| Steve Litt on 5 Aug 2018 18:10:45 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] LINUX ADMIN ADVICE |
On Sat, 4 Aug 2018 05:27:30 -0400 Rich Kulawiec <rsk@gsp.org> wrote: > On Thu, Aug 02, 2018 at 07:23:07AM -0400, Rich Freeman wrote: > > Sure, but while you're busying fixing bugs it doesn't hurt to have > > the service still running, vs paying somebody to babysit it, or > > writing custom scripts to babysit stuff for you. > > Restarting a service which has provided a demonstration proof that > it's broken isn't a good operational practice. It *does* hurt to > have it still running. It should be shut down until such time as the > problem is reproduced, isolated, understood, debugged, and fixed. > > > Proving that your software doesn't have bugs is a near-impossible > > task. Defense in depth makes a lot more sense. And as I mentioned > > systemd does a lot more than just restart services. > > 1. Blindly restarting a failed service isn't a "defense" of any kind. > It's wishful thinking. > > 2. I'm well aware that systemd "does a lot more". But that's not > a feature. That's a catastrophic design blunder, one which is > obvious to anyone with even a rudimentary grasp of the "Software > Tools" and Unix philosophies. > > 3. You do know that this isn't my first day on the job, yes? > > > IMO if your requirements are so simple that rc.local does everything > > you need, there is a good chance that rc.local is already too > > complex for you. Why not just make init a bash script? > > I think you're missing the point. If your requirements, for a value > of "you" meaning "pretty much all of you", aren't that simple or > nearly so, then you're probably doing it wrong. The solution to that > isn't to layer on yet more complexity, it's to step back, re-evaluate > the design, and consider how it could be done more elegantly, simply, > and robustly. > > This requires more work. It may require throwing things away that had > substantial effort invested in them. It sometimes requires going > back to a blank whiteboard. It may be tedious and expensive. But > it's what I'd expect competent professionals to do. If you want a crash to stay crashed, you can set it to do so in systemd or s6. You can do it in runit with a simple forever loop hack or a downfile hack. OpenRC has no facility (in and of itself) to restart. So the person wanting single-shot behavior will always be able to get his way, regardless of init system. SteveT Steve Litt Author: The Key to Everyday Excellence http://www.troubleshooters.com/key Twitter: http://www.twitter.com/stevelitt ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug