Getting the maximum out of systemd

Julien Pivotto
Julien PivottoOpen Source Consultant at Inuits
Getting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemd
Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto
FLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring Conference
March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016
whoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoami
Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto
• Sysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.eu
• FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004
• systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010
EEEEEEEEEEEEEEEEExherbo Linux
• DevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believer
• @roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie on irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/github
inuits.eu
systemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemd
• AAAAAAAAAAAAAAAAAn init system
• IIIIIIIIIIIIIIIIImprove the Linux init process
• SSSSSSSSSSSSSSSSStarting more in parallel
• MMMMMMMMMMMMMMMMMaking better decisions
• TTTTTTTTTTTTTTTTTakes advantages of Linux features
systemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoption
• 22222222222222222011: Fedora, Exherbo
• 22222222222222222012: Mageia, openSUSE, Arch Linux
• 22222222222222222013: CoreOS
• 22222222222222222014: RHEL, CentOS
• 22222222222222222015: Ubuntu, Debian
AlternativesAlternativesAlternativesAlternativesAlternativesAlternativesAlternativesAlternativesAlternativesAlternativesAlternativesAlternativesAlternativesAlternativesAlternativesAlternativesAlternatives
• SSSSSSSSSSSSSSSSSystem V: legacy
• UUUUUUUUUUUUUUUUUpstart: Ubuntu < 2015 and EL6
• OOOOOOOOOOOOOOOOOpenRC: mainly Gentoo
Talk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibility
• CCCCCCCCCCCCCCCCContent of this talk runs on CentOS 7.2
• sssssssssssssssssystemd 219
• SSSSSSSSSSSSSSSSShould work on any other distro
UnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnits
Licensed under a Creative Commons Attribution 2.0 License
https://www.flickr.com/photos/dbackmansfo/10939296845
systemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd units
• BBBBBBBBBBBBBBBBBase bricks of systemd systems
• OOOOOOOOOOOOOOOOOne unit = one resource
• mmmmmmmmmmmmmmmmmountpoint, service, device, timer, socket, …
• nnnnnnnnnnnnnnnnnetwork.target
• mmmmmmmmmmmmmmmmmariadb.service
• ssssssssssssssssshaarli.socket
• pppppppppppppppppuppet-run.timer
• hhhhhhhhhhhhhhhhhome.mount
• sssssssssssssssssession-1.scope
Unit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configuration
• IIIIIIIIIIIIIIIIIni-style text files
• LLLLLLLLLLLLLLLLList: systemctl list-units --all
• RRRRRRRRRRRRRRRRRead: systemctl cat
Unit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit example
[Unit]
Description=nscd
[Service]
Type=forking
PIDFile=/run/nscd/nscd.pid
ExecStart=/usr/host/bin/nscd
ExecStop=/usr/host/bin/nscd −−shutdown
[Install]
WantedBy=multi−user.target
Where?Where?Where?Where?Where?Where?Where?Where?Where?Where?Where?Where?Where?Where?Where?Where?Where?
• /////////////////etc/systemd/system/*
• /////////////////run/systemd/system/*
• /////////////////usr/lib/systemd/system/*
Here is the rule:
Packaged files go in /usr/lib.
Humans (or Config management
tools) override in /etc.
Overriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding units
Licensed under a Creative Commons Attribution 2.0 License
https://www.flickr.com/photos/alovesdc/3468924493
Overriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: why
• AAAAAAAAAAAAAAAAAdd/Remove/Change parameters
• AAAAAAAAAAAAAAAAAdapt them to your needs
• SSSSSSSSSSSSSSSSSet ulimits, user, …
• FFFFFFFFFFFFFFFFFix bugs
Changing services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemd
• RRRRRRRRRRRRRRRRReplace /etc/init.d scripts
• /////////////////etc/default, /etc/sysconfig
• SSSSSSSSSSSSSSSSSpaghetti code
Overriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemd
• OOOOOOOOOOOOOOOOOverride completely a unit
• JJJJJJJJJJJJJJJJJust add/change one parameter
• """""""""""""""""Patch" vendor units
Complete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete override
# /etc/systemd/system/openvpn.service
[Unit]
Description=OpenVPN
After=syslog.target
[Service]
ExecStart=/usr/host/bin/openvpn −−syslog −−writepid /run
/openvpn.pid −−cd /etc/openvpn −−config /etc/openvpn/
openvpn.conf
[Install]
WantedBy=multi−user.target
Advantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overrides
• IIIIIIIIIIIIIIIIIn /etc/systemd/system
• DDDDDDDDDDDDDDDDDo not conflict with packages
• OOOOOOOOOOOOOOOOOverride everything, even dependencies
• NNNNNNNNNNNNNNNNNot only for overrides: if you have
unpackaged units, put them there
Partial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial override
# /etc/systemd/system/mariadb.service.d/niceness.conf
[service]
Nice=5
Advantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overrides
• IIIIIIIIIIIIIIIIIn /etc/systemd/system/$Unit
name.d/*.conf
• DDDDDDDDDDDDDDDDDo not conflict with packages
• OOOOOOOOOOOOOOOOOverride only what is needed
• AAAAAAAAAAAAAAAAAdapt while still accept upstream work
• NNNNNNNNNNNNNNNNNo need to adapt at each upgrade
• WWWWWWWWWWWWWWWWWorks for everything (not only services)
The price of that flexibility:
systemctl daemon-reload
Verify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unit
systemctl cat mariadb.service
# /usr/x86_64−pc−linux−gnu/lib/systemd/system/mariadb.
service
[Unit]
Description=MySQL database server
After=syslog.target
After=network.target
[Service]
User=mysql
Group=mysql
ExecStart=/usr/sbin/mysqld −−defaults−file=/etc/mysql/my
.cnf −−basedir=/usr −−datadir=/var/lib/mysql
# /etc/systemd/system/mariadb.service.d/nice.conf
[service]
Nice=5
Instantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated units
• UUUUUUUUUUUUUUUUUnits cat take @ in the name
• ooooooooooooooooopenvpn@inuits.service
• OOOOOOOOOOOOOOOOOn-disk: openvpn@.service
• IIIIIIIIIIIIIIIIIn the file: %i will be "inuits"
• %%%%%%%%%%%%%%%%%p will be "openvpn"
Instantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit example
[Unit]
Description=OpenVPN daemon %i
After=syslog.target
[Service]
ExecStart=/usr/host/bin/openvpn −−writepid /run/openvpn
.%i.pid −−cd /etc/openvpn −−config /etc/openvpn/%i.
conf
PIDFile=/run/openvpn.%i.pid
Controlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling units
• sssssssssssssssssystemctl start mariadb.service
• sssssssssssssssssystemctl status /dev/sda
• sssssssssssssssssystemctl stop openvpn@*.service
• sssssssssssssssssystemctl kill openvpn
• sssssssssssssssssystemctl kill -s SIGKILL openvpn.service
• sssssssssssssssssystemctl is-active runlevel1.target
• sssssssssssssssssystemctl is-failed puppet-run.service
• sssssssssssssssssystemctl is-failed puppet-run.service
• sssssssssssssssssystemctl help mariadb.service
Enabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a service
• sssssssssssssssssystemctl disable mariadb.service
• WWWWWWWWWWWWWWWWWill disable the service
• PPPPPPPPPPPPPPPPPrevent it to start automatically
MaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMasking
• sssssssssssssssssystemctl mask mariadb.service
• sssssssssssssssssystemctl mask --force mariadb.service
• llllllllllllllllln -s /dev/null
/etc/systemd/system/mariadb.service
• PPPPPPPPPPPPPPPPPrevents a unit to start
• BBBBBBBBBBBBBBBBBetter than "disabling"
• PPPPPPPPPPPPPPPPPrevent units to be launched by hand or
systemd
ServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServices
Licensed under a Creative Commons Attribution ShareAlike 2.0 License
https://www.flickr.com/photos/nojhan/754257252
ServiceServiceServiceServiceServiceServiceServiceServiceServiceServiceServiceServiceServiceServiceServiceServiceService
• AAAAAAAAAAAAAAAAAn important part of the units
• UUUUUUUUUUUUUUUUUses cgroups to track processes
• [[[[[[[[[[[[[[[[[Service] section inside units
What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?
• TTTTTTTTTTTTTTTTThe command(s) to run
• MMMMMMMMMMMMMMMMMost of them can fork or stay in foreground
• sssssssssssssssssystemd can manage both
Type=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simple
• UUUUUUUUUUUUUUUUUsecase: the service stays in foreground
• sssssssssssssssssystemd will track the process
• IIIIIIIIIIIIIIIIIt will take care of running it "in the
background"
Type=forkingType=forkingType=forkingType=forkingType=forkingType=forkingType=forkingType=forkingType=forkingType=forkingType=forkingType=forkingType=forkingType=forkingType=forkingType=forkingType=forking
• UUUUUUUUUUUUUUUUUsecase: the service forks when ready
• sssssssssssssssssystemd will track process and its forks
Type=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshot
• UUUUUUUUUUUUUUUUUsecase: A command to run
• eeeeeeeeeeeeeeeee.g: puppet agent --test
• IIIIIIIIIIIIIIIIInteresting options: RemainAfterExit=,
SuccessExitStatus=
• RRRRRRRRRRRRRRRRReliable way to run commands
• CCCCCCCCCCCCCCCCCan have all the services properties
Other propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther properties
• EEEEEEEEEEEEEEEEExecStart= ExecStop=
• EEEEEEEEEEEEEEEEExecStartPre= ExecStartPost=
• EEEEEEEEEEEEEEEEExecReload=
• TTTTTTTTTTTTTTTTTimeoutStartSec= TimeoutSec=
• RRRRRRRRRRRRRRRRRuntimeMaxSec=
• RRRRRRRRRRRRRRRRRestart=on-failure
ExecsExecsExecsExecsExecsExecsExecsExecsExecsExecsExecsExecsExecsExecsExecsExecsExecs
Licensed under a Creative Commons Attribution 2.0 License
https://www.flickr.com/photos/daveynin/3657852579/
execsexecsexecsexecsexecsexecsexecsexecsexecsexecsexecsexecsexecsexecsexecsexecsexecs
• AAAAAAAAAAAAAAAAA set of properties to configure an exec
environment
• UUUUUUUUUUUUUUUUUsed in services, mounts, swap, socket
units
• DDDDDDDDDDDDDDDDDeterministic environment for processes
Classic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic properties
• UUUUUUUUUUUUUUUUUser= Group=
• NNNNNNNNNNNNNNNNNice=
• OOOOOOOOOOOOOOOOOOMScoreAdjust=
• LLLLLLLLLLLLLLLLLimitNOFILE=
• EEEEEEEEEEEEEEEEEnvironment= EnvironmentFile=
Isolation/SecurityIsolation/SecurityIsolation/SecurityIsolation/SecurityIsolation/SecurityIsolation/SecurityIsolation/SecurityIsolation/SecurityIsolation/SecurityIsolation/SecurityIsolation/SecurityIsolation/SecurityIsolation/SecurityIsolation/SecurityIsolation/SecurityIsolation/SecurityIsolation/Security
• PPPPPPPPPPPPPPPPPrivateTmp=
• PPPPPPPPPPPPPPPPPrivateNetwork= PrivateDevices=
• PPPPPPPPPPPPPPPPProtectSystem=
• PPPPPPPPPPPPPPPPProtectHome=
• RRRRRRRRRRRRRRRRReadWriteDirectories=
ReadOnlyDirectories=
• IIIIIIIIIIIIIIIIInaccessibleDirectories=
DependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependencies
• RRRRRRRRRRRRRRRRRequires=
• WWWWWWWWWWWWWWWWWants=
• AAAAAAAAAAAAAAAAAfter= Before=
• AAAAAAAAAAAAAAAAAny unit can depent on any unit
• AAAAAAAAAAAAAAAAA service can require a mountpoint
• AAAAAAAAAAAAAAAAA moutpoint can require a target
Problems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solved
• RRRRRRRRRRRRRRRRRun service as a different user
• JJJJJJJJJJJJJJJJJava Service Wrapper
• GGGGGGGGGGGGGGGGGo Service Wrapper
• YYYYYYYYYYYYYYYYYou can still use custom scripts
tmpfilestmpfilestmpfilestmpfilestmpfilestmpfilestmpfilestmpfilestmpfilestmpfilestmpfilestmpfilestmpfilestmpfilestmpfilestmpfilestmpfiles
Licensed under a Creative Commons Attribution 2.0 License
https://www.flickr.com/photos/english106/4357529719
temp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp files
• /////////////////etc/tmpfiles.d/*.conf
• /////////////////run/tmpfiles.d/*.conf
• /////////////////usr/lib/tmpfiles.d/*.conf
temp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp files
• sssssssssssssssssystemd will create, and cleanup temporary
files
• YYYYYYYYYYYYYYYYYou can assign files, directories to specific
users
• IIIIIIIIIIIIIIIIIt will decide when to delete them
• WWWWWWWWWWWWWWWWWhen you change the files, run
systemd-tmpfiles --create
MountpointsMountpointsMountpointsMountpointsMountpointsMountpointsMountpointsMountpointsMountpointsMountpointsMountpointsMountpointsMountpointsMountpointsMountpointsMountpointsMountpoints
Licensed under a Creative Commons Attribution ShareAlike 2.0 License
https://www.flickr.com/photos/manchesterlibrary/5425248883/
mountmountmountmountmountmountmountmountmountmountmountmountmountmountmountmountmount
• mmmmmmmmmmmmmmmmmounts are units
• sssssssssssssssssystemd parses /etc/fstab
• sssssssssssssssssystemd creates dependencies
systemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab options
• xxxxxxxxxxxxxxxxx-systemd.automount
• nnnnnnnnnnnnnnnnnofail
• aaaaaaaaaaaaaaaaauto noauto
/etc/fstab/etc/fstab/etc/fstab/etc/fstab/etc/fstab/etc/fstab/etc/fstab/etc/fstab/etc/fstab/etc/fstab/etc/fstab/etc/fstab/etc/fstab/etc/fstab/etc/fstab/etc/fstab/etc/fstab
//host1/share /net/share cifs noauto ,nofail ,x−systemd.
automount ,x−systemd.requires=network.target 0 0
journaldjournaldjournaldjournaldjournaldjournaldjournaldjournaldjournaldjournaldjournaldjournaldjournaldjournaldjournaldjournaldjournald
Licensed under a Creative Commons Attribution 2.0 License
https://www.flickr.com/photos/gregloby/3763720734
systemd-journaldsystemd-journaldsystemd-journaldsystemd-journaldsystemd-journaldsystemd-journaldsystemd-journaldsystemd-journaldsystemd-journaldsystemd-journaldsystemd-journaldsystemd-journaldsystemd-journaldsystemd-journaldsystemd-journaldsystemd-journaldsystemd-journald
• AAAAAAAAAAAAAAAAA daemon that captures and stores the logs
• sssssssssssssssssyslog
• kkkkkkkkkkkkkkkkkernel logs
• bbbbbbbbbbbbbbbbboot messages
• ssssssssssssssssstdout/stderr of services
systemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integration
• sssssssssssssssssystemctl status shows the latest logs
• sssssssssssssssssystemctl status -n 100
• sssssssssssssssssystemctl status -l
Enabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journald
• BBBBBBBBBBBBBBBBBy default (el7), hybrid mode (not
persistent)
• MMMMMMMMMMMMMMMMMake it persistent: mkdir -p /var/log/journal
Reading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logs
• fffffffffffffffffollow: journalctl -f
• lllllllllllllllllast lines: journalctl -n 100
• fffffffffffffffffrom a unit: journalctl -u puppet-run.service
• ooooooooooooooooonly this boot: journalctl -b
• ooooooooooooooooonly this process: journalctl
/opt/puppetlabs/puppet/bin/ruby
Logs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs example
− Logs begin at Mon 2016−03−14 18:30:28 CET, end at Tue
2016
Mar 14 18:30:28 fqdn systemd−journal[137]: Runtime journ
Mar 14 18:30:28 fqdn systemd−journal[137]: Runtime journ
Mar 14 18:30:28 fqdn kernel: Initializing cgroup subsys
Mar 14 18:30:28 fqdn kernel: Initializing cgroup subsys
Mar 14 18:30:28 fqdn kernel: Initializing cgroup subsys
Mar 14 18:30:28 fqdn kernel: Linux version 3.10.0−327.10
Mar 14 18:30:28 fqdn kernel: Command line: BOOT_IMAGE=/b
Mar 14 18:30:28 fqdn kernel: e820: BIOS−provided physica
Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x000000000
Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x000000000
Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x000000000
Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x000000000
Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x00000000b
Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x00000000f
Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x00000000f
Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x000000010
timerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimers
Licensed under a Creative Commons Attribution 2.0 License
https://www.flickr.com/photos/modomatic/2538687135
Traditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cron
AMQP_BROKER_HOST =10.1.40.19
MAILTO="sysadmin@example.com"
ORACLE_HOME="/opt/example/part/python−oracle"
PG_HOSTNAME ="10.1.30.10"
PG_NAME="example"
WS_URL=https://prod.example.com/ws/input
LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/opt/example/lib"
CUPS_HOSTNAME ="10.1.40.1"
LOGGING_HOST ="10.0.50.16"
LOGGING_PORT="5544"
0 * * * * /opt/example/bin/cron−hourly
30 times.
What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?
• NNNNNNNNNNNNNNNNNo one reads those mails
• DDDDDDDDDDDDDDDDDo not keep track of exit code
• HHHHHHHHHHHHHHHHHard to read that crontab
• HHHHHHHHHHHHHHHHHow to reproduce the script?
timerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimers
• UUUUUUUUUUUUUUUUUnits that are used to launch a service unit
• SSSSSSSSSSSSSSSSSupports some cron features and anacron
• AAAAAAAAAAAAAAAAAllows you to launch commands in a
controlled environment
timers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs cron
• NNNNNNNNNNNNNNNNNo built-in emails function
• CCCCCCCCCCCCCCCCCron is more simple (one line to one file vs 2
units)
• TTTTTTTTTTTTTTTTTimers uses services, so predictible env
• YYYYYYYYYYYYYYYYYou can run independently the service unit
• TTTTTTTTTTTTTTTTTimers logs are in systemd
Timers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers example
# /etc/systemd/system/puppet−run.timer
[Unit]
Description=Systemd Timer for Puppet Agent
[Timer]
OnCalendar=*−*−* *:0,30:00
Persistent=true
[Install]
WantedBy=timers.target
What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?
• sssssssssssssssssystemctl list-timers
• LLLLLLLLLLLLLLLLLast run time
• NNNNNNNNNNNNNNNNNext run time
• SSSSSSSSSSSSSSSSService unit
Socket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activation
Licensed under a Creative Commons Attribution 2.0 License
https://www.flickr.com/photos/alikai/1376760481
Socket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activation
• GGGGGGGGGGGGGGGGGoal: start a service when needed
• sssssssssssssssssystemd will open a socket
• SSSSSSSSSSSSSSSSStart the service at first connection
• pppppppppppppppppass the socket to the service
socket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unit
# /etc/systemd/system/proxy−to−shaarli.socket
[Unit]
Description=Shaarli Proxy
[Socket]
ListenStream =127.0.0.1:43000
[Install]
WantedBy=default.target
systemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unit
[Unit]
Requires=shaarli.service
After=shaarli.service
JoinsNamespaceOf=shaarli.service
[Service]
ExecStart=/usr/lib/systemd/systemd−socket−proxyd
127.0.0.1:43001
Actual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unit
[Unit]
Description=Shaarli
[Service]
WorkingDirectory=/opt/Shaarli/dev
ExecStart=/usr/bin/php −S 127.0.0.1:43001
ExecStartPost=/bin/sleep 0.1
User=shaarli
Group=shaarli
[Install]
WantedBy=default.target
Side commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commands
Licensed under a Creative Commons Attribution ShareAlike 2.0 License
https://www.flickr.com/photos/archer10/3029638204/
systemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commands
• sssssssssssssssssystemd-cgls: Show the cgroups hierarchy
• sssssssssssssssssystemd-analyze blame: Shows the startup
time
• sssssssssssssssssystemd-nspawn: Containers
• sssssssssssssssssystemd-run: run a command like if it was a
service unit
systemd-runsystemd-runsystemd-runsystemd-runsystemd-runsystemd-runsystemd-runsystemd-runsystemd-runsystemd-runsystemd-runsystemd-runsystemd-runsystemd-runsystemd-runsystemd-runsystemd-run
systemd−run −t −p PrivateTmp=true −p PrivateNetwork=yes
−p ProtectHome=true bash
system settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settings
• tttttttttttttttttimedatectl: manage/show current
datetime, timezome, DST change
• lllllllllllllllllocatectl: locale/keyboard changes
• mmmmmmmmmmmmmmmmmachinectl: containers/vms management
• hhhhhhhhhhhhhhhhhostnamectl: change/view system
hostname and os info
ConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusionConclusion
Licensed under a Creative Commons Attribution 2.0 License
https://www.flickr.com/photos/drainrat/14090130452
systemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemd
• AAAAAAAAAAAAAAAAAvailable in all modern distros
• BBBBBBBBBBBBBBBBBy default in almost all of them
• MMMMMMMMMMMMMMMMMakes a lot for standardization
• RRRRRRRRRRRRRRRRRemoves "Distro" lock-in, Adds "Linux"
lock-in
• IIIIIIIIIIIIIIIIIt did more for standardization than LFS
systemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemd
• PPPPPPPPPPPPPPPPPowerful tools, easily configured
• RRRRRRRRRRRRRRRRReadable configuration
• TTTTTTTTTTTTTTTTTakes advantage of Linux-specific
mechanisms
• RRRRRRRRRRRRRRRRRemoves the need for a lot of workarounds
ContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContact
Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto
julien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eu
@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie
inuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuits
https://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.eu
info@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.eu
+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636
1 of 75

Recommended

RPM experiments by
RPM experimentsRPM experiments
RPM experimentsJulien Pivotto
1.6K views42 slides
Enhance OpenSSH for fun and security by
Enhance OpenSSH for fun and securityEnhance OpenSSH for fun and security
Enhance OpenSSH for fun and securityJulien Pivotto
1.8K views72 slides
Puppet and software delivery by
Puppet and software deliveryPuppet and software delivery
Puppet and software deliveryJulien Pivotto
2K views48 slides
Puppet and Software Delivery by
Puppet and Software DeliveryPuppet and Software Delivery
Puppet and Software DeliveryJulien Pivotto
2.2K views50 slides
Managing a R&D Lab with Foreman by
Managing a R&D Lab with ForemanManaging a R&D Lab with Foreman
Managing a R&D Lab with ForemanJulien Pivotto
1.6K views91 slides
An introduction to the Pulp project by
An introduction to the Pulp projectAn introduction to the Pulp project
An introduction to the Pulp projectJulien Pivotto
9.6K views86 slides

More Related Content

What's hot

DNSSec by
DNSSecDNSSec
DNSSecJulien Pivotto
1.9K views71 slides
Managing a R&D Lab with Foreman by
Managing a R&D Lab with ForemanManaging a R&D Lab with Foreman
Managing a R&D Lab with ForemanJulien Pivotto
1K views91 slides
CentOS Config Management SIG by
CentOS Config Management SIGCentOS Config Management SIG
CentOS Config Management SIGJulien Pivotto
2.4K views20 slides
Monitoring at Cloud Scale by
Monitoring at Cloud ScaleMonitoring at Cloud Scale
Monitoring at Cloud ScaleJulien Pivotto
8.5K views47 slides
Coworking with git by
Coworking with gitCoworking with git
Coworking with gitJulien Pivotto
2.7K views58 slides
Postgresql 9.0 HA at RMLL 2012 by
Postgresql 9.0 HA at RMLL 2012Postgresql 9.0 HA at RMLL 2012
Postgresql 9.0 HA at RMLL 2012Julien Pivotto
4K views119 slides

What's hot(20)

Managing a R&D Lab with Foreman by Julien Pivotto
Managing a R&D Lab with ForemanManaging a R&D Lab with Foreman
Managing a R&D Lab with Foreman
Julien Pivotto1K views
CentOS Config Management SIG by Julien Pivotto
CentOS Config Management SIGCentOS Config Management SIG
CentOS Config Management SIG
Julien Pivotto2.4K views
Monitoring at Cloud Scale by Julien Pivotto
Monitoring at Cloud ScaleMonitoring at Cloud Scale
Monitoring at Cloud Scale
Julien Pivotto8.5K views
Deployment and Continous Integration of a Zope/Plone application by Julien Pivotto
Deployment and Continous Integration of a Zope/Plone applicationDeployment and Continous Integration of a Zope/Plone application
Deployment and Continous Integration of a Zope/Plone application
Julien Pivotto4.2K views
BSides Hannover 2015 - Shell on Wheels by infodox
BSides Hannover 2015 - Shell on WheelsBSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on Wheels
infodox2.4K views
Augeas, swiss knife resources for your puppet tree by Julien Pivotto
Augeas, swiss knife resources for your puppet treeAugeas, swiss knife resources for your puppet tree
Augeas, swiss knife resources for your puppet tree
Julien Pivotto4.2K views
Steelcon 2015 - 0wning the internet of trash by infodox
Steelcon 2015 - 0wning the internet of trashSteelcon 2015 - 0wning the internet of trash
Steelcon 2015 - 0wning the internet of trash
infodox2.3K views
OSDC 2016 - Automating a R&D lab with Foreman: What can be hard? by Julien Pi... by NETWAYS
OSDC 2016 - Automating a R&D lab with Foreman: What can be hard? by Julien Pi...OSDC 2016 - Automating a R&D lab with Foreman: What can be hard? by Julien Pi...
OSDC 2016 - Automating a R&D lab with Foreman: What can be hard? by Julien Pi...
NETWAYS143 views
Working with multiple git repositories by Julien Pivotto
Working with multiple git repositoriesWorking with multiple git repositories
Working with multiple git repositories
Julien Pivotto17K views
11 Tools for your Open Source devops stack by Kris Buytaert
11 Tools for your Open Source devops stack 11 Tools for your Open Source devops stack
11 Tools for your Open Source devops stack
Kris Buytaert13.5K views
Destruction, Decapods and Doughnuts: Continuous Delivery for Audio & Video Fa... by Rachel Evans
Destruction, Decapods and Doughnuts: Continuous Delivery for Audio & Video Fa...Destruction, Decapods and Doughnuts: Continuous Delivery for Audio & Video Fa...
Destruction, Decapods and Doughnuts: Continuous Delivery for Audio & Video Fa...
Rachel Evans844 views
BSides Edinburgh 2017 - TR-06FAIL and other CPE Configuration Disasters by infodox
BSides Edinburgh 2017 - TR-06FAIL and other CPE Configuration DisastersBSides Edinburgh 2017 - TR-06FAIL and other CPE Configuration Disasters
BSides Edinburgh 2017 - TR-06FAIL and other CPE Configuration Disasters
infodox1K views
Using Eclipse to Build a Linux Distribution by jerboaa
Using Eclipse to Build a Linux DistributionUsing Eclipse to Build a Linux Distribution
Using Eclipse to Build a Linux Distribution
jerboaa755 views

Viewers also liked

Configuration Surgery with Augeas by
Configuration Surgery with AugeasConfiguration Surgery with Augeas
Configuration Surgery with AugeasPuppet
12.7K views38 slides
Systemd evolution revolution_regression by
Systemd evolution revolution_regressionSystemd evolution revolution_regression
Systemd evolution revolution_regressionSusant Sahani
766 views18 slides
Systemd mlug-20140614 by
Systemd mlug-20140614Systemd mlug-20140614
Systemd mlug-20140614Susant Sahani
1.3K views42 slides
CLUG 2010 09 - systemd - the new init system by
CLUG 2010 09 - systemd - the new init systemCLUG 2010 09 - systemd - the new init system
CLUG 2010 09 - systemd - the new init systemPaulWay
1.4K views117 slides
Linux Presentation by
Linux PresentationLinux Presentation
Linux Presentationkuldeepakgautam
1.4K views40 slides
Systemd for developers by
Systemd for developersSystemd for developers
Systemd for developersAlison Chaiken
1.7K views53 slides

Viewers also liked(20)

Configuration Surgery with Augeas by Puppet
Configuration Surgery with AugeasConfiguration Surgery with Augeas
Configuration Surgery with Augeas
Puppet12.7K views
Systemd evolution revolution_regression by Susant Sahani
Systemd evolution revolution_regressionSystemd evolution revolution_regression
Systemd evolution revolution_regression
Susant Sahani766 views
Systemd mlug-20140614 by Susant Sahani
Systemd mlug-20140614Systemd mlug-20140614
Systemd mlug-20140614
Susant Sahani1.3K views
CLUG 2010 09 - systemd - the new init system by PaulWay
CLUG 2010 09 - systemd - the new init systemCLUG 2010 09 - systemd - the new init system
CLUG 2010 09 - systemd - the new init system
PaulWay1.4K views
systemd and configuration management by Julien Pivotto
systemd and configuration managementsystemd and configuration management
systemd and configuration management
Julien Pivotto2.9K views
Introduction to systemd by Yusaku OGAWA
Introduction to systemdIntroduction to systemd
Introduction to systemd
Yusaku OGAWA4.3K views
Your first dive into systemd! by Etsuji Nakai
Your first dive into systemd!Your first dive into systemd!
Your first dive into systemd!
Etsuji Nakai13.3K views
Epoll - from the kernel side by llj098
Epoll -  from the kernel sideEpoll -  from the kernel side
Epoll - from the kernel side
llj09817.7K views
linux software architecture by Sneha Ramesh
linux software architecture linux software architecture
linux software architecture
Sneha Ramesh4.4K views
Full system roll-back and systemd in SUSE Linux Enterprise 12 by Gábor Nyers
Full system roll-back and systemd in SUSE Linux Enterprise 12Full system roll-back and systemd in SUSE Linux Enterprise 12
Full system roll-back and systemd in SUSE Linux Enterprise 12
Gábor Nyers5.1K views
Linux architecture by mcganesh
Linux architectureLinux architecture
Linux architecture
mcganesh49.8K views
Red hat enterprise linux 7 (rhel 7) by Ramola Dhande
Red hat enterprise linux 7 (rhel 7)Red hat enterprise linux 7 (rhel 7)
Red hat enterprise linux 7 (rhel 7)
Ramola Dhande10.5K views
RedHat Linux by Apo
RedHat LinuxRedHat Linux
RedHat Linux
Apo31.8K views
[오픈소스컨설팅]systemd on RHEL7 by Ji-Woong Choi
[오픈소스컨설팅]systemd on RHEL7[오픈소스컨설팅]systemd on RHEL7
[오픈소스컨설팅]systemd on RHEL7
Ji-Woong Choi4.6K views
Introduction to Red Hat by Albert Wong
Introduction to Red HatIntroduction to Red Hat
Introduction to Red Hat
Albert Wong9.9K views

Similar to Getting the maximum out of systemd

Diving Into Puppet Providers Development: The Puppet-Corosync Module by
Diving Into Puppet Providers Development: The Puppet-Corosync ModuleDiving Into Puppet Providers Development: The Puppet-Corosync Module
Diving Into Puppet Providers Development: The Puppet-Corosync ModuleJulien Pivotto
2.1K views82 slides
Pinto+Stratopan+Love by
Pinto+Stratopan+LovePinto+Stratopan+Love
Pinto+Stratopan+LoveJeffrey Ryan Thalhammer
1.1K views115 slides
Introduction to Gitlab by
Introduction to GitlabIntroduction to Gitlab
Introduction to GitlabJulien Pivotto
20.7K views22 slides
Dive into Puppet 4 by
Dive into Puppet 4Dive into Puppet 4
Dive into Puppet 4Julien Pivotto
2.7K views84 slides
Repositories as Code by
Repositories as CodeRepositories as Code
Repositories as CodeKris Buytaert
642 views34 slides
apidays Australia - Building On-Premise Hybrid API Platforms, David Freeman, ... by
apidays Australia - Building On-Premise Hybrid API Platforms, David Freeman, ...apidays Australia - Building On-Premise Hybrid API Platforms, David Freeman, ...
apidays Australia - Building On-Premise Hybrid API Platforms, David Freeman, ...apidays
18 views27 slides

Similar to Getting the maximum out of systemd(20)

Diving Into Puppet Providers Development: The Puppet-Corosync Module by Julien Pivotto
Diving Into Puppet Providers Development: The Puppet-Corosync ModuleDiving Into Puppet Providers Development: The Puppet-Corosync Module
Diving Into Puppet Providers Development: The Puppet-Corosync Module
Julien Pivotto2.1K views
Introduction to Gitlab by Julien Pivotto
Introduction to GitlabIntroduction to Gitlab
Introduction to Gitlab
Julien Pivotto20.7K views
apidays Australia - Building On-Premise Hybrid API Platforms, David Freeman, ... by apidays
apidays Australia - Building On-Premise Hybrid API Platforms, David Freeman, ...apidays Australia - Building On-Premise Hybrid API Platforms, David Freeman, ...
apidays Australia - Building On-Premise Hybrid API Platforms, David Freeman, ...
apidays18 views
Automating MySQL operations with Puppet by Kris Buytaert
Automating MySQL operations with PuppetAutomating MySQL operations with Puppet
Automating MySQL operations with Puppet
Kris Buytaert1.8K views
Icinga Camp Amsterdam - Infrastructure as Code by Icinga
Icinga Camp Amsterdam - Infrastructure as CodeIcinga Camp Amsterdam - Infrastructure as Code
Icinga Camp Amsterdam - Infrastructure as Code
Icinga3.3K views
On the Importance of Infrastructure as Code by Kris Buytaert
On the Importance of Infrastructure as CodeOn the Importance of Infrastructure as Code
On the Importance of Infrastructure as Code
Kris Buytaert1.8K views
Continous Delivery of your Infrastructure by Kris Buytaert
Continous Delivery of your InfrastructureContinous Delivery of your Infrastructure
Continous Delivery of your Infrastructure
Kris Buytaert857 views
Sail In The Cloud by Alex Soto
Sail In The CloudSail In The Cloud
Sail In The Cloud
Alex Soto454 views
Using Liferay Portal with LDAP and Single sign-on by Firelay
Using Liferay Portal with LDAP and Single sign-onUsing Liferay Portal with LDAP and Single sign-on
Using Liferay Portal with LDAP and Single sign-on
Firelay7.9K views
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony Apps by Pablo Godel
Symfony Live NYC 2014 -  Rock Solid Deployment of Symfony AppsSymfony Live NYC 2014 -  Rock Solid Deployment of Symfony Apps
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony Apps
Pablo Godel2.6K views
Intro to WordPress Plugins by zamoose
Intro to WordPress PluginsIntro to WordPress Plugins
Intro to WordPress Plugins
zamoose2.6K views
Escape the defaults - Configure Sling like AEM as a Cloud Service by Robert Munteanu
Escape the defaults - Configure Sling like AEM as a Cloud ServiceEscape the defaults - Configure Sling like AEM as a Cloud Service
Escape the defaults - Configure Sling like AEM as a Cloud Service
Robert Munteanu223 views
Introducing Oracle Linux and Securing It With ksplice by LF Events
Introducing Oracle Linux and Securing It With kspliceIntroducing Oracle Linux and Securing It With ksplice
Introducing Oracle Linux and Securing It With ksplice
LF Events759 views
Onsi Fakhouri at SpringOne Platform 2017 by VMware Tanzu
Onsi Fakhouri at SpringOne Platform 2017Onsi Fakhouri at SpringOne Platform 2017
Onsi Fakhouri at SpringOne Platform 2017
VMware Tanzu562 views

More from Julien Pivotto

The O11y Toolkit by
The O11y ToolkitThe O11y Toolkit
The O11y ToolkitJulien Pivotto
38 views24 slides
What's New in Prometheus and Its Ecosystem by
What's New in Prometheus and Its EcosystemWhat's New in Prometheus and Its Ecosystem
What's New in Prometheus and Its EcosystemJulien Pivotto
12 views42 slides
Prometheus: What is is, what is new, what is coming by
Prometheus: What is is, what is new, what is comingPrometheus: What is is, what is new, what is coming
Prometheus: What is is, what is new, what is comingJulien Pivotto
43 views27 slides
What's new in Prometheus? by
What's new in Prometheus?What's new in Prometheus?
What's new in Prometheus?Julien Pivotto
15 views10 slides
Introduction to Grafana Loki by
Introduction to Grafana LokiIntroduction to Grafana Loki
Introduction to Grafana LokiJulien Pivotto
200 views11 slides
Why you should revisit mgmt by
Why you should revisit mgmtWhy you should revisit mgmt
Why you should revisit mgmtJulien Pivotto
10 views46 slides

More from Julien Pivotto(20)

What's New in Prometheus and Its Ecosystem by Julien Pivotto
What's New in Prometheus and Its EcosystemWhat's New in Prometheus and Its Ecosystem
What's New in Prometheus and Its Ecosystem
Julien Pivotto12 views
Prometheus: What is is, what is new, what is coming by Julien Pivotto
Prometheus: What is is, what is new, what is comingPrometheus: What is is, what is new, what is coming
Prometheus: What is is, what is new, what is coming
Julien Pivotto43 views
Introduction to Grafana Loki by Julien Pivotto
Introduction to Grafana LokiIntroduction to Grafana Loki
Introduction to Grafana Loki
Julien Pivotto200 views
Observing the HashiCorp Ecosystem From Prometheus by Julien Pivotto
Observing the HashiCorp Ecosystem From PrometheusObserving the HashiCorp Ecosystem From Prometheus
Observing the HashiCorp Ecosystem From Prometheus
Julien Pivotto37 views
Monitoring in a fast-changing world with Prometheus by Julien Pivotto
Monitoring in a fast-changing world with PrometheusMonitoring in a fast-changing world with Prometheus
Monitoring in a fast-changing world with Prometheus
Julien Pivotto33 views
5 tips for Prometheus Service Discovery by Julien Pivotto
5 tips for Prometheus Service Discovery5 tips for Prometheus Service Discovery
5 tips for Prometheus Service Discovery
Julien Pivotto38 views
Prometheus and TLS - an Introduction by Julien Pivotto
Prometheus and TLS - an IntroductionPrometheus and TLS - an Introduction
Prometheus and TLS - an Introduction
Julien Pivotto15 views
HAProxy as Egress Controller by Julien Pivotto
HAProxy as Egress ControllerHAProxy as Egress Controller
HAProxy as Egress Controller
Julien Pivotto2.9K views
Improved alerting with Prometheus and Alertmanager by Julien Pivotto
Improved alerting with Prometheus and AlertmanagerImproved alerting with Prometheus and Alertmanager
Improved alerting with Prometheus and Alertmanager
Julien Pivotto4.5K views
SIngle Sign On with Keycloak by Julien Pivotto
SIngle Sign On with KeycloakSIngle Sign On with Keycloak
SIngle Sign On with Keycloak
Julien Pivotto10K views
Monitoring as an entry point for collaboration by Julien Pivotto
Monitoring as an entry point for collaborationMonitoring as an entry point for collaboration
Monitoring as an entry point for collaboration
Julien Pivotto1.3K views
Monitor your CentOS stack with Prometheus by Julien Pivotto
Monitor your CentOS stack with PrometheusMonitor your CentOS stack with Prometheus
Monitor your CentOS stack with Prometheus
Julien Pivotto712 views
Monitor your CentOS stack with Prometheus by Julien Pivotto
Monitor your CentOS stack with PrometheusMonitor your CentOS stack with Prometheus
Monitor your CentOS stack with Prometheus
Julien Pivotto704 views

Recently uploaded

Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ... by
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...ShapeBlue
186 views15 slides
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue by
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueVNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueShapeBlue
203 views54 slides
Digital Personal Data Protection (DPDP) Practical Approach For CISOs by
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
158 views59 slides
KVM Security Groups Under the Hood - Wido den Hollander - Your.Online by
KVM Security Groups Under the Hood - Wido den Hollander - Your.OnlineKVM Security Groups Under the Hood - Wido den Hollander - Your.Online
KVM Security Groups Under the Hood - Wido den Hollander - Your.OnlineShapeBlue
221 views19 slides
State of the Union - Rohit Yadav - Apache CloudStack by
State of the Union - Rohit Yadav - Apache CloudStackState of the Union - Rohit Yadav - Apache CloudStack
State of the Union - Rohit Yadav - Apache CloudStackShapeBlue
297 views53 slides
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti... by
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...ShapeBlue
139 views29 slides

Recently uploaded(20)

Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ... by ShapeBlue
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
ShapeBlue186 views
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue by ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueVNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
ShapeBlue203 views
Digital Personal Data Protection (DPDP) Practical Approach For CISOs by Priyanka Aash
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Priyanka Aash158 views
KVM Security Groups Under the Hood - Wido den Hollander - Your.Online by ShapeBlue
KVM Security Groups Under the Hood - Wido den Hollander - Your.OnlineKVM Security Groups Under the Hood - Wido den Hollander - Your.Online
KVM Security Groups Under the Hood - Wido den Hollander - Your.Online
ShapeBlue221 views
State of the Union - Rohit Yadav - Apache CloudStack by ShapeBlue
State of the Union - Rohit Yadav - Apache CloudStackState of the Union - Rohit Yadav - Apache CloudStack
State of the Union - Rohit Yadav - Apache CloudStack
ShapeBlue297 views
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti... by ShapeBlue
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
ShapeBlue139 views
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ... by ShapeBlue
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...
ShapeBlue184 views
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit... by ShapeBlue
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...
ShapeBlue159 views
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R... by ShapeBlue
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...
ShapeBlue173 views
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue by ShapeBlue
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue
ShapeBlue147 views
Webinar : Desperately Seeking Transformation - Part 2: Insights from leading... by The Digital Insurer
Webinar : Desperately Seeking Transformation - Part 2:  Insights from leading...Webinar : Desperately Seeking Transformation - Part 2:  Insights from leading...
Webinar : Desperately Seeking Transformation - Part 2: Insights from leading...
Why and How CloudStack at weSystems - Stephan Bienek - weSystems by ShapeBlue
Why and How CloudStack at weSystems - Stephan Bienek - weSystemsWhy and How CloudStack at weSystems - Stephan Bienek - weSystems
Why and How CloudStack at weSystems - Stephan Bienek - weSystems
ShapeBlue238 views
The Role of Patterns in the Era of Large Language Models by Yunyao Li
The Role of Patterns in the Era of Large Language ModelsThe Role of Patterns in the Era of Large Language Models
The Role of Patterns in the Era of Large Language Models
Yunyao Li85 views
NTGapps NTG LowCode Platform by Mustafa Kuğu
NTGapps NTG LowCode Platform NTGapps NTG LowCode Platform
NTGapps NTG LowCode Platform
Mustafa Kuğu423 views
What’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlue by ShapeBlue
What’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlueWhat’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlue
What’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlue
ShapeBlue263 views
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N... by James Anderson
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...
James Anderson160 views
Confidence in CloudStack - Aron Wagner, Nathan Gleason - Americ by ShapeBlue
Confidence in CloudStack - Aron Wagner, Nathan Gleason - AmericConfidence in CloudStack - Aron Wagner, Nathan Gleason - Americ
Confidence in CloudStack - Aron Wagner, Nathan Gleason - Americ
ShapeBlue130 views
"Surviving highload with Node.js", Andrii Shumada by Fwdays
"Surviving highload with Node.js", Andrii Shumada "Surviving highload with Node.js", Andrii Shumada
"Surviving highload with Node.js", Andrii Shumada
Fwdays56 views

Getting the maximum out of systemd

  • 1. Getting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemd Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto FLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring Conference March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016
  • 2. whoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoami Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto • Sysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.eu • FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004 • systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010 EEEEEEEEEEEEEEEEExherbo Linux • DevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believer • @roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie on irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/github
  • 4. systemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemd • AAAAAAAAAAAAAAAAAn init system • IIIIIIIIIIIIIIIIImprove the Linux init process • SSSSSSSSSSSSSSSSStarting more in parallel • MMMMMMMMMMMMMMMMMaking better decisions • TTTTTTTTTTTTTTTTTakes advantages of Linux features
  • 5. systemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoptionsystemd adoption • 22222222222222222011: Fedora, Exherbo • 22222222222222222012: Mageia, openSUSE, Arch Linux • 22222222222222222013: CoreOS • 22222222222222222014: RHEL, CentOS • 22222222222222222015: Ubuntu, Debian
  • 7. Talk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibilityTalk compatibility • CCCCCCCCCCCCCCCCContent of this talk runs on CentOS 7.2 • sssssssssssssssssystemd 219 • SSSSSSSSSSSSSSSSShould work on any other distro
  • 8. UnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnitsUnits Licensed under a Creative Commons Attribution 2.0 License https://www.flickr.com/photos/dbackmansfo/10939296845
  • 9. systemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd unitssystemd units • BBBBBBBBBBBBBBBBBase bricks of systemd systems • OOOOOOOOOOOOOOOOOne unit = one resource • mmmmmmmmmmmmmmmmmountpoint, service, device, timer, socket, …
  • 10. • nnnnnnnnnnnnnnnnnetwork.target • mmmmmmmmmmmmmmmmmariadb.service • ssssssssssssssssshaarli.socket • pppppppppppppppppuppet-run.timer • hhhhhhhhhhhhhhhhhome.mount • sssssssssssssssssession-1.scope
  • 11. Unit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configurationUnit configuration • IIIIIIIIIIIIIIIIIni-style text files • LLLLLLLLLLLLLLLLList: systemctl list-units --all • RRRRRRRRRRRRRRRRRead: systemctl cat
  • 12. Unit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit exampleUnit example [Unit] Description=nscd [Service] Type=forking PIDFile=/run/nscd/nscd.pid ExecStart=/usr/host/bin/nscd ExecStop=/usr/host/bin/nscd −−shutdown [Install] WantedBy=multi−user.target
  • 14. Here is the rule: Packaged files go in /usr/lib. Humans (or Config management tools) override in /etc.
  • 15. Overriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding unitsOverriding units Licensed under a Creative Commons Attribution 2.0 License https://www.flickr.com/photos/alovesdc/3468924493
  • 16. Overriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: whyOverriding units: why • AAAAAAAAAAAAAAAAAdd/Remove/Change parameters • AAAAAAAAAAAAAAAAAdapt them to your needs • SSSSSSSSSSSSSSSSSet ulimits, user, … • FFFFFFFFFFFFFFFFFix bugs
  • 17. Changing services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemd • RRRRRRRRRRRRRRRRReplace /etc/init.d scripts • /////////////////etc/default, /etc/sysconfig • SSSSSSSSSSSSSSSSSpaghetti code
  • 18. Overriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemd • OOOOOOOOOOOOOOOOOverride completely a unit • JJJJJJJJJJJJJJJJJust add/change one parameter • """""""""""""""""Patch" vendor units
  • 19. Complete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete overrideComplete override # /etc/systemd/system/openvpn.service [Unit] Description=OpenVPN After=syslog.target [Service] ExecStart=/usr/host/bin/openvpn −−syslog −−writepid /run /openvpn.pid −−cd /etc/openvpn −−config /etc/openvpn/ openvpn.conf [Install] WantedBy=multi−user.target
  • 20. Advantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overrides • IIIIIIIIIIIIIIIIIn /etc/systemd/system • DDDDDDDDDDDDDDDDDo not conflict with packages • OOOOOOOOOOOOOOOOOverride everything, even dependencies • NNNNNNNNNNNNNNNNNot only for overrides: if you have unpackaged units, put them there
  • 21. Partial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial overridePartial override # /etc/systemd/system/mariadb.service.d/niceness.conf [service] Nice=5
  • 22. Advantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overrides • IIIIIIIIIIIIIIIIIn /etc/systemd/system/$Unit name.d/*.conf • DDDDDDDDDDDDDDDDDo not conflict with packages • OOOOOOOOOOOOOOOOOverride only what is needed • AAAAAAAAAAAAAAAAAdapt while still accept upstream work • NNNNNNNNNNNNNNNNNo need to adapt at each upgrade • WWWWWWWWWWWWWWWWWorks for everything (not only services)
  • 23. The price of that flexibility: systemctl daemon-reload
  • 24. Verify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unit systemctl cat mariadb.service # /usr/x86_64−pc−linux−gnu/lib/systemd/system/mariadb. service [Unit] Description=MySQL database server After=syslog.target After=network.target [Service] User=mysql Group=mysql ExecStart=/usr/sbin/mysqld −−defaults−file=/etc/mysql/my .cnf −−basedir=/usr −−datadir=/var/lib/mysql # /etc/systemd/system/mariadb.service.d/nice.conf [service] Nice=5
  • 25. Instantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated units • UUUUUUUUUUUUUUUUUnits cat take @ in the name • ooooooooooooooooopenvpn@inuits.service • OOOOOOOOOOOOOOOOOn-disk: openvpn@.service • IIIIIIIIIIIIIIIIIn the file: %i will be "inuits" • %%%%%%%%%%%%%%%%%p will be "openvpn"
  • 26. Instantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit example [Unit] Description=OpenVPN daemon %i After=syslog.target [Service] ExecStart=/usr/host/bin/openvpn −−writepid /run/openvpn .%i.pid −−cd /etc/openvpn −−config /etc/openvpn/%i. conf PIDFile=/run/openvpn.%i.pid
  • 27. Controlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling unitsControlling units • sssssssssssssssssystemctl start mariadb.service • sssssssssssssssssystemctl status /dev/sda • sssssssssssssssssystemctl stop openvpn@*.service • sssssssssssssssssystemctl kill openvpn • sssssssssssssssssystemctl kill -s SIGKILL openvpn.service • sssssssssssssssssystemctl is-active runlevel1.target • sssssssssssssssssystemctl is-failed puppet-run.service • sssssssssssssssssystemctl is-failed puppet-run.service • sssssssssssssssssystemctl help mariadb.service
  • 28. Enabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a service • sssssssssssssssssystemctl disable mariadb.service • WWWWWWWWWWWWWWWWWill disable the service • PPPPPPPPPPPPPPPPPrevent it to start automatically
  • 29. MaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMaskingMasking • sssssssssssssssssystemctl mask mariadb.service • sssssssssssssssssystemctl mask --force mariadb.service • llllllllllllllllln -s /dev/null /etc/systemd/system/mariadb.service • PPPPPPPPPPPPPPPPPrevents a unit to start • BBBBBBBBBBBBBBBBBetter than "disabling" • PPPPPPPPPPPPPPPPPrevent units to be launched by hand or systemd
  • 30. ServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServicesServices Licensed under a Creative Commons Attribution ShareAlike 2.0 License https://www.flickr.com/photos/nojhan/754257252
  • 31. ServiceServiceServiceServiceServiceServiceServiceServiceServiceServiceServiceServiceServiceServiceServiceServiceService • AAAAAAAAAAAAAAAAAn important part of the units • UUUUUUUUUUUUUUUUUses cgroups to track processes • [[[[[[[[[[[[[[[[[Service] section inside units
  • 32. What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service? • TTTTTTTTTTTTTTTTThe command(s) to run • MMMMMMMMMMMMMMMMMost of them can fork or stay in foreground • sssssssssssssssssystemd can manage both
  • 33. Type=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simpleType=simple • UUUUUUUUUUUUUUUUUsecase: the service stays in foreground • sssssssssssssssssystemd will track the process • IIIIIIIIIIIIIIIIIt will take care of running it "in the background"
  • 35. Type=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshotType=oneshot • UUUUUUUUUUUUUUUUUsecase: A command to run • eeeeeeeeeeeeeeeee.g: puppet agent --test • IIIIIIIIIIIIIIIIInteresting options: RemainAfterExit=, SuccessExitStatus= • RRRRRRRRRRRRRRRRReliable way to run commands • CCCCCCCCCCCCCCCCCan have all the services properties
  • 36. Other propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther propertiesOther properties • EEEEEEEEEEEEEEEEExecStart= ExecStop= • EEEEEEEEEEEEEEEEExecStartPre= ExecStartPost= • EEEEEEEEEEEEEEEEExecReload= • TTTTTTTTTTTTTTTTTimeoutStartSec= TimeoutSec= • RRRRRRRRRRRRRRRRRuntimeMaxSec= • RRRRRRRRRRRRRRRRRestart=on-failure
  • 37. ExecsExecsExecsExecsExecsExecsExecsExecsExecsExecsExecsExecsExecsExecsExecsExecsExecs Licensed under a Creative Commons Attribution 2.0 License https://www.flickr.com/photos/daveynin/3657852579/
  • 38. execsexecsexecsexecsexecsexecsexecsexecsexecsexecsexecsexecsexecsexecsexecsexecsexecs • AAAAAAAAAAAAAAAAA set of properties to configure an exec environment • UUUUUUUUUUUUUUUUUsed in services, mounts, swap, socket units • DDDDDDDDDDDDDDDDDeterministic environment for processes
  • 39. Classic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic propertiesClassic properties • UUUUUUUUUUUUUUUUUser= Group= • NNNNNNNNNNNNNNNNNice= • OOOOOOOOOOOOOOOOOOMScoreAdjust= • LLLLLLLLLLLLLLLLLimitNOFILE= • EEEEEEEEEEEEEEEEEnvironment= EnvironmentFile=
  • 41. DependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependenciesDependencies • RRRRRRRRRRRRRRRRRequires= • WWWWWWWWWWWWWWWWWants= • AAAAAAAAAAAAAAAAAfter= Before= • AAAAAAAAAAAAAAAAAny unit can depent on any unit • AAAAAAAAAAAAAAAAA service can require a mountpoint • AAAAAAAAAAAAAAAAA moutpoint can require a target
  • 42. Problems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solved • RRRRRRRRRRRRRRRRRun service as a different user • JJJJJJJJJJJJJJJJJava Service Wrapper • GGGGGGGGGGGGGGGGGo Service Wrapper • YYYYYYYYYYYYYYYYYou can still use custom scripts
  • 44. temp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp files • /////////////////etc/tmpfiles.d/*.conf • /////////////////run/tmpfiles.d/*.conf • /////////////////usr/lib/tmpfiles.d/*.conf
  • 45. temp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp files • sssssssssssssssssystemd will create, and cleanup temporary files • YYYYYYYYYYYYYYYYYou can assign files, directories to specific users • IIIIIIIIIIIIIIIIIt will decide when to delete them • WWWWWWWWWWWWWWWWWhen you change the files, run systemd-tmpfiles --create
  • 47. mountmountmountmountmountmountmountmountmountmountmountmountmountmountmountmountmount • mmmmmmmmmmmmmmmmmounts are units • sssssssssssssssssystemd parses /etc/fstab • sssssssssssssssssystemd creates dependencies
  • 48. systemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab optionssystemd /etc/fstab options • xxxxxxxxxxxxxxxxx-systemd.automount • nnnnnnnnnnnnnnnnnofail • aaaaaaaaaaaaaaaaauto noauto
  • 52. systemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integrationsystemctl integration • sssssssssssssssssystemctl status shows the latest logs • sssssssssssssssssystemctl status -n 100 • sssssssssssssssssystemctl status -l
  • 53. Enabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journaldEnabling journald • BBBBBBBBBBBBBBBBBy default (el7), hybrid mode (not persistent) • MMMMMMMMMMMMMMMMMake it persistent: mkdir -p /var/log/journal
  • 54. Reading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logs • fffffffffffffffffollow: journalctl -f • lllllllllllllllllast lines: journalctl -n 100 • fffffffffffffffffrom a unit: journalctl -u puppet-run.service • ooooooooooooooooonly this boot: journalctl -b • ooooooooooooooooonly this process: journalctl /opt/puppetlabs/puppet/bin/ruby
  • 55. Logs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs example − Logs begin at Mon 2016−03−14 18:30:28 CET, end at Tue 2016 Mar 14 18:30:28 fqdn systemd−journal[137]: Runtime journ Mar 14 18:30:28 fqdn systemd−journal[137]: Runtime journ Mar 14 18:30:28 fqdn kernel: Initializing cgroup subsys Mar 14 18:30:28 fqdn kernel: Initializing cgroup subsys Mar 14 18:30:28 fqdn kernel: Initializing cgroup subsys Mar 14 18:30:28 fqdn kernel: Linux version 3.10.0−327.10 Mar 14 18:30:28 fqdn kernel: Command line: BOOT_IMAGE=/b Mar 14 18:30:28 fqdn kernel: e820: BIOS−provided physica Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x000000000 Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x000000000 Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x000000000 Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x000000000 Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x00000000b Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x00000000f Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x00000000f Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x000000010
  • 56. timerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimers Licensed under a Creative Commons Attribution 2.0 License https://www.flickr.com/photos/modomatic/2538687135
  • 57. Traditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cronTraditional cron AMQP_BROKER_HOST =10.1.40.19 MAILTO="sysadmin@example.com" ORACLE_HOME="/opt/example/part/python−oracle" PG_HOSTNAME ="10.1.30.10" PG_NAME="example" WS_URL=https://prod.example.com/ws/input LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/opt/example/lib" CUPS_HOSTNAME ="10.1.40.1" LOGGING_HOST ="10.0.50.16" LOGGING_PORT="5544" 0 * * * * /opt/example/bin/cron−hourly 30 times.
  • 58. What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong?What's wrong? • NNNNNNNNNNNNNNNNNo one reads those mails • DDDDDDDDDDDDDDDDDo not keep track of exit code • HHHHHHHHHHHHHHHHHard to read that crontab • HHHHHHHHHHHHHHHHHow to reproduce the script?
  • 59. timerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimerstimers • UUUUUUUUUUUUUUUUUnits that are used to launch a service unit • SSSSSSSSSSSSSSSSSupports some cron features and anacron • AAAAAAAAAAAAAAAAAllows you to launch commands in a controlled environment
  • 60. timers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs cron • NNNNNNNNNNNNNNNNNo built-in emails function • CCCCCCCCCCCCCCCCCron is more simple (one line to one file vs 2 units) • TTTTTTTTTTTTTTTTTimers uses services, so predictible env • YYYYYYYYYYYYYYYYYou can run independently the service unit • TTTTTTTTTTTTTTTTTimers logs are in systemd
  • 61. Timers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers exampleTimers example # /etc/systemd/system/puppet−run.timer [Unit] Description=Systemd Timer for Puppet Agent [Timer] OnCalendar=*−*−* *:0,30:00 Persistent=true [Install] WantedBy=timers.target
  • 62. What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when?What, when? • sssssssssssssssssystemctl list-timers • LLLLLLLLLLLLLLLLLast run time • NNNNNNNNNNNNNNNNNext run time • SSSSSSSSSSSSSSSSService unit
  • 63. Socket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activation Licensed under a Creative Commons Attribution 2.0 License https://www.flickr.com/photos/alikai/1376760481
  • 64. Socket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activation • GGGGGGGGGGGGGGGGGoal: start a service when needed • sssssssssssssssssystemd will open a socket • SSSSSSSSSSSSSSSSStart the service at first connection • pppppppppppppppppass the socket to the service
  • 65. socket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unitsocket unit # /etc/systemd/system/proxy−to−shaarli.socket [Unit] Description=Shaarli Proxy [Socket] ListenStream =127.0.0.1:43000 [Install] WantedBy=default.target
  • 66. systemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unit [Unit] Requires=shaarli.service After=shaarli.service JoinsNamespaceOf=shaarli.service [Service] ExecStart=/usr/lib/systemd/systemd−socket−proxyd 127.0.0.1:43001
  • 67. Actual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unit [Unit] Description=Shaarli [Service] WorkingDirectory=/opt/Shaarli/dev ExecStart=/usr/bin/php −S 127.0.0.1:43001 ExecStartPost=/bin/sleep 0.1 User=shaarli Group=shaarli [Install] WantedBy=default.target
  • 68. Side commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commands Licensed under a Creative Commons Attribution ShareAlike 2.0 License https://www.flickr.com/photos/archer10/3029638204/
  • 69. systemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commands • sssssssssssssssssystemd-cgls: Show the cgroups hierarchy • sssssssssssssssssystemd-analyze blame: Shows the startup time • sssssssssssssssssystemd-nspawn: Containers • sssssssssssssssssystemd-run: run a command like if it was a service unit
  • 71. system settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settingssystem settings • tttttttttttttttttimedatectl: manage/show current datetime, timezome, DST change • lllllllllllllllllocatectl: locale/keyboard changes • mmmmmmmmmmmmmmmmmachinectl: containers/vms management • hhhhhhhhhhhhhhhhhostnamectl: change/view system hostname and os info
  • 73. systemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemd • AAAAAAAAAAAAAAAAAvailable in all modern distros • BBBBBBBBBBBBBBBBBy default in almost all of them • MMMMMMMMMMMMMMMMMakes a lot for standardization • RRRRRRRRRRRRRRRRRemoves "Distro" lock-in, Adds "Linux" lock-in • IIIIIIIIIIIIIIIIIt did more for standardization than LFS
  • 74. systemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemdsystemd • PPPPPPPPPPPPPPPPPowerful tools, easily configured • RRRRRRRRRRRRRRRRReadable configuration • TTTTTTTTTTTTTTTTTakes advantage of Linux-specific mechanisms • RRRRRRRRRRRRRRRRRemoves the need for a lot of workarounds
  • 75. ContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContactContact Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto julien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eujulien@inuits.eu @roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie inuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuitsinuits https://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.euhttps://inuits.eu info@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.euinfo@inuits.eu +32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636+32 473 441 636