DOCSLIB.ORG

System Init Scripts and the Debian O.S

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
System Init Scripts and the Debian O.S 3rd Debian Conference System Init Scripts and the Debian O.S. Henrique de Moraes Holschuh∗ June 2002† Abstract Regardless of the kernel and bootstrapping method used, at the very end of a normal De- This paper describes the System V, OpenBSD / bian bootstrapping process the kernel will have FreeBSD, NetBSD and Debian 3.0 init script sys- mounted the real root le system in read-only tems. Some new proposals made by third-parties mode for us, and then it will execute /sbin/init, for init script systems are also described, with which will run with pid 1. emphasis on Richard Gooch's simpleinit sys- /sbin/init will then proceed to call the system tem. The system init script abstraction and policy init scripts, which will do the dirty job of mount- layer currently being deployed in Debian for the ing le systems in read-write mode, loading mod- release after 3.0 is described in detail. Changes to ules, starting service daemons, and running a lo- that abstraction layer are proposed to allow for gin shell for the user. dependency-based init script systems in Debian. In Debian, these init scripts live in /etc/init.d, and take one or more command-line parameters. 1 Linux System Bootstrap The rst parameter tells the init script which ac- tion it should take: start the service, stop the System bootstrapping procedures vary quite a bit, service, reload service conguration and so on. depending on which kernel is being used. With All other parameters are optional, and init-script- the imminent addition of the BSD kernels to De- dependent. The script will return exit status zero bian, we can expect the bootstrap procedures to if no errors occur, and non-zero otherwise. vary even more in the near future1. This init script command line convention is part For Linux kernels, the bootstrapping sequence of the System V init script architecture, which is depends on the existence of initrd images or com- Debian's default. Init scripts following this com- pressed RAM le system images, and even remote mand line convention and stored in /etc/init.d boot images. Debian uses at least three vari- will be called SysV-like init scripts2 in this paper. ants of Linux bootstrapping: initrd for our very big includes-even-the-kitchen-sink-as-modules 2.4 2 Init Script Systems kernel images; direct bootstrap for smaller 2.4 and 2.2 kernels, such as those normally created 2.1 System V by users of the kernel-package package; and com- pressed RAM le system for boot-oppies and The System V init script system is quite power- CD/DVDROMs. ful, and very adaptable due to its modular de- sign, true to System V style. This is a very big ∗ [email protected] † This is revision 1.16 of this document, advantage over the original BSD-like init script commited in 2nd July 2002, 12:01:34. 1 The Debian BSD eort will also introduce a new standard C library (libc), so system bootstrapping is the least of our worries. 2 SysV is the short form for System V. 1 systems3. Given the displeasure many have for Sysvinit is a fully-featured init as far as these some parts of the System V init script system, things go. Sysvinit can: this is a Very Good Thing, indeed: the modular design makes it possible to x what is bad, and • use a script to start every process it needs to keep what works ne. (/etc/initscript); The System V init script system is well under- deal with several system proles (runlevels), stood by most seasoned system administrators, • and switch between them upon user com- and well dened. It works mostly well with the mand; software packages concept, as long as they come from the same vendor. However, it is also messy • execute a congurable script to run the sys- and ungraceful, it is unintuitive, and it takes quite tem startup setup (/etc/init.d/rcS); a bit of maintenance to keep the init script exe- cution sequence just right. • babysit processes (restart, kill, control fork The init script system is composed rate), with dierent sets of processes for every of three modules: /sbin/init (Sysvinit), runlevel; /etc/init.d/rc (/etc/rc?.d/* symbolic link execute scripts on SIGPWR, SIGINT and farms) and the SysV-like system init scripts • kbrequest; themselves (/etc/init.d/* ). It has a concept of dierent system proles, • re-execute itself without bothering the rest of which are called runlevels. The runlevels are 0 the system; (system halt); 1 (single-user mode); 2, 3, 4 and 5 (normal modes)4; 6 (reboot system); 7, 8 and 9 • execute in system maintenance mode. These (normal but not normally used); and S (system are single-user mode (runs only the system startup). Runlevel S is only used during system startup scripts, and then run sulogin), and startup and allow single-user mode login. What emergency mode (only run sulogin); the other runlevels are used for varies from vendor change the runlevel init script subsystem (one to vendor, and sometimes even with the operating • can tell Sysvinit to run something other than system's version. /etc/init.d/rc to execute runlevel changes); 2.1.1 Sysvinit • deal with Linux serial consoles. Debian's default (and currently only) /sbin/init is Sysvinit currently cannot: the Linux System V init. It is packaged and main- tained both for Debian and upstream by Miquel deal directly with kernel ACLs8 (but patches 5 • van Smoorenburg . We shall call it Sysvinit. for Sysvinit to add such support, and patches 6 Sysvinit has a large memory footprint . On to the Linux kernel to work around Sysvinit's 7 an ia32 system, it takes about 1280 kibibytes limitations do exist). of virtual space, and 480 kibibytes of RSS. That 9 amounts to an itty-tiny bit of memory in these The default ACL inheritable set is empty KDE/GNOME days, but it is hardly what you in the mainline Linux Kernel (and also in De- would use for memory-starved embedded systems. bian's). Sysvinit needs to change that, or ACLs are eectively disabled without a ker- nel patch. It should also be able to modify 10 3 At least from the point of view of a distribution us- the capability bound set , so as to emulate ing a package-based system, anyway. 4 The runlevels the securelevel feature of the BSDs. are normally used in additive mode. For example: run- level 3 is runlevel 2 plus networking functions; runlevel 8 ACL is the short form for Access Control Lists. It is a 4 is runlevel 3 plus NFS and other remote services en- ne-grained permission control system, capable of limiting abled; runlevel 5 is runlevel 4 plus a X11 display server. even the superuser's access to the kernel. 9 Set of ACL 5 [email protected] 6 This is glibc's fault. Sysvinit permissions available to children of the current process. itself takes only 25 kibibytes. 7 A kibibyte is 1024 bytes 10 The capability bound set selects either superuser or ACL-based access control for every possible ACL. 2 • directly control processes that change their of the init script in /etc/init.d that the symbolic process group (as most daemons do); link points to14. The symbolic links are processed in shell colla- Usually only the rst limitation is of any im- tion order (which will be the one for the C locale portance, as daemons are controlled through init if one is lucky). First all K scripts are run with scripts instead of by Sysvinit. Debian will need the stop argument, then all S scripts are run with to address ACLs in a consistent way very soon: the start argument. Some /etc/init.d/rc scripts we already have the standard Linux kernel ACLs are known to try to optimize this a bit, and will (that cannot be used by default due to Sysvinit's not call a init script to start a service that should lack of ACL knowledge), and SE Linux11 is com- have been started in the previous runlevel and ing. We also have at least one ACL-aware le was not stopped in the current runlevel. Debian's system (xfs).12. The BSD kernels also have ACL- /etc/init.d/rc does just that. enabled extensions (Trusted BSD), which might One must make sure the scripts are numbered enter Debian one day. in the correct order. Scripts with the same num- ber are not guaranteed to always run in the same 2.1.2 Init scripts symbolic link farm deterministic order (due to locale collation rules, for example). The System V init script system decides which Right now, Debian does not take all the care services are to be started or killed in a given that such a fragile ordering enforcement system runlevel (or during a runlevel change) using the requires. Maintainers often select the wrong or- /etc/init.d/rc script. This information is stored dering numbers for their init scripts, and that will by symbolic link farms in directories, one direc- only get xed when someone notices it in her sys- tory per runlevel. To gure out if a service is sup- tem, and le a bug. Also, the default order num- posed to be started or stopped in a given runlevel, ber of 20 has too many services. one must inspect the correct link farm. The S runlevel is special, for Sysvinit is con- gured to run /etc/init.d/rcS at system startup.
Load more

Recommended publications
  • Introduction Use Runit with Traditional Init (Sysvinit)
    2021/07/26 19:10 (UTC) 1/12 Runit Runit Introduction runit is a UNIX init scheme with service supervision. It is a cross-platform Unix init scheme with service supervision, a replacement for sysvinit, and other init schemes and supervision that are used with the traditional init. runit is compatible with djb's daemontools. In Unix-based computer operating systems, init (short for initialization) is the first process started during booting of the computer system. Init is a daemon process that continues running until the system is shut down. Slackware comes with its own legacy init (/sbin/init) from the sysvinit package, that used to be included in almost all other major Linux distributions. The init daemon (or its replacement) is characterised by Process ID 1 (PID 1). To read on the benefits of runit, see here: http://smarden.org/runit/benefits.html * Unless otherwise stated, all commands in this article are to be run by root. Use runit with traditional init (sysvinit) runit is not provided by Slackware, but a SlackBuild is maintained on https://slackbuilds.org/. It does not have any dependencies. As we do not want yet to replace init with runit, run the slackbuild with CONFIG=no: CONFIG=no ./runit.SlackBuild Then install the resulting package and proceed as follows: mkdir /etc/runit/ /service/ cp -a /usr/doc/runit-*/etc/2 /etc/runit/ /sbin/runsvdir-start & Starting via rc.local For a typical Slackware-stlyle service, you can edit /etc/rc.d/rc.local file if [ -x /sbin/runsvdir-start ]; then /sbin/runsvdir-start & fi and then edit write /etc/rc.d/rc.local_shutdown #!/bin/sh SlackDocs - https://docs.slackware.com/ Last update: 2020/05/06 08:08 (UTC) howtos:slackware_admin:runit https://docs.slackware.com/howtos:slackware_admin:runit RUNIT=x$( /sbin/pidof runsvdir ) if [ "$RUNIT" != x ]; then kill $RUNIT fi Then give rc.local_shutdown executive permission: chmod +x /etc/rc.d/rc.local_shutdown and reboot Starting via inittab (supervised) Remove the entries in /etc/rc.d/rc.local and /etc/rc.d/rc.local_shutdown described above.
    [Show full text]
  • Troubleshooting Guide
    Java Platform, Standard Edition Troubleshooting Guide Release 9 E61074-05 October 2017 Java Platform, Standard Edition Troubleshooting Guide, Release 9 E61074-05 Copyright © 1995, 2017, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency- specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S.
    [Show full text]
  • Container Technologies
    Zagreb, NKOSL, FER Container technologies Marko Golec · Juraj Vijtiuk · Jakov Petrina April 11, 2020 About us ◦ Embedded Linux development and integration ◦ Delivering solutions based on Linux, OpenWrt and Yocto • Focused on software in network edge and CPEs ◦ Continuous participation in Open Source projects ◦ www.sartura.hr Introduction to GNU/Linux ◦ Linux = operating system kernel ◦ GNU/Linux distribution = kernel + userspace (Ubuntu, Arch Linux, Gentoo, Debian, OpenWrt, Mint, …) ◦ Userspace = set of libraries + system software Linux kernel ◦ Operating systems have two spaces of operation: • Kernel space – protected memory space and full access to the device’s hardware • Userspace – space in which all other application run • Has limited access to hardware resources • Accesses hardware resources via kernel • Userspace applications invoke kernel services with system calls User applications E.g. bash, LibreOffice, GIMP, Blender, Mozilla Firefox, etc. System daemons: Windowing system: User mode Low-level system systemd, runit, logind, X11, Wayland, Other libraries: GTK+, Qt, EFL, SDL, SFML, Graphics: Mesa, AMD components networkd, PulseAudio, SurfaceFlinger FLTK, GNUstep, etc. Catalyst, … … (Android) C standard library Up to 2000 subroutines depending on C library (glibc, musl, uClibc, bionic) ( open() , exec() , sbrk() , socket() , fopen() , calloc() , …) About 380 system calls ( stat , splice , dup , read , open , ioctl , write , mmap , close , exit , etc.) Process scheduling Memory management IPC subsystem Virtual files subsystem Network subsystem Kernel mode Linux Kernel subsystem subsystem Other components: ALSA, DRI, evdev, LVM, device mapper, Linux Network Scheduler, Netfilter Linux Security Modules: SELinux, TOMOYO, AppArmor, Smack Hardware (CPU, main memory, data storage devices, etc.) TABLE 1 Layers within Linux Virtualization Virtualization Concepts Two virtualization concepts: ◦ Hardware virtualization (full/para virtualization) • Emulation of complete hardware (virtual machines - VMs) • VirtualBox, QEMU, etc.
    [Show full text]
  • Slides for the S6 Lightning Talk
    The s6 supervision suite Laurent Bercot, 2017 What is an init system ? - “init” is vague terminology. “init wars” happened because nobody had a clear vision on what an init system even is or should be. - The 4 elements of an init system: /sbin/init, pid 1, process supervision, service management. - Not necessarily in the same process. Definition: process supervision A long-lived process (daemon) is supervised when it’s spawned by the supervision tree, a set of stable, long-lived processes started at boot time by pid 1. (Often just pid 1.) Supervision is a good pattern: the service is stable and launched in a reproducible env. Supervision only applies to daemons. Service management: definition - Boot time: bring all services up - Shutdown time: bring all services down - More generally: change services’ states Services can be oneshots (short-lived programs with side effects) or longruns (daemons). They have dependencies, which the service manager should enforce. What features do “init”s offer ? - Integrated init systems (systemd, launchd, upstart): “the big guys”. All four elements in one package, plus out-of-scope stuff. - sysvinit, BSD init: /sbin/init, pid 1, supervision (/etc/inittab, /etc/gettys). Service manager not included: sysv-rc, /etc/rc - OpenRC: service manager. - Epoch: similar to sysvinit + sysv-rc The “daemontools family” - /etc/inittab supervision is impractical; nobody uses it for anything else than gettys. - daemontools (DJB, 1998): the first project offering flexible process supervision. Realistic to supervise all daemons with it. - daemontools-encore, runit, perp, s6: supervision suites. - nosh: suite of tools similar to s6, in C++ Supervision suites are not enough - Only ¼ of an init system.
    [Show full text]
  • Your Init; Your Choice
    Your Computer; Your Init; Your Choice By Steve Litt Version 20150108_1348 Copyright © 2015 by Steve Litt Creative Commons Attribution-NoDerivatives 4.0 International License http://creativecommons.org/licenses/by-nd/4.0/legalcode Available online at http://www.troubleshooters.com/linux/presentations/golug_inits/golug_inits.pdf NO WARRANTY, use at your own risk. Slide 1 of 26 Your Computer; Your Init; Your Choice Steve Litt System Overview ● Kernel runs one program, init. ● Everything else run directly or indirectly by init. Slide 2 of 26 Your Computer; Your Init; Your Choice Steve Litt Many Different Init Systems ● Epoch ● nosh ● OpenRC ● perp ● RichFelker ● runit ● s6 ● systemd ● sysvinit ● Upstart ● uselessd ● Many more ● There's an init for every situation ● You can make your own Slide 3 of 26 Your Computer; Your Init; Your Choice Steve Litt Full vs Partial ● Kernel->full-init at PID1->daemons – Systemd, sysvinit, runit, Epoch, Upstart, etc. ● Kernel->PID1->partial-init->daemons – OpenRC, daemontools, damontools-encore, etc. Slide 4 of 26 Your Computer; Your Init; Your Choice Steve Litt Many Features ● Socket Activation ● Parallel starting ● Event controlled ● Sequential starting ● Daemontools-like ● Numeric ordering ● Simplicity ● Dependency ordering ● Descriptive config ● Work with sysvinit scripts ● Script config ● OS toolkit ● Forget features ● Look for benefits that fit your priorities and situation Slide 5 of 26 Your Computer; Your Init; Your Choice Steve Litt Many Routes to Benefits ● Within and outside of init ● With or without sockets ● With or without packaging ● Cutting edge or oldschool Slide 6 of 26 Your Computer; Your Init; Your Choice Steve Litt Bogus Characterizations ● ___ is a toy. – What does that even mean? ● ___ is not ready for prime time.
    [Show full text]
  • FAQ Release V1
    FAQ Release v1 The Syncthing Authors Jul 28, 2020 CONTENTS 1 What is Syncthing?1 2 Is it “syncthing”, “Syncthing” or “SyncThing”?3 3 How does Syncthing differ from BitTorrent/Resilio Sync?5 4 What things are synced?7 5 Is synchronization fast?9 6 Why is the sync so slow? 11 7 Why does it use so much CPU? 13 8 Should I keep my device IDs secret? 15 9 What if there is a conflict? 17 10 How do I serve a folder from a read only filesystem? 19 11 I really hate the .stfolder directory, can I remove it? 21 12 Am I able to nest shared folders in Syncthing? 23 13 How do I rename/move a synced folder? 25 14 How do I configure multiple users on a single machine? 27 15 Does Syncthing support syncing between folders on the same system? 29 16 When I do have two distinct Syncthing-managed folders on two hosts, how does Syncthing handle moving files between them? 31 17 Is Syncthing my ideal backup application? 33 18 Why is there no iOS client? 35 19 How can I exclude files with brackets ([]) in the name? 37 20 Why is the setup more complicated than BitTorrent/Resilio Sync? 39 21 How do I access the web GUI from another computer? 41 i 22 Why do I get “Host check error” in the GUI/API? 43 23 My Syncthing database is corrupt 45 24 I don’t like the GUI or the theme. Can it be changed? 47 25 Why do I see Syncthing twice in task manager? 49 26 Where do Syncthing logs go to? 51 27 How can I view the history of changes? 53 28 Does the audit log contain every change? 55 29 How do I upgrade Syncthing? 57 30 Where do I find the latest release? 59 31 How do I run Syncthing as a daemon process on Linux? 61 32 How do I increase the inotify limit to get my filesystem watcher to work? 63 33 How do I reset the GUI password? 65 ii CHAPTER ONE WHAT IS SYNCTHING? Syncthing is an application that lets you synchronize your files across multiple devices.
    [Show full text]
  • Achieve Fastest System Startup Sequences
    Achieve Fastest System Startup Sequences. How to tune an Embedded System. Embedded Systems Design Conference ARM vs. x86 July 3, 2014 Kei Thomsen MicroSys Electronics GmbH Agenda • Target: reduce startup time of embedded systems. • Meaning of Fast-Boot. • Comparison of Operating Systems, function, benefit and startup times. • Embedded Systems, boot medium and behavior. • Identifying time consuming artifacts. • Summary. ESDC, July 3, 2014 2 © MicroSys Electronics GmbH Meaning of Fast-Boot? • Sense of time depends on the Application • Is a Windows Start below 60 seconds fast? • Do I want to wait 2 seconds for my camera to start? • An endoscope must be available after a power fault within 0.8 seconds, including graphic on 2 screens: Not possible? It is possible! • Fast-Boot = System start time from reset to running application in shortest time. ESDC, July 3, 2014 3 © MicroSys Electronics GmbH Comparison of Operating Systems, function, benefit and startup times. Standard Operating System Real Time Operating System (RTOS) Linux, Windows (CE) OS-9, QNX, VxWorks … • „All Inclusive Plus“. • „Bed & Breakfast“. • extensive and complex. • simple and fast. • Many functions already included • Additional functions are added and build in. and configured. • Simple to set up, as everything • Simple to create and extend the is included. functionality volume. • Many components available, • Only functions, which are really were it is difficult to understand used / needed. No „nice to have what it is for, or needed by other features“. components. • Long startup times • Very fast startup times ESDC, July 3, 2014 4 © MicroSys Electronics GmbH Function und benefit in Linux (Embedded) • The Kernel-Start of a Linux System initializes the build-in Kernel driver.
    [Show full text]
  • Gentoo Kernel Recent and Future Project
    Gentoo Kernel recent and Future project Fast Releasing and Testing of Gentoo Kernel Packages and Future plans of the Gentoo Kernel Project Alice Ferrazzi <[email protected]> kernel :~ $ whoami - Gentoo Kernel Project Leader - Gentoo Kernel Security - Gentoo General System Administrator - Gentoo Proxy Maintainer - Gentoo Study Meeting Tokyo Organizator Tokyo University of Technology - Google Summer of Code 2017 for Gentoo organization - Currently searching job as researcher in Japan Summary ● What is Gentoo? ○ Why I should consider Gentoo? ● What is Gentoo Kernel Project? ● Kernel related project in Gentoo ● Gentoo Kernel recent and Future project ○ Toward Automation ○ Gentoo Kernel CI ○ kernel security live patch ○ Considering PAX fork ● Concluding What is Gentoo? ● Highly customizable meta-distribution ● Built from source and support for user patching ● Available in most architecture ● Freedom of choice (OpenRC, SystemD, Runit, Epoch, and Busybox) ● Easy maintenance (also of the Linux Kernel) Who is using Gentoo? ● Chrome OS ○ Chrome OS Has Double the Marketshare of Regular Linux in USA(2017/03) ○ Chromebooks outsold Macs for the first time in the US (2016/05) ● Softbank Pepper (NAOqi OS) ● CoreOS ● Most of Gentoo’s sponsors run Gentoo: ○ https://www.gentoo.org/inside-gentoo/sponsors/ ● Daniel Robbins maintains a useful graphic of Gentoo derivatives: ○ http://www.funtoo.org/Gentoo_Ecosystem Why I should consider Gentoo? ● Easy management of most recent upstream including kernel ● Many Kernel options (gentoo-sources, git-sources, rt-sources, ck-sources) ● Increased security with Hardened package ● Kernel Patches managed by package settings (USE flag) ● Gentoo Kernel wiki documentation ● Automatic Kernel deblobing for specific kernel (ck-sources, hardened-sources, rt-sources) What is the Gentoo Kernel Project? ● Writing Gentoo Kernel guide and policy ● Stabilizing Gentoo Kernel for most architectures ● Releasing Gentoo Kernel sources packages ● Writing library for managing the Gentoo Kernel sources installation.
    [Show full text]
  • System, Software, DR, and Skill Requirements Webneers, an EFNEP Web Application
    System, Software, DR, and Skill Requirements WebNeers, An EFNEP Web Application Youth Learning Institute, Clemson University 10-27-2016 Contents Minimum System Requirements .................................................................................................................. 2 Software Requirements ................................................................................................................................ 2 Disaster Recovery Requirements* ................................................................................................................ 2 Skill Requirements ........................................................................................................................................ 3 Development............................................................................................................................................. 3 Server Side ............................................................................................................................................ 3 Client Side ............................................................................................................................................. 3 System Administration .............................................................................................................................. 3 Data and Database Management ............................................................................................................. 3 Competency Matrix .....................................................................................................................................
    [Show full text]
  • Container Mechanics in Linux and Rkt
    Container mechanics in Linux and rkt FOSDEM 2016 Alban Crequy github.com/alban Jonathan Boulle github.com/jonboulle @baronboulle a modern, secure, composable container runtime an implementation of appc (image format, execution environment) rkt simple CLI tool golang + Linux self-contained simple CLI tool no (mandatory) daemon: apps run directly under spawning process bash/runit/systemd rkt application(s) rkt internals modular architecture execution divided into stages stage0 → stage1 → stage2 bash/runit/systemd rkt application(s) bash/runit/systemd/... (invoking process) rkt (stage0) pod (stage1) app1 (stage2) app2 (stage2) bash/runit/systemd/... (invoking process) rkt (stage0) pod (stage1) app1 (stage2) app2 (stage2) stage0 (rkt binary) discover, fetch, manage application images set up pod filesystems commands to manage pod lifecycle bash/runit/systemd/... (invoking process) rkt (stage0) pod (stage1) app1 (stage2) app2 (stage2) bash/runit/systemd/... (invoking process) rkt (stage0) pod (stage1) app1 (stage2) app2 (stage2) stage1 "the container" execution environment for pods process lifecycle management resource constraints (isolators) stage1 (swappable) ● binary ABI with stage0 ● rkt's stage0 calls exec(stage1, args...) ● default implementation ○ based on systemd-nspawn + systemd ○ Linux namespaces + cgroups for isolation ● kvm implementation ○ based on lkvm + systemd ○ hardware virtualisation for isolation bash/runit/systemd/... (invoking process) rkt (stage0) pod (stage1) app1 (stage2) app2 (stage2) bash/runit/systemd/... (invoking
    [Show full text]
  • System Fundamentals
    System Fundamentals System and Network Administration Revision 2 (2020/21) Pierre-Philipp Braun <[email protected]> Table of contents ▶ What is a server? ▶ UNIX history ▶ Linux distributions ▶ Terminal tips & tricks ▶ Lab: install Slackware Linux Legal notice & guidelines ▶ Originally designed for 3rd year bachelors at Innopolis University ▶ Modified and enhanced since then ▶ Downgraded lab, much easier now ▶ Open and public knowledge – resources in the appendix ▶ This course is practice and industry oriented What’s a server? What’s the difference between a server and a desktop computer? in terms of packaging?… Rackmount - DL380 gen 10 DL380 gen 10 (w/o cover) ==> Enterprise-class ▶ Fault-tolerant storage disks ▶ Fault-tolerant Power Supply Units (PSU) ▶ Out-of-band management (Lights-out) Fault-tolerant storage disks RAID controller there is… RAID-1 DL380 gen 10 top view Fault-tolerant Power Supply Units (PSU) DL380 gen 10 rear slots DL380 gen 10 rear filled Racks More racks Datacenter cooling A self-made PC is fine too, as long as it is dedicated! ▶ low-cost PC with some AMD Ryzen inside same goes for a 500 RUB SoC ▶ TI BBB ▶ RPi4 ▶ Nvidia Jetson Nano Developer Kit ▶ … By the way, who’s selling more desktop computer CPUs, Intel or AMD?… ==> AMD took over end 2020 // hardwaretimes.com Still loosing the laptop market // hardwaretimes.com Lights-Out Management (LOM) ▶ THIS IS NOT ABOUT SSH ▶ Dedicated daughter board –or– ▶ Hardware integrated in the mobo Low-level console Reach it through ▶ Serial console ▶ Java ▶ HTML5 Remote management engines HP ▶ Management Processor (MP) on HP9000 systems ▶ HPE Integrated Lights-Out 2 (iLO2) IBM ▶ Baseboard Management Controller (BMC) ▶ e.g.
    [Show full text]
  • The System XVI Manual Release Manual-Pre1.0 David Mackay
    The System XVI Manual Release manual-pre1.0 David Mackay Mar 08, 2020 I: Introduction to System XVI 1 What is System XVI? 3 1.1 The Four Motives............................................3 1.2 Flexibility................................................3 1.3 Fault-Tolerant..............................................4 2 Prior Art 5 2.1 IBM System Resource Controller....................................5 2.2 The Daemontools Family........................................5 2.3 OpenRC.................................................6 2.4 Launchd.................................................6 2.5 SMF...................................................6 3 Principles of System XVI 7 4 Workflow 9 4.1 Dependencies...............................................9 4.2 Getting the Source Tree......................................... 10 4.3 Building System XVI.......................................... 10 i ii The System XVI Manual, Release manual-pre1.0 A forewarning: System XVI is not yet useable, not even in a limited fashion. It remains still prototypical, and will require significant work before making generally available: completion of basic features, making robust the code, and creation of tests. The manual is made available to the public only under this proviso. This is the System XVI Manual. It aims to become an authoritative document on System XVI, or S16, the new System Resource Manager available for Linux and BSD. I: Introduction to System XVI 1 The System XVI Manual, Release manual-pre1.0 2 I: Introduction to System XVI CHAPTER 1 What is System XVI? System XVI, abbreviated S16, is a modern system resource manager for Linux and the BSD distros. It manages system resources, ensuring that they are kept running, self-repairing after faults, and providing the administrator with the information necessary to make appropriate repairs if an un-self-reparable error should occur. It is designed in line with the Four Motives, which are detailed below: 1.1 The Four Motives • Interface Orientation: the system should be designed to fit a clean and stable interface.
    [Show full text]