Psmon

From Atomicorp Wiki
Revision as of 17:05, 7 June 2017 by Mshinn (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Contents

Process Monitor

ASL includes a process monitor to ensure that services configured to run by the chkconfig or systemctl systems continue to run. If a service dies, ASL will automatically restart the process.

Adding services to monitor

To add a service, simply enable it via chkconfig or systemctl and then generate the ASL policy for the systems current start. The following steps will do this:

Step 1: enable a service

As the root user, run the command:

systemctl enable <servicename>

Example:

systemctl enable httpd

Step 2: Generate the ASL policy

asl -s -f

And you're done.

Removing services to monitor

To remove a service, simply disable it via chkconfig or systemctl and then generate the ASL policy for the systems current start. The following steps will do this:

Step 1: enable a service

As the root user, run the command:

systemctl disable <servicename>

Example:

systemctl disable httpd

Step 2: Generate the ASL policy

asl -s -f

And you're done.

Disabling PSMON

Note: It is not recommended that you disable the process monitor. Doing so will also tell ASL to not monitor its own services, and if a service fails for any reason ASL will not restart the service.

1) edit /etc/asl/config, set the following:

PSMON_ENABLED="no"

2) Update the security policy:

asl -s -f

3) kill the psmon process(es):

killall -9 psmon


4) Remove the packaage:

rpm -e psmon --nodeps

Centos/Redhat 7

These platforms use systemd, which has its own process monitoring capability. psmon is only used to monitor processes that do not use systemd.

monitoring processes with systemd

systemd is a system and service manager for Linux which has replaced the initd system. It can also monitor and restart processes like psmon can do. To monitor and automatically restart a process, follow the process below:

1) Check to make sure the service is managed by systemd

Each service will have a service file in the /etc/systemd/system directory for the run level the service is to start in. For the purposes of this example, the multi-user run level will be used, which is the most common run level Linux servers will start in. If you do not know what this means, your system is probably pre-configured to boot into the multi-user run level.

Make sure the service has a functional systemd init script located at:

/etc/systemd/system/multi-user.target.wants/service.service

Where service.service is the name of the service, for excample httpd.service.

2) (Optional) If the service is not already enabled, enable the service

sudo systemctl enable service.service

Again, replace service.service with the name of the service you want to enable, for example, httpd.service

This will create a symlink in /etc/systemd/system/multi-user.target.wants/ that looks like the following (do NOT create this symlink manually):

lrwxrwxrwx 1 root root 38 Jan 13 11:54 /etc/systemd/system/multi-user.target.wants/service.service -> /usr/lib/systemd/system/service.service

This will enable automatic starting after a reboot.

3) Configure the service to automatically restart

Edit the /etc/systemd/system/multi-user.target.wants/service.service file. It should contain a line like the example below under the [Service] section:

Restart=always

If this is not set to "always", set it to always and the service will be automatically restarted if it crashes (and systemd is able to restart it).

4) Reload the systemd daemon

sudo systemctl daemon-reload


5) Restart the service

sudo systemctl restart service.service

6) (Optional but recommended) Test to see if the service is started on reboot

sudo reboot

7) Kill the process to see if it automatically restarts

As root, run these commands:

killall -9 service

ps auxwww | grep service

Note: Replace service with the service name you want to test, for example httpd

Wait a few seconds and verify if the service has been restarted.

Personal tools