[MDEV-5536] Support systemd socket activation - JIRA

Details

Type: Task
Status: In Review
Priority: Critical
Resolution: Unresolved
Fix Version/s: 10.1
Component/s: None
Labels:
- systemd

Sprint:
10.1.7-1, 10.1.7-2, 10.1.8-1, 10.1.8-3

Description

Supporting socket activation would make each of the following possible for admins:

Cleaner restarts (the listener socket stays open persistently)
Network namespace isolation, disallowing any network access beyond the inherited listener port (and connections accepted from it).
Lazy startup for densely hosted instances. (It's also possible with socket activation to start it eagerly, as usual.)
Running MariaDB on privileged ports without having to start it initially as root
Non-racy startup for services (like a PHP site) that depend on connecting to MariaDB. Because systemd opens listener sockets early in boot, they're available even while MariaDB is starting
Deeper integration into coming network support in future systemd releases

Some examples in C are here:
http://0pointer.de/blog/projects/socket-activation.html

I am willing to sponsor development of this feature.

Gliffy Diagrams

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

systemd_full.patch
36 kB
2015-01-16 12:05

Issue Links

includes

MDEV-4606 cmake build to be able to choose sysvinit or systemd (or other) init files

Closed

is blocked by

MDEV-427 Provide a systemd script for MariaDB

In Review

relates to

MDEV-5713 RFE: Add support for systemd notify feature

In Review

MDEV-6347 Build RHEL7 packages

Closed

links to

Bug 714426 - Provide a native mysql systemd service (incl. socket activation patches)

MySQL Bug #61948 mysql / systemd socket activation

Show 1 more links (1 links to)

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Honza Horak added a comment - 2014-02-21 10:28

Just for anybody who is not willing to read the whole passionate discussion at (1), I'd like to point out the comment #62 there (2), which summarizes the main cons of using socket activation for a database server. I'd also add another comment, that according at least Fedora guidelines, socket-activated services need to be autostart (3), which is not something we wish from database server, and worth noting that other distros can have similar requirements.

That having in mind, I don't think it's worth trying to implement socket activation now, unless there is some special use case for such a feature.

(1) https://bugzilla.redhat.com/show_bug.cgi?id=714426
(2) https://bugzilla.redhat.com/show_bug.cgi?id=714426#c62
(3) https://fedoraproject.org/wiki/Packaging:Systemd#Socket_activation

Show

Honza Horak added a comment - 2014-02-21 10:28 Just for anybody who is not willing to read the whole passionate discussion at (1), I'd like to point out the comment #62 there (2), which summarizes the main cons of using socket activation for a database server. I'd also add another comment, that according at least Fedora guidelines, socket-activated services need to be autostart (3), which is not something we wish from database server, and worth noting that other distros can have similar requirements. That having in mind, I don't think it's worth trying to implement socket activation now, unless there is some special use case for such a feature. (1) https://bugzilla.redhat.com/show_bug.cgi?id=714426 (2) https://bugzilla.redhat.com/show_bug.cgi?id=714426#c62 (3) https://fedoraproject.org/wiki/Packaging:Systemd#Socket_activation

16 older comments

Hide

Permalink

Daniel Black added a comment - 2015-01-15 00:46

If you have two ListenStream= options, systemd will send in two separate socket file descriptors. Is that handled in the code?

Actually 3 since the unix socket is a ListenStream too. Up to 10 are handled within the code which is just a #define with non-fatal errors if this is exceeded and written to mysql error log.

Reminded me the current code has extra_ip_sock(extra-port) has special handling. How important is it to maintain this?

    if (mysql_socket_getfd(sock) == mysql_socket_getfd(extra_ip_sock))
    {
      thd->extra_port= 1;
      thd->scheduler= extra_thread_scheduler;
    }

Show

Daniel Black added a comment - 2015-01-15 00:46 If you have two ListenStream= options, systemd will send in two separate socket file descriptors. Is that handled in the code? Actually 3 since the unix socket is a ListenStream too. Up to 10 are handled within the code which is just a #define with non-fatal errors if this is exceeded and written to mysql error log. Reminded me the current code has extra_ip_sock(extra-port) has special handling. How important is it to maintain this? if (mysql_socket_getfd(sock) == mysql_socket_getfd(extra_ip_sock)) { thd->extra_port= 1; thd->scheduler= extra_thread_scheduler; }

Hide

Permalink

David Strauss added a comment - 2015-01-15 00:48

Reminded me the current code has extra_ip_sock(extra-port) has special handling. How important is it to maintain this?

I've never been a fan of the specialized handling of the IP versus the Unix socket. It would be great to have a generic pool of listeners; I see no downside.

Show

David Strauss added a comment - 2015-01-15 00:48 Reminded me the current code has extra_ip_sock(extra-port) has special handling. How important is it to maintain this? I've never been a fan of the specialized handling of the IP versus the Unix socket. It would be great to have a generic pool of listeners; I see no downside.

Hide

Permalink

Daniel Black added a comment - 2015-01-16 12:05

More fixes. I dare say this is getting pretty close.

Using systemd list fds on ip_sock, extra_ip_sock and unix_socket wasn't working as there needed to be a determination of the socket type. As systemd can specify multiple sockets in any order a proper map of socket type to file descriptor was made.

The performance schema interface was also missing which is now corrected. For the moment I've put a PS event type for systemd_unix, systemd_ipv6, systemd_ipv4 but can probably expand these to include path/host/port/numbers information if desired. Although the code for HAVE_POLL=no is there I couldn't get past MDEV-7473 which stalled on linux even with -DHAVE_SYSTEMD=no -DHAVE_POLL=no but hey, linux always has poll and systemd isn't ported to non-linux so we're safe for now.

The socket activation part already implements MDEV-6536 IPv6 bind address now because systemd handles the opening of sockets and with a little more config parsing some of these new structures this sets the basis a more extensive listening interface.

The main missing bit so far, a decent automated test case. Nothing non-root exists in systemd however it shouldn't be too hard to open a few sockets, set some env vars and exec another process.

Show

Daniel Black added a comment - 2015-01-16 12:05 More fixes. I dare say this is getting pretty close. Using systemd list fds on ip_sock, extra_ip_sock and unix_socket wasn't working as there needed to be a determination of the socket type. As systemd can specify multiple sockets in any order a proper map of socket type to file descriptor was made. The performance schema interface was also missing which is now corrected. For the moment I've put a PS event type for systemd_unix, systemd_ipv6, systemd_ipv4 but can probably expand these to include path/host/port/numbers information if desired. Although the code for HAVE_POLL=no is there I couldn't get past MDEV-7473 which stalled on linux even with -DHAVE_SYSTEMD=no -DHAVE_POLL=no but hey, linux always has poll and systemd isn't ported to non-linux so we're safe for now. The socket activation part already implements MDEV-6536 IPv6 bind address now because systemd handles the opening of sockets and with a little more config parsing some of these new structures this sets the basis a more extensive listening interface. The main missing bit so far, a decent automated test case. Nothing non-root exists in systemd however it shouldn't be too hard to open a few sockets, set some env vars and exec another process.

Hide

Permalink

Daniel Black added a comment - 2015-03-11 23:11 - edited

https://github.com/MariaDB/server/pull/26

Show

Daniel Black added a comment - 2015-03-11 23:11 - edited https://github.com/MariaDB/server/pull/26

Hide

Permalink

Daniel Black added a comment - 2015-07-11 08:51

Added https://github.com/MariaDB/server/pull/83 to merge to 10.1 incorporating review comments

Show

Daniel Black added a comment - 2015-07-11 08:51 Added https://github.com/MariaDB/server/pull/83 to merge to 10.1 incorporating review comments

Support systemd socket activation

Details

Description

Gliffy Diagrams

Attachments

Attachments

Issue Links

Activity

People

Dates

Agile