Forum: CFEngine Help
Subject: Why it's necessary to restart defined service one time.
Author: juriskrumins
Link to topic: https://cfengine.com/forum/read.php?3,27210,27210#msg-27210
Playing around with service promise I've written custom service control bundle
to test service status and act up on it.
I've created following bundles and bodies:
# cat ctco_stdlib.cf
....
##############################################################
# Redefined service_method from cfengine_stdlib.cf
# We suppose that evey single service gets managed using /sbin/service command.
# Promise name shoud be the same as service name in /etc/init.d dir.
# Use custom_service as service_method.
# custom_service("","")
# In most cases =1
##############################################################
body service_method custom_service(pattern,ppid)
{
service_bundle =>
generic_services("$(this.promiser)","$(this.service_policy)","$(pattern)","$(ppid)");
}
bundle agent generic_services(service,state,proc_name,proc_ppid)
{
vars:
linux::
"startcommand[$(service)]" string => "/sbin/service $(service) start";
"stopcommand[$(service)]" string => "/sbin/service $(service) stop";
"pattern[$(service)]" string => "$(proc_name)";
classes:
"start" expression => strcmp("start","$(state)"),
comment => "Check if to start a service";
"stop" expression => strcmp("stop","$(state)"),
comment => "Check if to stop a service";
processes:
start::
"$(pattern[$(service)])"
comment => "Verify that the service appears in the process table",
process_select =>
proc_command_ppid("$(pattern[$(service)])","$(proc_ppid)"),
restart_class => "start_$(service)";
stop::
"$(pattern[$(service)])"
comment => "Verify that the service does not appear in the process",
process_stop => "$(stopcommand[$(service)])",
process_select =>
proc_command_ppid("$(pattern[$(service)])","$(proc_ppid)"),
signals => { "term","kill" };
commands:
"$(startcommand[$(service)])"
comment => "Execute command to restart the $(service) service",
ifvarclass => "start_$(service)";
}
body process_select proc_command_ppid(command,ppid)
{
ppid => irange("$(ppid)","$(ppid)");
command => "$(command)";
process_result => "command.ppid";
}
Then I use this bundles and bodies in the following promise:
# cat sshd.cf
bundle agent sshd
{
......
services:
redhat|centos::
"sshd"
service_policy => "start",
service_method => custom_service(".*/sshd","1");
......
}
#
So running previously mentioned policies I get following output:
cf3> Observe process table with /bin/ps -eo
user,pid,ppid,pgid,pcpu,pmem,vsz,pri,rss,nlwp,stime,time,args
cf3>
cf3> .........................................................
cf3> Promise's handle:
cf3> Promise made by: ".*/sshd"
cf3>
cf3> Comment: Verify that the service appears in the process table
cf3> .........................................................
cf3>
cf3> -> Making a one-time restart promise for .*/sshd
cf3>
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3> Skipping whole next promise (.*/sshd), as context stop is not
relevant
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3>
cf3> =========================================================
cf3> commands in bundle generic_services (1)
cf3> =========================================================
cf3>
cf3> -> Promiser string contains a valid executable (/sbin/service) -
ok
cf3>
cf3> .........................................................
cf3> Promise's handle:
cf3> Promise made by: "/sbin/service sshd start"
cf3>
cf3> Comment: Execute command to restart the sshd service
cf3> .........................................................
cf3>
cf3> -> Executing '/sbin/service sshd start'
...(timeout=-678,owner=-1,group=-1)
cf3> -> (Setting umask to 77)
cf3> -> Finished command related to promiser "/sbin/service sshd
start" -- succeeded
cf3> Q: "...in/service sshd": Starting sshd: ESC[60G
cf3> I: Last 1 quoted lines were generated by promiser "/sbin/service
sshd start"
cf3> -> Completed execution of /sbin/service sshd start
cf3>
And finally my question is why it's necessary to restart this service one time
as it was mentioned in the output:
cf3> -> Making a one-time restart promise for .*/sshd
It's not a problem for sshd in this case. But for custom in-house services
running /sbin/service start one more time, while is running can lead to a
problem.
_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine
