I would like to add a couple definitions to the discussion.
- Activation - The process step that is executing the service activators (sub-systems, Deployments, etc)
- Service Start - The actual start operation on the services themselves
The reason I want to separate these is the error handling should be different. Activation errors in subsystem should be considered catastrophic failures. These will certainly cause major failures further in the startup/runtime. In all likelihood these are not recoverable and will result in only portions of the sub-system services to be available. I feel this should result in halting the server start. I also think service start errors in a sub-system should halt the server startup process as well. I just don't think these can be recovered with a restart.
What does everyone think?
As for deployment activation errors, this has been discussed in previous posts, but in essence these should either rollback the batch or allow the previously added services to remain. Either way, the errors should be logged and server should continue the boot process. Deployment service start errors should also either stop the whole deployment or allow partial start based on user configuration.