Issue #4552: Native systemd services - freeipa

freeipa

#4552 Native systemd services

Opened 9 years ago by mkosek. Modified 3 years ago

Since the beginning, FreeIPA configures system init system to enable a single ipa service which, when starting, then starts all other services following the configuration from LDAP.

Instead of ipactl, ipa.service configuration should be able to natively start all IPA services, whether socket activated or always started.

Related thread: freeipa-devel.

Prerequisite is that the services we depend on implement systemd sd-notify mechanism allowing services to boot in proper order, but also when all it's dependencies are fully started and responding:

- Directory Server: https://fedorahosted.org/389/ticket/47977
- Kerberos KDC: https://bugzilla.redhat.com/show_bug.cgi?id=1174306
- Dogtag PKI: https://fedorahosted.org/pki/ticket/1233
- bind-dyndb-ldap: https://fedorahosted.org/bind-dyndb-ldap/ticket/150 #150
- Web Server: use [mod_systemd](http://httpd.apache.org/docs/trunk/mod/mod_systemd.html)
- NTP Server (ntpd): [already implemented](https://bugzilla.redhat.com/show_bug.cgi?id=797173)

mkosek commented 9 years ago

Stretch goal in 4.2.

adelton commented 9 years ago

Why is sd-notify needed? That is a mechanism primarily for notifying systemd that the startup has finished which can be achieved by other means, for example by the startup script finishing in the forking type.

mkosek commented 9 years ago

We (or rather systemd) just need to know if the service was really started. In some cases it may be done via sd-notify, in others via different systemd service configuration. This may be also valid resolution of the sub-component requests.

mkosek commented 9 years ago

The FreeIPA 4.2 was already shaped (see [[milestone:FreeIPA 4.2]] milestone), this does not fit. Pushing out.

If anyone is willing to help and contribute to this one, please let us know!

adelton commented 8 years ago

Using systemd target might be one way to address it.

adelton commented 7 years ago

Replying to [comment:7 adelton]:

Using systemd target might be one way to address it.

In containerized FreeIPA servers https://github.com/adelton/docker-freeipa we use container-ipa.target and set it as default target so any "systemctl enable" calls during ipa-server-install enable those service in that target.

If any refactoring of the service setup of FreeIPA is done, it might be good to synchronize the effort.

Metadata Update from @mkosek:
- Issue assigned to someone
- Issue set to the milestone: FreeIPA 4.5 backlog

7 years ago

cheimes commented 3 years ago

389-DS has been using sd-notify for a while now https://pagure.io/389-ds-base/issue/47977

Metadata Update from @cheimes:
- Issue close_status updated to: None
- Issue set to the milestone: None (was: FreeIPA 4.5 backlog)

3 years ago

Metadata

Assignee

someone

Tags

None

Blocking

None

Depending on

None

Priority

normal

Milestone

None

affects_doc

None

source

None

knownissue

None

type

refactoring

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

todo

tester

None

changelog

None

design

None

freeipa

Source Code

#4552 Native systemd services Opened 9 years ago by mkosek. Modified 3 years ago

Close issue as:

Metadata

#4552 Native systemd services

Opened 9 years ago by mkosek. Modified 3 years ago