From Fedora Project Wiki
No edit summary |
No edit summary |
||
Line 12: | Line 12: | ||
* '''keeps track of processes using Linux cgroups''': kernel Control Groups or hierarchy of groups of processes. If a process in a specific cgroup forks, its child will become a member of the same group. Unless it is privileged and has access to the cgroup file system it cannot escape its group. cgroups let enforce limits on entire groups of processes. cgroups are also useful to enforce limits outside of the immediate container use case (e.g. limit the total amount of memory or CPU, Apache and all its children may use, so a misbehaving CGI script can no longer escape your resource control by simply forking away.) In addition to container and resource limit enforcement cgroups are very useful to keep track of daemons: cgroup membership is securely inherited by child processes, they cannot escape. There's a notification system available so that a supervisor process can be notified when a cgroup runs empty. You can find the cgroups of a process by reading /proc/$PID/cgroup. cgroups hence make a very good choice to keep track of processes for tracking purposes. | * '''keeps track of processes using Linux cgroups''': kernel Control Groups or hierarchy of groups of processes. If a process in a specific cgroup forks, its child will become a member of the same group. Unless it is privileged and has access to the cgroup file system it cannot escape its group. cgroups let enforce limits on entire groups of processes. cgroups are also useful to enforce limits outside of the immediate container use case (e.g. limit the total amount of memory or CPU, Apache and all its children may use, so a misbehaving CGI script can no longer escape your resource control by simply forking away.) In addition to container and resource limit enforcement cgroups are very useful to keep track of daemons: cgroup membership is securely inherited by child processes, they cannot escape. There's a notification system available so that a supervisor process can be notified when a cgroup runs empty. You can find the cgroups of a process by reading /proc/$PID/cgroup. cgroups hence make a very good choice to keep track of processes for tracking purposes. | ||
* supports snapshotting and restoring of the system state: | * '''supports snapshotting and restoring of the system state''': snapshots can be used to save/rollback the state of all services and units of the init system. Primarily it has two intended use cases: to allow the user to temporarily enter a specific state such as "Emergency Shell", terminating current services, and provide an easy way to return to the state before, pulling up all services again that got temporarily pulled down. | ||
* maintains mount and automount points | |||
* implements an elaborate transactional dependency-based service control logic | * '''maintains mount and automount points''': systemd monitors all mount points how they come and go, and can also be used to mount or unmount mount-points. /etc/fstab can be used here as an additional configuration source for these mount points. Using the <code>comment=</code> fstab option you can even mark <code>/etc/fstab</code> entries to become systemd controlled automount points.. | ||
* '''implements an elaborate transactional dependency-based service control logic''': | |||
Revision as of 20:17, 31 January 2011
systemd
systemd is the new system and service manager for Fedora 15. It provides:
- aggressive parallelization capabilities using socket: to speed up the entire boot and start more processes in parallel, systemd creates the listening sockets before actually starting the daemon, and then just passes the socket to it. All sockets for all daemons are created in one step in the init system, and then in a second step run all daemons at once. If a service needs another, and it is not fully started up, what will happen is that the connection is queued in the providing service and the client will potentially block on that single request. But only that one client will block and only on that one request. Also, dependencies between services no longer have to be configured to allow proper parallelized start-up: starting all sockets at once and a service needing another, it surely can connect to its socket.
- D-Bus activation for starting services: using bus activation, a service can be started the first time it is accessed. Bus activation also gives the minimal per-request synchronisation needed for starting up the providers and the consumers of D-Bus services at the same time: starting a service at the same time as another, if one is quicker, than via the bus activation logic we can get D-Bus to queue the request until the otehr manages to establish its service name.
- offers on-demand starting of daemons:
- keeps track of processes using Linux cgroups: kernel Control Groups or hierarchy of groups of processes. If a process in a specific cgroup forks, its child will become a member of the same group. Unless it is privileged and has access to the cgroup file system it cannot escape its group. cgroups let enforce limits on entire groups of processes. cgroups are also useful to enforce limits outside of the immediate container use case (e.g. limit the total amount of memory or CPU, Apache and all its children may use, so a misbehaving CGI script can no longer escape your resource control by simply forking away.) In addition to container and resource limit enforcement cgroups are very useful to keep track of daemons: cgroup membership is securely inherited by child processes, they cannot escape. There's a notification system available so that a supervisor process can be notified when a cgroup runs empty. You can find the cgroups of a process by reading /proc/$PID/cgroup. cgroups hence make a very good choice to keep track of processes for tracking purposes.
- supports snapshotting and restoring of the system state: snapshots can be used to save/rollback the state of all services and units of the init system. Primarily it has two intended use cases: to allow the user to temporarily enter a specific state such as "Emergency Shell", terminating current services, and provide an easy way to return to the state before, pulling up all services again that got temporarily pulled down.
- maintains mount and automount points: systemd monitors all mount points how they come and go, and can also be used to mount or unmount mount-points. /etc/fstab can be used here as an additional configuration source for these mount points. Using the
comment=
fstab option you can even mark/etc/fstab
entries to become systemd controlled automount points..
- implements an elaborate transactional dependency-based service control logic:
It can work as a drop-in replacement for sysvinit.
It is implemented around the notion of units. Units have a name and a type, whose configuration is in a file with the same name. There are several kinds of units: service, socket, device, others.