On 11/22/16 15:36, John Boeske wrote:
On Tue, Nov 22, 2016 at 10:46 AM, John Boeske wrote
I don't understand this philosophical point - why wouldn't you want
the rc.d framework to manage pf, quota, etc. whenever it's natural.
With pf, for example, it surely is.
One of the reasons I loved AIX's System Resource Controller (SRC)
was that it did present a unified management interface to all
system resources whether daemon or built in.
Using a consistent rc.d/rcctl framework to manage system services
and daemons - even pkg_add daemons - seems a good idea. Consistent
interfaces, fewer interfaces, less special-casing all simplify
management, thus minimize the chance of error and enhance security.
This is true whether management is local or through a remote tool
like ansible. Or?
Oops. Meant "pkg_script daemons" above...
John
I designed a single-point-of-control management system for
AIX clusters. It was five software layers - three on the control
two on the controlled system. All of the layers were necessary
for reliable and reconfigurable operation.
As you may think it wasn't easy. It *did* work very well and
was configurable. It had to be since it rode on top of all
the normal Unix-like system control programs. It *was*
reconfigurable so it could track AIX updates (and IBM
requirement changes).
Before you advocate adding layers consider all the possible
error paths including hangs. Consider tracking interactions
between subsystems. Consider how you'll report
errors and status. To do it right isn't simple.
Geoff Steckel
