Linux – Systemd restart service if it’s not listening to a port

debianlinuxmonitoringsystemd

I've been using Systemd for a while in Debian 8. I use the Restart=on-failure option to waken-up a service in case of failure.

I will like to know if there is a way to force the restart of the service if it is not listening to a specific port (even if the process stills running).

The reason of why I need that is because we are developing the new feature to will fix this issue but it will require a while. Meanwhile we need a workaround.

I have developed a script to check that status:

#! /bin/bash
PORTS=( 1452 542 )
for port in ${PORTS[@]}; do
    netstat -anp | grep $port > /dev/null 2>&1
    if [ "$?" -ne 0 ]; then
        # Port blocked. Kill the running process and start it again after a while
done

This script is triggered periodically using the cron.I know it is a dirty trick. That's why I would like to integrate that behaviour in Systemd checking. Is that possible?

Thank you in advance.

Cheers,

Best Answer

I would suggest you approach it differently and use a dedicated monitoring tool to accomplish this.

My favourite monitoring tool which allows services to be restarted in case they crash, or are not listening at their configured port(s) anymore is monit: https://packages.debian.org/jessie/monit

There are plenty of examples in the configuration file, on this site and elsewhere about setting it up. I will list an example to give you an idea how simple it is to use, the example uses init.d however it can easily be converted to use systemd.

To test a process exists and is listening on a specific port and to start it when this test fails:

check process example with pidfile /var/run/example.pid
start program = "/etc/init.d/example start"
start program = "/etc/init.d/example stop"
if failed host 192.0.2.10 port 80 protocol http then restart
if 5 restarts within 5 cycles then timeout

You can leave out the protocol http part and monit will do just a simple tcp connect to test it out. The protocol argument does a more involved test to check whether something is actually responding to, for example, an http get request.

You need to make sure the process or service is started in such a way a corresponding pid file is created in /var/run. Monit itself doesn't take care of that. Normally if the service is started through an init script or systemd it should have a pid file in /var/run.

Related Solutions

Systemd – How to Set Environment Variable in Service

Times change and so do best practices.

The current best way to do this is to run systemctl edit myservice, which will create an override file for you or let you edit an existing one.

In normal installations this will create a directory /etc/systemd/system/myservice.service.d, and inside that directory create a file whose name ends in .conf (typically, override.conf), and in this file you can add to or override any part of the unit shipped by the distribution.

For instance, in a file /etc/systemd/system/myservice.service.d/myenv.conf:

[Service]
Environment="SECRET=pGNqduRFkB4K9C2vijOmUDa2kPtUhArN"
Environment="ANOTHER_SECRET=JP8YLOc2bsNlrGuD6LVTq7L36obpjzxd"

Also note that if the directory exists and is empty, your service will be disabled! If you don't intend to put something in the directory, ensure that it does not exist.

For reference, the old way was:

The recommended way to do this is to create a file /etc/sysconfig/myservice which contains your variables, and then load them with EnvironmentFile.

For complete details, see Fedora's documentation on how to write a systemd script.

Way to make systemctl start synchronous

I think you have already answered your own question.

If you want to fork a daemon as well as want systemctl to return the status code, Type=forking is the way to go. There's Type=oneshot as well. You should use this only when you expect your script/program to exit, as opposed to running as daemon. systemctl actually waits for the ExecStart= program to finish.

From my CentOS 7.1 machine:

[unixguy@infra01 system]$ pwd
/usr/lib/systemd/system
[unixguy@infra01 system]$ find ./ -type f | xargs grep 'Type='  | awk -F: '{print $2}' | sort | uniq -c | sort -nr | head -5
     64 Type=oneshot
     37 Type=forking
     11 Type=notify
      6 Type=idle
      6 Type=dbus
[unixguy@infra01 system]$ find ./ -type f | xargs grep 'Type=forking' | awk -F: '{print $1}' | head
./rc-local.service
./rdisc.service
./tcsd.service
./plymouth-kexec.service
./plymouth-halt.service
./plymouth-poweroff.service
./plymouth-reboot.service
./plymouth-start.service
./rpc-statd.service
./systemd-cfengine-bootstrap.service
[unixguy@infra01 system]$ find ./ -type f | xargs grep 'Type=oneshot' | awk -F: '{print $1}' | head
./systemd-kexec.service
./quotaon.service
./halt-local.service
./initrd-cleanup.service
./initrd-parse-etc.service
./initrd-switch-root.service
./initrd-udevadm-cleanup-db.service
./kmod-static-nodes.service
./systemd-binfmt.service
./systemd-backlight@.service

As you can see the daemon services are using Type=forking and one time execution services/scripts are using Type=oneshot

Best Answer

Related Solutions

Systemd – How to Set Environment Variable in Service

Way to make systemctl start synchronous

Related Topic