Re: Linuxisms in s6

From: Jan Bramkamp <crest_at_rlwinm.de>
Date: Fri, 26 Aug 2016 12:44:56 +0200

On 25/08/16 23:17, Adrian Chadd wrote:
> On 25 August 2016 at 14:13, Warner Losh <imp_at_bsdimp.com> wrote:
>> On Thu, Aug 25, 2016 at 3:08 PM, Adrian Chadd <adrian_at_freebsd.org> wrote:
>>> On 25 August 2016 at 12:48, Lars Engels <lars.engels_at_0x20.net> wrote:
>>>> On Thu, Aug 25, 2016 at 08:46:10AM -0700, Adrian Chadd wrote:
>>>>> On 24 August 2016 at 21:53, Jonathan de Boyne Pollard
>>>>> <J.deBoynePollard-newsgroups_at_ntlworld.com> wrote:
>>>>>> http://adrianchadd.blogspot.co.uk/2016/08/freebsd-on-tiny-system-whats-missing.html?showComment=1471236502051#c1305086913155850955
>>>>>> , Adrian Chadd:
>>>>>>
>>>>>>> We're using s6 at work, and it works out mostly ok. Mostly once you get
>>>>>>> around the linuxisms, and the lack of sensible time code in it (its
>>>>>>> calculations for daemon run duration is based on system time, not wall
>>>>>>> clock, so if your box boots jan 1, 1970 then gets NTP, things are..
>>>>>>> hilarious), and some of the arcane bits to get logging working right.
>>>>>>>
>>>>>> What are these Linuxisms in s6? s6-linux-utils and s6-linux-init have
>>>>>> Linuxisms, obviously. But what Linuxisms does s6 have?
>>>>>
>>>>> We just had a bunch of fun trying to get it to build right, and the
>>>>> uptime stuff really threw us.
>>>>>
>>>>> It's fine though, I found that s6 may start growing an IPC mechanism
>>>>> so we could possibly do a launchd/jobd style service later (ie to run
>>>>> things upon event changes, like ifup, ifdown, ifcreate, ifdestroy,
>>>>> arbitrary messages, etc) so I may try incorporating it again. :)
>>>>>
>>>>
>>>> Can't this be done with devd?
>>>
>>> Sure, but I'm looking for something more generic than just devd. Like,
>>> notifications about events like "default route is up" can be done by
>>> sniffing the rtsock, but notifications like "ntpdate has updated the
>>> date, we can now do crypto services" doesn't happen there right now.
>>
>> devd was never intended to be limited to just device events from the
>> kernel. It has grown beyond that, and could easily grow to cope with
>> routing events and other notifications. No need to reinvent everything
>> for that.
>
> Right. I don't want to reinvent the wheel if it can be avoided.

Afaik devd is limited handling events reported by the kernel on
/etc/devctl. There is no way to inject events into arbitrary events from
userspace into devd (no ptrace hacks don't count).

> But there are other things that want to produce and consume events.
> eg, openvpn bringing up a VPN triggering possible ipfw rule changes.
> Or openvpn coming down triggering other ipfw rule changes.

FreeBSD offers several IPC APIs but non of them can implemented reliable
multicast as this would require an unbounded journal in stable memory.
For most use-cases reliable notification of the current state is enough.
Instead of reliably multicasting each message to each recipient just
send each observer the latest state of each observed value e.g. in your
OpenVPN example the IPFW wrapper doesn't care how many time the tunnel
flapped. The user just wants the right firewall configuration for his
current network environment. He doesn't want to replay every change on
the way.

In macOS has notifyd offers this service. The optimizations in notifyd
make it too large to just import its services into an init process, but
having a simpler reliable notification mechanism early would be useful.

>> What devd doesn't do is launchd / job control. That would be a whole
>> new kettle of fish for it, and one for which it may be ill suited. Though
>> viewed in the right way, it's all just a series of notifications: This service
>> is up, this is down, user wants to start this other one, etc, so maybe
>> it wouldn't so bad...
>
> Well, ideally the jobd would sit on the message bus and take commands
> to do things. Like dbus and udevd did in linux, before systemd
> steamrolled over them. But then if I suggest we need a message bus
> daemon up and going so arbitrary system pieces could talk to other
> system pieces, I'll likely be shouted at.
>
> But not by jkh. He'd likely be "YOURE ONLY JUST GETTING AROUND TO THIS
> NOW?" and laugh a lot.
>
> (jkh - please come to the next bafug so we can talk shop..)

Process spawning and supervision should be separate from the policy
engine(s) as the process supervision graph should be a tree rooted in
pid 1, but the user might want to run multiple rule/policy engines. An
init process should just offer the required mechanisms and nothing more.
Convenient policies can be implemented on top of those mechanisms.

For my own init system I'm still not sure if the init process should
track services and their dependencies at all or just processes and keep
the concept of services and dependencies in a service management process
instead of the init process.
Received on Fri Aug 26 2016 - 10:44:56 UTC

This archive was generated by hypermail 2.3.0 : Sun May 09 2021 - 19:44:19 UTC