Re: [tlug] Um, so... systemd?

[Curt Sampson <cjs@example.com>]

On 2017-01-17 09:28 +0900 (Tue), dblomber wrote:

> For systemd a lot of the arguments I hear are around breaking scripts 
> and controls people have built around init.d.

Arguably most of those scripts were already broken in one way or
another and it just wasn't obvious. :-)

But yeah, if you're not just using using standard packages or
Docker+Kubernates or whatever, to get reliable startup you are pretty
much going to have to spend a bit of time learning how systemd works.
On the other hand, either you already had to do that once before with
init.d when you added whatever extra system (daemontools, supervisord,
etc.) to get process supervision. (Or you never did that and you
really, really want to do something to get process supervision, and
systemd is now a nice standard way of doing it.)

> Mix in the journald and binary files becoming increasingly wedged in
> raising some hackles.

Yeah, I'm not a big fan of binary files myself, when they're not
necessary. But in this case I think the tradeoff is worth it; syslog
has always made me nervous with the ability of any program on your
system (and sometimes off it) to insert very nearly arbitrary log
entries into any log file they like. I'm a lot more confident when
trying to diagnose a potential attack when I know I can rely on the
information about what process a log entry came from (assuming my
system hasn't been totally rooted, of course). With the ability to
build a hash chain of log blocks, too, even if my system does get
rooted I can tell if the attacker has been modifying log files.

Revision control systems from SCCS and RCS through [CVS] used
text-format files as well. Subversion and Git switched to a binary
storage format and I think, despite now having to use special tools to
grovel the repo, that was a worthwhile move too.

[CVS]: https://en.wikipedia.org/wiki/Concurrent_Versions_System

> I know a number of people that turn off network manager on RHEL7
> installs due to the number of problems it is causing in their
> environments. 

That's nothing to do with systemd; I generally turn it off also
servers not running systemd, such as RHEL 6.

> Businesses are pressing hard for systemd, journald. Oddly when I ask 
> mine why, the people that reply don't have a real answer for the change. 

Well, sounds like those people are about as well-informed as many of
the folks loudly protesting the change.

> The best reason I see is from Red Hat in Parallelization of boot up 
> making the systems start faster.

It certainly does help a lot with speed, but that's relatively low on
the list of good reasons to make the switch.

The easiest way to see the huge difference is simply to build a tiny
server (along the lines of my [docker-echo], but without the Docker
container around it) and then write what you need to make it start,
run, restart, stop and log reliably under both systemd and your other
favourite init system de jour. That should convert pretty much anybody
if they do it right in both cases. (And no, `echo >>/etc/rc.local
'/opt/myserver/server &'` is not doing it right. :-))

[docker-echo]: https://github.com/c-j-s/docker-echo

cjs
-- 
Curt Sampson         <cjs@example.com>         +81 90 7737 2974

To iterate is human, to recurse divine.
    - L Peter Deutsch