dynamic /bin /sbin

Chris Pressey cpressey at catseye.mb.ca
Fri Jul 25 19:43:31 PDT 2003


On Fri, 25 Jul 2003 15:14:02 -0700 (PDT)
Matthew Dillon <dillon at xxxxxxxxxxxxxxxxxxxx> wrote:

>     I really dislike service monitors, because it implies that a lack
>     of reliability exists which requires the monitor for robustness. 
>     I also reject the idea that a service monitor improves robustness.
>      In all
>     the embedded projects I had ever done all the service monitor does
>     is act like a watch dog.  If something goes wrong it screams merry
>     hell but it doesn't try to fix it.

Well, a service monitor "improves robustness" to exactly the same degree
a watchdog circuit "improves robustness", because that's exactly what it
is.  It's no _substitute_ for a reliable service by any means, but
things can and do fail (case in point, the current malloc discussion on
freebsd-stable,) so it's good to have a backup plan, even if it is just
"try, try again."

Monitors can have other uses too - e.g. if you have a set of parallel
processes that you want to succeed or fail as a unit, have them share
the same monitor, and when one of the processes dies, have the monitor
terminate them all.

fwiw, Erlang/OTP calls the "service monitor" design pattern a
"supervisor process", and has a very sophisticated framework for a
"supervision tree" where supervisors can supervise other supervisors.
Overkill for Dragonfly's needs I'm sure, but maybe of interest:

http://www.erlang.org/doc/r9b/doc/design_principles/sup_princ.html

-Chris





More information about the Kernel mailing list