SANE 2006 Solaris SMF 15/05/06 11:03

Similar documents
SMF Service Management Facility Codename: Greenline

Let SMF handle your service Detlef Drewanz

SOLARIS BOOT CAMP II Migrating a Legacy RC service Bob Netherton

Managing Application Services Using SMF Manifests in Oracle Solaris 11

This course is for those wanting to learn basic to intermediate topics in Solaris 10 system administration.

Advanced Unix System Administration

This video is part of the Microsoft Virtual Academy.

Tasktop Sync - Cheat Sheet

Getting Started with OpenSolaris An Introduction for Technical Evaluators

Application Management Webinar. Daniela Field

HP Database and Middleware Automation

Sun Certified System Administrator for the Solaris 10 OS Bootcamp

Laboratorio di Programmazione. Prof. Marco Bertini

How to install the software of ZNS8022

Process Management forks, bombs, zombies, and daemons! Lecture 5, Hands-On Unix System Administration DeCal

PyUpdater wxpython Demo Documentation

A+ Guide to Managing & Maintaining Your PC, 8th Edition. Chapter 12 Troubleshooting Windows and Applications

GSS Administration and Troubleshooting

SeaPea v2.0 for Mac OSX 10.4.X X

SUN. Sun Certified System Administrator for the Solaris 10 Operating System Upgrade

System Administration for Beginners

Silk Performance Manager Installation and Setup Help

<Insert Picture Here> New MySQL Enterprise Backup 4.1: Better Very Large Database Backup & Recovery and More!

Certification. System Initialization and Services

PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps

Each terminal window has a process group associated with it this defines the current foreground process group. Keyboard-generated signals are sent to

smf(5): Solaris 10 Service Management Facility Ambreesh Khanna Chief Technologist, x64 Servers and Solaris US Client Solutions Sun Microsystems

Safe Mode: Solve Startup Problems & Crashes S 3/1. Solve (Almost) Any Problem Your Computer May Have

Task-Oriented Solutions to Over 175 Common Problems. Covers. Eclipse 3.0. Eclipse CookbookTM. Steve Holzner

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Working in Teams CS 520 Theory and Practice of Software Engineering Fall 2018

MarkLogic Server. Information Studio Developer s Guide. MarkLogic 8 February, Copyright 2015 MarkLogic Corporation. All rights reserved.

Aretics T7 Installation Manual

Getting Started With Containers

CST8177 Linux II. Linux Boot Process

CS 520: VCS and Git. Intermediate Topics Ben Kushigian

Windows Azure Services - At Different Levels

USING GIT WITH, AND AUTOMATING MUNKI. Adam Reed

We first learn one useful option of gcc. Copy the following C source file to your

Using the VMware vrealize Orchestrator Client

Tiger Box Firmware Version 2.5 Release Notes

ECE 550D Fundamentals of Computer Systems and Engineering. Fall 2017

ForeScout CounterACT. Gradual Upgrade Guide. Version 8.0

[Docker] Containerization

DRIVER PERSISTENCE. vr384 October Driver Persistence

Herding Clones. Mike Kershaw August 17, urmk/

BOOTP Operations. Section Network and Host System Operations. HDS ViewStation System Administrator s Guide. 3.

Introduction and Data Center Topology For Your System

High Availability for Enterprise Clouds: Oracle Solaris Cluster and OpenStack

Citrix 1Y Citrix XenApp and XenDesktop Administration 7.6 LTSR.

<Insert Picture Here> Getting Started with Solaris

Chapter. Basic Administration. Secrets in This Chapter. Monitoring the System Viewing Log Files Managing Services and Programs Monitoring Disk Usage

High Availability for SAS 9 Metadata Server

Outline The three W s Overview of gits structure Using git Final stuff. Git. A fast distributed revision control system

CLOSE ENCOUNTERS OF THE UPSTREAM RESOURCE

Lustre Client GSS with Linux Keyrings

Using the VMware vcenter Orchestrator Client. vrealize Orchestrator 5.5.1

The Linux IPL Procedure

Connect with Remedy Smart IT 2.0: Configurability and Customization Webinar Q&A

Virtual Data Center (vdc) Manual

MBB100 / DSM800 Update Instructions

10.2 Running process checklist Contacting TEMASOFT Support... 30

Getting Started with. Agents for Unix and Linux. Version

EOS: An Extensible Operating System

Configuration Replace and Configuration Rollback

Tanium Discover User Guide. Version 2.x.x

vsphere Upgrade Update 1 Modified on 4 OCT 2017 VMware vsphere 6.5 VMware ESXi 6.5 vcenter Server 6.5

OPERATING SYSTEMS. Božo Krstajić, PhD, University of Montenegro Podgorica.

Lesson 9 Transcript: Backup and Recovery

Revision control. INF5750/ Lecture 2 (Part I)

HP-UX System Administration Course Overview. Skills Gained. Who will the Course Benefit?

Quickly Repair the Most Common Problems that Prevent Windows XP from Starting Up

RBAC in Solaris 10. Darren J Moffat Staff Engineer, Networking & Security Sun Microsystems, Inc. 7 th October 2004

What is version control? (discuss) Who has used version control? Favorite VCS? Uses of version control (read)

Git. A fast distributed revision control system. Nils Moschüring PhD Student (LMU)

Configuring and Managing Embedded Event Manager Policies

Index. Alias syntax, 31 Author and commit attributes, 334

System Administration for the Oracle Solaris 10 OS Part 1 Student Guide - Volume I

AutoArchive. Release 1.4.1

IPS Packaging for Oracle Solaris 11

CSE 265: System and Network Administration

CSE 265: System and Network Administration

IPS for OpenIndiana and Solaris 11. Chris Ridd

Sun Certified System Administrator for the Solaris 10 OS Bootcamp

Non-SAP Monitoring using OS scripts for multiple metrics

Introduction to Linux Init Scripts

How To Configure PowerAlert on Linux with the APC BackUPS Pro 280VA (v2.0, 5Sept2002)

OpenEarth OpenEarthTools = Open source management of Data, Models and Tools for marine & coastal science & technology

JACK4U Manual. vers. 1.1

Participants in this lab will gain example-led awareness and understanding of the following technical facilities:

Performing Administrative Tasks

What this Guide Covers. Additional Info. 1. Linux based Servers. 2. Windows Servers. 3. GoldLite and Virtual Servers. 4. Other servers. 5.

Best Practices for Developing & Deploying Java Applications with Docker

User guide. ApplianX DPNSS-to-Q.SIG Gateway

Some Ubuntu Practice...

Parallels Virtuozzo Containers

WF-distiller Process Designer

DATA DOMAIN INVULNERABILITY ARCHITECTURE: ENHANCING DATA INTEGRITY AND RECOVERABILITY

Supercharged VM Startup: A System V-Style INIT Process for VM and Guests

SWITCHBOARD USER MANUAL

Transcription:

SANE 2006 Solaris SMF 15/05/06 11:03 Liane = tech-lead voor SMF, werkte vroeger in het kernel team. Her presentation can be downloaded from her blog as soon as possible. Agenda SMF basics SMF components and implementation Solaris Integration Points SMF service development Troubleshooting and recovery SMF future Motivation behind SMF There s a big difference between a service and a normal program. OSes provide little support for service-based management. o What services are available on the system? o Are any broken? How are they broken? o What does this service depend on? Service availability is paramount. The OS doesn t matter that much when it comes to availability calculations. Lack of knowledge of service boundary and inter-service relationships -> limits error handling ability of system Ticking time-bombs inherent in file-based configuration. No easy roll-back, no change management, no immediate checking of changes. Service management is divided into three parts: Service delivery -> description of what you deliver Administrative interaction -> how to stop/start, etc Management of service by system -> what will the system do in various situations? Solaris 10 SMF solution All services are elevated to first-class system objects Consistent configuration handling o generic meta-config common (enabled, dependencies, methods, etc) o configuration explicitly commited -> no time bombs

o administrative intent preserved -> config changes made to the system are preserved and protected from being overwritten. Think: modified init scripts that are killed by a patch install. o restore to known-good snapshots -> roll-back / change management. Securely delegate administration to non-root users through RBAC. Services automatically restarted in dependency order: o administrative error, hardware error, software fault. So if service A core dumps and B depends on A, they re both restarted. o parallel startup comes along for the ride. Easy access to information about faulted services. Predictive self healing Solaris Fault Manager provides detection and diagnosis of hardware errors, leading to isolation and deactivation of faulty components and precies, accurate messaging. SMF makes Solaris services self-healing. Hardware faults which previously cause system restarts are now isolated to the effected services. Services are also automatically restarted in the face of hardware and software faults. Bottom line: you will be told what- is failing and what- is affected, instead of having to figure it out by going over multiple log messages. Software fault handling is much more complex than hardware fault handling. This makes SMF a tricky piece of software to build. A new system daemon, svc.startd, has taken over most of init s responsibilities. init still uses inittab and /etc/rcx.d svc.startd can automatically restart services o If daemon X is enabled it is started at boot time and restarted if it dies. o If daemon X is disabled it is never started. Not at boot time and not after installing a patch or upgrade or whatever.

Each service defined for SMF has a defined state. For a list of known service states, refer to page 1 of the handout. Service dependencies svc.startd starts service in dependency order and also allows for parallel startup of non-related services. -> faster boot. If a service encounters a hardware error, only the service and services which depend on it are restarted (not the whole system). Service method svc.startd uses a service s methods to manipulate it. o Start & stop methods o Refresh method Methods can be scripts, binaries or keywords. Methods can specify context (user, group, privileges (think userinit) and resource management settings). Nice :) You can tell SMF to run daemon X as non-privileged user Y, but to connect to privileged port Z. Nifty. SMF configuration Service meta-config is kept in the repository (enabled/disabled, state, dependencies, methods, etc). The repository is controlled by svc.configd. The repository is currently stored in /etc/svc/repository.db (a database (currently SQLLight), not a flat file). Service instances services are presented as instance nodes which are children of service nodes. Both service nodes and instance nodes can have properties If an instance doesn t have property X, the service s X is used. allows similar services to share properties (e.g. same webserver, different ports). Service names Fault Management Resource Identifier (FMRI)

URI syntax: svc:/system/cron:default o system/cron = service name o default = instance name The namespace is flat. The slashes do not refer to directories or whatever. Commands accept abbreviations (system/cron, cron) Property structure A property has a type and zero or more values. Properties are grouped in named groups which have a tag (framework, dependency, etc) Example: general/enabled = group/property Property snapshots Snapshot of instance = copy of properties + properties of service node Snapshots are automatically taken (successful start, before upgrade) Snapshots can be used to roll-back to previous situations SMF components usually use the running snapshot so changes can be commited by updating that snapshot. Repository use Services are allowed to store their config in the repository o avoids writing a new parser o benefits from snapshots o sue libscf and svcprop o Example: rpc/bin has config/verbose_logging and config/local_only (this is a cool feature by the way!) All users may read properties. Write privileges may be delegated via RBAC (see S5:smf_security) Service manifests XML file which describes dependencies, methods, service-specific properties. delivered into /var/svc/manifest

manifests are loaded into the repository at boot-time when there are new/changed manifests. manifests in /var/svc/manifest should NOT be customized. These changes should be made in the repository using svccfg. Commands svcs -> lists state, state-time, FMRI, dependencies of (enabled) services. svcadm -> manipulates services. Runs asynchronous so it returns immediately, even if its tasks are still working in the background (can be circumvented with -s ). Changes can also be made to persist until the next reboot (temporarily). svccfg -> import/export manifests, apply/extract profiles. Also has an interactive mode. Also able to dump (archive) a readable XML file with the complete config. svcprop -> properties of services and instances for listing, fetching (for scripts) and stuff like that. Delegated restarters Not all services fit svc.startd s service model. SMF allows a service to be a delegated restarter for other services like stop/start/restart and setting states. svc.startd still handles enable/disable. Currently inetd is the only delegated restarter. Configuration is still stored in the repository and not in inetd.conf. More delegated restarters will come soon. Inetd is not used anymore. Everything that was in there has been converted to SMF. When unconverted services appear in inetd.conf, inetd gives off an alarm. The inetconv command can be used to convert services to SMF. Currently there is no way of quickly showing all temporary changes affecting the system right now. They re working on implementing this :) <pauze> Vanaf nu type ik minder. Ik lees de sheets nog eens door

Milestone = SMF model voor runlevels = a collection of dependencies which declare a specific state of system-readiness. None = kale kernel + root prompt. All = meekijken hoe alle services worden opgestart, vanaf none. Legacy services are not monitored by SMF, while they are started by it at boot time. At a later point in time someone may stop a legacy service, but the state will still be legacy_run. At boot time all messages from starting services are logged into files. They are not- displayed at the console screen, thus cleaning up your boot messages. Contract = mechanism to express relationships between a process and the kernel-managed resources it depends upon. They are visible via the /system/contract filesystem. Contracts can actually take various actions based upon events happening within the group of processes tied to it. Any long-running process can be fitted to SMF. First, create a manifest and then modify your rc scripts. Benefits: visible and manageable using standard solaris tools. new tools will automatically see your service built-in restart due to administrative error, software or hardware fault. dependencies reduce complex install-time logic and eliminate start-time checks using SMF simplifies participation in Solaris innovations: FMA, resource management delegated administration. Common integration create basic manifest convert init script to methods minimal testing split monolithic services into separate restartable components. (advanced) customized error handling. (advanced)

Manifest creation: name your service identify whether your service may have multiple instances identify your service model (contract, transient, wait) identify how your service is stopped and started determine faults to be ignored identify dependencies identify dependants create (if appropriate) a default instance create template info to describe your service /usr/bin/xmllint can be used to debug your XML code... Model contract = expects at least one process in the service when the start method exits Model transient = services usually don t have processes in the servcie when the start method exits When reverting to an older snapshot SMF cannot show you the differences easily. You can write a script to do so and Liane actually noted this feature request down :) One of the future features in SMF is monitors which can actually tell you if your applications/service is functioning properly. Not by seeing which processes are running, but by checking its real functionality.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback