Re: [Freeipa-devel] 389 systemd changes
On 01/23/2012 07:37 AM, Alexander Bokovoy wrote:
On Mon, 23 Jan 2012, Simo Sorce wrote:
On Mon, 2012-01-23 at 08:03 +0200, Alexander Bokovoy wrote:
On Sun, 22 Jan 2012, Simo Sorce wrote:
Shouldn't we just 'include' the original file and not copy it ?
If we include it a change in the file will be automatically picked up.
We can't due to systemd design and use of it in 389-ds.
LimitNOFILE needs to be changed in the service file directly, not in
the environment file in /etc/sysconfig or otherwise it will not be
picked up by the systemd.
I am not talking about using /set/sysconfig options, but the .include
directive for service files.
So, something like this for 389-ds?
No, you should include the actual dirsrv default service file (if any,
otherwise the sysconfig one might be ok I guess).
There is /lib/systemd/system/dirsrv@.service. The content below is
from there and I think there is no need to make .include in a
/etc/systemd/system/dirsrv@.service copy of it as we can ask Rich to
make proper change in the original service unit.
This way we only would have settings in /etc/sysconfig (or in
/etc/dirsrv if that's better) and you'd have no need to intervene into
/etc/systemd/system. Paths are irrelevant but I'd prefer to use common
places like /etc/sysconfig.
Done. This will be going out in 1.2.10.a7. I also changed the spec
file so that the .pid files are removed after shutting down the servers
and before doing the update, so the update to a7 should be smooth even
if ipa does not amend the service file.
Please test and let me know (once it is available).
8<8<8<-
[Unit]
Description=389 Directory Server %i.
BindTo=dirsrv.target
After=dirsrv.target
[Service]
Type=forking
Environment=PIDDIR=/var/run/dirsrv
EnvironmentFile=/etc/sysconfig/dirsrv
EnvironmentFile=/etc/sysconfig/dirsrv-%i
ExecStart=/usr/sbin/ns-slapd -D /etc/dirsrv/slapd-%i -i ${PIDDIR}/slapd-%i.pid
-w ${PIDDIR}/slapd-%i.startpid
.include /etc/sysconfig/dirsrv.systemd
8<8<8<-
and then with following /etc/sysconfig/dirsrv.systemd:
8<8<8<-
[Service]
LimitNOFILE=8192
8<8<8<-
local overrides can be created?
Yes I think if you put directives after the include they will override
whatever is in the include.
Depends on directive.
Also I would put as much as possible in the include file and put in the
specific instance files only the parameters we need to override.
There is no specific instance service unit. There is one service unit
that processes all instances, that's the whole purpose of @-services
(dirsrv@.service).
It seems to work. You can't use %i macro in .include unfortunately so
any configuration change will be global, not per service instance.
That's fine we want to put in there only global configuration anyways,
and then override in our specific per instance control files.
See above. There are no per-instance control files.
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] 389 systemd changes
On 01/23/2012 07:37 AM, Alexander Bokovoy wrote:
On Mon, 23 Jan 2012, Simo Sorce wrote:
On Mon, 2012-01-23 at 08:03 +0200, Alexander Bokovoy wrote:
On Sun, 22 Jan 2012, Simo Sorce wrote:
Shouldn't we just 'include' the original file and not copy it ?
If we include it a change in the file will be automatically picked up.
We can't due to systemd design and use of it in 389-ds.
LimitNOFILE needs to be changed in the service file directly, not in
the environment file in /etc/sysconfig or otherwise it will not be
picked up by the systemd.
I am not talking about using /set/sysconfig options, but the .include
directive for service files.
So, something like this for 389-ds?
No, you should include the actual dirsrv default service file (if any,
otherwise the sysconfig one might be ok I guess).
There is /lib/systemd/system/dirsrv@.service. The content below is
from there and I think there is no need to make .include in a
/etc/systemd/system/dirsrv@.service copy of it as we can ask Rich to
make proper change in the original service unit.
This way we only would have settings in /etc/sysconfig (or in
/etc/dirsrv if that's better) and you'd have no need to intervene into
/etc/systemd/system. Paths are irrelevant but I'd prefer to use common
places like /etc/sysconfig.
I have filed this ticket https://fedorahosted.org/freeipa/ticket/2300
What changes do I need to make to 389?
8<8<8<-
[Unit]
Description=389 Directory Server %i.
BindTo=dirsrv.target
After=dirsrv.target
[Service]
Type=forking
Environment=PIDDIR=/var/run/dirsrv
EnvironmentFile=/etc/sysconfig/dirsrv
EnvironmentFile=/etc/sysconfig/dirsrv-%i
ExecStart=/usr/sbin/ns-slapd -D /etc/dirsrv/slapd-%i -i ${PIDDIR}/slapd-%i.pid
-w ${PIDDIR}/slapd-%i.startpid
.include /etc/sysconfig/dirsrv.systemd
8<8<8<-
and then with following /etc/sysconfig/dirsrv.systemd:
8<8<8<-
[Service]
LimitNOFILE=8192
8<8<8<-
local overrides can be created?
Yes I think if you put directives after the include they will override
whatever is in the include.
Depends on directive.
Also I would put as much as possible in the include file and put in the
specific instance files only the parameters we need to override.
There is no specific instance service unit. There is one service unit
that processes all instances, that's the whole purpose of @-services
(dirsrv@.service).
It seems to work. You can't use %i macro in .include unfortunately so
any configuration change will be global, not per service instance.
That's fine we want to put in there only global configuration anyways,
and then override in our specific per instance control files.
See above. There are no per-instance control files.
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] 389 systemd changes
On Mon, 23 Jan 2012, Simo Sorce wrote:
> On Mon, 2012-01-23 at 08:03 +0200, Alexander Bokovoy wrote:
> > On Sun, 22 Jan 2012, Simo Sorce wrote:
> > > > > Shouldn't we just 'include' the original file and not copy it ?
> > > > > If we include it a change in the file will be automatically picked up.
> > > > We can't due to systemd design and use of it in 389-ds.
> > > >
> > > > LimitNOFILE needs to be changed in the service file directly, not in
> > > > the environment file in /etc/sysconfig or otherwise it will not be
> > > > picked up by the systemd.
> > >
> > > I am not talking about using /set/sysconfig options, but the .include
> > > directive for service files.
> > So, something like this for 389-ds?
>
> No, you should include the actual dirsrv default service file (if any,
> otherwise the sysconfig one might be ok I guess).
There is /lib/systemd/system/dirsrv@.service. The content below is
from there and I think there is no need to make .include in a
/etc/systemd/system/dirsrv@.service copy of it as we can ask Rich to
make proper change in the original service unit.
This way we only would have settings in /etc/sysconfig (or in
/etc/dirsrv if that's better) and you'd have no need to intervene into
/etc/systemd/system. Paths are irrelevant but I'd prefer to use common
places like /etc/sysconfig.
>
> > 8<8<8<-
> > [Unit]
> > Description=389 Directory Server %i.
> > BindTo=dirsrv.target
> > After=dirsrv.target
> >
> > [Service]
> > Type=forking
> > Environment=PIDDIR=/var/run/dirsrv
> > EnvironmentFile=/etc/sysconfig/dirsrv
> > EnvironmentFile=/etc/sysconfig/dirsrv-%i
> > ExecStart=/usr/sbin/ns-slapd -D /etc/dirsrv/slapd-%i -i
> > ${PIDDIR}/slapd-%i.pid -w ${PIDDIR}/slapd-%i.startpid
> > .include /etc/sysconfig/dirsrv.systemd
> > 8<8<8<-
> >
> > and then with following /etc/sysconfig/dirsrv.systemd:
> > 8<8<8<-
> > [Service]
> > LimitNOFILE=8192
> > 8<8<8<-
> >
> > local overrides can be created?
>
> Yes I think if you put directives after the include they will override
> whatever is in the include.
Depends on directive.
> Also I would put as much as possible in the include file and put in the
> specific instance files only the parameters we need to override.
There is no specific instance service unit. There is one service unit
that processes all instances, that's the whole purpose of @-services
(dirsrv@.service).
>
> > It seems to work. You can't use %i macro in .include unfortunately so
> > any configuration change will be global, not per service instance.
>
> That's fine we want to put in there only global configuration anyways,
> and then override in our specific per instance control files.
See above. There are no per-instance control files.
--
/ Alexander Bokovoy
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] 389 systemd changes
On Mon, 2012-01-23 at 08:03 +0200, Alexander Bokovoy wrote:
> On Sun, 22 Jan 2012, Simo Sorce wrote:
> > > > Shouldn't we just 'include' the original file and not copy it ?
> > > > If we include it a change in the file will be automatically picked up.
> > > We can't due to systemd design and use of it in 389-ds.
> > >
> > > LimitNOFILE needs to be changed in the service file directly, not in
> > > the environment file in /etc/sysconfig or otherwise it will not be
> > > picked up by the systemd.
> >
> > I am not talking about using /set/sysconfig options, but the .include
> > directive for service files.
> So, something like this for 389-ds?
No, you should include the actual dirsrv default service file (if any,
otherwise the sysconfig one might be ok I guess).
> 8<8<8<-
> [Unit]
> Description=389 Directory Server %i.
> BindTo=dirsrv.target
> After=dirsrv.target
>
> [Service]
> Type=forking
> Environment=PIDDIR=/var/run/dirsrv
> EnvironmentFile=/etc/sysconfig/dirsrv
> EnvironmentFile=/etc/sysconfig/dirsrv-%i
> ExecStart=/usr/sbin/ns-slapd -D /etc/dirsrv/slapd-%i -i
> ${PIDDIR}/slapd-%i.pid -w ${PIDDIR}/slapd-%i.startpid
> .include /etc/sysconfig/dirsrv.systemd
> 8<8<8<-
>
> and then with following /etc/sysconfig/dirsrv.systemd:
> 8<8<8<-
> [Service]
> LimitNOFILE=8192
> 8<8<8<-
>
> local overrides can be created?
Yes I think if you put directives after the include they will override
whatever is in the include.
Also I would put as much as possible in the include file and put in the
specific instance files only the parameters we need to override.
> It seems to work. You can't use %i macro in .include unfortunately so
> any configuration change will be global, not per service instance.
That's fine we want to put in there only global configuration anyways,
and then override in our specific per instance control files.
> # systemctl show dirsrv@IPA-LOCAL.service|grep LimitNOFILE
> LimitNOFILE=8192
> # systemctl status dirsrv@IPA-LOCAL.service
> dirsrv@IPA-LOCAL.service - 389 Directory Server IPA-LOCAL.
> Loaded: loaded (/lib/systemd/system/dirsrv@.service; enabled)
> Active: active (running) since Mon, 23 Jan 2012 00:47:32 -0500; 11min
> ago
>Process: 30927 ExecStart=/usr/sbin/ns-slapd -D /etc/dirsrv/slapd-%i -i
> ${PIDDIR}/slapd-%i.pid -w ${PIDDIR}/slapd-%i.startpid (code=exited,
> status=0/SUCCESS)
> Main PID: 30929 (ns-slapd)
> CGroup: name=systemd:/system/dirsrv@.service/IPA-LOCAL
> └ 30929 /usr/sbin/ns-slapd -D /etc/dirsrv/slapd-IPA-LOCAL -i
> /var/run/dirsrv/slapd-IPA-LOCAL.p...
>
> I would still need a ticket to make appropriate removals in
> ipapython/platform/fedora16.py so that we would modify
> /etc/sysconfig/dirsrv.systemd and still do symlink re-linking in
> /etc/systemd/system/dirsrv.target.wants/.
ok.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] 389 systemd changes
On Sun, 22 Jan 2012, Simo Sorce wrote:
> > > Shouldn't we just 'include' the original file and not copy it ?
> > > If we include it a change in the file will be automatically picked up.
> > We can't due to systemd design and use of it in 389-ds.
> >
> > LimitNOFILE needs to be changed in the service file directly, not in
> > the environment file in /etc/sysconfig or otherwise it will not be
> > picked up by the systemd.
>
> I am not talking about using /set/sysconfig options, but the .include
> directive for service files.
So, something like this for 389-ds?
8<8<8<-
[Unit]
Description=389 Directory Server %i.
BindTo=dirsrv.target
After=dirsrv.target
[Service]
Type=forking
Environment=PIDDIR=/var/run/dirsrv
EnvironmentFile=/etc/sysconfig/dirsrv
EnvironmentFile=/etc/sysconfig/dirsrv-%i
ExecStart=/usr/sbin/ns-slapd -D /etc/dirsrv/slapd-%i -i ${PIDDIR}/slapd-%i.pid
-w ${PIDDIR}/slapd-%i.startpid
.include /etc/sysconfig/dirsrv.systemd
8<8<8<-
and then with following /etc/sysconfig/dirsrv.systemd:
8<8<8<-
[Service]
LimitNOFILE=8192
8<8<8<-
local overrides can be created?
It seems to work. You can't use %i macro in .include unfortunately so
any configuration change will be global, not per service instance.
# systemctl show dirsrv@IPA-LOCAL.service|grep LimitNOFILE
LimitNOFILE=8192
# systemctl status dirsrv@IPA-LOCAL.service
dirsrv@IPA-LOCAL.service - 389 Directory Server IPA-LOCAL.
Loaded: loaded (/lib/systemd/system/dirsrv@.service; enabled)
Active: active (running) since Mon, 23 Jan 2012 00:47:32 -0500; 11min
ago
Process: 30927 ExecStart=/usr/sbin/ns-slapd -D /etc/dirsrv/slapd-%i -i
${PIDDIR}/slapd-%i.pid -w ${PIDDIR}/slapd-%i.startpid (code=exited,
status=0/SUCCESS)
Main PID: 30929 (ns-slapd)
CGroup: name=systemd:/system/dirsrv@.service/IPA-LOCAL
└ 30929 /usr/sbin/ns-slapd -D /etc/dirsrv/slapd-IPA-LOCAL -i
/var/run/dirsrv/slapd-IPA-LOCAL.p...
I would still need a ticket to make appropriate removals in
ipapython/platform/fedora16.py so that we would modify
/etc/sysconfig/dirsrv.systemd and still do symlink re-linking in
/etc/systemd/system/dirsrv.target.wants/.
--
/ Alexander Bokovoy
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] 389 systemd changes
On Sun, 2012-01-22 at 15:12 +0200, Alexander Bokovoy wrote: > On Sun, 22 Jan 2012, Simo Sorce wrote: > > > On Sat, 2012-01-21 at 10:54 +0200, Alexander Bokovoy wrote: > > > On Fri, 20 Jan 2012, Rich Megginson wrote: > > > > > > > I have to change the dirsrv@.service file for 389 in order to add > > > > ExecStopPost=/usr/bin/rm -f > > > > @localstatedir@/run/@package_name@/slapd-%i.pid > > > > so that the pid file is removed during shutdown. Without this, > > > > various upgrade things fail silently until they blow up later at > > > > runtime. > > > > > > > > I know the freeipa installer copies this file from > > > > /lib/systemd/system to /etc/systemd/system - what about during > > > > upgrade? > > > In Fedora we have upgrade script that can handle this. Please make a > > > ticket for me. > > > > Shouldn't we just 'include' the original file and not copy it ? > > If we include it a change in the file will be automatically picked up. > We can't due to systemd design and use of it in 389-ds. > > LimitNOFILE needs to be changed in the service file directly, not in > the environment file in /etc/sysconfig or otherwise it will not be > picked up by the systemd. I am not talking about using /set/sysconfig options, but the .include directive for service files. Simo. -- Simo Sorce * Red Hat, Inc * New York ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] 389 systemd changes
On Sun, 22 Jan 2012, Simo Sorce wrote: > On Sat, 2012-01-21 at 10:54 +0200, Alexander Bokovoy wrote: > > On Fri, 20 Jan 2012, Rich Megginson wrote: > > > > > I have to change the dirsrv@.service file for 389 in order to add > > > ExecStopPost=/usr/bin/rm -f > > > @localstatedir@/run/@package_name@/slapd-%i.pid > > > so that the pid file is removed during shutdown. Without this, > > > various upgrade things fail silently until they blow up later at > > > runtime. > > > > > > I know the freeipa installer copies this file from > > > /lib/systemd/system to /etc/systemd/system - what about during > > > upgrade? > > In Fedora we have upgrade script that can handle this. Please make a > > ticket for me. > > Shouldn't we just 'include' the original file and not copy it ? > If we include it a change in the file will be automatically picked up. We can't due to systemd design and use of it in 389-ds. LimitNOFILE needs to be changed in the service file directly, not in the environment file in /etc/sysconfig or otherwise it will not be picked up by the systemd. -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] 389 systemd changes
On Sat, 2012-01-21 at 10:54 +0200, Alexander Bokovoy wrote: > On Fri, 20 Jan 2012, Rich Megginson wrote: > > > I have to change the dirsrv@.service file for 389 in order to add > > ExecStopPost=/usr/bin/rm -f @localstatedir@/run/@package_name@/slapd-%i.pid > > so that the pid file is removed during shutdown. Without this, > > various upgrade things fail silently until they blow up later at > > runtime. > > > > I know the freeipa installer copies this file from > > /lib/systemd/system to /etc/systemd/system - what about during > > upgrade? > In Fedora we have upgrade script that can handle this. Please make a > ticket for me. Shouldn't we just 'include' the original file and not copy it ? If we include it a change in the file will be automatically picked up. Simo. -- Simo Sorce * Red Hat, Inc * New York ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] 389 systemd changes
On Fri, 20 Jan 2012, Rich Megginson wrote: > I have to change the dirsrv@.service file for 389 in order to add > ExecStopPost=/usr/bin/rm -f @localstatedir@/run/@package_name@/slapd-%i.pid > so that the pid file is removed during shutdown. Without this, > various upgrade things fail silently until they blow up later at > runtime. > > I know the freeipa installer copies this file from > /lib/systemd/system to /etc/systemd/system - what about during > upgrade? In Fedora we have upgrade script that can handle this. Please make a ticket for me. -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
