Hello everyone,
I'm porting a patch to an init script to systemd, and I have a few questions.
More specifically, I'm porting a relatively small patch to the existing PostgreSQL Development Group (PGDG yum) Redhat init scripts to systemd.
The patch looks something like this:
echo -n "$PSQL_START"
- $SU -l postgres -c "$PGENGINE/postmaster -D '$PGDATA' ${PGOPTS} >>\"$PGLOG\" 2>&1 &"
+ ulimit -S -c unlimited
+ hugepage-set excessive
+ unshare --mount -- sh -c "mount -t overlay overlay -o lowerdir=/some/overlayfs/etc:/etc /etc && exec $SU -l postgres -c "\""$PGENGINE/postmaster -D '$PGDATA' ${PGOPTS} >>\"\""$PGLOG\"\"" 2>&1 &"\"""
sleep 2
+ hugepage-set trim
pid=`head -n 1 "$PGDATA/postmaster.pid" 2>/dev/null`
if [ "x$pid" != x ]
then
echo -n "$PSQL_START"
- $SU -l postgres -c "$PGENGINE/postmaster -D '$PGDATA' ${PGOPTS} >>\"$PGLOG\" 2>&1 &"
+ ulimit -S -c unlimited
+ hugepage-set excessive
+ unshare --mount -- sh -c "mount -t overlay overlay -o lowerdir=/some/overlayfs/etc:/etc /etc && exec $SU -l postgres -c "\""$PGENGINE/postmaster -D '$PGDATA' ${PGOPTS} >>\"\""$PGLOG\"\"" 2>&1 &"\"""
sleep 2
+ hugepage-set trim
pid=`head -n 1 "$PGDATA/postmaster.pid" 2>/dev/null`
if [ "x$pid" != x ]
then
Of note is messing around with hugepages (which requires root) and the use of unshare (which requires root and manipulation of a mount namespace before switching users and execing Postgres).
The reason overlayfs is used is to provide a dynamic, atomically updated /etc/hosts that is only used by the Postgres process hierarchy. To do that, another program will perform an atomic rename, then uses nsenter and remount to invalidate the directory cache held in overlayfs. Bind mounts, unfortunately, complicate atomicity here.
By comparison, the entire modern PGDG systemd service file looks like this:
# It's not recommended to modify this file in-place, because it will be
# overwritten during package upgrades. If you want to customize, the
# best way is to create a file "/etc/systemd/system/postgresql-11.service",
# containing
# .include /usr/lib/systemd/system/postgresql-11.service
# ...make your changes here...
# For more info about custom unit files, see
# http://fedoraproject.org/wiki/Systemd#How_do_I_customize_a_unit_file.2F_add_a_custom_unit_file.3F
# Note: changing PGDATA will typically require adjusting SELinux
# configuration as well.
# Note: do not use a PGDATA pathname containing spaces, or you will
# break postgresql-setup.
[Unit]
Description=PostgreSQL 11 database server
Documentation=https://www.postgresql.org/docs/11/static/
After=syslog.target
After=network.target
[Service]
Type=notify
User=postgres
Group=postgres
# Note: avoid inserting whitespace in these Environment= lines, or you may
# break postgresql-setup.
# Location of database directory
Environment=PGDATA=/var/lib/pgsql/11/data/
# Where to send early-startup messages from the server (before the logging
# options of postgresql.conf take effect)
# This is normally controlled by the global default set by systemd
# StandardOutput=syslog
# Disable OOM kill on the postmaster
OOMScoreAdjust=-1000
Environment=PG_OOM_ADJUST_FILE=/proc/self/oom_score_adj
Environment=PG_OOM_ADJUST_VALUE=0
ExecStartPre=/usr/pgsql-11/bin/postgresql-11-check-db-dir ${PGDATA}
ExecStart=/usr/pgsql-11/bin/postmaster -D ${PGDATA}
ExecReload=/bin/kill -HUP $MAINPID
KillMode=mixed
KillSignal=SIGINT
# Do not set any timeout value, so that systemd will not kill postmaster
# during crash recovery.
TimeoutSec=0
[Install]
WantedBy=multi-user.target
# overwritten during package upgrades. If you want to customize, the
# best way is to create a file "/etc/systemd/system/postgresql-11.service",
# containing
# .include /usr/lib/systemd/system/postgresql-11.service
# ...make your changes here...
# For more info about custom unit files, see
# http://fedoraproject.org/wiki/Systemd#How_do_I_customize_a_unit_file.2F_add_a_custom_unit_file.3F
# Note: changing PGDATA will typically require adjusting SELinux
# configuration as well.
# Note: do not use a PGDATA pathname containing spaces, or you will
# break postgresql-setup.
[Unit]
Description=PostgreSQL 11 database server
Documentation=https://www.postgresql.org/docs/11/static/
After=syslog.target
After=network.target
[Service]
Type=notify
User=postgres
Group=postgres
# Note: avoid inserting whitespace in these Environment= lines, or you may
# break postgresql-setup.
# Location of database directory
Environment=PGDATA=/var/lib/pgsql/11/data/
# Where to send early-startup messages from the server (before the logging
# options of postgresql.conf take effect)
# This is normally controlled by the global default set by systemd
# StandardOutput=syslog
# Disable OOM kill on the postmaster
OOMScoreAdjust=-1000
Environment=PG_OOM_ADJUST_FILE=/proc/self/oom_score_adj
Environment=PG_OOM_ADJUST_VALUE=0
ExecStartPre=/usr/pgsql-11/bin/postgresql-11-check-db-dir ${PGDATA}
ExecStart=/usr/pgsql-11/bin/postmaster -D ${PGDATA}
ExecReload=/bin/kill -HUP $MAINPID
KillMode=mixed
KillSignal=SIGINT
# Do not set any timeout value, so that systemd will not kill postmaster
# during crash recovery.
TimeoutSec=0
[Install]
WantedBy=multi-user.target
Fairly neat and tidy, but of some trouble is the fact that I need a few root manipulations, and "User=postgres" becomes a liability for that. I could change that to root and then pepper "su" everywhere to get the deed done, but I felt inclined to write into the list to ask if that is in the grain of systemd's design.
Thanks for your considerations,
Daniel
_______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
