Beruflich Dokumente
Kultur Dokumente
Features:
1. System && Service Manager - freedesktop.org/wiki/Software/systemd
a. System
a1. system initialization
a2. power state of machine: up, down, suspended, hybrid, etc.
b. Service Manager
b1. User-space management of daemons (services)
b2. Management of other system units: devices, daemons, sockets, d-bus, etc.
NOTE: 'systemd' is an all-encompassing system manager for Linux which stands in
stark contrast to typicaly, conventional Unix | Linux philosophy of simplicity o
f various services, executables, functions, etc.
2. 'systemd' is NOT for other *Nixes - exclusively a Linux management framework
a. Some portability is lost, however, many Linux-specific features are gained
3. New INIT system - Most major distros now use: 'systemd': i.e. Debian, RedHat
and SuSE, and eventually: Ubuntu
4. Provides comprehensive unit management: (services(daemons), devices, paths,
etc.)
a. Abstraction of ALL important objects on a Linux system: i.e. hard drive, se
rvice, mount points, etc.
5. Replaces 'upstart' (RedHat, etc.) && 'SysV INIT'
6. Provides faster boot times due to a variety of features:
a. Sockets are created by 'systemd' prior to daemon-invocation: similar to OSX
's 'launchd'
b. i.e. D-Bus requests are queued until the service is ready
7. Manages various facets via 'unit' files (units):
a. Unit files tend to end with a suffix that matches the paricular object type
: i.e. '.service'
b. '.service'(daemons), '.mount'(/etc/fstab), etc., '.path', '.device', '.sock
et', '.target'(run-level), '.snapshot', '.timer'(cron), etc.
8. NOTE: '.service' units replace SysV-style INIT scripts
9. SysV and LSB Init-scripts compatible
NOTE: Don't worry if your program does NOT have a '.service' 'systemd' object fi
le, it's SysV file will be read and processed
10. Service management via: 'systemctl': status | start | stop | restart | enabl
e | disable
11. LOG of start | stop of daemons - includes: PID and Timestamp - audit trail o
f service history
12. Runlevel control - 'targets' REPLACE Runlevels (0(poweroff|shutdown), 1(resc
ue|emergency), 2|3(multi-user), 5(graphical), 6(reboot)
13. State control: emergency, rescue, poweroff, restart, hibernation, suspension
14. 'systemd' units - encapsulation of services, sockets, system state snapshots
, targets, etc.
15. Device-based activation - i.e. hot-plugged device activates corresponding se
rvice(s)
16. Complete LOGs from startup -> shutdown: interim LOGs are buffered to 'kmsg'
LOG then flushed to: /dev/log
17. Parallelization of service invocation at startup significantly expedites sys
tem startup
NOTE: The system may come up much quicker, but services may take longer to be 'r
eady'
18. Management of 'Control Groups' (Kernel features: Hierarchy of labeled proces
ses): '/sys/fs/cgroups'
NOTE: This makes it possible to properly manage parent-child(ren) processes
19. Mount || Automount management
20. Service do NOT inherit environment: $PATH && HOME from current $USER - more
secure
21. Remote invocation/management of remote systems using 'systemctl' via: '-H HO
ST' - relies on passwordless-AUTH(SSH)
NOTE: This, again, is NOT possible with current: SysV environment
22. 'systemd' provides userspace MUCH quicker because of various tricks
23. On-demand (event-drivent) invocation of services: i.e. TTYs (agetty)
# Boot Process #
BIOS -> GRUB -> Kernel/INITRD -> 'init'(PID=1) -> User Space
BIOS -> GRUB -> Kernel/INITRD -> 'systemd'(PID=1) -> User Space (quicker)
Tasks:
1. Evaluate various startup with 'systemd' times, etc.
NOTE: 'tty1' is always spawned regardless of targets: 'multi-user' || 'graphical
'
NOTE: In contrast to typical 'sysvinit' startups, 'systemd' does NOT auto-spawn
ALL TTYs
NOTE: TTYs are spaned on-demand - event-driven(CTRL-ALT-F(NUM))
2. What about 'init'?
a. '/usr/sbin/init -> ../lib/systemd/systemd' - pointer to: 'systemd'
3. What about 'init' runlevels (0..6)
NOTE: Still there, and loosely equivalent to 'systemd' targets
a. 'init 6' - reboots -> 'systemctl reboot'
NOTE: You may still pass 'init' runlevel values on Kernel command line: i.e. '1'
4. Change Boot Targets using 'systemd' notation (targets)
a. 'systemd.unit=TARGET' - i.e. 'multi.user.target'(2|3) || 'rescue.target'(1)
|| 'emergency.target'(1) || 'graphical.target'(5)
NOTE: Old 'sysvinit' runlevel numbers are STILL supported
# Targets ~ RunLevels #
Fetures:
1. Run-Level control ~ (0..6) - replaces these SysV INIT runlevels
Various Targets:
RunLevel Target
0 (poweroff|shutdown).target
1 (emergency|rescue).target
2-4 (multi-user.target) - sans graphics
5 (graphical.target)
6 (reboot.target)
Tasks:
1. Show the currently loaded targets:
a. 'systemctl -t target'
b. 'systemctl show -p "Requires" graphical.target'
2. Show the DEFAULT target
a. 'systemctl get-default'
3. Navigate Targets: i.e. 'init N(0..6)'
a. 'systemctl isolate TARGET'
NOTE: TTY6 may become your goto TTY when alternating between targets
4. Change Default Target on ALL systems to be 'multi-user.target'
a. 'systemctl get-default' && 'systemctl set-default TARGET'
NOTE: 'init NUM' - still works to achieve the various targets
# 'systemctl' #
Features:
1. Primary management tool for: 'systemd'
2. Replaces various power management commands:
a. 'halt'
b. 'reboot'
c. 'poweroff'
d. 'hibernate'
e. etc.
Tasks:
1. Reboot | Poweroff
a. 'systemctl [--no-wall] reboot [-i]' || 'reboot'(symlinked to: systemctl)'
b. 'systemctl "" poweroff '
c. 'systemctl "" suspend' - dumps state to RAM (faster recovery than 'hibernam
e') (does not persist across power outages on HOST)
NOTE: 'suspend' requires the HOST system to be on in order to preserve the conte
nts of the suspended state
NOTE: Resumption occurs quickly and often will NOT break active SSH sessions
d. 'systemctl "" hibernate' - dumps the state to disk (persists across power o
utages)
2. Service Management with: 'systemctl'
a. 'systemctl [list-units]' - dumps ALL managed units: services, devices, path
s, mounts, sockets, targets, etc.
b. 'systemctl list-sockets' - lists loaded sockets, ordered by address
c. 'systemctl --failed' - lists failed units
d. 'systemctl status [NAME...||[PID...] ] - show runtime stats of unit(s)
d1. 'systemctl ssh apache2' - enumerates status of both services
NOTE: Status returns current status and recent LOG details
e. 'systemctl show [NAME...||[PID...] ] - show runtime stats of unit(s)' - rev
eals properties of the unit(s)
f. 'systemctl --type service' - lists services
f1. 'systemctl --type service | grep tty' - enumerates currently-loaded TTYs
g. 'systemctl --type device' - lists devices
h. 'systemctl --type socket' - lists sockets
3. Manage Service
a. 'systemctl status (apache2|httpd)'
b. 'systemctl (start|stop|reload|restart) (apache2|httpd)'
c. 'systemctl kill (apache2|httpd)'
4. Disable | Enable Services
a. 'systemctl disable (apache2|httpd) && systemctl reboot' - confirm
b. 'systemctl enable (apache2|httpd) '
NOTE: You may still start a disabled service | daemon
# Remote Control #
Features:
1. Execute systemd-related commands on remote targets
2. Provided utilities support the remote option: '-H TARGET'
3. Requires SSH Passwordless-AUTH setup to avoid prompts per invocation
NOTE: For basic, non-privileged tasks using 'systemctl', setup passwordless-AUTH
as non-privileged
i.e. 'linuxcbt' -> 'linuxcbt'(remote target)
Tasks:
1. 'systemctl -H 192.168.75.121' - auto-paginates output received from target
NOTE: Sometimes, output from remote calls is truncated
2. Setup passwordless-AUTH on target systems
a. 'ssh-keygen' - generate a keypair
b. 'ssy-copy-id TARGET'
c. Test passwordless-AUTH on targets using: 'ssh'
3. Re-run 'systemctl' on TARGETs
a. 'systemctl -H 192.168.75.121'
4. Enable 'root' 'systemctl' access on targets
NOTE: If target does NOT allow password-AUTH for 'root' then copy key manually.
Otherwise, use: 'ssh-copy-id'
5. 'systemctl -H 192.168.75.121 -t service'
a. 'systemctl -H 192.168.75.121 status service'
b. 'systemctl -H 192.168.75.121 show service'
c. 'systemctl -H 192.168.75.121 get-default'
d. 'systemctl -H 192.168.75.121 set-default graphical.target'
d1. 'systemctl -H 192.168.75.121 reboot'
d2. 'systemctl -H 192.168.75.121 get-default' - now shows graphical
d3. revert to 'multi-user.target'
6. 'systemd-analyze (time(default)|blame|critical-chain)' - run per-node
NOTE: 'userspace'-related services take the bulk of boot-up time
7. Get Status of services
a. 'systemctl -H 192.168.75.131 -t service'