一、Unit
Systemd 可以管理所有系统资源, 不同的资源统称为 Unit(单位)。Unit一共分成12种。
- Service unit: 系统服务, 封装守护进程的启动、停止、重启和重载操作
- Target unit: 多个 Unit 构成的一个组, 对 Unit文件进行逻辑分组,引导其它 Unit 的执行。替代SysV-init 运行级别, 提供更灵活的基于特定设备事件的启动方式。
- Device Unit: 硬件设备, 对应 /dev目录下的设备,主要用于定义设备之间的依赖关系
- Mount Unit: 文件系统的挂载点, 定义系统结构层次中的一个挂载点,可以替代过去的 /etc/fstab 配置文件
- Automount Unit: 自动挂载点, 用于控制自动挂载文件系统,相当于 SysV-init 的 autofs 服务
- Path Unit: 文件或路径, 用于监控指定目录或文件的变化,并触发其它 Unit 运行
- Scope Unit: 这种 Unit 文件不是用户创建的,而是 Systemd 运行时产生的,描述一些系统服务的分组信息
- Slice Unit: 进程组, 用于表示一个 CGroup 的树,通常用户不会自己创建这样的 Unit 文件
- Snapshot Unit: Systemd 快照,可以切回某个快照, 表示一个由 systemctl snapshot 命令创建的 Systemd Units 运行状态快照
- Socket Unit: 进程间通信的 socket, 监控来自于系统或网络的数据消息,用于实现基于数据自动触发服务启动
- Swap Unit: swap 文件, 定义一个用户做虚拟内存的交换分区
- Timer Unit: 定时器, 用于配置在特定时间触发的任务,替代了 Crontab 的功能
[root@cl-server ~]# systemctl list-unit-files | grep slice | wc -l 6 [root@cl-server ~]# systemctl list-unit-files | grep socket | wc -l 14 [root@cl-server ~]# systemctl list-unit-files | grep target | wc -l 59 [root@cl-server ~]# systemctl list-unit-files | grep service | wc -l 158 [root@cl-server ~]# systemctl list-unit-files | grep timer | wc -l 5 [root@cl-server ~]# systemctl list-unit-files | grep mount | wc -l 13 [root@cl-server ~]# systemctl list-unit-files | grep scope | wc -l 5 [root@cl-server ~]# systemctl list-unit-files | grep path | wc -l 5
1.1 Unit 列表
# 列出正在运行的 Unit $ systemctl list-units # 列出所有Unit,包括没有找到配置文件的或者启动失败的 $ systemctl list-units --all # 列出所有没有运行的 Unit $ systemctl list-units --all --state=inactive # 列出所有加载失败的 Unit $ systemctl list-units --failed # 列出所有正在运行的、类型为 service 的 Unit $ systemctl list-units --type=service
[root@cl-server ~]# systemctl list-units UNIT LOAD ACTIVE SUB DESCRIPTION proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System sys-module-fuse.device loaded active plugged /sys/module/fuse emqx.service loaded active running emqx daemon multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network.target loaded active active Network [root@cl-server ~]# systemctl list-units --all UNIT LOAD ACTIVE SUB DESCRIPTION session-199.scope loaded active running Session 199 of user root session-200.scope loaded active running Session 200 of user root ● sysroot.mount not-found inactive dead sysroot.mount user-0.slice loaded active active User Slice of root ● ypbind.service not-found inactive dead ypbind.service [root@cl-server ~]# systemctl list-units --type=service UNIT LOAD ACTIVE SUB DESCRIPTION auditd.service loaded active running Security Auditing Service emqx.service loaded active running emqx daemon getty@tty1.service loaded active running Getty on tty1 irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the curren
- UNIT: 服务单位的名称。
- LOAD: 关于单元文件是否已加载到内存中的信息。
- ACTIVE: 高层单位文件激活状态,可以是激活、重新加载、非激活、失败、停用。它是SUB列的概括。
- SUB: 底层单位文件激活状态。该字段的值取决于单位类型。例如,类型服务单元可以处于下列状态之一:dead、exited、failed、inactive或running。
- DESCRIPTION: 单位文件的简短描述。
1.2 Unit 状态
[root@cl-server ~]# systemctl status ### 所有的服务状态 [root@cl-server ~]# systemctl status mysqld.service ● mysqld.service - MySQL Server Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled) Active: active (running) since 二 2021-12-14 11:13:25 CST; 4h 24min ago Docs: man:mysqld(8) Main PID: 954 (mysqld) Tasks: 28 Memory: 69.2M CGroup: /system.slice/mysqld.service └─954 /application/mysql/bin/mysqld --defaults-file=/etc/my.cnf ### 查看远程主机的服务 [root@cl-server ~]# systemctl -H cl-node01 status mysqld.service Unit mysqld.service could not be found. [root@cl-server ~]# systemctl -H cl-node01 status salt-minion.service ● salt-minion.service - The Salt Minion
### 显示某个 Unit 是否正在运行 [root@cl-server ~]# systemctl is-active mysqld.service active ### 显示某个 Unit 是否处于启动失败状态 [root@cl-server ~]# systemctl is-failed mysqld.service active ### 显示某个 Unit 服务是否建立了启动链接 [root@cl-server ~]# systemctl is-enabled mysqld.service enabled
1.3 Unit管理
start|stop|restart|kill|reload|show [root@cl-server ~]# systemctl reload mysqld.service Failed to reload mysqld.service: Job type reload is not applicable for unit mysqld.service. See system logs and 'systemctl status mysqld.service' for details. [root@cl-server ~]# systemctl show mysqld.service [root@cl-server ~]# systemctl show -p CPUShares mysqld.service CPUShares=18446744073709551615 ### 重载所有修改过的配置文件 [root@cl-server ~]# systemctl daemon-reload ### 设置某个 Unit 的指定属性 [root@cl-server ~]# systemctl set-property mysqld.service CPUShares=500 [root@cl-server ~]# systemctl show -p CPUShares mysqld.service CPUShares=500 ### 依赖关系 [root@cl-server ~]# systemctl list-dependencies [root@cl-server ~]# systemctl list-dependencies mysqld.service ### 显示所有的依赖,展开 Target类型 [root@cl-server ~]# systemctl list-dependencies --all mysqld.service
二、 Unit配置文件管理
每一个 Unit 都有一个配置文件,告诉 Systemd 怎么启动这个Unit。 配置文件的后缀名,就是该 Unit 的种类。 默认为service。
Systemd 默认从目录 /etc/systemd/system/ 读取配置文件, 里面存放的大部分文件都是符号链接,指向真正的配置文件存放的目录/usr/lib/systemd/system/。
systemctl enable 命令用于在上面两个目录之间,建立符号链接关系。
[root@cl-server multi-user.target.wants]# pwd /etc/systemd/system/multi-user.target.wants [root@cl-server multi-user.target.wants]# ll 总用量 0 lrwxrwxrwx. 1 root root 38 4月 8 2021 auditd.service -> /usr/lib/systemd/system/auditd.service lrwxrwxrwx 1 root root 38 4月 27 2021 docker.service -> /usr/lib/systemd/system/docker.service lrwxrwxrwx 1 root root 36 12月 13 16:02 emqx.service -> /usr/lib/systemd/system/emqx.service lrwxrwxrwx 1 root root 38 4月 9 2021 mysqld.service -> /usr/lib/systemd/system/mysqld.service [root@cl-server ~]# systemctl disable mysqld Removed symlink /etc/systemd/system/multi-user.target.wants/mysqld.service. [root@cl-server ~]# systemctl enable mysqld Created symlink from /etc/systemd/system/multi-user.target.wants/mysqld.service to /usr/lib/systemd/system/mysqld.service.
### 配置文件的状态 [root@cl-server ~]# systemctl list-unit-files UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static run-vmblock\x2dfuse.mount disabled auditd.service enabled autovt@.service enabled systemd-readahead-done.timer indirect
enabled: 已建立启动链接
disabled: 没建立启动链接
static: 该配置文件没有[Install]部分(无法执行),只能作为其他配置文件的依赖
masked: 该配置文件被禁止建立启动链接
一旦修改配置文件,就要让 Systemd 重新加载配置文件,然后重新启动,否则修改不会生效。
systemctl daemon-reload
三、Target 管理
启动系统时,需要启动大量的Unit。如果每一次启动,都要一一写明本次启动需要哪些Unit,显然非常不方便。 Systemd 的解决方案就是 Target。
Target 就是一个 Unit 组,包含许多相关的 Unit 。启动某个Target的时候, Systemd 就会启动里面所有的Unit。Target 类似于"状态点", 启动某个Target就好比启动到某种状态。
传统的init启动模式里面,有 RunLevel 的概念,跟 Target 的作用很类似。不同的是,RunLevel 是互斥的,不可能多个 RunLevel 同时启动,但是多个 Target 可以同时启动。
### 查看当前系统的所有 Target [root@cl-server ~]# systemctl list-unit-files --type=target ### 查看一个 Target 包含的所有 Unit [root@cl-server ~]# systemctl list-dependencies multi-user.target multi-user.target ● ├─auditd.service ● ├─chronyd.service ● ├─crond.service ...... ### 查看启动时的默认 Target [root@cl-server ~]# systemctl get-default multi-user.target ### 设置启动时的默认 Target [root@cl-server ~]# systemctl set-default multi-user.target Removed symlink /etc/systemd/system/default.target. Created symlink from /etc/systemd/system/default.target to /usr/lib/systemd/system/multi-user.target. [root@cl-server ~]# systemctl cat default.target # /usr/lib/systemd/system/multi-user.target # This file is part of systemd. # # systemd is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published by # the Free Software Foundation; either version 2.1 of the License, or # (at your option) any later version. [Unit] Description=Multi-User System Documentation=man:systemd.special(7) Requires=basic.target Conflicts=rescue.service rescue.target After=basic.target rescue.service rescue.target AllowIsolate=yes ### 切换 Target 时,默认不关闭前一个 Target 启动的进程, systemctl isolate 命令改变这种行为《》 ### 关闭前一个 Target 里面所有不属于后一个 Target 的进程 [root@cl-server ~]# systemctl isolate multi-user.target
Target 与 传统 RunLevel 的对应关系:
Traditional runlevel New target name Symbolically linked to... Runlevel 0 | runlevel0.target -> poweroff.target Runlevel 1 | runlevel1.target -> rescue.target Runlevel 2 | runlevel2.target -> multi-user.target Runlevel 3 | runlevel3.target -> multi-user.target Runlevel 4 | runlevel4.target -> multi-user.target Runlevel 5 | runlevel5.target -> graphical.target Runlevel 6 | runlevel6.target -> reboot.target 它与init进程的主要差别: 1. 默认的 RunLevel(在/etc/inittab文件设置)现在被默认的 Target 取代,位置是/etc/systemd/system/default.target,通常符号链接到graphical.target(图形界面)或者multi-user.target(多用户命令行)。 2. 启动脚本的位置,以前是/etc/init.d目录,符号链接到不同的 RunLevel 目录(比如/etc/rc3.d、/etc/rc5.d等),现在则存放在 /lib/systemd/system 和 /etc/systemd/system 目录。 3. 配置文件的位置,以前init进程的配置文件是/etc/inittab,各种服务的配置文件存放在/etc/sysconfig目录。现在的配置文件主要存放在/lib/systemd目录,在/etc/systemd目录里面的修改可以覆盖原始设置。
[root@cl-server ~]# systemctl --help systemctl [OPTIONS...] {COMMAND} ... Query or send control commands to the systemd manager. -h --help Show this help --version Show package version --system Connect to system manager -H --host=[USER@]HOST Operate on remote host -M --machine=CONTAINER Operate on local container -t --type=TYPE List units of a particular type --state=STATE List units with particular LOAD or SUB or ACTIVE state -p --property=NAME Show only properties by this name -a --all Show all loaded units/properties, including dead/empty ones. To list all units installed on the system, use the 'list-unit-files' command instead. -l --full Don't ellipsize unit names on output -r --recursive Show unit list of host and local containers --reverse Show reverse dependencies with 'list-dependencies' --job-mode=MODE Specify how to deal with already queued jobs, when queueing a new job --show-types When showing sockets, explicitly show their type -i --ignore-inhibitors When shutting down or sleeping, ignore inhibitors --kill-who=WHO Who to send signal to -s --signal=SIGNAL Which signal to send --now Start or stop unit in addition to enabling or disabling it -q --quiet Suppress output --no-block Do not wait until operation finished --no-wall Don't send wall message before halt/power-off/reboot --no-reload Don't reload daemon after en-/dis-abling unit files --no-legend Do not print a legend (column headers and hints) --no-pager Do not pipe output into a pager --no-ask-password Do not ask for system passwords --global Enable/disable unit files globally --runtime Enable unit files only temporarily until next reboot -f --force When enabling unit files, override existing symlinks When shutting down, execute action immediately --preset-mode= Apply only enable, only disable, or all presets --root=PATH Enable unit files in the specified root directory -n --lines=INTEGER Number of journal entries to show -o --output=STRING Change journal output mode (short, short-iso,short-precise, short-monotonic, verbose,export, json, json-pretty, json-sse, cat) --plain Print unit dependencies as a list instead of a tree Unit Commands: list-units [PATTERN...] List loaded units list-sockets [PATTERN...] List loaded sockets ordered by address list-timers [PATTERN...] List loaded timers ordered by next elapse start NAME... Start (activate) one or more units stop NAME... Stop (deactivate) one or more units reload NAME... Reload one or more units restart NAME... Start or restart one or more units try-restart NAME... Restart one or more units if active reload-or-restart NAME... Reload one or more units if possible, otherwise start or restart reload-or-try-restart NAME... Reload one or more units if possible, otherwise restart if active isolate NAME Start one unit and stop all others kill NAME... Send signal to processes of a unit is-active PATTERN... Check whether units are active is-failed PATTERN... Check whether units are failed status [PATTERN...|PID...] Show runtime status of one or more units show [PATTERN...|JOB...] Show properties of one or more units/jobs or the manager cat PATTERN... Show files and drop-ins of one or more units set-property NAME ASSIGNMENT... Sets one or more properties of a unit help PATTERN...|PID... Show manual for one or more units reset-failed [PATTERN...] Reset failed state for all, one, or more units list-dependencies [NAME] Recursively show units which are required or wanted by this unit or by which this unit is required or wanted Unit File Commands: list-unit-files [PATTERN...] List installed unit files enable NAME... Enable one or more unit files disable NAME... Disable one or more unit files reenable NAME... Reenable one or more unit files preset NAME... Enable/disable one or more unit files based on preset configuration preset-all Enable/disable all unit files based on preset configuration is-enabled NAME... Check whether unit files are enabled mask NAME... Mask one or more units unmask NAME... Unmask one or more units link PATH... Link one or more units files into the search path add-wants TARGET NAME... Add 'Wants' dependency for the target on specified one or more units add-requires TARGET NAME... Add 'Requires' dependency for the target on specified one or more units edit NAME... Edit one or more unit files get-default Get the name of the default target set-default NAME Set the default target Machine Commands: list-machines [PATTERN...] List local containers and host Job Commands: list-jobs [PATTERN...] List jobs cancel [JOB...] Cancel all, one, or more jobs Snapshot Commands: snapshot [NAME] Create a snapshot delete NAME... Remove one or more snapshots Environment Commands: show-environment Dump environment set-environment NAME=VALUE... Set one or more environment variables unset-environment NAME... Unset one or more environment variables import-environment [NAME...] Import all or some environment variables Manager Lifecycle Commands: daemon-reload Reload systemd manager configuration daemon-reexec Reexecute systemd manager System Commands: ### 系统管理 is-system-running Check whether system is fully running default Enter system default mode rescue Enter system rescue mode ### 救援状态(单用户状态) emergency Enter system emergency mode halt Shut down and halt the system ### CPU停止工作 poweroff Shut down and power-off the system ### 关闭系统,切断电源 reboot [ARG] Shut down and reboot the system ### 重启系统 kexec Shut down and reboot the system with kexec exit Request user instance exit switch-root ROOT [INIT] Change to a different root file system suspend Suspend the system ### 暂停系统 hibernate Hibernate the system ### 系统进入冬眠状态(关闭系统) hybrid-sleep Hibernate and suspend the system ### 进入交互式休眠状态