systemctl命令使用说明
1、命令概述
Systemctl是一个systemd工具,主要负责控制systemd系统和服务管理器。
Systemd是一个系统管理守护进程、工具和库的集合,用于取代System V初始进程。Systemd的功能是用于集中管理和配置类UNIX系统。
在Linux生态系统中,Systemd被部署到了大多数的标准Linux发行版中,只有为数不多的几个发行版尚未部署。Systemd通常是所有其它守护进程的父进程,但并非总是如此。
CentOS7之后从init完全换成了systemd的启动方式,systemd 启动服务的机制主要是通过 systemctl 的这个系统服务管理指令来处理。systemctl在用法上也囊括 service / chkconfig / setup / init 的大部分功能。
2、命令语法
systemctl【选项】 【服务】
3、命令选项
status:查看服务状态
start:启动服务
stop:停止服务
restart:重启服务
enable:使某服务开机自启
disable:关闭某服务开机自启
list-units:列举所有运行中单元
list-unit-files:列出所有可用单元
list-unit-files --type=service:列出所有服务(包括启用和禁用)
list-unit-files --type=mount:列出所有系统挂载点
list-unit-files –type=socket:列出所有可用系统套接口
list-failed:列出所有启动失败的服务
is-enabled:查看某个服务是否开机自启
is-active:查看某个服务现在是否开启
kill:杀死某个服务
reload:重新加载某个服务配置文件
show:检查某个服务的所有配置细节
list-dependencies:获取某个服务的依赖性列表
get-default:列出当前系统的运行等级
mask:屏蔽(使其无法启动)某个服务
umask:取消屏蔽
4、命令示例
4.1 status 查看 firewalld 服务的状态
1 [root@localhost ~]# systemctl status firewalld.service
2 ● firewalld.service - firewalld - dynamic firewall daemon 3 Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) 4 Active: active (running) since 二 2019-10-08 15:58:24 CST; 1 weeks 1 days ago 5 Docs: man:firewalld(1) 6 Main PID: 12434 (firewalld) 7 CGroup: /system.slice/firewalld.service 8 └─12434 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid 9 10 10月 08 15:58:24 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon... 11 10月 08 15:58:24 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon. 12 [root@localhost ~]#
4.2 start 启动 firewalld服务
1 [root@localhost ~]# systemctl start firewalld.service
4.3 stop 停止 firewalld 服务
1 [root@localhost ~]# systemctl stop firewalld.service
4.4 restart 重启 firewalld 服务
1 [root@localhost ~]# systemctl restart firewalld.service
4.5 enable 开启 firewalld 服务开机自动启动
1 [root@localhost ~]# systemctl enable firewalld.service
4.6 disable 关闭 firewalld 服务开机自动启动
1 [root@localhost ~]# systemctl disable firewalld.service
2 Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. 3 Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. 4 [root@localhost ~]#
4.7 list-units:列举所有运行中单元
1 [root@localhost ~]# systemctl list-units
4.8 list-unit-files:列出所有可用单元
1 [root@localhost ~]# systemctl list-unit-files
4.9 --list-failed:列出所有失败的服务
1 [root@localhost ~]# systemctl --failed 2 0 loaded units listed. Pass --all to see loaded but inactive units, too. 3 To show all installed unit files use 'systemctl list-unit-files'. 4 [root@localhost ~]#
4.10 is-enabled 查看 firewalld 服务是否开机启动
1 [root@localhost ~]# systemctl is-enabled firewalld.service
2 enabled 3 [root@localhost ~]#
4.11 kill 杀死 firewalld 服务
1 [root@localhost ~]# systemctl kill firewalld.service 2 [root@localhost ~]# systemctl status firewalld.service 3 ● firewalld.service - firewalld - dynamic firewall daemon 4 Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) 5 Active: inactive (dead) since 四 2019-10-17 15:15:24 CST; 21s ago 6 Docs: man:firewalld(1) 7 Process: 3659 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS) 8 Main PID: 3659 (code=exited, status=0/SUCCESS) 9 10 10月 17 15:07:56 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon... 11 10月 17 15:07:56 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon. 12 [root@localhost ~]#
4.12 reload 重新加载 firewalld 服务
1 [root@localhost ~]# systemctl reload firewalld.service
4.13 is-active 查看 firewalld 服务现在是否开启
1 [root@localhost ~]# systemctl is-active firewalld.service 2 active 3 [root@localhost ~]#
4.14 list-unit-files --type=service:列出所有服务
1 [root@localhost ~]# systemctl list-unit-files --type=service
4.15 list-unit-files --type=mount:列出所有系统挂载点
1 [root@localhost ~]# systemctl list-unit-files --type=mount 2 UNIT FILE STATE 3 dev-hugepages.mount static 4 dev-mqueue.mount static 5 proc-sys-fs-binfmt_misc.mount static 6 sys-fs-fuse-connections.mount static 7 sys-kernel-config.mount static 8 sys-kernel-debug.mount static 9 tmp.mount disabled 10 11 7 unit files listed. 12 [root@localhost ~]#
4.16 挂载、卸载、重新挂载、重载系统挂载点并检查系统中挂载点状态
# systemctl start tmp.mount
# systemctl stop tmp.mount
# systemctl restart tmp.mount
# systemctl reload tmp.mount
# systemctl status tmp.mount
# systemctl is-active tmp.mount
# systemctl enable tmp.mount
# systemctl disable tmp.mount
4.17 列出所有可用系统套接口
1 [root@localhost ~]# systemctl list-unit-files –type=socket 2 UNIT FILE STATE 3 4 0 unit files listed. 5 [root@localhost ~]#
4.18 检查某个服务(firewalld)的所有配置细节
1 [root@localhost ~]# systemctl show firewalld.service
4.19 获取某个服务(firewalld)的依赖性列表
1 [root@localhost ~]# systemctl list-dependencies firewalld.service
4.20 get-default:列出当前系统的运行等级
1 [root@localhost ~]# systemctl get-default 2 multi-user.target 3 [root@localhost ~]#
4.21 获取某个服务当前CPU的份额
1 [root@localhost ~]# systemctl show -p CPUShares firewalld.service 2 CPUShares=18446744073709551615 3 [root@localhost ~]# systemctl show -p CPUShares sshd.service 4 CPUShares=18446744073709551615 5 [root@localhost ~]#
注意:每个服务的默认值都为CPUShare = 1024.您可以增加/减少进程的CPU份额。
4.22 将服务的CPU份额(httpd)限制为2000 CPUShares /
1 [root@localhost ~]# systemctl set-property httpd.service CPUShares=2000
注意:为服务设置CPUShare时,会创建一个名为service的目录(httpd.service.d),其中包含一个包含CPUShare Limit信息的文件90-CPUShares.conf。 您可以将文件视为:
# cat /etc/systemd/system/httpd.service.d/90-CPUShares.conf
[Service]
CPUShares=2000
4.23 分析服务的关键链(firewalld.service):
1 [root@localhost ~]# systemd-analyze critical-chain firewalld.service 2 The time after the unit is active or started is printed after the "@" character. 3 The time the unit takes to start is printed after the "+" character. 4 5 firewalld.service +267ms 6 └─dbus.service @1.643s 7 └─basic.target @1.627s 8 └─sockets.target @1.627s 9 └─dbus.socket @1.627s 10 └─sysinit.target @1.626s 11 └─systemd-update-utmp.service @1.615s +10ms 12 └─systemd-tmpfiles-setup.service @1.288s +14ms 13 └─rhel-import-state.service @1.232s +55ms 14 └─local-fs.target @1.232s 15 └─boot.mount @1.186s +45ms 16 └─dev-disk-by\x2duuid-806549af\x2dd314\x2d4cb2\x2db124\x2d8599a95e12bd.device @1.186s 17 [root@localhost ~]#
4.24 按层次列出控制组
1 [root@localhost ~]# systemd-cgls 2 ├─1 /usr/lib/systemd/systemd --system --deserialize 23 3 ├─user.slice 4 │ └─user-0.slice 5 │ └─session-255.scope 6 │ ├─ 7970 systemd-cgls 7 │ ├─ 7971 less 8 │ ├─29914 sshd: root@pts/1 9 │ └─29918 -bash 10 └─system.slice 11 ├─firewalld.service 12 │ └─4430 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid 13 ├─tuned.service 14 │ └─12941 /usr/bin/python2 -Es /usr/sbin/tuned -l -P 15 ├─polkit.service
4.25 根据CPU,内存,输入和输出列出控制组
1 [root@localhost ~]# systemd-cgtop 2 Path Tasks %CPU Memory Input/s Output/s 3 4 / 174 - 1.4G - - 5 /system.slice/NetworkManager.service 1 - - - - 6 /system.slice/auditd.service 1 - - - - 7 /system.slice/chronyd.service 1 - - - - 8 /system.slice/crond.service 1 - - - - 9 /system.slice/dbus.service 1 - - - - 10 /system.slice/firewalld.service 1 - - - - 11 /system.slice/irqbalance.service 1 - - - - 12 /system.slice/polkit.service 1 - - - - 13 /system.slice/postfix.service 3 - - - - 14 /system.slice/rsyslog.service 1 - - - - 15 /system.slice/sshd.service 1 - - - - 16 /system.slice/system-getty.slice/getty@tty1.service 1 - - - - 17 /system.slice/systemd-journald.service 1 - - - -
4.26 启动救援模式
1 [root@localhost ~]# systemctl rescue
4.27 进入紧急模式
1 [root@localhost ~]# systemctl emergency
4.28 分析systemd启动过程
1 [root@localhost ~]# systemd-analyze 2 Startup finished in 418ms (kernel) + 1.421s (initrd) + 3.471s (userspace) = 5.311s 3 [root@localhost ~]#
4.29 分析每个进程在引导时花费的时间
1 [root@localhost ~]# systemd-analyze blame 2 354ms NetworkManager-wait-online.service 3 294ms postfix.service 4 280ms network.service 5 267ms firewalld.service 6 266ms dev-sda5.device 7 185ms NetworkManager.service 8 154ms tuned.service 9 126ms auditd.service 10 102ms rhel-dmesg.service 11 101ms systemd-user-sessions.service 12 64ms sys-kernel-debug.mount 13 64ms dev-hugepages.mount 14 63ms systemd-remount-fs.service
4.30 分析启动时的关键链
1 [root@localhost ~]# systemd-analyze critical-chain 2 The time after the unit is active or started is printed after the "@" character. 3 The time the unit takes to start is printed after the "+" character. 4 5 multi-user.target @3.469s 6 └─NetworkManager.service @2.549s +185ms 7 └─network-pre.target @2.548s 8 [root@localhost ~]#
