Re: [PATCH/RFC: nfs-utils] Common systemd unit files for nfs-utils.

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Steve Dickson <SteveD@redhat.com>
To: NeilBrown <neilb@suse.de>
Cc: linux-nfs@vger.kernel.org
Subject: Re: [PATCH/RFC: nfs-utils] Common systemd unit files for nfs-utils.
Date: Tue, 11 Feb 2014 07:56:32 -0500	[thread overview]
Message-ID: <52FA1E00.8000801@RedHat.com> (raw)
In-Reply-To: <20140205145514.2c44b575@notabene.brown>


Sorry for the delayed response... I got suck into another world... ;-(
 
On 02/04/2014 10:55 PM, NeilBrown wrote:
> On Tue, 04 Feb 2014 13:26:42 -0500 Steve Dickson <SteveD@redhat.com> wrote:
>>>>
>>>> How is rpc.svcgssd enabled? Since the .service file does
>>>> not have a [Install] section the systemctl enable rpc.svcgssd
>>>> fails.
>>>
>>> The "README" touches on this.  If you
>>>    systemctl enable nfs-secure.target
>>> then rpc.svcgssd will be run whenever nfs-server.target is started.
>> I was thinking nfs-server would only start rpc.svcgssd when its
>> enabled... not every time... 
> 
> I don't follow what you are saying ... not that it really matters as we both
> seem to be agreed to take a different approach with the gss daemons.
> 
> In my original plan:
>  if nfs-secure is enabled, then whenever nfs-server is started, it makes sure
>  that rpc.svcgssd is running.
>  if nfs-secure is not enabled, then rpc.svcgssd will refuse to start.
Understood... and that's good... 

> 
> 
>>
>>> Also rpc.gssd will be run whenever nfs-server.target or nfs-client.target is
>>> started.
>> Why is rpc.gssd started when the nfs server is started? Possibly for secure 
>> loopback mounts??
> 
> Call-backs from NFSv4.0 server, as has been mentioned elsewhere.
But kerberos has to be configure... but I think we are talking
about that in a another thread...

> 
>>
>>>
>>>>
>>>> How would these daemons be restart and shutdown? Since this is a 
>>>> target, systemctl restart and system stop don't do anything.
>>>
>>> This is something I haven't completely figured out yet.
>>>
>>> Part of the solution might be the "PartOf" directive.
>>> If each service claims to be "PartOf" the main one, then stopping or
>>> restarting the main service will propagate to stopping and restarting the
>>> individual services.
>>> Unfortunately in nfs we have some shared services.  rpc.statd and rpc.gssd
>>> are needed by both server and client.  That isn't a big problem for 'restart',
>>> but if you 'systemctl stop nfs-client' and find that the server isn't
>>> properly working any more, that would be awkward
>>> If could possibly work around that by setting "StopWhenUnneeded" for those
>>> shared services.  Then e.g. rpc.statd would stop when both client and server
>>> are stopped, but not if either one of them is stopped.
>>> However I don't know how that interacts with restart.  I suspect that the
>>> StopWhenUnneeded services are *not* stopped and restarted when the main
>>> service is stopped.  So it would  be  hard to restart all nfs services on an
>>> upgrade.
>>>
>>> Further research seems needed here.
>> Fine... I'll try to digest what you are saying here, but
>> would it make it easier if everything was in a service file?
> 
> No, the only way the .target files are more awkward is that you have to type
> ".target".
> 
> In fact a .target can be turned into an .service by adding:
> 
> [Service]
> Type=oneshot
> RemainAfterExit=yes
> ExecStart=/bin/true
> 
> at the end.  You might even get away with less than that.
> Given this and that ".target" is extra typing, there seems little reason to
> use .target unit files.
So are you saying are not going use .target units? They will all be .service units?

> 
>>
>>>
>>>
>>>>
>>>>> +
>>>>> + nfs-secure.target
>>>>> +    If enabled, then rpc.gssd will be run when either -client or
>>>>> +    -server is started, and rpc.svcgssd will be run when -server
>>>>> +    is started
>>>> I like that fact that rpc.gssd is started by nfs-client but 
>>>> I don't like that API change. systemctl restart nfs-secure breaks 
>>>
>>> Why would you want to "restart nfs-secure".  I can understanding wanting to
>>> restart individual processed, or the whole collection, but why that subset?
>> Well in Fedora nfs-secure is one process ;-) 
> 
> Oh yes, "nfs-secure" means "run rpc.gssd".
> If you wanted to preserve that I think you could create a drop-in file
> for rpc-gssd.service containing
>    [Install]
>    Alias=nfs-secure.service
> though that would require "systemctl enable rpc-gssd" so maybe it isn't the
> best approach.
If I'm understanding this and above...  systemctl enable nfs-secure would
be controlling the starting up of both rpc.gssd and rpc.svcgssd/gss-proxy? 

steved.

next prev parent reply	other threads:[~2014-02-11 12:56 UTC|newest]

Thread overview: 41+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-01-30  6:24 [PATCH/RFC: nfs-utils] Common systemd unit files for nfs-utils NeilBrown
2014-01-30 15:04 ` Weston Andros Adamson
2014-01-30 17:56   ` Weston Andros Adamson
2014-01-30 18:52     ` J. Bruce Fields
2014-01-30 22:50       ` NeilBrown
2014-01-30 23:17         ` Jim Rees
2014-01-30 20:06 ` Steve Dickson
2014-01-30 22:14   ` NeilBrown
2014-01-31 15:19     ` Steve Dickson
2014-01-31 16:15     ` Steve Dickson
2014-02-03 21:01 ` Steve Dickson
2014-02-03 22:34   ` NeilBrown
2014-02-04 16:20     ` J. Bruce Fields
2014-02-04 16:30       ` Chuck Lever
2014-02-04 19:00       ` Steve Dickson
2014-02-06 12:32         ` Simo Sorce
2014-02-05  3:09       ` NeilBrown
2014-02-05 15:56         ` Chuck Lever
2014-02-06  1:27           ` NeilBrown
2014-02-06 12:15             ` Simo Sorce
2014-02-06 16:09             ` Chuck Lever
2014-02-06 16:19               ` J. Bruce Fields
2014-02-10 20:50                 ` Steve Dickson
2014-02-11  4:50                   ` NeilBrown
2014-02-11 12:38                     ` Steve Dickson
2014-02-11 16:37                     ` J. Bruce Fields
2014-02-11 16:47                       ` Steve Dickson
2014-02-11 16:56                         ` J. Bruce Fields
2014-02-11 20:12                           ` Steve Dickson
2014-02-04 18:26     ` Steve Dickson
2014-02-04 18:48       ` Anthony Messina
2014-02-04 18:54         ` J. Bruce Fields
2014-02-05  3:55       ` NeilBrown
2014-02-11 12:56         ` Steve Dickson [this message]
2014-02-05  5:43       ` NeilBrown
2014-02-05 21:11         ` J. Bruce Fields
2014-02-06  0:58           ` NeilBrown
2014-02-13 19:39         ` Steve Dickson
2014-02-04 12:42   ` Anthony Messina
2014-02-04 13:24     ` Jeff Layton
2014-02-04 14:18       ` Anthony Messina

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=52FA1E00.8000801@RedHat.com \
    --to=steved@redhat.com \
    --cc=linux-nfs@vger.kernel.org \
    --cc=neilb@suse.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.