本文介绍了RHEL7中Systemd的使用,包括启动流程、日志分析、控制组管理、服务管理和目标/运行级别等。Systemd作为SysVinit的替代品,通过并行运行任务加快启动速度。此外,还涵盖了如何查看启动时间、日志事件、控制组信息以及服务管理等相关命令。
介绍
Systemd现在代替了SysVinit,有必要熟悉它并学习新的命令。
Systemd启动很快因为它几乎没有使用脚本并尽量并行运行更多的任务(Systemd把任务称为单元units).
Systemd配置文件存放在 /etc/systemd目录。
启动流程
Systemd主要的任务是管理启动流程并提供相关的信息。
得到启动流程时间, 请输入:
# systemd-analyze Startup finished in 422ms (kernel) + 2.722s (initrd) + 9.674s (userspace) = 12.820s
得到启动流程中每个任务所花费的时间, 请输入:
# systemd-analyze blame 7.029s network.service 2.241s plymouth-start.service 1.293s kdump.service 1.156s plymouth-quit-wait.service 1.048s firewalld.service 632ms postfix.service 621ms tuned.service 460ms iprupdate.service 446ms iprinit.service 344ms accounts-daemon.service ... 7ms systemd-update-utmp-runlevel.service 5ms systemd-random-seed.service 5ms sys-kernel-config.mount
得到启动过程中critical chain任务清单 (任何这些任务额外的延迟都会导致增加总的启动时间), 请输入:
# systemd-analyze critical-chain
The time after the unit is active or started is printed after the "@" character.
The time the unit takes to start is printed after the "+" character.
multi-user.target @6.167s
└─mariadb.service @2.661s +3.505s
└─network.target @2.649s
└─network.service @2.168s +478ms
└─NetworkManager.service @1.993s +174ms
└─firewalld.service @826ms +1.162s
└─basic.target @822ms
└─sockets.target @821ms
└─dbus.socket @820ms
└─sysinit.target @813ms
└─systemd-update-utmp.service @806ms +6ms
└─auditd.service @747ms +58ms
└─local-fs.target @742ms
└─boot.mount @709ms +32ms
└─systemd-fsck@dev-disk-by\x2duuid-497a43ab\x2d33b0\x2
└─dev-disk-by\x2duuid-497a43ab\x2d33b0\x2d4153\x2d9f
得到critical chain中一个特定的服务的清单(例如 firewalld), 请输入:
# systemd-analyze critical-chain firewalld.service
The time after the unit is active or started is printed after the "@" character.
The time the unit takes to start is printed after the "+" character.
firewalld.service +1.162s
└─basic.target @822ms
└─sockets.target @821ms
└─dbus.socket @820ms
└─sysinit.target @813ms
└─systemd-update-utmp.service @806ms +6ms
└─auditd.service @747ms +58ms
└─local-fs.target @742ms
└─boot.mount @709ms +32ms
└─systemd-fsck@dev-disk-by\x2duuid-497a43ab\x2d33b0\x2d4153\x2d9
└─dev-disk-by\x2duuid-497a43ab\x2d33b0\x2d4153\x2d9f8d\x2d7788
得到critical chain任务中一个特定的target的清单 (例如 basic.target), 请输入:
# systemd-analyze critical-chain basic.target | grep target
basic.target @822ms
└─sockets.target @821ms
└─sysinit.target @813ms
└─local-fs.target @742ms
获得清单中的依赖关系, 请输入:
# systemctl list-dependencies default.target ├─abrt-ccpp.service ├─abrt-oops.service ... ├─tuned.service ├─basic.target │ ├─firewalld.service │ ├─microcode.service ... ├─getty.target │ ├─getty@tty1.service │ └─serial-getty@ttyS0.service └─remote-fs.target
获得一个特定服务依赖关系的清单 (例如 sshd), 请输入:
# systemctl list-dependencies sshd.service
获得一个特定target的依赖关系的清单 (例如 graphical.target), 请输入:
# systemctl list-dependencies graphical.target | grep target graphical.target └─multi-user.target ├─basic.target │ ├─paths.target │ ├─slices.target │ ├─sockets.target │ ├─sysinit.target │ │ ├─cryptsetup.target │ │ ├─local-fs.target │ │ └─swap.target │ └─timers.target ├─getty.target └─remote-fs.target
注意: 你可以在这里获得更多的信息Lennart Poettering’s blog.
日志分析
另外, Systemd 可以处理系统事件日志,syslog damon不是必须的。
得到Systemd日志的内容, 请输入:
# journalctl
得到日志中所有和进程相关的事件crond, 请输入:
# journalctl /sbin/crond
Note: You can replace /sbin/crond by `which crond`.
To get all the events since the last boot, type:
# journalctl -b
To get all the events that appeared today in the journal, type:
# journalctl --since=today
To get all the events with a syslog priority of err, type:
# journalctl -p err
To get the 10 last events and wait for any new one (like “tail -f /var/log/messages“), type:
# journalctl -f
Note: You will find additional information on this point in the Lennart Poettering’s blog or Lennart Poettering’s video (44min: the first ten minutes are very interesting concerning security issues).
控制组Contol Groups
Systemd 在控制组中管理任务。例如:所有被 apache webserver启动的进程都会放到同样的控制组,包括CGI脚本.
获得控制组完整的层次结构:
# systemd-cgls ├─user.slice │ └─user-1000.slice │ └─session-1.scope │ ├─2889 gdm-session-worker [pam/gdm-password] │ ├─2899 /usr/bin/gnome-keyring-daemon --daemonize --login │ ├─2901 gnome-session --session gnome-classic . . └─iprupdate.service └─785 /sbin/iprupdate --daemon
To get the list of control group ordered by CPU, memory and disk I/O load, type:
# systemd-cgtop Path Tasks %CPU Memory Input/s Output/s / 213 3.9 829.7M - - /system.slice 1 - - - - /system.slice/ModemManager.service 1 - - - -
To kill all the processes associated with an apache server (CGI scripts included), type:
# systemctl kill httpd
To put resource limits on a service (here 500 CPUShares), type:
# systemctl set-property httpd.service CPUShares=500
Note1: The change is written into the service unit file. Use the –runtime option to avoid this behavior.
Note2: By default, each service owns 1024 CPUShares. Nothing prevents you from giving a value smaller or bigger.
To get the current CPUShares service value, type:
# systemctl show -p CPUShares httpd.service
On this topic, you can additionally watch Georgios’ Magklaras demo (24min).
Sources: New control group interface, Systemd 205 announcement.
服务管理
Systemd deals with all the aspects of the service management. The systemctl command replaces the chkconfig and the service commands. The old commands are now a link to the systemctl command.
To activate the NTP service at boot, type:
# systemctl enable ntpd
Note1: You should specify ntpd.service but by default the .service suffix will be added.
Note2: If you specify a path, the .mount suffix will be added.
Note3: If you mention a device, the .device suffix will be added.
To deactivate it, start it, stop it, restart it, reload it, type:
# systemctl disable ntpd # systemctl start ntpd # systemctl stop ntpd # systemctl restart ntpd # systemctl reload ntpd
Note: It is also possible to mask and unmask a service. Masking a service prevents it from being started manually or by another service.
To know if the NTP service is activated at boot, type:
# systemctl is-enabled ntpd enabled
To know if the NTP service is running, type:
# systemctl is-active ntpd inactive
To get the status of the NTP service, type:
# systemctl status ntpd ntpd.service Loaded: not-found (Reason: No such file or directory) Active: inactive (dead)
If you change a service configuration, you will need to reload it:
# systemctl daemon-reload
To get the list of all the units (services, mount points, devices) with their status and description, type:
# systemctl
To get a more readable list, type:
# systemctl list-unit-files
To get the list of services that failed at boot, type:
# systemctl --failed
To get the status of a service (here httpd) on a remote server (here rhel7.example.com), type:
# systemctl -H root@rhel7.example.com status httpd.service
To get all the configuration details about a service (here httpd), type:
# systemctl show httpd Id=httpd.service Names=httpd.service Requires=basic.target Wants=system.slice Conflicts=shutdown.target Before=shutdown.target After=network.target remote-fs.target nss-lookup.target systemd-journald.socket Description=The Apache HTTP Server LoadState=loaded ActiveState=inactive ... ExecMainPID=0 ExecMainCode=0 ExecMainStatus=0
Note: Digital Ocean provides an excellent article about Systemd unit files.
Targets/Run levels
Systemd also deals with targets. A target is a grouping mechanism allowing several services to start at the same time. The list of services associated with a particular target is stored in a directory named with the target name and the suffix “.wants”. In some way, targets replace run levels but they are more general.
To move to maintenance mode, type:
# systemctl rescue
Note: There is also an emergency target only available when set up in the kernel boot line (systemd.unit=emergency.target) and for critical situations.
To move to the level 3 (equivalent to the previous level 3), type:
# systemctl isolate runlevel3.target
Or:
# systemctl isolate multi-user.target
To move to the graphical level (equivalent to the previous level 5), type:
# systemctl isolate graphical.target
To set the default run level to non-graphical mode, type:
# systemctl set-default multi-user.target
To set the default run level to graphical mode, type:
# systemctl set-default graphical.target
To get the current default run level, type:
# systemctl get-default graphical.target
To stop a server, type:
# systemctl poweroff
Note: You can still use the poweroff command, a link to the systemctl command has been created (the same thing is true for the halt and reboot commands).
To reboot a server, suspend it or put it into hibernation, type:
# systemctl reboot # systemctl suspend # systemctl hibernate
Linux标准化
Systemd‘s authors have decided to help Linux standardization among distributions. Through Systemd, changes happen in the localization of some configuration files.
其它
获得主机名, 请输入:
# hostnamectl Static hostname: rhel7.example.com Icon name: computer-laptop Chassis: laptop Machine ID: bcdc71f1943f4d859aa37e54a422938d Boot ID: f84556924b4e4bbf9c4a82fef4ac26d0 Operating System: Red Hat Enterprise Linux Everything 7.0 (Maipo) CPE OS Name: cpe:/o:redhat:enterprise_linux:7.0:beta:everything Kernel: Linux 3.10.0-54.0.1.el7.x86_64 Architecture: x86_64
Note: There are three kinds of hostnames: static, pretty, and transient.
“The static host name is the traditional hostname, which can be chosen by the user, and is stored in the /etc/hostname file. The “transient” hostname is a dynamic host name maintained by the kernel. It is initialized to the static host name by default, whose value defaults to “localhost”. It can be changed by DHCP or mDNS at runtime. The pretty hostname is a free-form UTF8 host name for presentation to the user.” Source: RHEL 7 Networking Guide.
给server设置永久主机名rhel7, 请输入:
# hostnamectl set-hostname rhel7
Note: With this syntax all three hostnames (static, pretty, and transient) take the rhel7 value at the same time. However, it is possible to set the three hostnames separately by using the –pretty, –static, and –transient options.
得到locale,虚拟控制台按键映射和X11布局, 请输入:
# localectl System Locale: LANG=en_US.UTF-8 VC Keymap: en_US X11 Layout: en_US
设置 en_GB.utf8 到locale:
# localectl set-locale LANG=en_GB.utf8
设置 en_GB 到虚拟控制台按键映射:
# localectl set-keymap en_GB
指定到en_GB 到X11布局:
# localectl set-x11-keymap en_GB
获得当前日期和时间,请输入:
# timedatectl Local time: Fri 2014-01-24 22:34:05 CET Universal time: Fri 2014-01-24 21:34:05 UTC RTC time: Fri 2014-01-24 21:34:05 Timezone: Europe/Madrid (CET, +0100) NTP enabled: yes NTP synchronized: yes RTC in local TZ: no DST active: no Last DST change: DST ended at Sun 2013-10-27 02:59:59 CEST Sun 2013-10-27 02:00:00 CET Next DST change: DST begins (the clock jumps one hour forward) at Sun 2014-03-30 01:59:59 CET Sun 2014-03-30 03:00:00 CEST
设置当前日期:
# timedatectl set-time YYYY-MM-DD
设置当前时间:
# timedatectl set-time HH:MM:SS
获得时区列表:
# timedatectl list-timezones
更改时区为America/New_York:
# timedatectl set-timezone America/New_York
得到用户列表:
# loginctl list-users UID USER 42 gdm 1000 tom 0 root
获得所有当前用户的会话,请输入:
# loginctl list-sessions SESSION UID USER SEAT 1 1000 tom seat0 1 sessions listed.
获得用户tom的特性,请输入:
# loginctl show-user tom UID=1000 GID=1000 Name=tom Timestamp=Fri 2014-01-24 21:53:43 CET TimestampMonotonic=160754102 RuntimePath=/run/user/1000 Slice=user-1000.slice Display=1 State=active Sessions=1 IdleHint=no IdleSinceHint=0 IdleSinceHintMonotonic=0
For a better understanding, you can additionally read Bob Cromwell’s blog about Systemd, this overview of Systemd by Red Hat, this first dive into Systemd by Etsuji Nakai or this Systemd presentation by Ben Breard.
Sources: Archlinux wiki, Freedesktop wiki, Gentoo wiki, RHEL 7 System Administration Guide, Fedora wiki.
原文请参考:http://www.certdepot.net/rhel7-get-started-systemd/
1470
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
