1PMCD(1) General Commands Manual PMCD(1)
2
3
4
6 pmcd - performance metrics collector daemon
7
9 pmcd [-AfQSv] [-c config] [-C dirname] [-H hostname] [-i ipaddress] [-l
10 logfile] [-L bytes] [-M certname] [-[n|N] pmnsfile] [-p port[,port
11 ...]] [-P passfile] [-q timeout] [-s sockname] [-T traceflag] [-t
12 timeout] [-U username] [-x file]
13
15 pmcd is the collector used by the Performance Co-Pilot (see PCPIn‐
16 tro(1)) to gather performance metrics on a system. As a rule, there
17 must be an instance of pmcd running on a system for any performance
18 metrics to be available to the PCP.
19
20 pmcd accepts connections from client applications running either on the
21 same machine or remotely and provides them with metrics and other
22 related information from the machine that pmcd is executing on. pmcd
23 delegates most of this request servicing to a collection of Performance
24 Metrics Domain Agents (or just agents), where each agent is responsible
25 for a particular group of metrics, known as the domain of the agent.
26 For example the postgresql agent is responsible for reporting informa‐
27 tion relating to the PostgreSQL database, such as the transaction and
28 query counts, indexing and replication statistics, and so on.
29
30 The agents may be processes started by pmcd, independent processes or
31 Dynamic Shared Objects (DSOs, see dlopen(3)) attached to pmcd's address
32 space. The configuration section below describes how connections to
33 agents are specified.
34
35 The options to pmcd are as follows.
36
37 -A Disable service advertisement. By default, pmcd will advertise
38 its presence on the network using any available mechanisms (such
39 as Avahi/DNS-SD), assisting remote monitoring tools with finding
40 it. These mechanisms are disabled with this option.
41
42 -c config
43 On startup pmcd uses a configuration file from either the
44 $PCP_PMCDCONF_PATH, configuration variable in /etc/pcp.conf, or
45 an environment variable of the same name. However, these values
46 may be overridden with config using this option. The format of
47 this configuration file is described below.
48
49 -C dirname
50 Specify the path to the Network Security Services certificate
51 database, for (optional) secure connections. The default is
52 /etc/pki/nssdb. Refer also to the -P option. If it does not
53 already exist, this database can be created using the certutil
54 utility. This process and other certificate database mainte‐
55 nance information is provided in the PCPIntro(1) manual page and
56 the online PCP tutorials.
57
58 -f By default pmcd is started as a daemon. The -f option indicates
59 that it should run in the foreground. This is most useful when
60 trying to diagnose problems with misbehaving agents.
61
62 -H hostname
63 This option can be used to set the hostname that pmcd will use
64 to represent this instance of itself. This is used by client
65 tools like pmlogger(1) when reporting on the (possibly remote)
66 host. If this option is not set, the pmcd.hostname metric will
67 match that returned by pmhostname(1). Refer to the manual page
68 for that tool for full details on how the hostname is evaluated.
69
70 -i ipaddress
71 This option is usually only used on hosts with more than one
72 network interface. If no -i options are specified pmcd accepts
73 connections made to any of its host's IP (Internet Protocol)
74 addresses. The -i option is used to specify explicitly an IP
75 address that connections should be accepted on. ipaddress
76 should be in the standard dotted form (e.g. 100.23.45.6). The
77 -i option may be used multiple times to define a list of IP
78 addresses. Connections made to any other IP addresses the host
79 has will be refused. This can be used to limit connections to
80 one network interface if the host is a network gateway. It is
81 also useful if the host takes over the IP address of another
82 host that has failed. In such a situation only the standard IP
83 addresses of the host should be given (not the ones inherited
84 from the failed host). This allows PCP applications to deter‐
85 mine that a host has failed, rather than connecting to the host
86 that has assumed the identity of the failed host.
87
88 -l logfile
89 By default a log file named pmcd.log is written in the directory
90 $PCP_LOG_DIR/pmcd. The -l option causes the log file to be
91 written to logfile instead of the default. If the log file can‐
92 not be created or is not writable, output is written to the
93 standard error instead.
94
95 -L bytes
96 PDUs received by pmcd from monitoring clients are restricted to
97 a maximum size of 65536 bytes by default to defend against
98 Denial of Service attacks. The -L option may be used to change
99 the maximum incoming PDU size.
100
101 -M certname
102 By default, pmcd will try to use a certificate called PCP Col‐
103 lector certificate . The -M option allows this to be changed.
104
105 -n pmnsfile
106 Normally pmcd loads the default Performance Metrics Name Space
107 (PMNS) from $PCP_VAR_DIR/pmns/root, however if the -n option is
108 specified an alternative namespace is loaded from the file pmns‐
109 file.
110
111 -N pmnsfile
112 Same function as -n, except for the handling of duplicate Per‐
113 formance Metric Identifiers (PMIDs) in pmnsfile - duplicate
114 names are allowed with -n they are not allowed with -N.
115
116 -P passfile
117 Specify the path to a file containing the Network Security Ser‐
118 vices certificate database password for (optional) secure con‐
119 nections, and for databases that are password protected. Refer
120 also to the -C option. When using this option, great care
121 should be exercised to ensure appropriate ownership ("pcp" user,
122 typically) and permissions on this file (0400, so as to be
123 unreadable by any user other than the user running the pmcd
124 process).
125
126 -q timeout
127 The pmcd to agent version exchange protocol (new in PCP 2.0 -
128 introduced to provide backward compatibility) uses this timeout
129 to specify how long pmcd should wait before assuming that no
130 version response is coming from an agent. If this timeout is
131 reached, the agent is assumed to be an agent which does not
132 understand the PCP 2.0 protocol. The default timeout interval
133 is five seconds, but the -q option allows an alternative timeout
134 interval (which must be greater than zero) to be specified. The
135 unit of time is seconds.
136
137 -Q Require that all remote client connections provide a certficate.
138
139 -S Require that all client connections provide user credentials.
140 This means that only unix domain sockets, or authenticated con‐
141 nections are permitted (requires secure sockets support). If
142 any user or group access control requirements are specified in
143 the pmcd configuration file, then this mode of operation is
144 automatically entered, whether the -S flag is specified or not.
145
146 -s sockname
147 Specify the path to a local unix domain socket (for platforms
148 supporting this socket family only). The default value is
149 $PCP_RUN_DIR/pmcd.socket.
150
151 -t timeout
152 To prevent misbehaving clients or agents from hanging the entire
153 Performance Metrics Collection System (PMCS), pmcd uses timeouts
154 on PDU exchanges with clients and agents running as processes.
155 By default the timeout interval is five seconds. The -t option
156 allows an alternative timeout interval in seconds to be speci‐
157 fied. If timeout is zero, timeouts are turned off. It is
158 almost impossible to use the debugger interactively on an agent
159 unless timeouts have been turned off for its "parent" pmcd.
160
161 Once pmcd is running, the timeout may be dynamically modified by
162 storing an integer value (the timeout in seconds) into the met‐
163 ric pmcd.control.timeout via pmstore(1).
164
165 -T traceflag
166 To assist with error diagnosis for agents and/or clients of pmcd
167 that are not behaving correctly, an internal event tracing mech‐
168 anism is supported within pmcd. The value of traceflag is
169 interpreted as a bit field with the following control functions:
170
171 1 enable client connection tracing
172 2 enable PDU tracing
173 256 unbuffered event tracing
174
175 By default, event tracing is buffered using a circular buffer
176 that is over-written as new events are recorded. The default
177 buffer size holds the last 20 events, although this number may
178 be over-ridden by using pmstore(1) to modify the metric
179 pmcd.control.tracebufs.
180
181 Similarly once pmcd is running, the event tracing control may be
182 dynamically modified by storing 1 (enable) or 0 (disable) into
183 the metrics pmcd.control.traceconn, pmcd.control.tracepdu and
184 pmcd.control.tracenobuf. These metrics map to the bit fields
185 associated with the traceflag argument for the -T option.
186
187 When operating in buffered mode, the event trace buffer will be
188 dumped whenever an agent connection is terminated by pmcd, or
189 when any value is stored into the metric pmcd.control.dumptrace
190 via pmstore(1).
191
192 In unbuffered mode, every event will be reported when it occurs.
193
194 -U username
195 User account under which to run pmcd. The default is the
196 unprivileged "pcp" account in current versions of PCP, but in
197 older versions the superuser account ("root") was used by
198 default.
199
200 -v Verify the pmcd configuration file, reporting on any errors then
201 exiting with a status indicating verification success or fail‐
202 ure.
203
204 -x file
205 Before the pmcd logfile can be opened, pmcd may encounter a
206 fatal error which prevents it from starting. By default, the
207 output describing this error is sent to /dev/tty but it may
208 redirected to file.
209
210 If a PDU exchange with an agent times out, the agent has violated the
211 requirement that it delivers metrics with little or no delay. This is
212 deemed a protocol failure and the agent is disconnected from pmcd. Any
213 subsequent requests for information from the agent will fail with a
214 status indicating that there is no agent to provide it.
215
216 It is possible to specify access control to pmcd based on users, groups
217 and hosts. This allows one to prevent users, groups of users, and cer‐
218 tain hosts from accessing the metrics provided by pmcd and is described
219 in more detail in the Section on ACCESS CONTROL below.
220
222 On startup pmcd looks for a configuration file named $PCP_PMCD‐
223 CONF_PATH. This file specifies which agents cover which performance
224 metrics domains and how pmcd should make contact with the agents. An
225 optional section specifying access controls may follow the agent con‐
226 figuration data.
227
228 Warning: pmcd is usually started as part of the boot sequence and runs
229 initially as root. The configuration file may contain shell commands
230 to create agents, which will be executed by root. To prevent security
231 breaches the configuration file should be writable only by root. The
232 use of absolute path names is also recommended.
233
234 The case of the reserved words in the configuration file is unimpor‐
235 tant, but elsewhere, the case is preserved.
236
237 Blank lines and comments are permitted (even encouraged) in the config‐
238 uration file. A comment begins with a ``#'' character and finishes at
239 the end of the line. A line may be continued by ensuring that the last
240 character on the line is a ``\'' (backslash). A comment on a continued
241 line ends at the end of the continued line. Spaces may be included in
242 lexical elements by enclosing the entire element in double quotes. A
243 double quote preceded by a backslash is always a literal double quote.
244 A ``#'' in double quotes or preceded by a backslash is treated liter‐
245 ally rather than as a comment delimiter. Lexical elements and separa‐
246 tors are described further in the following sections.
247
249 Each line of the agent configuration section of the configuration file
250 contains details of how to connect pmcd to one of its agents and speci‐
251 fies which metrics domain the agent deals with. An agent may be
252 attached as a DSO, or via a socket, or a pair of pipes.
253
254 Each line of the agent configuration section of the configuration file
255 must be either an agent specification, a comment, or a blank line.
256 Lexical elements are separated by whitespace characters, however a sin‐
257 gle agent specification may not be broken across lines unless a \
258 (backslash) is used to continue the line.
259
260 Each agent specification must start with a textual label (string) fol‐
261 lowed by an integer in the range 1 to 510. The label is a tag used to
262 refer to the agent and the integer specifies the domain for which the
263 agent supplies data. This domain identifier corresponds to the domain
264 portion of the PMIDs handled by the agent. Each agent must have a
265 unique label and domain identifier.
266
267 For DSO agents a line of the form:
268
269 label domain-no dso entry-point path
270
271 should appear. Where,
272
273 label is a string identifying the agent
274 domain-no is an unsigned integer specifying the agent's domain in
275 the range 1 to 510
276 entry-point is the name of an initialization function which will be
277 called when the DSO is loaded
278 path designates the location of the DSO and this is expected
279 to be an absolute pathname. pmcd is only able to load
280 DSO agents that have the same simabi (Subprogram Inter‐
281 face Model ABI, or calling conventions) as it does (i.e.
282 only one of the simabi versions will be applicable). The
283 simabi version of a running pmcd may be determined by
284 fetching pmcd.simabi. Alternatively, the file(1) command
285 may be used to determine the simabi version from the pmcd
286 executable.
287
288 For a relative path the environment variable PMCD_PATH
289 defines a colon (:) separated list of directories to
290 search when trying to locate the agent DSO. The default
291 search path is $PCP_SHARE_DIR/lib:/usr/pcp/lib.
292
293 For agents providing socket connections, a line of the form
294
295 label domain-no socket addr-family address [ command ]
296
297 should appear. Where,
298
299 label is a string identifying the agent
300 domain-no is an unsigned integer specifying the agent's domain in
301 the range 1 to 510
302 addr-family designates whether the socket is in the AF_INET, AF_INET6
303 or AF_UNIX domain, and the corresponding values for this
304 parameter are inet, ipv6 and unix respectively.
305 address specifies the address of the socket within the previously
306 specified addr-family. For unix sockets, the address
307 should be the name of an agent's socket on the local host
308 (a valid address for the UNIX domain). For inet and ipv6
309 sockets, the address may be either a port number or a
310 port name which may be used to connect to an agent on the
311 local host. There is no syntax for specifying an agent
312 on a remote host as a pmcd deals only with agents on the
313 same machine.
314 command is an optional parameter used to specify a command line
315 to start the agent when pmcd initializes. If command is
316 not present, pmcd assumes that the specified agent has
317 already been created. The command is considered to start
318 from the first non-white character after the socket
319 address and finish at the next newline that isn't pre‐
320 ceded by a backslash. After a fork(2) the command is
321 passed unmodified to execve(2) to instantiate the agent.
322
323 For agents interacting with the pmcd via stdin/stdout, a line of the
324 form:
325
326 label domain-no pipe protocol command
327
328 should appear. Where,
329
330 label is a string identifying the agent
331 domain-no is an unsigned integer specifying the agent's domain
332 protocol The value for this parameter should be binary.
333
334 Additionally, the protocol can include the notready key‐
335 word to indicate that the agent must be marked as not
336 being ready to process requests from pmcd. The agent will
337 explicitly notify the pmcd when it is ready to process
338 the requests by sending a PM_ERR_PMDAREADY PDU. For fur‐
339 ther details of this protocol, including a description of
340 the IPC parameters that can be specified in a PMDA
341 Install script with the ipc_prot parameter, see the rele‐
342 vant section in PMDA(3).
343
344 command specifies a command line to start the agent when pmcd
345 initializes. Note that command is mandatory for pipe-
346 based agents. The command is considered to start from
347 the first non-white character after the protocol parame‐
348 ter and finish at the next newline that isn't preceded by
349 a backslash. After a fork(2) the command is passed
350 unmodified to execve(2) to instantiate the agent.
351
353 The access control section of the configuration file is optional, but
354 if present it must follow the agent configuration data. The case of
355 reserved words is ignored, but elsewhere case is preserved. Lexical
356 elements in the access control section are separated by whitespace or
357 the special delimiter characters: square brackets (``['' and ``]''),
358 braces (``{'' and ``}''), colon (``:''), semicolon (``;'') and comma
359 (``,''). The special characters are not treated as special in the
360 agent configuration section. Lexical elements may be quoted (double
361 quotes) as necessary.
362
363 The access control section of the file must start with a line of the
364 form:
365
366 [access]
367
368 Leading and trailing whitespace may appear around and within the brack‐
369 ets and the case of the access keyword is ignored. No other text may
370 appear on the line except a trailing comment.
371
372 Following this line, the remainder of the configuration file should
373 contain lines that allow or disallow operations from particular hosts
374 or groups of hosts.
375
376 There are two kinds of operations that occur via pmcd:
377
378 fetch allows retrieval of information from pmcd. This may be
379 information about a metric (e.g. its description,
380 instance domain, labels or help text) or a value for a
381 metric. See pminfo(1) for further information.
382
383 store allows pmcd to be used to store metric values in agents
384 that permit store operations. This may be the actual
385 value of the metric (e.g. resetting a counter to zero).
386 Alternatively, it may be a value used by the PMDA to
387 introduce a change to some aspect of monitoring of that
388 metric (e.g. server side event filtering) - possibly
389 even only for the active client tool performing the
390 store operation, and not others. See pmstore(1) for
391 further information.
392
393 Access to pmcd can be granted in three ways - by user, group of users,
394 or at a host level. In the latter, all users on a host are granted the
395 same level of access, unless the user or group access control mechanism
396 is also in use.
397
398 User names and group names will be verified using the local /etc/passwd
399 and /etc/groups files (or an alternative directory service), using the
400 getpwent(3) and getgrent(3) routines.
401
402 Hosts may be identified by name, IP address, IPv6 address or by the
403 special host specifications ``"unix:"'' or ``"local:"''. ``"unix:"''
404 refers to pmcd's unix domain socket, on supported platforms.
405 ``"local:"'' is equivalent to specifying ``"unix:"'' and ``localhost``.
406
407 Wildcards may also be specified by ending the host identifier with the
408 single wildcard character ``*'' as the last-given component of an
409 address. The wildcard ``".*"'' refers to all inet (IPv4) addresses.
410 The wildcard ``":*"'' refers to all IPv6 addresses. If an IPv6 wild‐
411 card contains a ``::'' component, then the final ``*'' refers to the
412 final 16 bits of the address only, otherwise it refers to the remaining
413 unspecified bits of the address.
414
415 The wildcard ``*'' refers to all users, groups or host addresses,
416 including ``"unix:"''. Names of users, groups or hosts may not be
417 wildcarded.
418
419 The following are all valid host identifiers:
420
421 boing
422 localhost
423 giggle.melbourne.sgi.com
424 129.127.112.2
425 129.127.114.*
426 129.*
427 .*
428 fe80::223:14ff:feaf:b62c
429 fe80::223:14ff:feaf:*
430 fe80:*
431 :*
432 "unix:"
433 "local:"
434 *
435
436 The following are not valid host identifiers:
437
438 *.melbourne
439 129.127.*.*
440 129.*.114.9
441 129.127*
442 fe80::223:14ff:*:*
443 fe80::223:14ff:*:b62c
444 fe80*
445
446 The first example is not allowed because only (numeric) IP addresses
447 may contain a wildcard. The second and fifth examples are not valid
448 because there is more than one wildcard character. The third and sixth
449 contain an embedded wildcard, the fourth and seventh have a wildcard
450 character that is not the last component of the address (the last com‐
451 ponents are 127* and fe80* respectively).
452
453 The name localhost is given special treatment to make the behavior of
454 host wildcarding consistent. Rather than being 127.0.0.1 and ::1, it
455 is mapped to the primary inet and IPv6 addresses associated with the
456 name of the host on which pmcd is running. Beware of this when running
457 pmcd on multi-homed hosts.
458
459 Access for users, groups or hosts are allowed or disallowed by specify‐
460 ing statements of the form:
461
462 allow users userlist : operations ;
463 disallow users userlist : operations ;
464 allow groups grouplist : operations ;
465 disallow groups grouplist : operations ;
466 allow hosts hostlist : operations ;
467 disallow hosts hostlist : operations ;
468
469 list userlist, grouplist and hostlist are comma separated
470 lists of one or more users, groups or host identifiers.
471
472 operations is a comma separated list of the operation types
473 described above, all (which allows/disallows all opera‐
474 tions), or all except operations (which allows/disallows
475 all operations except those listed).
476
477 Either plural or singular forms of users, groups, and hosts keywords
478 are allowed. If this keyword is omitted, a default of hosts will be
479 used. This behaviour is for backward-compatibility only, it is prefer‐
480 able to be explicit.
481
482 Where no specific allow or disallow statement applies to an operation,
483 the default is to allow the operation from all users, groups and hosts.
484 In the trivial case when there is no access control section in the con‐
485 figuration file, all operations from all users, groups, and hosts are
486 permitted.
487
488 If a new connection to pmcd is attempted by a user, group or host that
489 is not permitted to perform any operations, the connection will be
490 closed immediately after an error response PM_ERR_PERMISSION has been
491 sent to the client attempting the connection.
492
493 Statements with the same level of wildcarding specifying identical
494 hosts may not contradict each other. For example if a host named clank
495 had an IP address of 129.127.112.2, specifying the following two rules
496 would be erroneous:
497
498 allow host clank : fetch, store;
499 disallow host 129.127.112.2 : all except fetch;
500
501 because they both refer to the same host, but disagree as to whether
502 the fetch operation is permitted from that host.
503
504 Statements containing more specific host specifications override less
505 specific ones according to the level of wildcarding. For example a
506 rule of the form
507
508 allow host clank : all;
509
510 overrides
511
512 disallow host 129.127.112.* : all except fetch;
513
514 because the former contains a specific host name (equivalent to a fully
515 specified IP address), whereas the latter has a wildcard. In turn, the
516 latter would override
517
518 disallow host * : all;
519
520 It is possible to limit the number of connections from a user, group or
521 host to pmcd. This may be done by adding a clause of the form
522
523 maximum n connections
524
525 to the operations list of an allow statement. Such a clause may not be
526 used in a disallow statement. Here, n is the maximum number of connec‐
527 tions that will be accepted from the user, group or host matching the
528 identifier(s) used in the statement.
529
530 An access control statement with a list of user, group or host identi‐
531 fiers is equivalent to a set of access control statements, with each
532 specifying one of the identifiers in the list and all with the same
533 access controls (both permissions and connection limits). A group
534 should be used if you want users to contribute to a shared connection
535 limit. A wildcard should be used if you want hosts to contribute to a
536 shared connection limit.
537
538 When a new client requests a connection, and pmcd has determined that
539 the client has permission to connect, it searches the matching list of
540 access control statements for the most specific match containing a con‐
541 nection limit. For brevity, this will be called the limiting state‐
542 ment. If there is no limiting statement, the client is granted a con‐
543 nection. If there is a limiting statement and the number of pmcd
544 clients with user ID, group ID, or IP addresses that match the identi‐
545 fier in the limiting statement is less than the connection limit in the
546 statement, the connection is allowed. Otherwise the connection limit
547 has been reached and the client is refused a connection.
548
549 Group access controls and the wildcarding in host identifiers means
550 that once pmcd actually accepts a connection from a client, the connec‐
551 tion may contribute to the current connection count of more than one
552 access control statement - the client's host may match more than one
553 access control statement, and similarly the user ID may be in more than
554 one group. This may be significant for subsequent connection requests.
555
556 Note that pmcd enters a mode where it runs effectively with a higher-
557 level of security as soon as a user or group access control section is
558 added to the configuration. In this mode only authenticated connec‐
559 tions are allowed - either from a SASL authenticated connection, or a
560 Unix domain socket (which implicitly passes client credentials). This
561 is the same mode that is entered explicitly using the -S option.
562 Assuming permission is allowed, one can determine whether pmcd is run‐
563 ning in this mode by querying the value of the pmcd.fea‐
564 ture.creds_required metric.
565
566 Note also that because most specific match semantics are used when
567 checking the connection limit, for the host-based access control case,
568 priority is given to clients with more specific host identifiers. It
569 is also possible to exceed connection limits in some situations. Con‐
570 sider the following:
571
572 allow host clank : all, maximum 5 connections;
573 allow host * : all except store, maximum 2 connections;
574
575 This says that only 2 client connections at a time are permitted for
576 all hosts other than "clank", which is permitted 5. If a client from
577 host "boing" is the first to connect to pmcd, its connection is checked
578 against the second statement (that is the most specific match with a
579 connection limit). As there are no other clients, the connection is
580 accepted and contributes towards the limit for only the second state‐
581 ment above. If the next client connects from "clank", its connection
582 is checked against the limit for the first statement. There are no
583 other connections from "clank", so the connection is accepted. Once
584 this connection is accepted, it counts towards both statements' limits
585 because "clank" matches the host identifier in both statements. Remem‐
586 ber that the decision to accept a new connection is made using only the
587 most specific matching access control statement with a connection
588 limit. Now, the connection limit for the second statement has been
589 reached. Any connections from hosts other than "clank" will be
590 refused.
591
592 If instead, pmcd with no clients saw three successive connections
593 arrived from "boing", the first two would be accepted and the third
594 refused. After that, if a connection was requested from "clank" it
595 would be accepted. It matches the first statement, which is more spe‐
596 cific than the second, so the connection limit in the first is used to
597 determine that the client has the right to connect. Now there are 3
598 connections contributing to the second statement's connection limit.
599 Even though the connection limit for the second statement has been
600 exceeded, the earlier connections from "boing" are maintained. The
601 connection limit is only checked at the time a client attempts a con‐
602 nection rather than being re-evaluated every time a new client connects
603 to pmcd.
604
605 This gentle scheme is designed to allow reasonable limits to be imposed
606 on a first come first served basis, with specific exceptions.
607
608 As illustrated by the example above, a client's connection is honored
609 once it has been accepted. However, pmcd reconfiguration (see the next
610 section) re-evaluates all the connection counts and will cause client
611 connections to be dropped where connection limits have been exceeded.
612
614 If the configuration file has been changed or if an agent is not
615 responding because it has terminated or the PMNS has been changed, pmcd
616 may be reconfigured by sending it a SIGHUP, as in
617
618 # pmsignal -a -s HUP pmcd
619
620 When pmcd receives a SIGHUP, it checks the configuration file for
621 changes. If the file has been modified, it is reparsed and the con‐
622 tents become the new configuration. If there are errors in the config‐
623 uration file, the existing configuration is retained and the contents
624 of the file are ignored. Errors are reported in the pmcd log file.
625
626 It also checks the PMNS file and any labels files for changes. If any
627 of these files have been modified, then the PMNS and/or context labels
628 are reloaded. Use of tail(1) on the log file is recommended while
629 reconfiguring pmcd.
630
631 If the configuration for an agent has changed (any parameter except the
632 agent's label is different), the agent is restarted. Agents whose con‐
633 figurations do not change are not restarted. Any existing agents not
634 present in the new configuration are terminated. Any deceased agents
635 are that are still listed are restarted.
636
637 Sometimes it is necessary to restart an agent that is still running,
638 but malfunctioning. Simply stop the agent (e.g. using SIGTERM from
639 pmsignal(1)), then send pmcd a SIGHUP, which will cause the agent to be
640 restarted.
641
643 Normally, pmcd is started automatically at boot time and stopped when
644 the system is being brought down. Under certain circumstances it is
645 necessary to start or stop pmcd manually. To do this one must become
646 superuser and type
647
648 # $PCP_RC_DIR/pmcd start
649
650 to start pmcd, or
651
652 # $PCP_RC_DIR/pmcd stop
653
654 to stop pmcd. Starting pmcd when it is already running is the same as
655 stopping it and then starting it again.
656
657 Sometimes it may be necessary to restart pmcd during another phase of
658 the boot process. Time-consuming parts of the boot process are often
659 put into the background to allow the system to become available sooner
660 (e.g. mounting huge databases). If an agent run by pmcd requires such
661 a task to complete before it can run properly, it is necessary to
662 restart or reconfigure pmcd after the task completes. Consider, for
663 example, the case of mounting a database in the background while boot‐
664 ing. If the PMDA which provides the metrics about the database cannot
665 function until the database is mounted and available but pmcd is
666 started before the database is ready, the PMDA will fail (however pmcd
667 will still service requests for metrics from other domains). If the
668 database is initialized by running a shell script, adding a line to the
669 end of the script to reconfigure pmcd (by sending it a SIGHUP) will
670 restart the PMDA (if it exited because it couldn't connect to the data‐
671 base). If the PMDA didn't exit in such a situation it would be neces‐
672 sary to restart pmcd because if the PMDA was still running pmcd would
673 not restart it.
674
675 Normally pmcd listens for client connections on TCP/IP port number
676 44321 (registered at http://www.iana.org/). Either the environment
677 variable PMCD_PORT or the -p command line option may be used to specify
678 alternative port number(s) when pmcd is started; in each case, the
679 specification is a comma-separated list of one or more numerical port
680 numbers. Should both methods be used or multiple -p options appear on
681 the command line, pmcd will listen on the union of the set of ports
682 specified via all -p options and the PMCD_PORT environment variable.
683 If non-default ports are used with pmcd care should be taken to ensure
684 that PMCD_PORT is also set in the environment of any client application
685 that will connect to pmcd, or that the extended host specification syn‐
686 tax is used (see PCPIntro(1) for details).
687
689 $PCP_PMCDCONF_PATH
690 default configuration file
691 $PCP_PMCDOPTIONS_PATH
692 command line options to pmcd when launched from
693 $PCP_RC_DIR/pmcd All the command line option lines should
694 start with a hyphen as the first character.
695 $PCP_SYSCONFIG_DIR/pmcd
696 additional environment variables that will be set when pmcd
697 executes. Only settings of the form "PMCD_VARIABLE=value"
698 will be honoured.
699 $PCP_SYSCONF_DIR/labels
700 directory of files containing the global metric labels that
701 will be set for every client context created by pmcd. File
702 names starting with a ``.'' are ignored, and files ending in
703 ``.json'' are ``JSONB'' formatted name:value pairs. The
704 merged set can be queried via the pmcd.labels metric. Con‐
705 text labels are applied universally to all values.
706 ./pmcd.log
707 (or $PCP_LOG_DIR/pmcd/pmcd.log when started automatically)
708 All messages and diagnostics are directed here.
709 $PCP_RUN_DIR/pmcd.pid
710 contains an ascii decimal representation of the process ID of
711 pmcd, when it's running.
712 /etc/pki/nssdb
713 default Network Security Services (NSS) certificate database
714 directory, used for optional Secure Socket Layer connections.
715 This database can be created and queried using the NSS certu‐
716 til tool, amongst others.
717 /etc/passwd
718 user names, user identifiers and primary group identifiers,
719 used for access control specifications
720 /etc/groups
721 group names, group identifiers and group members, used for
722 access control specifications
723
725 In addition to the PCP environment variables described in the PCP ENVI‐
726 RONMENT section below, the PMCD_PORT variable is also recognised as the
727 TCP/IP port for incoming connections (default 44321), and the
728 PMCD_SOCKET variable is also recognised as the path to be used for the
729 Unix domain socket.
730
731 If set to the value 1, the PMCD_LOCAL environment variable will cause
732 pmcd to run in a localhost-only mode of operation, where it binds only
733 to the loopback interface. The pmcd.feature.local metric can be
734 queried to determine if pmcd is running in this mode.
735
736 The PMCD_MAXPENDING variable can be set to indicate the maximum length
737 to which the queue of pending client connections may grow.
738
739 The PMCD_ROOT_AGENT variable controls whether or not pmcd or pmdaroot
740 (when available), start subsequent pmdas. When set to a non-zero
741 value, pmcd will opt to have pmdaroot start, and stop, PMDAs.
742
743 The PMCD_RESTART_AGENTS variable determines the behaviour of pmcd in
744 the presence of child PMDAs that have been observed to exit (this is a
745 typical response in the presence of very large, usually domain-induced,
746 PDU latencies). When set to a non-zero value, pmcd will attempt to
747 restart such PMDAS once every minute. When set to zero, it uses the
748 original behaviour of just logging the failure.
749
751 Environment variables with the prefix PCP_ are used to parameterize the
752 file and directory names used by PCP. On each installation, the file
753 /etc/pcp.conf contains the local values for these variables. The
754 $PCP_CONF variable may be used to specify an alternative configuration
755 file, as described in pcp.conf(5).
756
758 If pmcd is already running the message "Error: OpenRequestSocket bind:
759 Address may already be in use" will appear. This may also appear if
760 pmcd was shutdown with an outstanding request from a client. In this
761 case, a request socket has been left in the TIME_WAIT state and until
762 the system closes it down (after some timeout period) it will not be
763 possible to run pmcd.
764
765 In addition to the standard PCP debugging flags, see pmdbg(1), pmcd
766 currently uses the options: appl0 for tracing I/O and termination of
767 agents, appl1 for tracing access control and appl2 for tracing the con‐
768 figuration file scanner and parser.
769
771 pmcd does not explicitly terminate its children (agents), it only
772 closes their pipes. If an agent never checks for a closed pipe it may
773 not terminate.
774
775 The configuration file parser will only read lines of less than 1200
776 characters. This is intended to prevent accidents with binary files.
777
778 The timeouts controlled by the -t option apply to IPC between pmcd and
779 the PMDAs it spawns. This is independent of settings of the environ‐
780 ment variables PMCD_CONNECT_TIMEOUT and PMCD_REQUEST_TIMEOUT (see
781 PCPIntro(1)) which may be used respectively to control timeouts for
782 client applications trying to connect to pmcd and trying to receive
783 information from pmcd.
784
786 PCPIntro(1), pmdbg(1), pmerr(1), pmgenmap(1), pminfo(1), pmrep(1),
787 pmstat(1), pmstore(1), pmval(1), getpwent(3), getgrent(3), pcp.conf(5),
788 and pcp.env(5).
789
790
791
792Performance Co-Pilot PCP PMCD(1)