Systemd is in all the major distributions nowadays and there is a lot of ways you can take advantages of it. It provides an easy way to manage your system and your services and interacts closely with the kernel features added in the last years like cgroups. This talk will show you how to get the added value of systemd and easily do a lot of things that were complicated in the past.
1. Getting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemdGetting the maximum out of systemd
Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto
FLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring ConferenceFLOSS UK Spring Conference
March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016March 16, 2016
2. whoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoamiwhoami
Julien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien PivottoJulien Pivotto
• Sysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.euSysadmin at inuits.eu
• FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004FLOSS user since 2004
• systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010systemd user since 2010
EEEEEEEEEEEEEEEEExherbo Linux
• DevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believerDevOps believer
• @roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie@roidelapluie on irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/githubon irc/twitter/github
17. Changing services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemdChanging services before systemd
• RRRRRRRRRRRRRRRRReplace /etc/init.d scripts
• /////////////////etc/default, /etc/sysconfig
• SSSSSSSSSSSSSSSSSpaghetti code
18. Overriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemdOverriding units: with systemd
• OOOOOOOOOOOOOOOOOverride completely a unit
• JJJJJJJJJJJJJJJJJust add/change one parameter
• """""""""""""""""Patch" vendor units
20. Advantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overridesAdvantages of "full" overrides
• IIIIIIIIIIIIIIIIIn /etc/systemd/system
• DDDDDDDDDDDDDDDDDo not conflict with packages
• OOOOOOOOOOOOOOOOOverride everything, even dependencies
• NNNNNNNNNNNNNNNNNot only for overrides: if you have
unpackaged units, put them there
22. Advantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overridesAdvantages of partial overrides
• IIIIIIIIIIIIIIIIIn /etc/systemd/system/$Unit
name.d/*.conf
• DDDDDDDDDDDDDDDDDo not conflict with packages
• OOOOOOOOOOOOOOOOOverride only what is needed
• AAAAAAAAAAAAAAAAAdapt while still accept upstream work
• NNNNNNNNNNNNNNNNNo need to adapt at each upgrade
• WWWWWWWWWWWWWWWWWorks for everything (not only services)
23. The price of that flexibility:
systemctl daemon-reload
24. Verify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unitVerify the loaded unit
systemctl cat mariadb.service
# /usr/x86_64−pc−linux−gnu/lib/systemd/system/mariadb.
service
[Unit]
Description=MySQL database server
After=syslog.target
After=network.target
[Service]
User=mysql
Group=mysql
ExecStart=/usr/sbin/mysqld −−defaults−file=/etc/mysql/my
.cnf −−basedir=/usr −−datadir=/var/lib/mysql
# /etc/systemd/system/mariadb.service.d/nice.conf
[service]
Nice=5
25. Instantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated unitsInstantiated units
• UUUUUUUUUUUUUUUUUnits cat take @ in the name
• ooooooooooooooooopenvpn@inuits.service
• OOOOOOOOOOOOOOOOOn-disk: openvpn@.service
• IIIIIIIIIIIIIIIIIn the file: %i will be "inuits"
• %%%%%%%%%%%%%%%%%p will be "openvpn"
26. Instantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit exampleInstantiated unit example
[Unit]
Description=OpenVPN daemon %i
After=syslog.target
[Service]
ExecStart=/usr/host/bin/openvpn −−writepid /run/openvpn
.%i.pid −−cd /etc/openvpn −−config /etc/openvpn/%i.
conf
PIDFile=/run/openvpn.%i.pid
28. Enabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a serviceEnabling/Disabling a service
• sssssssssssssssssystemctl disable mariadb.service
• WWWWWWWWWWWWWWWWWill disable the service
• PPPPPPPPPPPPPPPPPrevent it to start automatically
32. What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?What defines a service?
• TTTTTTTTTTTTTTTTThe command(s) to run
• MMMMMMMMMMMMMMMMMost of them can fork or stay in foreground
• sssssssssssssssssystemd can manage both
42. Problems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solvedProblems solved
• RRRRRRRRRRRRRRRRRun service as a different user
• JJJJJJJJJJJJJJJJJava Service Wrapper
• GGGGGGGGGGGGGGGGGo Service Wrapper
• YYYYYYYYYYYYYYYYYou can still use custom scripts
45. temp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp filestemp files
• sssssssssssssssssystemd will create, and cleanup temporary
files
• YYYYYYYYYYYYYYYYYou can assign files, directories to specific
users
• IIIIIIIIIIIIIIIIIt will decide when to delete them
• WWWWWWWWWWWWWWWWWhen you change the files, run
systemd-tmpfiles --create
54. Reading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logsReading the logs
• fffffffffffffffffollow: journalctl -f
• lllllllllllllllllast lines: journalctl -n 100
• fffffffffffffffffrom a unit: journalctl -u puppet-run.service
• ooooooooooooooooonly this boot: journalctl -b
• ooooooooooooooooonly this process: journalctl
/opt/puppetlabs/puppet/bin/ruby
55. Logs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs exampleLogs example
− Logs begin at Mon 2016−03−14 18:30:28 CET, end at Tue
2016
Mar 14 18:30:28 fqdn systemd−journal[137]: Runtime journ
Mar 14 18:30:28 fqdn systemd−journal[137]: Runtime journ
Mar 14 18:30:28 fqdn kernel: Initializing cgroup subsys
Mar 14 18:30:28 fqdn kernel: Initializing cgroup subsys
Mar 14 18:30:28 fqdn kernel: Initializing cgroup subsys
Mar 14 18:30:28 fqdn kernel: Linux version 3.10.0−327.10
Mar 14 18:30:28 fqdn kernel: Command line: BOOT_IMAGE=/b
Mar 14 18:30:28 fqdn kernel: e820: BIOS−provided physica
Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x000000000
Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x000000000
Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x000000000
Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x000000000
Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x00000000b
Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x00000000f
Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x00000000f
Mar 14 18:30:28 fqdn kernel: BIOS−e820: [mem 0x000000010
60. timers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs crontimers vs cron
• NNNNNNNNNNNNNNNNNo built-in emails function
• CCCCCCCCCCCCCCCCCron is more simple (one line to one file vs 2
units)
• TTTTTTTTTTTTTTTTTimers uses services, so predictible env
• YYYYYYYYYYYYYYYYYou can run independently the service unit
• TTTTTTTTTTTTTTTTTimers logs are in systemd
64. Socket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activationSocket activation
• GGGGGGGGGGGGGGGGGoal: start a service when needed
• sssssssssssssssssystemd will open a socket
• SSSSSSSSSSSSSSSSStart the service at first connection
• pppppppppppppppppass the socket to the service
66. systemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unitsystemd-proxy service unit
[Unit]
Requires=shaarli.service
After=shaarli.service
JoinsNamespaceOf=shaarli.service
[Service]
ExecStart=/usr/lib/systemd/systemd−socket−proxyd
127.0.0.1:43001
67. Actual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unitActual service unit
[Unit]
Description=Shaarli
[Service]
WorkingDirectory=/opt/Shaarli/dev
ExecStart=/usr/bin/php −S 127.0.0.1:43001
ExecStartPost=/bin/sleep 0.1
User=shaarli
Group=shaarli
[Install]
WantedBy=default.target
68. Side commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commandsSide commands
Licensed under a Creative Commons Attribution ShareAlike 2.0 License
https://www.flickr.com/photos/archer10/3029638204/
69. systemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commandssystemd-* commands
• sssssssssssssssssystemd-cgls: Show the cgroups hierarchy
• sssssssssssssssssystemd-analyze blame: Shows the startup
time
• sssssssssssssssssystemd-nspawn: Containers
• sssssssssssssssssystemd-run: run a command like if it was a
service unit