Darren.Reed at Sun.COM wrote: > Darren J Moffat wrote: > >> I'm still not convinced that there shouldn't be multiple different >> services here. There are as far as I can tell different fault >> boundaries and the need to restart independently between filter, nat >> and ipmon. So why should they be a single service under SMF with >> a new ipfadm command that does make the distinction that you can >> restart them. >> >> I'm really not getting it, sorry. > > > What you don't see, at present, is the implicit relationship > between the "sub-services" within IPFilter. > > If the these "sub-services" are extracted out, then the new > services need to be defined such that the relationship between > them remains correct. I'm not sure that the current definitions > available within the SMF schema allow for an adequate map to > be formed to represent this. > > On top of this comes the question of whether it is beneficial > to expose this level of detail about a single service to > administrators, not to mention that it is no longer possible > to have both more fine grained control as well as preserving > the simple "svcadm enable ipfilter" that people use today.
So exactly how are you not exposing that by having an ipfadm command ? svc:/network/ipfilter:default depends on svc:/network/ipfilter/filtering svc:/network/ipfilter/nat svc:/network/ipfilter/mon Then you do: $ svcadm enable -r ipfilter Yes it isn't identical but neither is saying you shouldn't use svcadm and instead use a new ipfadm command. > Taking the position of we need to be able to manage each specific > fault boundary, individually, then almost every daemon/command > requires its own SMF service as each may fail or need managing > in its own manner. No it really doesn't work like that. > Reading this thread and the NFS thread, it is becoming clearer > to me that we need to think about expanding the depth of what > SMF can provide, so that maybe we can have (for example) both > major and minor fault boundaries. That sounds interesting. I think in a way you can actually do that today anyway if your start method uses multiple contracts. Take what GDM and sshd do. The master "listener" is in a contract and the "logins" are each in their own. This ensures they have different fault boundaries but there is only one service. I'm not sure that is how you would want to implement the distinction between ipfilter/ipnat/ipmon though. -- Darren J Moffat
