1 |
On Wed, Apr 1, 2015 at 8:28 AM, Rich Freeman <rich0@g.o> wrote: |
2 |
> |
3 |
> On Wed, Apr 1, 2015 at 4:04 AM, Canek Peláez Valdés <caneko@×××××.com> |
4 |
wrote: |
5 |
> |
6 |
> > # If you have cgroups turned on in your kernel, this switch controls |
7 |
> > # whether or not a group for each controller is mounted under |
8 |
> > # /sys/fs/cgroup. |
9 |
> > [...] |
10 |
> > # Set this to YES if yu want all of the processes in a service's cgroup |
11 |
> > # killed when the service is stopped or restarted. |
12 |
> > # This should not be set globally because it kills all of the service's |
13 |
> > # child processes, and most of the time this is undesirable. Please set |
14 |
> > # it in /etc/conf.d/<service>. |
15 |
> > # To perform this cleanup manually for a stopped service, you can |
16 |
> > # execute cgroup_cleanup with /etc/init.d/<service> cgroup_cleanup or |
17 |
> > # rc-service <service> cgroup_cleanup. |
18 |
> > # rc_cgroup_cleanup="NO" |
19 |
> |
20 |
> As pointed out in the comments, using this feature is apparently |
21 |
> unrecommended - probably because most init.d scripts were never |
22 |
> written with it in mind. A few notes that might be helpful for |
23 |
> anybody trying this out, based on my systemd experiences (where this |
24 |
> is standard functionality, but units are written with this in mind). |
25 |
> Please note that I'm not 100% sure about how this is implemented in |
26 |
> openrc, so some potential issues below may be mitigated. |
27 |
> |
28 |
> Also note, I'm not trying to make any value statements here (foo is |
29 |
> better than bar) - the purpose of my email is to help educate |
30 |
> sysadmins about some of the possible unintended consequences of using |
31 |
> features like these. |
32 |
> |
33 |
> 1. As far as I'm aware, openrc still doesn't have any concept of |
34 |
> scripts stopping/failing unless you explicitly tell it to stop them. |
35 |
> With systemd if the main process dies, the unit stops (and possibly |
36 |
> fails), and the child processes are killed automatically if this is |
37 |
> not overridden. So, don't expect the behavior to be exactly the same. |
38 |
|
39 |
I think (I could be wrong) that most of the detection magic in systemd is |
40 |
thanks to the use of cgroups. If that's the case, then OpenRC should be |
41 |
able to do the same (if someone cared to code it). |
42 |
|
43 |
> 2. Some scripts like apache might attempt to do graceful shutdowns. |
44 |
> I have no idea how the kill behavior of openrc interacts with this. |
45 |
> With systemd care had to be taken in the script to ensure that kills |
46 |
> were only sent after a suitable timeout to allow graceful shutdown a |
47 |
> chance to complete - otherwise an apache2 graceful completes instantly |
48 |
> and SIGTERMs get sent almost immediately afterwards. The openrc |
49 |
> init.d script already does its own attempts at polling/killing for a |
50 |
> restart, so you might get issues with how these features interact. |
51 |
> |
52 |
> 3. Sometimes leaving orphan processes around might be considered |
53 |
> intended behavior. Any screen launched from an ssh session is going |
54 |
> to be a child of sshd and in its cgroup. If you completely kill the |
55 |
> cgroup, then you'll kill any user sessions inside unless they were |
56 |
> given some kind of special handling. I'm actually not 100% sure how |
57 |
> this is done in systemd (logind may put these in a different cgroup |
58 |
> already), but you'll certainly want to think about things like this. |
59 |
|
60 |
As you correctly guessed, logind takes care of that: |
61 |
|
62 |
$ systemd-cgls |
63 |
├─1 /usr/lib/systemd/systemd --switched-root --system --deserialize 17 |
64 |
[...] |
65 |
└─user.slice |
66 |
└─user-1024.slice |
67 |
├─session-1395.scope |
68 |
│ ├─13984 sshd: canek [priv] |
69 |
│ ├─13989 sshd: canek@pts/0 |
70 |
│ ├─13994 -bash |
71 |
│ ├─14012 systemd-cgls |
72 |
│ └─14013 /usr/bin/less |
73 |
└─user@××××.service |
74 |
├─13986 /usr/lib/systemd/systemd --user |
75 |
└─13987 (sd-pam) |
76 |
|
77 |
|
78 |
So OpenRC should implement something similar to logind (which would be |
79 |
actually awesome, since GNOME, KDE and other sutff is starting to depend on |
80 |
it) to be able to work like systemd. |
81 |
|
82 |
> 4. Not really an issue for openrc, but if you're running systemd |
83 |
> timer units keep in mind that anything you fork from the main process |
84 |
> dies when the main process dies, so be careful about a cron shell |
85 |
> scripts that runs stuff in the background without waiting at the end. |
86 |
> |
87 |
> I'd think that this is a feature openrc would want to make the default |
88 |
> at some point. However, for that transition to be made maintainers |
89 |
> need to take another look at their scripts to make sure they still |
90 |
> work correctly. That was never an issue for systemd since the |
91 |
> behavior was there from the start. |
92 |
> |
93 |
> One thing I will say is that doing this sort of thing in the service |
94 |
> manager makes a LOT more sense than doing it in individual scripts. |
95 |
|
96 |
No argument from me here ;) |
97 |
|
98 |
> Look at the apache2 init.d script sometime and compare it to the |
99 |
> systemd unit. Most of the complexity in the init.d script is just |
100 |
> implementing stuff that systemd does natively, like graceful restarts |
101 |
> with cleanup of orphans and all that. I'm not criticizing the apache2 |
102 |
> script, but rather pointing out that one of the advantages of systemd |
103 |
> is that all of its units benefit from that kind of care without the |
104 |
> need to implement it in each script. And, of course, killing child |
105 |
> processes can be configured per-service or even globally (though doing |
106 |
> it globally probably isn't advisable, since many units probably depend |
107 |
> on systemd to just send SIGTERMs followed by SIGKILLs as its default |
108 |
> action and stuff wouldn't stop at all without this). |
109 |
|
110 |
Regards. |
111 |
-- |
112 |
Canek Peláez Valdés |
113 |
Profesor de asignatura, Facultad de Ciencias |
114 |
Universidad Nacional Autónoma de México |