#209 Please define policy regarding instantiated application services
Closed: Fixed None Opened 11 years ago by lennart.

I have recently been talking to a number of web hoster folks. There's one thing that was a common request from them that they'd like to see implemented in Fedora (and RHEL) natively: support for running multiple vhost instances of Apache, MySQL and similar services in parallel (each listening on a different port) without complex manual writing of init scripts/unit files.

In systemd we support instantiated services, i.e. services where a single unit file template can be instantiated easily a number of times. I'd like to see a packaging policy defined that suggests that packages make use of this for easy support of vhosts, so that (in the best case) a simple "systemctl enable" line is sufficient to create a new instance of one of these services.

Here's a bit of (rough) brainstorming of what the policy should contain:

  • Services that shall be multi-instantiable MUST ship both a normal non-template unit file (for the default non-instantiated case) and a template version.

  • If a service ships both a template unit file version and a non-template unit file version and provides a service that is enabled by default after package installation it MUST enable the non-template unit file version.

  • The template version should include "-vhost" in the unit file name. Example: for Apache the non-template service is called httpd.service, the template for vhosts should then be httpd-vhost@.service.

  • The instance identifier (i.e. the "bar" part of "foo-vhost@bar.service") SHOULD be either a port number or a short admin defined ID that is used to look up the port number and other configuration from the file system.

  • If a service requires a per-instance directory or file on disk, the template unit file SHOULD invoke the necessary commands to set this up via ExecStartPre=, so that starting an instance is sufficient to get the instance to work.

We probably should include an example for this. Here is one for Apache. The current non-template version of httpd.service looks like this:

{{{
/usr/lib/systemd/system/httpd.service
[Unit]
Description=The Apache HTTP Server
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
PIDFile=/run/httpd/httpd.pid
EnvironmentFile=/etc/sysconfig/httpd
ExecStart=/usr/sbin/httpd $OPTIONS
ExecReload=/usr/sbin/httpd $OPTIONS -k graceful
ExecStop=/usr/sbin/httpd $OPTIONS -k graceful-stop
PrivateTmp=true

[Install]
WantedBy=multi-user.target
}}}

The template version would then be something like this:

{{{
/usr/lib/systemd/system/httpd-vhost@.service
[Unit]
Description=The Apache HTTP Service for VHost %i
After=network.target remote-fs.target nss-lookup.target

[Service]
Environment=VHOST_ID=%i
ExecStartPre=-/usr/bin/ln -s /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.%i.conf
ExecStart=/usr/sbin/httpd -f /etc/httpd/conf/httpd.%i.conf -DNO_DETACH -DVHOST_INSTANCE
PrivateTmp=true
}}}

The "ln -s" line would symlink the main httpd.conf onto a specific version for the instance. If that file already exists it would simply fail, and not do anything. The default httpd.conf we ship should then use ${VHOST_ID} to key a few config options off the instance name, such as the DocumentRoot and the port number.

With all this in place it should be sufficient to run commands like these to start thre instances of httpd each listening on a different port:

{{{
systemctl start httpd-vhost@8080.service
systemctl start httpd-vhost@8081.service
systemctl start httpd-vhost@8082.service
}}}


I don't know why this was never discussed. I'm not sure it's even still relevant, but I'll bump it to a meeting.

We discussed this at this weeks meeting (​​​http://meetbot.fedoraproject.org/fedora-meeting-1/2015-01-08/fpc.2015-01-08-17.01.txt), summary is:

  • 209 Please define policy regarding instantiated application


    (geppetto, 18:00:10)
  • LINK: https://fedorahosted.org/fpc/ticket/209 (geppetto, 18:00:10)

  • 208 Please add policy regarding socket activated services

    (geppetto, 18:02:10)

  • LINK: https://fedorahosted.org/fpc/ticket/208 (geppetto, 18:02:10)
  • ACTION: Someone needs to write the policy, feel free to try to work
    with someone experienced with writing policy to help you (geppetto,
    18:03:23)

The committee still needs information (and a draft) in order to be able to properly consider this. It's been a month, and I'll go ahead and close this in another month if there's still nothing for us to look at.

Closing. Please feel free to reopen in the future if you like.

Metadata Update from @james:
- Issue assigned to tibbs

7 years ago

Login to comment on this ticket.

Metadata