enterprise linux 7 new feature_systemd_booting
TRANSCRIPT
-
Enterprise Linkx 7 New FeatureRHEL , OEL , CentOS , Fedora
Suk Kim , Oracle ACE Director
Nobreak Senior managed Consultant
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
. .
( , , )
.
Contacts : [email protected]
-
systemd systemd systemd init (systemd vs. init) , , , / systemd-analyze
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
( nick : )
) ( Oracle ACE Director )
) /
) IT
)
)
)
) IT
-
Service Management AND Boot Troubleshooting
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
introduce to systemd
init
init
pid 1 systemd
systemd
) Linux control groups
/etc/system /etc/sysconfig
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
systemd [root@el7 /]# systemctl -t help
Available unit types:
service
socket
target
device
mount
automount
snapshot
timer
swap
path
slice
scope
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
systemd
Service unit .service
Target unit .target systemd
Automount unit .automount
Device unit .device
Mount unit .mount
Path unit .path
Scope unit .scope
Slice unit .slice
Snapshot unit .snapshot systemd
Socket unit .socket
Swap unit .swap
Timer unit .timer systemd
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
systemd unit
[root@el7 ~]# systemctl
[root@el7 ~]# systemctl --type=service
failed , maintenance ( -l : full output)
[root@el7 ~]# systemctl status avahi-daemon.service -l
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
systemd unit
[root@el7 ~]# systemctl is-active sshdactive[root@el7 ~]# systemctl is-enabled sshdenabled
( --all : inactive unit )
[root@el7 ~]# systemctl list-units --type=service[root@el7 ~]# systemctl list-units --type=service all
/
[root@el7 ~]# systemctl list-unit-files [root@el7 ~]# systemctl list-unit-files --type=service
# systemctl --failed --type=service
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd init
Single User Mode ( : 1 )
[root@el7 ~]# systemctl rescue
Multi User Mode ( : 3)
[root@el7 ~]# systemctl isolate multi-user.target[root@el7 ~]# systemctl isolate runlevel3.target
graphical.target multi-user.target graphical.target .
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Multi User Mode ( : 5)
[root@el7 ~]# systemctl isolate graphical.target[root@el7 ~]# systemctl isolate runlevel5.target
[root@el7 ~]# systemctl get-default graphical.target[root@el7 ~]# systemctl set-default multi-user.target[root@el7 ~]# systemctl get-default multi-user.target
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd target vs. SysV Runlevels
0 runlevel0.target , poweroff.target .
1 runlevel1.target , rescue.target .
2 runlevel2.target , multi-user.target .
(non-graphical)
3 runlevel3.target , multi-user.target .
(non-graphical)
4 runlevel4.target , multi-user.target .
(non-graphical)
5 runlevel5.target , graphical.target .
6 runlevel6.target , reboot.target .
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd vs. init command
runlevel systemctl list-units --type target .
telinit runlevel systemctl isolate name .target .
runlevel systemd
isolate target .
AllowIsolate=yes ( ex : graphical.target )crtyptsetup.target isolate .
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
power-off
[root@el7 ~]# systemctl poweroff
emergency (rescue , root )
[root@el7 ~]# systemctl emergency
halt ( , )
[root@el7 ~]# systemctl halt
reboot ()
[root@el7 ~]# systemctl reboot
suspend ( )
[root@el7 ~]# systemctl suspend
hibernate ( )
[root@el7 ~]# systemctl hibernate
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
halt systemctl halt
poweroff systemctl poweroff .
reboot systemctl reboot
pm-suspend systemctl suspend
pm-hibernate systemctl hibernate
pm-suspend-hybrid systemctl hybrid-sleep
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
[root@el7 ~]# systemctl list-unit-files
[root@el7 ~]# systemctl list-sockets
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
[root@el7 ~]# systemctl --failed
/
[root@el7 ~]# systemctl list-dependencies swap.target
/ ( --reverse )
[root@el7 ~]# systemctl list-dependencies sshd.service reverse
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
[root@el7 ~]# systemctl enable sshd
[root@el7 ~]# systemctl disable sshd
[root@el7 ~]# systemctl start sshd
[root@el7 ~]# systemctl stop sshd
[root@el7 ~]# systemctl restart sshd
[root@el7 ~]# systemctl reload sshd
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
(is-enabled)
[root@el7 ~]# systemctl is-enabled sshd
(is-active)
[root@el7 ~]# systemctl is-active sshd
[root@el7 ~]# systemctl reenable sshd
[root@el7 ~]# systemctl daemon-reload
[root@el7 ~]# systemctl daemon-reexcute
kill
[root@el7 ~]# systemctl kill httpd
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
[root@el7 ~]# systemctl mask network
[root@el7 ~]# systemctl unmask network
disable . . .
( ex. network vs NetworkManager)
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
( -l : )
[root@el7 ~]# systemctl status sshd
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Loaded
.
,
.
Active
Main PID PID
Status .
Process .
CGroup Control Group .
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
systemctl summary vs. service utility
systemctl
service name start systemctl start name .service
service name stop systemctl stop name .service
service name restart systemctl restart name .service
Service name condrestart systemctl try-restart name .service
service name reload systemctl reload name .service
service name status systemctl status name .service
systemctl is-active name .service
service --status-all systemctl list-units --type service --all
chkconfig name on systemctl enable unit
chkconfig name off systemctl disable unit
systemctl mask unit ,
systemctl unmask unit mask
systemctl list-dependencies unit ,
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
systemctl vs. chkconfig utility
chkconfig systemctl
chkconfig name on systemctl enable name .service .
chkconfig name off systemctl disable name .service .
chkconfig --list namesystemctl status name .service
systemctl is-enabled name .service
.
chkconfig --list systemctl list-unit-files --type service .
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd
/usr/lib/systemd/system/ RPM systemd
/run/systemd/system/ systemd , .
/etc/systemd/system/ systemd unit. unit .
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
( System V Boot Process )
BIOS/UEFI
GRUB/LILO
KERNEL
init
Read inittab
rc.sysint
Run level 1
Run level 2
Run level 3
Run level 4
Run level 5
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
symlink
symlink
( Systemd Boot Process )
BIOS/UEFI
GRUB/LILO
KERNEL
systemd
Default target
rescue target
unit
sysinit target
unit
basic target
unit
multi-user target
unit
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
UEFI or BIOS
MBR or UEFI boot firmware
System firmware reads -> boot loader ( grub2 )#grub2-install
/etc/grub.d/ , /etc/default/grub , /boot/grub2/grub.cfg
initramfs kernel #/etc/dracut.conf
initramfs ,
/etc/grub.d/ , /etc/default/grub , /boot/grub2/grub.cfg
dracut initramfs low-level #man dracut
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
(initramfs )PID 1 /sbin/init ( RHEL 7 udev daemon /sbin/init systemd )
initramfs systemd initrd.target , /sysroot root file system
/sysroot initramfs systemd systemd
systemd -> default target , / ( )
/etc/system/system/default/target, /etc/system/system
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd init
systemd-journal
Journalctl Syslog , ,
[root@el7 ~]# journalctl-- Logs begin at 2015-02-14 01:33:52 KST, end at 2015-02-15 01:20:01 KST. --2 14 01:33:52 localhost systemd-journal[62]: Runtime journal is using 8.0M (max 184.5M, leaving 276.7M of free 1.7G, curre2 14 01:33:52 localhost systemd-journal[62]: Runtime journal is using 8.0M (max 184.5M, leaving 276.7M of free 1.7G, curre2 14 01:33:52 localhost kernel: Initializing cgroup subsys cpuset2 14 01:33:52 localhost kernel: Initializing cgroup subsys cpu2 14 01:33:52 localhost kernel: Linux version 3.8.13-35.3.1.el7uek.x86_64 ([email protected]) (gcc versio2 14 01:33:52 localhost kernel: e820: BIOS-provided physical RAM map:2 14 01:33:52 localhost kernel: BIOS-e820: [mem 0x0000000000000000-0x000000000009efff] usable2 14 01:33:52 localhost kernel: BIOS-e820: [mem 0x000000000009f000-0x000000000009ffff] reserved2 14 01:33:54 localhost kernel: sd 2:0:0:0: [sda] Assuming drive cache: write through2 14 01:33:54 localhost kernel: sd 2:0:0:0: [sda] Cache data unavailable2 14 01:33:54 localhost kernel: sd 2:0:0:0: [sda] Assuming drive cache: write through
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Journalctl
red color bold
root
adm .
Journal Persitent storage
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
( -n : )
[root@el7 ~]# journalctl n 10
[root@el7 ~]# journalctl o verbose
Liveview
[root@el7 ~]# journalctl f
(-p : : debug~emerg)
[root@el7 ~]# journalctl p err
system.journal-fields(7)
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
(-b : )
[root@el7 ~]# journalctl -b
(--since , --until : )
[root@el7 ~]# journalctl --since=2015-01-01 --until=2015-01-31
[root@el7 ~]# journalctl -p warning --since = "2013-3-16 23:59:59"
(-p : : debug~emerg)
[root@el7 ~]# journalctl p err
system.journal-fields(7)
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
( )
[root@el7 ~]# journalctl /sbin/sshd
(Logical AND )
[root@el7 ~]# journalctl -F -F
(Logical OR )
[root@el7 ~]# journalctl -F = + =
)
[root@el7 ~]# journalctl _UID = 70 _SYSTEMD_UNIT = avahi-daemon.service _SYSTEMD_UNIT = crond.service
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Persistent Storage /run/log/journal /run/log/journal ,
/var/log/journal
Persistent Storage /
: , journal
: ,
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Persistent (
[root@el7 ~]# mkdir -p /var/log/journal
[root@el7 ~]# systemctl restart system-jounald
[root@el7 ~]# mkdir -p -m 2775 /var/log/journal[root@el7 ~]# chown :systemd-journal /var/log/journal/[root@el7 ~]# killall -USR1 systemd-journald
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
GUI # yum -y install gnome-system-log
root
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
GUI -
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd Cgroup
Systemd Cgroup ( Control Group )
Cgroup
[root@el7 ~]# system-cgls
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd Cgroup
Systemd Cgroup ( Control Group )
Cgroup top
[root@el7 ~]# system-cgtop
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemctl
http.service CPUShare 512
[root@el7 ~]# systemctl set-property sshd.service CPUShares=512
http.service
[root@el7 ~]# systemctl show httpd.service CPUShares
[root@el7 ~]# systemctl show sshd.service | grep CPUCPUShares=1024[root@el7 ~]# systemctl set-property sshd.service CPUShares=512[root@el7 ~]# systemctl show sshd.service | grep CPUCPUShares=512[root@el7 ~]# cat /sys/fs/cgroup/cpu/system.slice/sshd.service/cpu.shares512
[root@el7 ~]# man systemd.resource-control
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd (/)
[root@el7 ~]# hostnamectl
[root@el7 ~]# hostnamectl set-hostname newlinux
[root@el7 ~]# localectl
[root@el7 ~]# localectl set-locale LANG=ko_KR.UTF-8
localectl list-keymaps set-keymap set-x11-keymap list-locales set-locale status
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd ()
(systemd )
[root@el7 ~]# loginctl
loginctl
[root@el7 ~]# loginctl list-users
terminate-userunlock-sessionuser-status
activateattachdisable-lingerenable-lingerflush-deviceskill-session
kill-user list-seatslist-sessionslist-userslock-sessionseat-status
session-status show-seat show-session show-user terminate-seat terminate-session
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd ()
(RTC) (UTC) UTC (DST) UTC
,
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd ()
[root@el7 ~]# timedatectl
[root@el7 ~]# timedatectl set-time 2015-02-15
( HH:MM:SS )
[root@el7 ~]# timedatectl set-time 12:30:00
( RTC : true(1) , false(0) )
[root@el7 ~]# localectl set-local-rtc true
[root@el7 ~]# localectl list-timezone
( RTC : true(1) , false(0) )
[root@el7 ~]# localectl set-timezone Asia/Seoul
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd ( )
[root@el7 ~]#hostnamectl -H [email protected] set-hostname newlinux
[root@el7 ~]# hostnamectl -H [email protected]
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
boot taget (rescue.target )
1. e .
2. linux16
3. systemd.unit=rescue.target
4. ctrl + x
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
root password
1. e .
2. linux16
3. rd.break
4. ctrl + x
5. # mount -o remount,rw /sysroot
6. # chroot /sysroot
7. # passwd root
8. # touch /.autorelabel
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
debug shell
crtl + alt + F9
Debug Shell
[root@el7 ~]# systemctl enable debug-shell.serviceln -s '/usr/lib/systemd/system/debug-shell.service' '/etc/systemd/system/sysinit.target.wants/debug-shell.service'
debug shell root .
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd systemd-analyze time
system-analyze time
RAM(initrd) ( ) (spawned) , .
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd
systemd-analyze time
systemd-analyze time
[root@el7 ~]# systemd-analyze Startup finished in 1.502s (kernel) + 3.274s (initrd) + 26.716s (userspace) = 31.493s
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd
systemd-analyze blame . , .
systemd-analyze blame
[root@el7 ~]# systemd-analyze blame 12.945s kdump.service4.579s firewalld.service3.748s network.service2.920s tuned.service2.829s postfix.service1.957s iprupdate.service
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd
systemd-analyze critical-chain @ , "+" .
systemd-analyze critical-chain
[[root@el7 ~]# systemd-analyze critical-chain multi-user.target @26.690skdump.service @13.744s +12.945snetwork.target @13.710snetwork.service @9.960s +3.748sNetworkManager.service @8.652s +1.303s
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd
systemd-analyze plot SVG . , .
systemd-analyze plot
[[root@el7 ~]# systemd-analyze plot > analyze.svg
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd
systemd-analyze dotGraphViz dot GraphViz ( #yum -y install GraphViz )
eyes of gnome (#yum -y install eog)
systemd-analyze dot
[[root@el7 ~]# systemd-analyze dot 'avahi-daemon.*' | dot -Tsvg > avahi.svg
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd
Color legend: black = Requiresdark blue = Requisitedark grey = Wantsred = Conflictsgreen = After
systemd-analyze dot avahi-daemon
-
Copyright 2016 All Right Reversed Nobreak Co.,LTD. Reproduction is strictly PROHIBITED
Systemd
systemd-analyze dot
[[root@el7 ~]# systemd-analyze dot --to-pattern='*.target' --from-pattern='*.target' | dot -Tsvg > targets.svg
systemd-analyze dot target unit
1 Service Management AND Boot Troubleshootingintroduce to systemd systemd systemd systemd unit systemd unit Systemd target vs. SysV RunlevelsSystemd vs. init command systemctl summary vs. service utilitysystemctl vs. chkconfig utilitySystemd ( System V Boot Process ) ( Systemd Boot Process ) GUI GUI - Systemd Cgroup Systemd Cgroup Systemd (/)Systemd ()Systemd ()Systemd ()Systemd ( )Systemd Systemd Systemd Systemd Systemd Systemd Systemd Systemd