diff --git a/doc/rrdcached.pod b/doc/rrdcached.pod
index 8ad37beb8f00798ad29463fba44e30fe31139f04..fd565239845be1bca72f1e6636022ff451f20ffa 100644 (file)
--- a/doc/rrdcached.pod
+++ b/doc/rrdcached.pod
=head1 SYNOPSIS
-B<rrdcached> [B<-l> I<address>] [B<-w> I<timeout>] [B<-f> I<timeout>]
+B<rrdcached> [B<-l/-L> I<address>] [B<-w> I<timeout>] [B<-z> I<delay>] [B<-f> I<timeout>] [B<-j> I<dir>] [-F] [B<-b> I<dir> [B<-B>]]
=head1 DESCRIPTION
interpreted as the path to a UNIX domain socket. Otherwise the address or node
name are resolved using L<getaddrinfo>.
+For network sockets, a port may be specified by using the form
+C<B<[>I<address>B<]:>I<port>>. If the address is an IPv4 address or a fully
+qualified domain name (i.E<nbsp>e. the address contains at least one dot
+(C<.>)), the square brackets can be omitted, resulting in the (simpler)
+C<I<address>B<:>I<port>> pattern.. The default port is B<42217/udp>.
+
+The following formats are accepted. Please note that the address of the UNIX
+domain socket B<must> start with a slash in the second case!
+
+ unix:</path/to/unix.sock>
+ /<path/to/unix.sock>
+ <hostname-or-ip>
+ [<hostname-or-ip>]:<port>
+ <hostname-or-ipv4>:<port>
+
If the B<-l> option is not specified the default address,
C<unix:/tmp/rrdcached.sock>, will be used.
+=item B<-L> I<address>
+
+Same as B<-l>, except creates a low-privilege socket. See B<SECURITY
+CONSIDERATIONS> for more information.
+
=item B<-w> I<timeout>
Data is written to disk every I<timeout> seconds. If this option is not
specified the default interval of 300E<nbsp>seconds will be used.
+=item B<-z> I<delay>
+
+If specified, rrdcached will delay writing of each RRD for a random number
+of seconds in the rangeE<nbsp>[0,I<delay>). This will avoid too many
+writes being queued simultaneously. This value should be no greater than
+the value specified in B<-w>. By default, there is no delay.
+
=item B<-f> I<timeout>
Every I<timeout> seconds the entire cache is searched for old values which are
Sets the name and location of the PID-file. If not specified, the default,
C<I<$localststedir>/run/rrdcached.pid> will be used.
+=item B<-j> I<dir>
+
+Write updates to a journal in I<dir>. In the event of a program or system
+crash, this will allow the daemon to write any updates that were pending
+at the time of the crash.
+
+On startup, the daemon will check for journal files in this directory. If
+found, all updates therein will be read into memory before the daemon
+starts accepting new connections.
+
+The journal will be rotated with the same frequency as the flush timer
+given by B<-f>.
+
+When journaling is enabled, the daemon will use a fast shutdown procedure.
+Rather than flushing all files to disk, it will make sure the journal is
+properly written and exit immediately. Although the RRD data files are
+not fully up-to-date, no information is lost; all pending updates will be
+replayed from the journal next time the daemon starts up.
+
+To disable fast shutdown, use the B<-F> option.
+
+=item B<-F>
+
+ALWAYS flush all updates to the RRD data files when the daemon is shut
+down, regardless of journal setting.
+
=item B<-b> I<dir>
The daemon will change into a specific directory at startup. All files passed
updated by the daemon, assuming the base directory
"/tmp".
+=item B<-B>
+
+Only permit writes into the base directory specified in B<-b> (and any
+sub-directories). This does B<NOT> detect symbolic links. Paths
+containing C<../> will also be blocked.
+
=back
-=head1 EFFECTED RRDTOOL COMMANDS
+=head1 AFFECTED RRDTOOL COMMANDS
The following commands may be made aware of the B<rrdcached> using the command
line argument B<--daemon> or the environment variable B<RRDCACHED_ADDRESS>:
the daemon before accessing the files, so they work with up-to-date data even
if the cache timeout is large.
+=head1 ERROR REPORTING
+
+The daemon reports errors in one of two ways: During startup, error messages
+are printed to C<STDERR>. One of the steps when starting up is to fork to the
+background and closing C<STDERR> - after this writing directly to the user is
+no longer possible. Once this has happened, the daemon will send log messages
+to the system logging daemon using L<syslog(3)>. The facility used is
+C<LOG_DAEMON>.
+
=head1 HOW IT WORKS
When receiving an update, B<rrdcached> does not write to disk but looks for an
from the RRDE<nbsp>files. To get around this, the daemon provides the "flush
command" to flush specific files. This means that the file is inserted at the
B<head> of the update queue or moved there if it is already enqueued. The flush
-command will return after the update thread has dequeued the file, so there is
-a good chance that the file has been updated by the time the client receives
-the response from the daemon, but there is no guarantee.
+command will return only after the file's pending updates have been written
+to disk.
+------+ +------+ +------+
! head ! ! root ! ! tail !
+---+----+---+ +------+-----+ +---+----+---+
! File: foo ! ! File: bar ! ! File: qux !
! First: 101 ! ! First: 119 ! ! First: 180 !
- ! Next: ---+--->! Next: ---+---> ... --->! Next: - !
+ ! Next:&bar -+--->! Next:&... -+---> ... --->! Next:NULL !
+ | Prev:NULL !<---+-Prev:&foo !<--- ... ----+-Prev: &... !
+============+ +============+ +============+
! Time: 100 ! ! Time: 120 ! ! Time: 180 !
! Value: 10 ! ! Value: 0.1 ! ! Value: 2,2 !
=head1 SECURITY CONSIDERATIONS
-This daemon is meant to improve IOE<nbsp>performance for setups with thousands
-of RRDE<nbsp>file to be updated. So security measures built into the daemon can
-be summarized easily: B<There is no security built in!>
+The client/server protocol does not have any authentication or
+authorization mechanism. Therefore, take care to restrict which users can
+connect to the daemon.
+
+Control sockets are divided into high-privilege (B<-l>) and low-privilege
+(B<-L>) sockets. High-privilege sockets accept all commands, whereas
+low-privilege sockets accept only B<FLUSH>, B<STATS>, and B<HELP>.
+
+For a multi-user environment where only certain users require read/write
+access, the recommended configuration uses two sockets as follows:
+
+=over
+
+=item B<-l> I</protected/dir/rrd.sock>
+
+Create a high-privilege unix-domain socket. This should be protected with
+the same Unix permissions that are used to protect the RRD files. Updates
+should be directed to this socket.
+
+=item B<-L> I<127.0.0.1>
+
+Create a low-privilege TCP socket listening on localhost. All users on
+the local system may use this to trigger FLUSH of individual files. Users
+with read-only access should be directed to this socket.
-There is no authentication and authorization, so B<you> will have to take care
-that only authorized clients can talk to the daemon. Since we assume that graph
-collection is done on a dedicated machine, i.E<nbsp>e. the box doesn't do
-anything else and especially does not have any interactive logins other than
-root, a UNIX domain socket should take care of that.
+=back
If you (want to) use the network capability, i.E<nbsp>e. let the daemon bind to
an IPv4 or IPv6 socket, it is B<your> job to install a packet filter or similar
(possibly moving it there if the node is already enqueued). The answer will be
sent B<after> the node has been dequeued.
+=item B<FLUSHALL>
+
+Causes the daemon to start flushing ALL pending values to disk. This
+returns immediately, even though the writes may take a long time.
+
+=item B<PENDING> I<filename>
+
+Shows any "pending" updates for a file, in order. The updates shown have
+not yet been written to the underlying RRD file.
+
+=item B<FORGET> I<filename>
+
+Removes I<filename> from the cache. Any pending updates B<WILL BE LOST>.
+
=item B<HELP> [I<command>]
Returns a short usage message. If no command is given, or I<command> is
Example:
- 5 Statistics follow
+ 9 Statistics follow
QueueLength: 0
+ UpdatesReceived: 30
+ FlushesReceived: 2
UpdatesWritten: 13
DataSetsWritten: 390
TreeNodesNumber: 13
TreeDepth: 4
+ JournalBytes: 190
+ JournalRotate: 0
=item B<UPDATE> I<filename> I<values> [I<values> ...]
for, so describing the mechanism again is unnecessary. Read L<HOW IT WORKS>
above for a detailed explanation.
+=item B<WROTE> I<filename>
+
+This command is written to the journal after a file is successfully
+written out to disk. It is used during journal replay to determine which
+updates have already been applied. It is I<only> valid in the journal; it
+is not accepted from the other command channels.
+
+=item B<BATCH>
+
+This command initiates the bulk load of multiple commands. This is
+designed for installations with extremely high update rates, since it
+permits more than one command to be issued per read() and write().
+
+All commands are executed just as they would be if given individually,
+except for output to the user. Messages indicating success are
+suppressed, and error messages are delayed until the client is finished.
+
+Command processing is finished when the client sends a dot (".") on its
+own line. After the client has finished, the server responds with an
+error count and the list of error messages (if any). Each error messages
+indicates the number of the command to which it corresponds, and the error
+message itself. The first user command after B<BATCH> is command number one.
+
+ client: BATCH
+ server: 0 Go ahead. End with dot '.' on its own line.
+ client: UPDATE x.rrd N:1:2:3 <--- command #1
+ client: UPDATE y.rrd N:3:4:5 <--- command #2
+ client: and so on...
+ client: .
+ server: 2 Errors
+ server: 1 message for command 1
+ server: 12 message for command 12
+
=back
=head2 Performance Values
Number of nodes currently enqueued in the update queue.
-=item B<TreeDepth> I<(unsigned 64bit integer)>
+=item B<UpdatesReceived> I<(unsigned 64bit integer)>
-Depth of the tree used for fast key lookup.
+Number of UPDATE commands received.
-=item B<TreeNodesNumber> I<(unsigned 64bit integer)>
+=item B<FlushesReceived> I<(unsigned 64bit integer)>
-Number of nodes in the cache.
+Number of FLUSH commands received.
=item B<UpdatesWritten> I<(unsigned 64bit integer)>
-Total number of updates, i.E<nbsp>e. calls to C<rrd_update_r>, since the daemon
-was started.
+Total number of updates, i.E<nbsp>e. calls to C<rrd_update_r>, since the
+daemon was started.
=item B<DataSetsWritten> I<(unsigned 64bit integer)>
C<N:123:456> is one data set with two values. The term "data set" is used to
prevent confusion whether individual values or groups of values are counted.
+=item B<TreeNodesNumber> I<(unsigned 64bit integer)>
+
+Number of nodes in the cache.
+
+=item B<TreeDepth> I<(unsigned 64bit integer)>
+
+Depth of the tree used for fast key lookup.
+
+=item B<JournalBytes> I<(unsigned 64bit integer)>
+
+Total number of bytes written to the journal since startup.
+
+=item B<JournalRotate> I<(unsigned 64bit integer)>
+
+Number of times the journal has been rotated since startup.
+
+=back
+
+=head1 SIGNALS
+
+=over 4
+
+=item SIGINT and SIGTERM
+
+The daemon exits normally on receipt of either of these signals. Pending
+updates are handled in accordance with the B<-j> and B<-F> options.
+
+=item SIGUSR1
+
+The daemon exits AFTER flushing all updates out to disk. This may take a
+while.
+
+=item SIGUSR2
+
+The daemon exits immediately, without flushing updates out to disk.
+Pending updates will be replayed from the journal when the daemon starts
+up again. B<WARNING: if journaling (-j) is NOT enabled, any pending
+updates WILL BE LOST>.
+
=back
=head1 BUGS
L<rrdtool>, L<rrdgraph>
-=head1 AUHOR
+=head1 AUTHOR
B<rrdcached> and this manual page have been written by Florian Forster
E<lt>octoE<nbsp>atE<nbsp>verplant.orgE<gt>.
+
+=head1 CONTRIBUTORS
+
+kevin brintnall E<lt>kbrint@rufus.netE<gt>
+
+=cut
+