Changes

From SME Server
Jump to navigationJump to search
7,107 bytes added ,  07:07, 15 November 2020
no edit summary
Line 31: Line 31:     
From there we could keep this way, or try to move as many process as we can to systemd. This way works, but is even more complex than it was on previous SME version. Plus we can not guarantee without further scripts that one will not be able to do a ''systemctl start httpd''.
 
From there we could keep this way, or try to move as many process as we can to systemd. This way works, but is even more complex than it was on previous SME version. Plus we can not guarantee without further scripts that one will not be able to do a ''systemctl start httpd''.
* new startup with consol see /usr/share/perl5/vendor_perl/esmith/console/startup.pm
+
* new startup with console see /usr/share/perl5/vendor_perl/esmith/console/startup.pm
 
<syntaxhighlight lang="perl">
 
<syntaxhighlight lang="perl">
 
package esmith::console::startup;
 
package esmith::console::startup;
Line 416: Line 416:  
==== uninstalling /masking unwanted/conflicting services: example of firewalld. ====
 
==== uninstalling /masking unwanted/conflicting services: example of firewalld. ====
 
we can plan to uninstall firewalld for example, but some packages will reinstall as a requirement. It might even be started, which could conflict with masq.
 
we can plan to uninstall firewalld for example, but some packages will reinstall as a requirement. It might even be started, which could conflict with masq.
 +
 +
=== Systemd current implementation ===
 +
Previously we had sysvinit services and supervised services under Deamontool and Runit.
 +
 +
We are currently moving all sysvinit handled service to systemd.
 +
 +
For services supervised with Runit, we either move them to systemd with their own unit if one is provided, or we create one which will keep the service runing under Runit
 +
 +
The idea is to stop to have the Bootstrap Console to start services.
 +
 +
==== default target: sme-server.target ====
 +
We use our own target.
 +
 +
==== system-preset ====
 +
The use of system preset is the base of our way to handle the systemd services under Koozali SME Server.
 +
 +
For direct post install purpose we user a e-smith-base RPM owned file :  /usr/lib/systemd/system-preset/50-Koozali.preset
 +
 +
This file contains a list of service we want to have enabled or disabled.
 +
 +
Another file will take precedence without hiding it: /etc/systemd/system-preset/49-koozali.preset. This file is templated, and use the e-smith configuration db to list services that should be enabled or disabled based on admin changes.
 +
 +
This is important that this file is called 49-koozali.preset and not 50-Koozali.preset, so it does not hide 50-Koozali.preset content, but take precedence on it. Hence, anything not declared in 49-koozali.preset will take the state of what declare the 50 one.
 +
 +
Then we use an action script to default all we want in systemd: /etc/e-smith/events/actions/systemd-default<syntaxhighlight lang="bash">
 +
#!/usr/bin/bash
 +
/usr/bin/systemctl  enable sme-server.target
 +
ln -fs sme-server.target /lib/systemd/system/default.target
 +
/usr/bin/systemctl  preset-all
 +
/usr/bin/systemctl  set-default sme-server.target
 +
 +
</syntaxhighlight>This will ensure that on every run, all service explicitly enabled or disabled in the configuration db are declared this way in systemd, and if they are not in the db they be according to what is declared in other /lib/systemd/system-preset/* files.
 +
 +
Any services not explicitly declared there will be disabled (/lib/systemd/system-preset/99-default-disable.preset). So If you want a service to run you need to declare it at the very least with :<syntaxhighlight lang="bash">
 +
db configuration set myservice service status enabled
 +
expand-template /etc/systemd/system/preset/49-koozali.preset
 +
/etc/e-smith/events/actions/systemd-default
 +
systemcl start myservice.service
 +
</syntaxhighlight>
 +
 +
Note you can also declare a service unit name with a service name with a different name. This is beta for the moment, it might conflict with some other script handling the services (/sbin/e-smith/service, bootstrap-console;  controlService perl function from /usr/share/perl5/vendor_perl/esmith/util.pm) <syntaxhighlight lang="bash">
 +
db configuration set myservice service status enabled SystemdUnit service@my.service
 +
expand-template /etc/systemd/system/preset/49-koozali.preset
 +
 +
</syntaxhighlight>
 +
 +
==== service-status ====
 +
We use as ExecStartPre a call to a script preventing any unwanted launch of a disabled service. This is pretty radical and jsut fails the service with a message at any trial to start it. This is in case one starts it manually or has it enabled and prevent an event to run to disable it before reboot.
 +
 +
Currently the script just fails, but we could imagine in a future to have a property in the db to make it just send a warning and let the service start.<syntaxhighlight lang="bash">
 +
#! /bin/sh
 +
 +
SERVICE=$1
 +
USAGE="Usage: service-status SERVICENAME"
 +
 +
#if no servicename is provided return usage
 +
if [[ "${SERVICE}" == "" ]]
 +
then
 +
  echo ${USAGE} >&2
 +
  exit 1
 +
fi
 +
 +
TYPE=$(/sbin/e-smith/db configuration gettype "$SERVICE" || echo none)
 +
 +
if [[ "$TYPE" != 'service' ]]
 +
then
 +
    echo "$SERVICE is not a service"
 +
    exit 9
 +
fi
 +
 +
STATUS=$(/sbin/e-smith/db configuration getprop "$SERVICE" status || echo disabled)
 +
 +
if [[ "$STATUS" != 'enabled' ]]
 +
then
 +
    echo "$SERVICE will not start (service status not enabled)"
 +
    exit 5
 +
fi
 +
 +
exit 0
 +
 +
</syntaxhighlight>
 +
 +
==== services2adjust ====
 +
Runit and Sysvinit were allowing some signals that are not handled anymore by systemd. We will have to replace those.
 +
 +
'''As an example <u>service masq adjust</u> need to be replaced by <u>systemctl reload masq.service</u>.'''
 +
 +
for the following we could use  <code>kill --signal=</code>
 +
* sigusr1
 +
* sigusr2
 +
* sigterm
 +
* sighup
 +
 +
On the other hand, systemd offers few newer interesting solutions :
 +
* start
 +
* stop
 +
* reload
 +
* restart
 +
* try-restart
 +
* reload-or-restart
 +
* try-reload-or-restart
 +
 +
==== Service migration ====
 +
* We will have all our service unit file in /usr/lib/systemd/system/
 +
* They should all be wanted by  sme-server.target in the [Install]
 +
* As long as possible we will avoid to template .service files and/or their modification in /usr/lib/systemd/system/servicename.service.d/50koozali.conf
 +
 +
===== Previous pure Syvinit service, with a provided systemd unit =====
 +
Either we are lucky and can simply use the one provided as a replacement, either we add a service.d/50koozali.conf for the service and alter in a way we need.
 +
 +
===== Previous pure Syvinit service, without a provided systemd unit =====
 +
Here is the example of masq : /lib/systemd/system/masq.service<syntaxhighlight lang="bash">
 +
[Unit]
 +
Description=masq, the Koozali SME Server firewall script
 +
Before=network-pre.target
 +
Wants=network-pre.target
 +
Conflicts=iptables.service ip6tables.service ebtables.service ipset.service nftables.service firewalld.service
 +
 +
[Service]
 +
Type=oneshot
 +
ExecStartPre=/sbin/e-smith/service-status masq
 +
ExecStart=/etc/rc.d/init.d/masq start
 +
ExecStop=/etc/rc.d/init.d/masq stop
 +
ExecReload=/etc/rc.d/init.d/masq adjust
 +
RemainAfterExit=yes
 +
 +
 +
[Install]
 +
WantedBy=sme-server.target
 +
 +
</syntaxhighlight>example of network : /lib/systemd/system/networking.service<syntaxhighlight lang="bash">
 +
[Unit]
 +
Description= Network management for Koozali SME Server, using old sysvinit script
 +
After=network-pre.target
 +
Wants=network.target
 +
Before=network-online.target wan.service
 +
Conflicts=NetworkManager.service
 +
 +
[Service]
 +
Type=oneshot
 +
ExecStart=/etc/rc.d/init.d/network start
 +
ExecStop=/etc/rc.d/init.d/network stop
 +
ExecReload=/etc/rc.d/init.d/network restart
 +
RemainAfterExit=yes
 +
 +
[Install]
 +
WantedBy=sme-server.target
 +
Alias=network.service
 +
 +
</syntaxhighlight>
 +
 +
===== Previous Runit service, with a provided systemd unit =====
 +
Either we are lucky and can simply use the one provided as a replacement, either we add a service.d/50koozali.conf for the service and alter in a way we need.
 +
 +
AS a last resort we could hide the whole file using the service.d/50koozali.conf  and simply call runit, see next one.
 +
 +
===== Previous Runit service, without a provided systemd uni =====
 +
example of wan : /lib/systemd/system/wan.service<syntaxhighlight lang="bash">
 +
[Unit]
 +
Description=WAN interface for Koozali SME Server
 +
After=network-pre.target networking.service
 +
Before=network-online.target
 +
 +
[Service]
 +
Type=oneshot
 +
ExecStartPre=/sbin/e-smith/service-status wan
 +
ExecStart=/usr/bin/sv u /service/wan
 +
ExecStop=/usr/bin/sv stop  /service/wan
 +
ExecReload=/usr/bin/sv t /service/wan
 +
RemainAfterExit=yes
 +
 +
[Install]
 +
WantedBy=sme-server.target
 +
 +
</syntaxhighlight>
    
=== References ===
 
=== References ===
 
<references />
 
<references />
 
[[Category:SME10-Development]]
 
[[Category:SME10-Development]]
Super Admin, Wiki & Docs Team, Bureaucrats, Interface administrators, Administrators
3,254

edits

Navigation menu