Tweaks to Linux Ease Management
With an experimental new init system from Ubuntu and virtualization in the kernel, Linux is making gains in management and ease.
Ubuntu has an interesting project called Upstart, which is a replacement for the traditional Unix init system. The goals of Upstart are ambitious: to modernize and streamline the boot process, control user tasks, and manage services. Currently these things are managed with a multitude of different utilities: cron, atd, anacron, init, telinit, udev, acpid, apmd, ifupdown, module-init-tools, inetd, xinetd, update-rc.d, etc.init.d, /etc/rc*d, and gosh knows what-all. So Upstart intends to replace sysvinit and initscripts, and to replace all the service and task managers- cron, atd, inetd, and so forth- with a single daemon. To make it even more fun, they are preserving backwards-compatibility for a period of time to make the transition easier for users. If you're running *buntu Edgy, you're already seeing Upstart in action.
It doesn't do a lot yet beyond replace /etc/inittab, which you will notice is gone without anyone saying much about it, or replacing it with some kind of informative placeholder. The /etc/event.d directory replaces it, which looks scary since it replaces a single nice easy-to-understand file to a whole directory of separate files. But fear not, for it replaces more than /etc/inittab- soon it will replace all of /etc/init.d.
Why do something like this? After all, the venerable old sysvinit has served well for decades. But the times they are a' changing. Linux's 2.6 kernel delivered major gains in hardware functionality and management, thanks to power management, USB, udev and hotplugging. This has turned booting and device management upside-down. In the olden days both desktops and servers were pretty much unchanging- keyboards, mice, monitors, and printers were connected via specialized ports. Keyboards, mice, and monitors had to be connected when the system booted or it wouldn't see them. So booting and device management were static and predictable. Only laptops had hotplugging via PCMCIA or Cardbus slots, which could hotplug all manner of devices: Ethernet adapters, external IDE and SCSI drives, external monitors, MIDI interfaces and game ports, Token ring adapters, sound cards, and whatever else could be made to work.
Then along came USB everywhere, and now we can hotplug anything anytime. In fact Linux now treats all devices, including internal drives and PCI devices, as hotpluggable and manages them with the udev subsystem. Anything with a USB connector can be hotplugged: printers, scanners, storage devices, network cards, PDAs, you name it. But this presents some new issues: impermanent device names, and unreliable availablity at boot time. Yes, you can edit files in /etc/udev/rules.d to create permanent device names, and then stuff them in /etc/fstab to get mounted at boot time. But the Upstart devs have a vision for something even better: an event-based init daemon that responds to actual events generate by the system, rather than relying on static configurations.
This opens up the possibility for all kinds of automagical goodness, because any system event can trigger the init daemon to do something. Like starting and stopping certain programs when you plug in and remove devices like PDAs, cameras, music players, or USB keys. Or mounting a network filesystem when it becomes available. Or triggering an alert when a certain file changes. Or speeding up boot times, because the kernel won't waste time waiting for something that is not available. Or trigger a script to run when a device is connected or removed, or a filesystem becomes available. Yes, we can do a lot of these things now, but in a kludgy, over-complicated way.
The Upstart developers promise to take it slowly, since these are fundamental system functions, and to try very hard not to break things all to heck. Debian users may also play with Upstart, since it is now in the Experimental repository. See Resources for all kinds of links to informative documents.
Kool Kernel Stuff
The 2.6 Linux kernel has undergone amazing progress in a short time frame, so much so that I don't bother with reporting on every point release. But the latest release, 2.6.20, caught my interest initially because of Linus' typically droll introduction:
"As ICD head analyst Walter Dickweed put it: "Releasing a new kernel on Superbowl Sunday means that the important 'pasty white nerd' constituency finally has something to do while the rest of the country sits comatose in front of their 65" plasma screens"."
And then because of shiny features like KVM, the Kernel-based Virtual Machine. Xen is the virtualization media darling, but it's not the only game in town. KVM runs unmodified Linux and Windows guest operating systems. Yeah, right, you say, slow like early versions of VMWare. Actually, performance should be pretty good because KVM requires Intel CPUs that have VT (which is a clever abbreviation for "Virtualization Technology") extensions, or AMD CPUs with AMD-V, which is the same thing with a different name. If you're wondering if your system is equipped with either of these, run this command to find out:
$ egrep '^flags.*(vmx|svm)' /proc/cpuinfo
This release includes official support for the Sony Playstation 3, with patches contributed by Sony engineers, so for you folks who like running Linux on Playstations, this one's for you. It's not complete support—it doesn't include drivers, but it does save you from having to patch the kernel.
2.6.20 incorporates multi-threaded USB probing, which should shave a few seconds off boot times. The new improved generic HID (Human Interface Device) layer replaces the old not-generic HID layer, which only supported USB devices. Now it's capable of supporting any subsystem: Bluetooth, PS/2, serial ports, and whatever else you want to throw at it.
The minimum required compiler is now gcc 3.2.
The current Netfilter implementation may cause woe and cause your existing ruleset to not work anymore, because of changed configuration names. The kernel developers are unamused by these changes. To quote Linus Torvalds:
"I do think that the netfilter team has been very irritating in changing the config names, even if it "is logical". Somebody should stop the madness, and tell people what config options they need for a regular iptables setup like this."
This shouldn't affect anyone who relies on distribution kernels, which presumably are tested, but could bite users who download and build iptables from sources. The easy workaround is "enable everything."
The good news about iptables is more improvements to VoIP-related connection tracking- a SIP helper port, and a H.323 helper port. SIP is notoriously difficult to get through NAT firewalls. Fortunately the Netfilter team have been hard at work adding and improving SIP connection-tracking to iptables, which has been in the mainline kernel since 2.6.18.
The last thing I deem noteworthy is the addition of a sizable number of hardware drivers. Check out the complete change list at Kernelnewbies.org to see if anything you need is in there.
- Upstart in Universe
- Linux: 2.6.20 Kernel Released
- regression: iptables failed to load rules
- Complete change list at Kernelnewbies.org
- Tips and Tricks for the Linux Network Admin includes some sample iptables rules for SIP connection-tracking.