Some thoughts on switching daemons to be socket activated via systemd
Socket activation is a systemd feature for network daemons where systemd is responsible for opening and monitoring the Internet or local socket for a daemon, and it only starts the actual daemon when a client connects. This behavior mimics the venerable inetd but with rather more sophistication and features. A number of Linux distributions are a little bit in love with switching various daemons over to being socket activated this way, from the traditional approach where the daemon handles listening for connections itself (along with the sockets involved). Sometimes this goes well, and sometimes it doesn't.
There are a number of advantages to having a service (a daemon) activated by systemd through socket activation instead of running all the time:
- Services can simplify their startup ordering because their socket
is ready (and other services can start trying to talk to it) before
the daemon itself is ready. In fact, systemd can reliably know when
a socket is 'ready' instead of having to guess when a service has
gotten that far in its startup.
- Heavy-weight daemons don't have to be started until they're actually
needed. As a consequence, these daemons and their possibly slow
startup don't delay the startup of the overall system.
- The service (daemon) responsible for handling a particular socket can
often be restarted or swapped around without clients having to care.
- The daemon responsible for the service can shut down after a while if there's no activity, reducing resource usage on the host; since systemd still has the socket active, the service will just get restarted if there's a new client that wants to talk to it.
Socket activated daemons don't have to ever time out and exit on their own; they can hang around until restarted or explicitly stopped if they want to. But it's common to make them exit on their own after a timeout, since this is seen as a general benefit. Often this is actually convenient, especially on typical systems. For example, I believe many libvirt daemons exit if they're unused; on my Fedora workstations, this means they're often not running (I'm usually not running VMs on my desktops).
Apart from another systemd unit and the daemon having a deeper involvement with systemd, the downside of socket activation is that your daemon isn't immediately started and sometimes it may not be running. The advantage of daemons immediately starting on boot is that you know right away whether or not they could start, and if they're always running you don't have to worry about whether they'll restart under the system's current conditions (and perhaps some updated configuration settings). If the daemon has an expensive startup process, socket activation can mean that you have to wait for that on the first connection (or the first connection after things go idle), as systemd starts the daemon to handle your connection and the daemon goes through its startup.
Similarly, having the theoretical possibility for a daemon to exit if it's unused for long enough doesn't matter if it will never be unused for that long once it starts. For example, if a daemon has a deactivation timeout of two minutes of idleness and your system monitoring connects to it for a health check every 59 seconds, it's never going to time out (and it's going to be started very soon after the system boots, when the first post-boot health check happens).
PS: If you want to see all currently enabled systemd socket activations
on your machine, you want 'systemctl list-sockets
'. Most of them will
be local (Unix) sockets.
Comments on this page:
|
|