 So welcome everybody And a big hand please for our speaker mr. Laura Berco Thank you, and good morning Okay, so the title of the talk is a bit of a misnomer because we will talk a lot about in its systems and a little bit about s6 We do not have much time. So we will skim it will be very superficial. I will be asserting lots of things So if you have questions, please come talk to me after the presentation and I will and I will be able to explain and Dive a little deeper, but here we will not have the time to go deep Let's start show of hands Whatever your in it system be it system D or anything else. Are you happy with it? Raise your hands if you are happy with your in it system Okay, hands down if you are not happy with your in it system, please raise your hands It's a wash. It's it's a wash. I still say that it could be perfected. It could be a hundred percent Why are there still people unhappy with their in its system? It's because no in its system be it a traditional one or one of the new ones Has been I dare say properly designed. Let us change that in this talk No less. So what is an in its system in the first place? The problem is that in it is a very overloaded term. It's vague terminology The in it was actually happened because nobody had a real clear vision of what an in its system is or should be So I postulate that there are four elements to an in its system The first element is has been in it, which is the first process that the kernel Actually runs at boot time The second element is PID one, which is the process that runs as process one for most of the machine lifetime It does not have to be the same program as has been in it for instance in embedded devices In it has been in it is often a shell script that does a few few things and then execute into a big application That runs as PID one for the rest of the machine lifetime The third element of an in its system is process supervision We will talk about that The fourth element of an in its system is service management. We also talk about that in the latest slide Those four elements do not necessarily have to run in the same process. You can have all of these parts Scattered a call processes. This is not often the case. It is the case with supervision suites and service and service managers So let us define process supervision a Long-lived process a demon is supervised when it is spawned by the supervision tree Which is a set of stable long-lived processes started at boot time by PID one often? This supervision tree is itself reduced to PID one for instance with system D or with system five in it system the The supervision tree is just in it and it supervises processes directly So supervision is a good pattern. You do not have to take my word for it. Just I can explain that later The service is stable and launched in a reproducible environment The fact that the services are launched in a reproducible environment is a vital point only the big guys system D and friends and supervision suites do that correctly traditional in its systems do not and This is one of the main arguments of system D against system five in it It's that is that you need a lot of buoyant play to be able to launch your services in a kind of reproducible environment And not even then and it's a fair argument. It's true Of course process supervision only applies to demons, which is long-run processes short-lived services Do not care about supervision What is service management? So by definition a service manager is the program that handles the machine state at boot time It brings all the services up at shut down time. It brings all the services down More generally it brings the machine state from it brings a machine from one state to another You have an example of that in system five in it with run levels run levels are a primitive way of managing services Run levels are a set of service states when you change run levels some services go down some services go up You change states What are services? Well, they can be one Okay, they can be one shot which means short-lived programs with side effects for instance set the system clock or Bring up a network interface They all can be long runs. Does that work? Maybe it's me they also can be long runs, which means demons It's this HD C slot D. Whatever as long as the demon is up the service is up All services be there one shot or long runs have dependencies and it's the job of the service manager to actually enforce those dependencies What does that mean? If a depends on B, then they should never be a state for the machine where a is up and B is not Else it doesn't work if you do not have that enforcement. It's not it's not a real service manager so Given the in its we have what features do do they offer? So on the one hand you have the big guys the integrated in its systems system D launch D upstart. Maybe some others They offer all thoughts all the four elements In one package has been in it PID one process provision service management They also offer much more which is the main problem of integrated in its systems Is that they do a lot more than? than the four elements and All the rest is out of scope on the other hand you have your traditional in its systems system five in its BSD in its they offer an has been in it to PID one they offer a primitive way of Supervising of supervising services via etc any tab for system five in it or via etc get it wise for BSD in it They also have a service manager, but it is not included in the init package It comes with something else It comes as a bunch of shell scripts for system 5 unit you have system 5 RC for and form BSD Need to have ETC RC, which is the service manager Those are generally a bunch of scripts that perform service startup and shut down Independencies are manually enforced by the administrator in the file system I have listed two other examples of things that pass as an in its system Open RC, which is well known Am I hitting that? Yeah, that would be better Okay, so open RC, which is Not an in its system It's actually a service manager with some attempts at supervision, but you also need an in it program to go with it I have also listed Epoch the epoch in its system, which is quite similar to system 5 in it and and system 5 RC bundled together It's a new approach of the implementation of system 5 in it But it does not question fundamentally the design of it open RC Same thing is a new is a new approach to the implementation of a service manager, but it does not question the design Okay, so this is something completely different This is the Damon tools family, which you probably have heard of if you were here in to listen to this talk The problem with supervision managed by ETC in a tab as in system 5 in it or busybox in it is that it is Impractical it's very static and nobody uses it for anything else than the get it wise if you look at your default ETC in a tab You will see some lines for to boot the system and actually the service manager You will also see lines for get it wise and not much else This is the stock default configuration and nobody ever changes it. There is a reason for a reason for it It's impractical to change a service to add or remove a service You have to edit the fire then send send a signal to in it. It's hard to make it work in 1998 Daniel Bernstein DJB wrote Damon tools, which is the first project offering flexible process supervision It is the the grandfather of all supervision suits suites And for the first time it was realistic to supervise all your all your demons on a system with it So later on of course it was imperfect. It was a pioneer So later on there were other other there were other attempts to improve on that There were for instance diamond tools and core. They were there was run it Which is probably today the best known supervision suite There was perp which is less known, but but it's still it's still part of the diamond tools family And it works. There is a six all of those are supervision suites I have also added a word for Nosh, which is a suite of tools, which is very similar to s6 Go check it. Have a look if you're interested The problem is it's in c++. It's it's quite different from from all the rest and it's less economical The problem with supervision suites, which are sweet, but not that much is that there are only one fourth of an in its system If a full featured in its in it needs all four parts and nothing more run it provides And there's been in it and the PID one, but it does not provide a service manager for instance And there is an initiative In void Linux the distribution void Linux to use run it as an in the system The problem is it doesn't have a service manager So they need sometimes they sometimes need hacks to make it to to make it work with one-shot services The hacks are long runs that do nothing So let's talk about s6 since we have four minutes left now S6 is a supervision suites. What does it also provide? It provides a portable PID one It provides hook it provides hooks for service manager integration They are today two service managers that are designed to work with s6 and OPA and s6 RC And those work on top of s6. They are not integrated to the super to the supervision suite itself It's a different set of programs that is designed to work on the hooks that s6 provides so it For now we are lacking an has been in it program Which is the last element in an in an in its system The problem is that s6 is designed to be portable and has been in it cannot be portable because it's highly System-specific so the approach that we have is we create automatically a script That is suitable as an has been in it program and that and the way we create the script is dependent on the operating system So for now we have that for lead for Linux and welcoming contributions for other operating systems Just a word about the technical aspects of s6 because that's why makes a difference between it and the others So I post too late You do not have to take my word for it that s6 has been designed right the module the modularity and layering of the Different layers has been done right S6 RC the service manager is a parallel service manager Whereas most of the other ones open RC mostly and epoch for instance start and stop the services serially S6 RC is the only service manager that provides a reproducible launch environment Which we saw it was a necessary for demons, but it also does it for one shots. It's the only one that does it It's portable to any POSIX system S6 is pure see all the dependencies are control and are controlled and it is easy to bootstrap just to configure and make and you're done S6 is notification. It never pulls so it's usable in energy constrained environment such as in embedded boxes and devices It's lightweight. It uses two megabytes of disk which is not light But it's disk is cheap and as far as RAM and CPU are concerned, which are the real scarce resources It uses practically nothing you can test it and I have numbers you can talk to me after that S6 is made of very little code and and it has extremely short paths If you s trace system D from the from from the boots phase And if you straight if you s trace s6, you will have a very very different listing So how can you use it today? So s6 is packaged in all good distributions As mechanism now and not not as policy which means that you will have the programs package You will not have a supervision tree run and services running with it for now You have to do to do that yourself S6 is used today as PID one in a lot of Docker containers, especially with the S6 overlay package Which is made which was made to help you use a six SV scan Which is the root of the supervision tree for six as PID one in your container The service manager integration with the distribution requires support and joint work with the distribution So that so that is what we are doing now and we are going to do in the foresee the foreseeable future There are plans to make a six and the six RC an alternative to be the box in it plus open RC in the alpine land Alpine Linux distribution Okay, so if you want to learn more you have those links We have a channel on free node. I have a Twitter and please come to me Right now after the presentation or tomorrow. I would still be here. Thank you for listening Thank you very much Laura I Think we have time for a couple of more questions, but I'm gonna hand you back this mic so we can use the other one To hand around cool. So anybody any questions, please raise your hand So if we have no more questions, then