Scribd Logo
Upload

Welcome to Scribd!

  • SMF (5) : Solaris 10 Service Management Facility

    Uploaded by

    dean-sti
    5 views28 pages
    The document provides an overview of the Solaris 10 Service Management Facility (smf). Key points: - SMF aims to improve service management by providing operating system support for services through a unified service model, centralized repository, and dependency engine. - It addresses issues with the previous approach such as lack of connection between different types of services, limited error handling, and hard to manage configuration files. - SMF's goals include simplifying administration, making services self-healing, and providing a unified application deployment model. - Core components include commands for querying service status, managing services, and manipulating the repository. Daemons provide the dependency engine and repository. Services are defined through manifests stored

    Original Description:

    smf(5): Solaris 10 Service Management Facility

    Original Title

    smf(5): Solaris 10 Service Management Facility

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides an overview of the Solaris 10 Service Management Facility (smf). Key points: - SMF aims to improve service management by providing operating system support for services through a unified service model, centralized repository, and dependency engine. - It addresses issues with the previous approach such as lack of connection between different types of services, limited error handling, and hard to manage configuration files. - SMF's goals include simplifying administration, making services self-healing, and providing a unified application deployment model. - Core components include commands for querying service status, managing services, and manipulating the repository. Daemons provide the dependency engine and repository. Services are defined through manifests stored

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    5 views28 pages

    SMF (5) : Solaris 10 Service Management Facility

    Uploaded by

    dean-sti
    The document provides an overview of the Solaris 10 Service Management Facility (smf). Key points: - SMF aims to improve service management by providing operating system support for services through a unified service model, centralized repository, and dependency engine. - It addresses issues with the previous approach such as lack of connection between different types of services, limited error handling, and hard to manage configuration files. - SMF's goals include simplifying administration, making services self-healing, and providing a unified application deployment model. - Core components include commands for querying service status, managing services, and manipulating the repository. Daemons provide the dependency engine and repository. Services are defined through manifests stored

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 28

    smf(5): Solaris 10

    Service Management Facility


    Liane Praza
    Solaris Kernel Development
    25 May 2004
    Outline
    ● What is smf(5)?
    – (“The service management facility.”)
    – Motivations
    – Key capabilities
    – Tour
    – Examples
    ● Interesting adjustments
    ● Next steps

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    Motivation
    ● Typical usage show there is a difference between a
    service and a mere program: one must always be
    running to meet business objectives
    ● Little operating system support for service-based
    management
    – No connection between boot-launched services,
    “metaserver”- or “superserver”-launched services
    ● Lack of knowledge of service boundary and interservice
    relationships limits error handling ability of system

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    Motivation, 2
    ● Hard to articulate “thousands of different text files” as
    a design principle
    – Can we split configuration and “metaconfiguration”?
    ● Parallel startup is a subproblem
    – But take advantage of faster hardware
    ● Where can we remove opportunities for error from the
    system?

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    Goal 0: Reassurance
    Everything still works*
    ● Preserve compatibility
    – ISVs packages delivering SysV scripts will just work
    – Documented /etc/init.d scripts work or return
    correct invocation
    – No configuration files absorbed (except inetd.conf)
    ● Conversion may be done piecemeal and is a
    lightweight act
    – Only need a service manifest; no other changes to
    configuration source
    – rc.d scripts replaced by (or reinvoked as) service
    methods
    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.
    Goal 1: Improve “pilot model”
    ● Simplify and secure system administration:
    – reduce human error by preventing bad configs
    – provide administrator “undo” button
    – disaster recovery using safe snapshots
    – provide fine-grained RBAC security for admins
    – use directory-based configuration  leverage
    ● Make Solaris services self-healing:
    – automatic fault diagnosis using Solaris FMA
    – automatic restart in response to various faults
    ● kill(-1, SIGKILL)

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    Goal 2: Unify application deployment
    ● Create base system abstractions for services and
    “bake” into Solaris OE
    – applications and descriptive meta-data
    – hardware devices and layered software config
    ● Single deployment model for software developers
    – stability (uniform way to express dependencies)
    – virtualization (blades, domains, zones)
    ● Foundation for service-based resource mgmt
    ● Modern, flexible configuration
    – Easier to develop management applications

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    Greenline services
    ● What's a service?
    – Abstract description of a long-lived software object
    – Each instance of a service has a well-defined state and
    a well-defined error boundary [process contract]
    – Each service defines “methods” and “dependencies”
    ● Start, stop, refresh, etc.; interservice relationships
    ● A consistent specification
    – Can state dependencies stably (unavailable today)
    – Generic restart facility provided by default; customized
    restart capabilities available to vendor
    ● Admins can get a meaningful system view

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    Greenline repository
    ● All data (services, methods, etc.) stored in persistent,
    transaction-based repository
    – Transactions/snapshots allow “undo”, rollback to safe
    configuration
    – Repository can be local, in directory [later], or mixed
    [later]
    ● NOT a giant registry: mainly svc mgmt properties
    ● Can contain simple configurations through property
    bundles
    – All configurations in repository can be read/written
    using a common API  lowers management s/w
    development times
    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.
    Software delivery
    ● Each package delivering services does so via a “service
    manifest”
    ● Manifest contains descriptions of each service, which
    in turn specify
    – Names of services
    – Dependencies on other services and methods for
    service instance start/stop/refresh
    – Default properties and “service template”, which
    provides support for administrative apps via
    ● Localized property descriptions
    ● Links to documentation
    ● Soon: meaningful property values (valid ranges,
    definitions, etc.)
    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.
    Endpoints
    ● All core daemons/start-up converted to services
    – Stable milestones for existing run-levels as well as
    new, more fine-grained stages
    (milestone/network/basic, milestone/name­
    services)
    – Boot/restart fully parallel
    – Goal is to have all Solaris init.d scripts converted
    ● Public configurations placed on EOF/compatibility
    path
    – Based on impact; surveying administrator population
    now, looking for developer feedback

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    Component overview
    ● General commands:
    – svcs(1) service status listings
    – svcadm(1M) administrative actions
    – svccfg(1M) general property manipulation
    – svcprop(1) property reporting (scripting)
    ● inetd(1M) management commands:
    – inetadm(1M) administrative actions/property mods
    – inetconv(1M) conversion of legacy inetd.conf entries
    ● Daemons
    – svc.startd(1M) dependency engine, master restarter
    – svc.configd(1M) repository, authorization
    – inetd(1M) delegated
    Copyright 2004 Sun Microsystems, Inc. Proprietaryrestarter
    and confidential.
    Component overview, 2
    ● Contracts subsystem:
    – ctrun(1M) execute with process contract
    – ctstat(1M) display active contracts
    – ctwatch(1M) monitor contract events
    – libcontract(3LIB) Contract APIs
    – /system/contract contract filesystem
    ● Other Libraries
    – libscf(3LIB) repository APIs
    ● Directories
    – /var/svc manifests, profiles, logs
    – /etc/svc binary repository
    – binaries,
    /lib/svcCopyright 2004 methods,
    Sun Microsystems, seeds,
    Inc. Proprietary and confidential. support files
    Architecture schematic
    management observability
    agent inet-service service
    agent

    inetd(1M)
    repository API

    svc.configd(1M) svc.startd(1M)

    process repository init(1M)


    contract client

    KERNEL

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    svcs(1) in action
    ● List active instances, sorted by state, time
    ● Show dependencies (-d) and dependents (-D)
    ● Show member processes (-p), additional details (-v)
    $ svcs
    STATE STIME FMRI
    ....
    online 18:18:30 svc:/internet/http:apache
    online 18:18:29 svc:/internet/smtp:sendmail
    ....
    $ svcs -p internet/smtp:sendmail
    STATE STIME FMRI
    online 18:18:29 svc:/internet/smtp:sendmail
    100180 18:18:29 sendmail
    100181 18:18:29 sendmail
    $ svcs -v internet/smtp:sendmail
    STATE NSTATE STIME CTID FMRI
    online - 18:18:29 21 svc:/internet/smtp:sendmail
    $ svcs -d internet/smtp:sendmail
    STATE STIME FMRI
    online 18:18:27 svc:/milestone/single-user:default

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    svcadm(1M) in action
    ● Enable, disable, refresh, restart service instances
    ● Mark in special states (maintenance, degraded)

    $ grep sch /etc/user_attr


    sch::::auths=solaris.smf.modify,solaris.smf.manage
    $ svcs -a internet/http:apache
    STATE STIME FMRI
    - ? svc:/internet/http:apache
    $ svcadm enable internet/http:apache
    STATE STIME FMRI
    online 19:19:01 svc:/internet/http:apache
    $ # edit /etc/apache/httpd.conf
    $ svcadm refresh internet/http:apache
    $ svcs -a internet/http:apache
    STATE STIME FMRI
    online 19:19:33 svc:/internet/http:apache
    $ svcadm disable internet/http:apache
    $ svcs -a internet/http:apache
    STATE STIME FMRI
    disabled 19:20:07 svc:/internet/http:apache

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    svccfg(1M) in action
    ● Import, export manifests; apply, extract profiles
    ● Interactive mode for modifying properties
    $ grep sch /etc/user_attr
    sch::::auths=solaris.smf.modify,solaris.smf.manage
    $ svccfg -v /var/svc/manifest/http-apache.xml
    svccfg: Successful import.
    $ svccfg
    svc:> select internet/http:apache
    svc:/internet/http:apache> listprop
    ...
    general framework
    general/enabled boolean false
    ...

    start method
    start/exec astring "/lib/svc/method/http-apache start"
    start/timeout_seconds count 10
    start/type astring method
    svc:/internet/http:apache> editprop
    [$EDITOR launches, allows direct editing of properties]
    svc:/internet/http:apache> exit
    $ svccfg extract > currently-active.xml

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    svcprop(1) in action
    ● List properties of services and instances
    ● Fetch in convenient forms for scripting
    ● Wait for property changes (­w)
    $ svcprop internet/http:apache
    network/entities fmri \
    svc://localhost/milestone/network/ipv4-local ...
    network/grouping astring require_any
    network/restart_on astring error
    network/type astring service
    general/enabled boolean false
    refresh/exec astring /lib/svc/method/http-apache\ refresh
    refresh/timeout_seconds count 60
    refresh/type astring method
    stop/exec astring /lib/svc/method/http-apache\ stop
    stop/timeout_seconds count 60
    stop/type astring method
    start/exec astring /lib/svc/method/http-apache\ start
    start/timeout_seconds count 10
    start/type astring method
    $ svcprop -p enabled internet/http:apache
    false

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    coreadm(1M) service description
    <service name='system/coreadm' type='service' version='1'>
    <single_instance />
    <instance name='default' enabled='true'>
    <dependency name='configuration' grouping='require_all'
    restart_on='none' type='service'>
    <service_fmri value='svc:/system/filesystem/minimal:default'/>
    </dependency>

    <exec_method type='method' name='start'


    exec='/lib/svc/share/bin/svc-coreadm %f' timeout='0' />
    <exec_method type='method' name='stop'
    exec=':true' timeout='0' />
    </instance>
    <stability value='Evolving' />
    <template>
    <description><local_description locale='C'>
    System-wide core file configuration service.
    </local_description></description>

    <documentation>
    <manpage title='coreadm' section='1M'
    manpath='/usr/share/man' />
    <doc_link uri='[stable docs.sun.com URL]' />
    </documentation>
    </template>
    </service>

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    Miscellaneous
    ● Dependencies can be “any”, “all”, “optional”, and
    “exclude”
    ● ptree(1M) and pgrep(1M)/pkill(1M) have contract-
    awareness through ­c option (ancestor resolving)

    $ svcs -v internet/ssh:default
    STATE NSTATE STIME CTID FMRI
    online - 19:34:21 25 svc:/internet/ssh:default
    $ pgrep -c 25 -lf
    100930 /usr/lib/ssh/sshd
    $ ptree 100930
    100930 /usr/lib/ssh/sshd
    $ ptree -c 100930
    100079 /lib/svc/bin/svc.startd
    c100930 /usr/lib/ssh/sshd
    # pkill -9 sshd
    $ pgrep sshd
    100938
    $ svcs -pv internet/ssh:default
    STATE NSTATE STIME CTID FMRI
    online - 19:37:38 26 svc:/internet/ssh:default
    100938 19:37:38 sshd

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    Interesting adjustments
    ● Now manage a graph of named services and
    dependencies
    – Simplify some such graphs from applications and
    complexinstallers
    – Service dependencies can hide single-system/multi-
    tier deployment from application
    ● Now have restarter support
    – smf(5) and contracts subsystem allow reduction or
    enhancement of restart features
    ● smf(5) in both global and non-global zones

    smf(5)/FMA integration ⇒ software diagnoses

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    What we need from you

    Feedback

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    Next steps
    ● Try it out! [Arriving in later EA/Express]
    – Identify and address obstacles to adoption
    – Identify key ISVs for adoption, where appropriate
    – Review documentation; test drive features directly
    ● Send us feedback
    – Additional interfaces; additional milestones
    – Discuss restarter possibilities
    ● For more information
    – http://greenline.sfbay
    – greenline-interest@sun.com

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    Supplementary material
    Start-up and configuration today
    Today
    /dev/*
    low-level devices
    network interfaces
    /etc/inittab
    /etc/init.d/* invocation,
    /etc/rc?.d/*
    /etc/inet/inetd.conf
    termination

    /etc/system
    /etc/default/*
    /etc/inet/*
    /etc/hostname* properties
    /etc/dhcp/*
    /etc/ppp/*

    file system permissions security

    NSS backends repository


    local files
    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.
    Start-up and configuration tomorrow
    Today Tomorrow
    /dev/*
    low-level devices device services
    network interfaces
    /etc/inittab
    service methods
    /etc/init.d/* invocation, service dependencies
    /etc/rc?.d/*
    /etc/inet/inetd.conf
    termination milestones

    /etc/system
    /etc/default/*
    /etc/inet/*
    /etc/hostname* properties service properties
    /etc/dhcp/*
    /etc/ppp/*

    entity authorizations
    file system permissions security delegated roles
    security profiles

    NSS backends repository DSS datastores


    local files local cache

    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.


    What’s a Greenline service?
    ● A persistently-running application
    inetd(1M)
    ● A named instance of the service entity
    schema:
    – Start, stop, restart, health/status
    service methods
    milestone/ – Properties (bundles)
    network/ – Restart relationship(s)
    ipv4-physical
    ● Example: Internet restarter service
    – init.d code → method
    – inetd.conf → properties
    hme0
    – rc.d order → milestone dependency
    Copyright 2004 Sun Microsystems, Inc. Proprietary and confidential.
    liane.praza@sun.com

    You might also like