The daemon that runs on every dominated system.
This daemon continuously checksum scans the root file-system and responds to poll, fetch files and update RPC requests from the dominator. In order to have a neglibible impact on system workload, it lowers its priority (nice 15 by default), restricts itself to one CPU and automatically rate limits its I/O to be 2% of the media speed.
Subd provides a web interface on port
6969 which provides a status page,
access to performance metrics and logs. If subd is running on host
then the URL of the main status page is
http://myhost:6969/. An RPC over HTTP
interface is also provided over the same port.
Subd is started at boot time, usually by one of the provided init scripts. The subd process is baby-sat by the init script; if the process dies the init script will re-start subd. It may be stopped with the command:
service subd stop
which also kills the baby-sitting init script. It may be started with the comand:
service subd start
There are many command-line flags which may change the behaviour of subd but the defaults should be adequate for most deployments. Built-in help is available with the command:
RPC access is restricted using TLS client authentication. Subd expects a root
certificate in the file
/etc/ssl/CA.pem which it trusts to sign certificates
which grant access. It also requires a certificate and key which grant it the
ability to fetch files from the objectserver. These should be in the files
If any of these files are missing, subd will refuse to start. This prevents accidental deployments without access control.
Control and debugging
The subtool utility may be used to manipulate various operating parameters of a running subd and perform RPC requests.
There is no documentation for this package.