remote: add systemd socket units for UNIX/TCP sockets

We don't do socket activation of libvirtd, since we need to unconditionally start libvirtd in order to perform autostart. This doesn't mean we can't have systemd socket units. Some use cases will not need libvirt's autostart & are thus free to use activation. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-07-01 15:42:39 +00:00 · 2019-04-30 16:41:10 +01:00 · 2019-04-30 16:41:10 +01:00 · 2c3e08b0e3
commit 2c3e08b0e3
parent 03fd51051e
8 changed files with 124 additions and 6 deletions
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@ -1342,6 +1342,8 @@ exit 0

 %systemd_post virtlockd.socket virtlockd-admin.socket
 %systemd_post virtlogd.socket virtlogd-admin.socket
+%systemd_post libvirtd.socket libvirtd-ro.socket libvirtd-admin.socket
+%systemd_post libvirtd-tcp.socket libvirtd-tls.socket
 %systemd_post libvirtd.service

 # request daemon restart in posttrans
@ -1350,6 +1352,8 @@ touch %{_localstatedir}/lib/rpm-state/libvirt/restart || :

 %preun daemon
 %systemd_preun libvirtd.service
+%systemd_preun libvirtd-tcp.socket libvirtd-tls.socket
+%systemd_preun libvirtd.socket libvirtd-ro.socket libvirtd-admin.socket
 %systemd_preun virtlogd.socket virtlogd-admin.socket virtlogd.service
 %systemd_preun virtlockd.socket virtlockd-admin.socket virtlockd.service

@ -1374,7 +1378,20 @@ fi

 %posttrans daemon
 if [ -f %{_localstatedir}/lib/rpm-state/libvirt/restart ]; then
-    /bin/systemctl try-restart libvirtd.service >/dev/null 2>&1 || :
+    # Old libvirtd owns the sockets and will delete them on
+    # shutdown. Can't use a try-restart as libvirtd will simply
+    # own the sockets again when it comes back up. Thus we must
+    # do this particular ordering
+    /bin/systemctl is-active libvirtd.service 1>/dev/null 2>&1
+    if test $? = 0 ; then
+        /bin/systemctl stop libvirtd.service >/dev/null 2>&1 || :
+
+        /bin/systemctl try-restart libvirtd.socket >/dev/null 2>&1 || :
+        /bin/systemctl try-restart libvirtd-ro.socket >/dev/null 2>&1 || :
+        /bin/systemctl try-restart libvirtd-admin.socket >/dev/null 2>&1 || :
+
+        /bin/systemctl start libvirtd.service >/dev/null 2>&1 || :
+    fi
 fi
 rm -rf %{_localstatedir}/lib/rpm-state/libvirt || :

@ -1505,6 +1522,11 @@ exit 0
 %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/

 %{_unitdir}/libvirtd.service
+%{_unitdir}/libvirtd.socket
+%{_unitdir}/libvirtd-ro.socket
+%{_unitdir}/libvirtd-admin.socket
+%{_unitdir}/libvirtd-tcp.socket
+%{_unitdir}/libvirtd-tls.socket
 %{_unitdir}/virt-guest-shutdown.target
 %{_unitdir}/virtlogd.service
 %{_unitdir}/virtlogd.socket
--- a/src/remote/Makefile.inc.am
+++ b/src/remote/Makefile.inc.am
@ -51,6 +51,11 @@ MANINFILES += libvirtd.8.in

 SYSTEMD_UNIT_FILES_IN += \
 	remote/libvirtd.service.in \
+	remote/libvirtd.socket.in \
+	remote/libvirtd-ro.socket.in \
+	remote/libvirtd-admin.socket.in \
+	remote/libvirtd-tcp.socket.in \
+	remote/libvirtd-tls.socket.in \
 	remote/virt-guest-shutdown.target.in \
 	$(NULL)

@ -267,6 +272,36 @@ libvirtd.service: remote/libvirtd.service.in $(top_builddir)/config.status
 	    < $< > $@-t && \
 	    mv $@-t $@

+libvirtd.socket: remote/libvirtd.socket.in $(top_builddir)/config.status
+	$(AM_V_GEN)sed \
+	    -e 's|[@]localstatedir[@]|$(localstatedir)|g' \
+	    < $< > $@-t && \
+	    mv $@-t $@
+
+libvirtd-ro.socket: remote/libvirtd-ro.socket.in $(top_builddir)/config.status
+	$(AM_V_GEN)sed \
+	    -e 's|[@]localstatedir[@]|$(localstatedir)|g' \
+	    < $< > $@-t && \
+	    mv $@-t $@
+
+libvirtd-admin.socket: remote/libvirtd-admin.socket.in $(top_builddir)/config.status
+	$(AM_V_GEN)sed \
+	    -e 's|[@]localstatedir[@]|$(localstatedir)|g' \
+	    < $< > $@-t && \
+	    mv $@-t $@
+
+libvirtd-tcp.socket: remote/libvirtd-tcp.socket.in $(top_builddir)/config.status
+	$(AM_V_GEN)sed \
+	    -e 's|[@]localstatedir[@]|$(localstatedir)|g' \
+	    < $< > $@-t && \
+	    mv $@-t $@
+
+libvirtd-tls.socket: remote/libvirtd-tls.socket.in $(top_builddir)/config.status
+	$(AM_V_GEN)sed \
+	    -e 's|[@]localstatedir[@]|$(localstatedir)|g' \
+	    < $< > $@-t && \
+	    mv $@-t $@
+
 virt-guest-shutdown.target: remote/virt-guest-shutdown.target.in \
 			$(top_builddir)/config.status
 	$(AM_V_GEN)cp $< $@
--- a/src/remote/libvirtd-admin.socket.in
+++ b/src/remote/libvirtd-admin.socket.in
@ -0,0 +1,13 @@
+[Unit]
+Description=Libvirt admin socket
+Before=libvirtd.service
+BindsTo=libvirtd.socket
+After=libvirtd.socket
+
+[Socket]
+ListenStream=@localstatedir@/run/libvirt/libvirt-admin-sock
+Service=libvirtd.service
+SocketMode=0600
+
+[Install]
+WantedBy=sockets.target
--- a/src/remote/libvirtd-ro.socket.in
+++ b/src/remote/libvirtd-ro.socket.in
@ -0,0 +1,13 @@
+[Unit]
+Description=Libvirt local read-only socket
+Before=libvirtd.service
+BindsTo=libvirtd.socket
+After=libvirtd.socket
+
+[Socket]
+ListenStream=@localstatedir@/run/libvirt/libvirt-sock-ro
+Service=libvirtd.service
+SocketMode=0666
+
+[Install]
+WantedBy=sockets.target
--- a/src/remote/libvirtd-tcp.socket.in
+++ b/src/remote/libvirtd-tcp.socket.in
@ -0,0 +1,12 @@
+[Unit]
+Description=Libvirt non-TLS IP socket
+Before=libvirtd.service
+BindsTo=libvirtd.socket
+After=libvirtd.socket
+
+[Socket]
+ListenStream=16509
+Service=libvirtd.service
+
+[Install]
+WantedBy=sockets.target
--- a/src/remote/libvirtd-tls.socket.in
+++ b/src/remote/libvirtd-tls.socket.in
@ -0,0 +1,12 @@
+[Unit]
+Description=Libvirt TLS IP socket
+Before=libvirtd.service
+BindsTo=libvirtd.socket
+After=libvirtd.socket
+
+[Socket]
+ListenStream=16514
+Service=libvirtd.service
+
+[Install]
+WantedBy=sockets.target
--- a/src/remote/libvirtd.service.in
+++ b/src/remote/libvirtd.service.in
@ -1,12 +1,10 @@
-# NB we don't use socket activation. When libvirtd starts it will
-# spawn any virtual machines registered for autostart. We want this
-# to occur on every boot, regardless of whether any client connects
-# to a socket. Thus socket activation doesn't have any benefit
-
 [Unit]
 Description=Virtualization daemon
 Requires=virtlogd.socket
 Requires=virtlockd.socket
+Requires=libvirtd.socket
+Requires=libvirtd-ro.socket
+Requires=libvirtd-admin.socket
 Wants=systemd-machined.service
 Before=libvirt-guests.service
 After=network.target
@ -42,3 +40,5 @@ TasksMax=32768
 WantedBy=multi-user.target
 Also=virtlockd.socket
 Also=virtlogd.socket
+Also=libvirtd.socket
+Also=libvirtd-ro.socket
--- a/src/remote/libvirtd.socket.in
+++ b/src/remote/libvirtd.socket.in
@ -0,0 +1,11 @@
+[Unit]
+Description=Libvirt local socket
+Before=libvirtd.service
+
+[Socket]
+ListenStream=@localstatedir@/run/libvirt/libvirt-sock
+Service=libvirtd.service
+SocketMode=0666
+
+[Install]
+WantedBy=sockets.target