DragonFly kernel List (threaded) for 2003-07
Re: dynamic /bin /sbin
On Fri, 25 Jul 2003 15:14:02 -0700 (PDT)
Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx> wrote:
> I really dislike service monitors, because it implies that a lack
> of reliability exists which requires the monitor for robustness.
> I also reject the idea that a service monitor improves robustness.
> In all
> the embedded projects I had ever done all the service monitor does
> is act like a watch dog. If something goes wrong it screams merry
> hell but it doesn't try to fix it.
Well, a service monitor "improves robustness" to exactly the same degree
a watchdog circuit "improves robustness", because that's exactly what it
is. It's no _substitute_ for a reliable service by any means, but
things can and do fail (case in point, the current malloc discussion on
freebsd-stable,) so it's good to have a backup plan, even if it is just
"try, try again."
Monitors can have other uses too - e.g. if you have a set of parallel
processes that you want to succeed or fail as a unit, have them share
the same monitor, and when one of the processes dies, have the monitor
terminate them all.
fwiw, Erlang/OTP calls the "service monitor" design pattern a
"supervisor process", and has a very sophisticated framework for a
"supervision tree" where supervisors can supervise other supervisors.
Overkill for Dragonfly's needs I'm sure, but maybe of interest: