On 30/09/2022 11:21 pm, Laurent Bercot wrote:
> A service that keeps crashing is an abnormal condition
Yes - sometimes that's what villains like to do :)
> Note that I don't think making the restart delay configurable is a good
> trade-off. It adds complexity, size and failure cases to the s6-supervise
> code, it adds another file to a service directory for users to remember,
> it adds another avenue for configuration mistakes causing downtime, all
> that to save resources for a pathological case. The difference between
> 0 second and 1 second of free CPU is significant; longer delays have
> diminishing returns.
I'm not sure that its entirely pathological, as I also use 'finish' with
a 'sleep' and timeout-finish in an effort to reduce SROP issues. Its
also fairly common for us to have a loadavg of 4x ncores.
In the general case, yes if you want a process running then it should be
up asap, and for that I'm very appreciative. :)
Ref:
For ROP
https://en.wikipedia.org/wiki/Return-oriented_programming
SROP
https://www.cs.vu.nl/~herbertb/papers/srop_sp14.pdf
Received on Tue Oct 11 2022 - 02:38:19 CEST