Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Gentoo>
  3. Dev
Should hotplugged services affect dependencies by default?
uberlord at gentoo
Aug 15, 2007, 6:10 AM
Post #1 of 14 (343 views)
Permalink
OK, so whilst we're gearing up for hopefully the last baselayout-2
release candidate I thought I would pose to the list a question I've
been struggling with for some time.

Should hotplugged services affect dependencies by default?
(Note, this is not about enabling hotplugged services by default which
is another topic for debate. Want to talk about that, start a new thread
- but save your breath as I have a laptop and think hotplugging is
good :P)

By default we've always been YES. But I'm starting now that this should
be NO.


Rationale for NO
Services like openvpn, ssh, dns, etc don't actually care about specific
interfaces or addresses as such as they just bind to *.

dns may infact be configured to use a resolver that isn't libc so it
should be active anway.

If say you have nfs mounts, one network cable and then unplug the cable
you get this :-
netplug calls net.eth0 stop
net.eth0 stop calls netmount stop
netmount stop tries to unmount the nfs mounts
At this point, the process freezes for a LONG time that can't be
interupted because as the cable has already been unplugged it can't
unmount (if anyone knows how to actually return ASAP I'd like to know
that too).
With the default to NO the act of pulling the cable simply stops
net.eth0 and the services stay up and things continue nicely.

For baselayout-1 users, this is the equivalent of having
RC_STRICT_NET_CHECKING=lo
which a lot of people I've been talking to recently have asked where it
is in baselayout-2


Rationale for YES
We should only start services like openvpn, ssh, dns, etc when we have a
working network devices aside from the loopback.
This is the nearest we get to the default baselayout-1 option for
RC_STRICT_NET_CHECKING=no

Thanks

Roy

--
gentoo-dev@gentoo.org mailing list
Re: Should hotplugged services affect dependencies by default? [ In reply to ]
uberlord at gentoo
Aug 15, 2007, 6:18 AM
Post #2 of 14 (342 views)
Permalink
I suppose I should mention that the setting in baselayout-2 I'm talking
about is RC_DEPEND_STRICT if you want to toggle it to see.

--
gentoo-dev@gentoo.org mailing list
Re: Should hotplugged services affect dependencies by default? [ In reply to ]
uberlord at gentoo
Aug 15, 2007, 7:02 AM
Post #3 of 14 (341 views)
Permalink
On Wed, 2007-08-15 at 10:09 -0400, Olivier Crête wrote:
> I believe services that don't bind to a specific address should probably
> only depend on net.lo, not net.

Well, they can actually depend on a specific net service too.
For example, I have this on my home server in /etc/conf.d/lighttpd
RC_NEED="net.vpn"

You can add those RC_NEED/USE/AFTER/BEFORE directives to any conf.d/
file and it will append to the stuff in the init script.

Thanks

Roy

--
gentoo-dev@gentoo.org mailing list
Re: Should hotplugged services affect dependencies by default? [ In reply to ]
tester at gentoo
Aug 15, 2007, 7:09 AM
Post #4 of 14 (344 views)
Permalink
On Wed, 2007-15-08 at 14:10 +0100, Roy Marples wrote:
> OK, so whilst we're gearing up for hopefully the last baselayout-2
> release candidate I thought I would pose to the list a question I've
> been struggling with for some time.
>
> Should hotplugged services affect dependencies by default?
> (Note, this is not about enabling hotplugged services by default which
> is another topic for debate. Want to talk about that, start a new thread
> - but save your breath as I have a laptop and think hotplugging is
> good :P)
>
> By default we've always been YES. But I'm starting now that this should
> be NO.

I believe services that don't bind to a specific address should probably
only depend on net.lo, not net. So then we separate this that really
need the network (and probably only a specific interface and then the
user should modify the script to depend on that interface) and those
that use the network, but don't really need it (like sshd, etc). That
said, I now use networkmanager (to be able to easily select wifi
networks), I don't know how integrated into the whole baselayout-2.


--
Olivier Crête
tester@gentoo.org
Gentoo Developer

Attached Files:

Re: Should hotplugged services affect dependencies by default? [ In reply to ]
tester at gentoo
Aug 15, 2007, 7:22 AM
Post #5 of 14 (344 views)
Permalink
On Wed, 2007-15-08 at 15:02 +0100, Roy Marples wrote:
> On Wed, 2007-08-15 at 10:09 -0400, Olivier Crête wrote:
> > I believe services that don't bind to a specific address should probably
> > only depend on net.lo, not net.
>
> Well, they can actually depend on a specific net service too.
> For example, I have this on my home server in /etc/conf.d/lighttpd
> RC_NEED="net.vpn"
>
> You can add those RC_NEED/USE/AFTER/BEFORE directives to any conf.d/
> file and it will append to the stuff in the init script.

If you can do that, then well, everything else should just depend on
net.lo (and not wait for service plugging then).

--
Olivier Crête
tester@gentoo.org
Gentoo Developer

Attached Files:

Re: Should hotplugged services affect dependencies by default? [ In reply to ]
graham at gmurray
Aug 15, 2007, 9:07 AM
Post #6 of 14 (346 views)
Permalink
Roy Marples <uberlord@gentoo.org> writes:

> If say you have nfs mounts, one network cable and then unplug the cable
> you get this :-
> netplug calls net.eth0 stop
> net.eth0 stop calls netmount stop
> netmount stop tries to unmount the nfs mounts
> At this point, the process freezes for a LONG time that can't be
> interupted because as the cable has already been unplugged it can't
> unmount (if anyone knows how to actually return ASAP I'd like to know
> that too).
> With the default to NO the act of pulling the cable simply stops
> net.eth0 and the services stay up and things continue nicely.

To avoid that problem, do not stop net.ethN when the cable is
pulled. When the cable is re-inserted then (if it has not been left
disconnected for too long) if the services have not stopped, TCP
sessions may still be active. If the user manually stops an interface,
by all means stop the services depending on it but (a) Do not make the
interface stop automatically when the cable is disconnected, (b) It
would be nice if there was a single command which could restart all the
dependencies which were stopped.
--
gentoo-dev@gentoo.org mailing list
Re: Should hotplugged services affect dependencies by default? [ In reply to ]
uberlord at gentoo
Aug 15, 2007, 9:34 AM
Post #7 of 14 (338 views)
Permalink
On Wed, 2007-08-15 at 17:07 +0100, Graham Murray wrote:
> To avoid that problem, do not stop net.ethN when the cable is
> pulled. When the cable is re-inserted then (if it has not been left
> disconnected for too long) if the services have not stopped, TCP
> sessions may still be active.

So what do you think would happen if I unplug cable A and plug in cable
B? Both are on separate networks.

Thanks

Roy

--
gentoo-dev@gentoo.org mailing list
Re: Should hotplugged services affect dependencies by default? [ In reply to ]
arturo.g.arturo at gmail
Aug 15, 2007, 1:39 PM
Post #8 of 14 (354 views)
Permalink
On Wednesday 15 Aug 2007, Roy Marples wrote:

> If say you have nfs mounts, one network cable and then unplug the cable
> you get this :-
> netplug calls net.eth0 stop
> net.eth0 stop calls netmount stop
> netmount stop tries to unmount the nfs mounts
Perhaps it should be seen the other way round... It's netmount who doesn't
like to depend strictly when net.eth0 comes down. If you change networks by
changing the cable from network A to network B, then you should do a netmount
restart, as netmount would require you to do so.

For other services, the dependency is respected. Bottom line, the initscript
itself could decide to fulfill the dependency (start/stop), not the framework
(baselayout itself).

> We should only start services like openvpn, ssh, dns, etc when we have a
> working network devices aside from the loopback.
It would work as expected...

Arturo
--
gentoo-dev@gentoo.org mailing list
Re: Should hotplugged services affect dependencies by default? [ In reply to ]
wolf31o2 at gentoo
Aug 15, 2007, 4:31 PM
Post #9 of 14 (339 views)
Permalink
On Wed, 2007-08-15 at 14:10 +0100, Roy Marples wrote:
> At this point, the process freezes for a LONG time that can't be
> interupted because as the cable has already been unplugged it can't
> unmount (if anyone knows how to actually return ASAP I'd like to know
> that too).

umount -l

The problem that I see here is that most sane people don't allow sshd
and other services to listen on * and instead force them to listen on
the proper interface/IP address. With this, I would end up with sshd
not starting on my remote servers after a reboot, causing me to have to
call the data center and get some remote hands on my box. Something I
hate to do. Trust me. I'd blame you. :P

--
Chris Gianelloni
Release Engineering Strategic Lead
Alpha/AMD64/x86 Architecture Teams
Games Developer/Council Member/Foundation Trustee
Gentoo Foundation

Attached Files:

Re: Should hotplugged services affect dependencies by default? [ In reply to ]
wolf31o2 at gentoo
Aug 15, 2007, 4:34 PM
Post #10 of 14 (345 views)
Permalink
On Wed, 2007-08-15 at 17:34 +0100, Roy Marples wrote:
> On Wed, 2007-08-15 at 17:07 +0100, Graham Murray wrote:
> > To avoid that problem, do not stop net.ethN when the cable is
> > pulled. When the cable is re-inserted then (if it has not been left
> > disconnected for too long) if the services have not stopped, TCP
> > sessions may still be active.
>
> So what do you think would happen if I unplug cable A and plug in cable
> B? Both are on separate networks.

I would expect it to act like any other Linux box and get a new address
via dhcp, or, if I wasn't using dhcp, sit on the old address, even
though it is now incorrect, until I changed it. A netplug event should
trigger dhcp events, but not necessarily the services all dropping.
After all, I've seen netplug do some funny things, like false positives
on disconnection and such. I'd much rather my connection drop for a
second and come back up, so all my packets can simply retransmit and
everything continues, than have the services also decide to go down and
refuse to resume any open connections when the connection comes back up.
TCP has retransmission for a reason. Let's not break it if we don't
have to do so.

--
Chris Gianelloni
Release Engineering Strategic Lead
Alpha/AMD64/x86 Architecture Teams
Games Developer/Council Member/Foundation Trustee
Gentoo Foundation

Attached Files:

Re: Should hotplugged services affect dependencies by default? [ In reply to ]
uberlord at gentoo
Aug 15, 2007, 11:24 PM
Post #11 of 14 (343 views)
Permalink
On Wed, 2007-08-15 at 16:31 -0700, Chris Gianelloni wrote:
> On Wed, 2007-08-15 at 14:10 +0100, Roy Marples wrote:
> > At this point, the process freezes for a LONG time that can't be
> > interupted because as the cable has already been unplugged it can't
> > unmount (if anyone knows how to actually return ASAP I'd like to know
> > that too).
>
> umount -l

Didn't actually solve what I was seeing - had no visible effect. That
was a few months ago, maybe I should try again.

> The problem that I see here is that most sane people don't allow sshd
> and other services to listen on * and instead force them to listen on
> the proper interface/IP address. With this, I would end up with sshd
> not starting on my remote servers after a reboot, causing me to have to
> call the data center and get some remote hands on my box. Something I
> hate to do. Trust me. I'd blame you. :P

So in other words you should be putting this in /etc/conf.d/sshd
RC_NEED="net.eth1"

Or the interface that defines the address that sshd binds to.

Thanks

Roy

--
gentoo-dev@gentoo.org mailing list
Re: Should hotplugged services affect dependencies by default? [ In reply to ]
uberlord at gentoo
Aug 15, 2007, 11:25 PM
Post #12 of 14 (340 views)
Permalink
On Wed, 2007-08-15 at 16:34 -0700, Chris Gianelloni wrote:
> I would expect it to act like any other Linux box and get a new address
> via dhcp, or, if I wasn't using dhcp, sit on the old address, even
> though it is now incorrect, until I changed it. A netplug event should
> trigger dhcp events, but not necessarily the services all dropping.
> After all, I've seen netplug do some funny things, like false positives
> on disconnection and such. I'd much rather my connection drop for a
> second and come back up, so all my packets can simply retransmit and
> everything continues, than have the services also decide to go down and
> refuse to resume any open connections when the connection comes back up.
> TCP has retransmission for a reason. Let's not break it if we don't
> have to do so.

A vote for NO then?

Thanks

Roy

--
gentoo-dev@gentoo.org mailing list
Re: Should hotplugged services affect dependencies by default? [ In reply to ]
wolf31o2 at gentoo
Aug 16, 2007, 12:02 PM
Post #13 of 14 (341 views)
Permalink
On Thu, 2007-08-16 at 07:24 +0100, Roy Marples wrote:
> > The problem that I see here is that most sane people don't allow sshd
> > and other services to listen on * and instead force them to listen on
> > the proper interface/IP address. With this, I would end up with sshd
> > not starting on my remote servers after a reboot, causing me to have to
> > call the data center and get some remote hands on my box. Something I
> > hate to do. Trust me. I'd blame you. :P
>
> So in other words you should be putting this in /etc/conf.d/sshd
> RC_NEED="net.eth1"

That works for me. I guess my main concern is that when we change
functionality that people depend on in our most core of packages, we
need to make damn sure people are aware of any changes. Might I suggest
you start writing up an article now for when this thing eventually goes
for stabilization. I'd like something a few pages long, since I would
post it on the front page *and* the GWN (and announce, and dev-announce,
and user... and...) to make sure we catch as many people as we possibly
can as a change like this can either be a great triumph for Gentoo or a
complete an utter failure, putting egg on our faces for months or
possibly even years to come. We do a good enough job of making
ourselves look bad. This is a case where we can be surer things will go
smoothly, it will just take some cooperation and work. Let me know if
there is anything that I can do to help.

--
Chris Gianelloni
Release Engineering Strategic Lead
Alpha/AMD64/x86 Architecture Teams
Games Developer/Council Member/Foundation Trustee
Gentoo Foundation

Attached Files:

Re: Should hotplugged services affect dependencies by default? [ In reply to ]
wolf31o2 at gentoo
Aug 16, 2007, 12:03 PM
Post #14 of 14 (342 views)
Permalink
On Thu, 2007-08-16 at 07:25 +0100, Roy Marples wrote:
> On Wed, 2007-08-15 at 16:34 -0700, Chris Gianelloni wrote:
> > I would expect it to act like any other Linux box and get a new address
> > via dhcp, or, if I wasn't using dhcp, sit on the old address, even
> > though it is now incorrect, until I changed it. A netplug event should
> > trigger dhcp events, but not necessarily the services all dropping.
> > After all, I've seen netplug do some funny things, like false positives
> > on disconnection and such. I'd much rather my connection drop for a
> > second and come back up, so all my packets can simply retransmit and
> > everything continues, than have the services also decide to go down and
> > refuse to resume any open connections when the connection comes back up.
> > TCP has retransmission for a reason. Let's not break it if we don't
> > have to do so.
>
> A vote for NO then?

Yes, a vote for NO from me for the reasons stated above.

--
Chris Gianelloni
Release Engineering Strategic Lead
Alpha/AMD64/x86 Architecture Teams
Games Developer/Council Member/Foundation Trustee
Gentoo Foundation

Attached Files:

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal