymouth-start.service4365ms systemd-readahead-replay.service2268ms sendmail.service2182ms udev-settle.service ... 16ms rpcbind.service 13ms dnsmasq.service

Benchmarking

# systemd-analyze plot

PABLO N. HESSInstructorRed Hat São PauloDecember 2011

Date post:	21-Mar-2020
Category:	Documents
Upload:	others
View:	3 times
Download:	0 times

systemd - Red Hatpeople.redhat.com/phess/2011-12-seminarios_internos-systemd.pdf · PABLO N. HESS...

Documents