| View previous topic :: View next topic |
| Author |
Message |
schorsch_76
Guru
Joined: 19 Jun 2012
Posts: 452
|
 Posted: Sat Aug 08, 2015 11:35 am Post subject: Permanently check service if it is running |
 |
|
Hi,
i hae my gentoo based router which runs with openrc. Sometimes the shorewall doesnt start, so i wrote a script and added it in a cron.2min. Now it gets started when it is down. So far so good.
| Code: | cat check-runlevel.sh
#!/bin/sh
rc default > /dev/null 2>&1 |
Can i instrument openrc to check that all services and bring them all up when thy are down? In my case i rely on vixie-cron to bring up all again if it is down. Is there an rc.conf option? I didnt find one ....
rc_crashed_start=YES
did not do what i want....
_________________
// valid again: I forgot about the git access. Now 1.2GB big. Start: 2015-06-25
git daily portage tree
Web: https://github.com/schorsch1976/portage
git clone https://github.com/schorsch1976/portage |
|
| Back to top |
|
 |
Buffoon
Veteran
Joined: 17 Jun 2015
Posts: 1369
Location: EU or US
|
|
| Back to top |
|
|
khayyam
Watchman
Joined: 07 Jun 2012
Posts: 6227
Location: Room 101
|
| Posted: Sat Aug 08, 2015 2:24 pm Post subject: Re: Permanently check service if it is running |
|
|
| schorsch_76 wrote: | | i hae my gentoo based router which runs with openrc. Sometimes the shorewall doesnt start, so i wrote a script and added it in a cron.2min. Now it gets started when it is down. So far so good. |
schorsch_76 ... starting shorewall, similarly to anything that 'provide[s] firewall', is a one time deal, it's not a daemon, and so no process supervision is required. I suspect the issue is either due to how you have shorewall configured, its dependent modules being loaded or not, or (most likely) where in the chain of dependency its started (ie, its not started *before* the interfaces are). If it's the latter then you should be able to resolve the issue by making an explicit rc_need for 'firewall', eg:
/etc/conf.d/net
| Code: | rc_net_eth0_need="firewall"
rc_net_eth1_need="firewall" |
This will make sure that shorewall is started before 'net.eth0' and 'net.eth1'. That is something of a guess, it may be that with the time it takes to load modules, parse the shorewall.conf, and load the ruleset, openrc is seeing the delay as a failure (ie, a timeout is reached), difficult to say, but given that 'rc default' then succeeds it suggests this isn't an explicit fail but a timing issue.
You might be able to provide a start_wait for the shorewall service so that openrc will wait to check that it does return 0.
/etc/conf.d/net
| Code: | | rc_shorewall_start_wait=100 |
... '100' is milliseconds.
| schorsch_76 wrote: | | Code: | cat check-runlevel.sh
#!/bin/sh
rc default > /dev/null 2>&1 |
|
It's overkill to run such a script on a two minute interval, if shorewall is failing to start (in a timely manner) then it's an issue that needs a fix at the point of failure. Again, shorewall is not a daemon, it can't be monitored, calling 'rc default' constantly is simply overkill.
| schorsch_76 wrote: | | Can i instrument openrc to check that all services and bring them all up when thy are down? In my case i rely on vixie-cron to bring up all again if it is down. Is there an rc.conf option? I didnt find one .... |
openrc doesn't do process supervision by default, there is the possibility to use monit or other tools for such things, but in this case its completely un-needed.
| schorsch_76 wrote: | | rc_crashed_start=YES |
openrc will attempt to start crashed services by default, so YES is the default value. Your 'crash' may not be a crash but an exit value other than 0 (success) ... and as it doesn't happen consistently that suggests it's some factor (like execution time) that is the root cause.
HTH & best ... khay |
|
| Back to top |
|
|
schorsch_76
Guru
Joined: 19 Jun 2012
Posts: 452
|
| Posted: Sat Aug 08, 2015 2:46 pm Post subject: |
|
|
Yes, its dependant on my ppp0 interface. If net.ppp0 is not up (which depends on my ISP), the shorewall refuses to start properly. If it is failed one time, it doesnt get started again if net.ppp0 gets up again. Soon i am two weeks not at home, but my family needs the internet, so i need a "brute force reliable" solution to get it up and running when i am not at home.
ofc i know, that it is just a onetime deal. The problem is the net forwarding which is provided by the shorewall aka. kernel iptables.
Thanks for the suggestions 
_________________
// valid again: I forgot about the git access. Now 1.2GB big. Start: 2015-06-25
git daily portage tree
Web: https://github.com/schorsch1976/portage
git clone https://github.com/schorsch1976/portage |
|
| Back to top |
|
|
toralf
Developer
Joined: 01 Feb 2004
Posts: 3940
Location: Hamburg
|
| Posted: Sat Aug 08, 2015 3:34 pm Post subject: |
|
|
I personally prefer something like | Code: | | while :; do <do it>; sleep 60; done |
isntead of a 2-minute-cron job - b/c cron might spam your syslog full. |
|
| Back to top |
|
|
Buffoon
Veteran
Joined: 17 Jun 2015
Posts: 1369
Location: EU or US
|
|
| Back to top |
|
|
schorsch_76
Guru
Joined: 19 Jun 2012
Posts: 452
|
| Posted: Sat Aug 08, 2015 5:25 pm Post subject: |
|
|
Daemontools is about process supervision. my ppp0 and shorewall problem, both, are not really daemons. Ok, pppd is a daemon but it needs to run to get a pppoe connection. I need the information that there is a connection esablished. The problem gets even worse because there is also my openvpn.client running whose connection gets controlled by the shorewall/iptables too. Again: Daemon but the status of the running connection is important ...
I have already on my test partition runit installed and it can startup most of it, but right now, my trip is fast coming closer and i need a bulletproof solution.....  Yes, daemontools, runit, minit are all suited but i am right now not familiar enough with them to know "This will for sure work!". The problem with runit is, as i already wrote in my comments on the runit thread, to supervise the status of the connections and "one time jobs".
_________________
// valid again: I forgot about the git access. Now 1.2GB big. Start: 2015-06-25
git daily portage tree
Web: https://github.com/schorsch1976/portage
git clone https://github.com/schorsch1976/portage |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54578
Location: 56N 3W
|
| Posted: Sat Aug 08, 2015 5:42 pm Post subject: |
|
|
schorsch_76,
I must either be missing something or be lucky.
I use shorewall for my router running in a KVM. My internet is pppoe too.
Shorewall runs once at boot and when you prod it. It parses its rules file(s) writes the IPtables rules and exits.
Hmm ... my pppoe is done in the bare metal and bridged to the KVM, so the KVM does not see pppoe come and go.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
schorsch_76
Guru
Joined: 19 Jun 2012
Posts: 452
|
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54578
Location: 56N 3W
|
| Posted: Sat Aug 08, 2015 6:36 pm Post subject: |
|
|
schorsch_76,
"modems" are not as dumb as you may think.
I have the BT provided equivelent. It has a MIPS processor and some firmware inside.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
steveL
Watchman
Joined: 13 Sep 2006
Posts: 5153
Location: The Peanut Gallery
|
| Posted: Sun Aug 16, 2015 9:51 am Post subject: |
|
|
| schorsch_76 wrote: | | Yes, its dependant on my ppp0 interface. If net.ppp0 is not up (which depends on my ISP), the shorewall refuses to start properly. If it is failed one time, it doesnt get started again if net.ppp0 gets up again. Soon i am two weeks not at home, but my family needs the internet, so i need a "brute force reliable" solution to get it up and running when i am not at home. |
This sounds like rc_need="net.ppp0" in /etc/conf.d/shorewall (given /etc/init.d/shorewall.)
| Quote: | ofc i know, that it is just a onetime deal. The problem is the net forwarding which is provided by the shorewall aka. kernel iptables.
..
my ppp0 and shorewall problem, both, are not really daemons. Ok, pppd is a daemon but it needs to run to get a pppoe connection. I need the information that there is a connection esablished. The problem gets even worse because there is also my openvpn.client running whose connection gets controlled by the shorewall/iptables too. Again: Daemon but the status of the running connection is important ... |
I'd take a look at using dhcpcd, since it does support ppp (see VinzC's 3rd post), along with the dependent services page.
If you need any help, then post in that forum topic: UberLord is the dhcpcd developer, Roy Marples, who is the creator of openrc as well, a former Gentoo developer, and very helpful (ie: he's a good bloke, as well as a talented coder.) |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Other Things Gentoo
