From 2c3e08b0e368f944b5123903bc5473aca9a2db30 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Date: Tue, 30 Apr 2019 16:41:10 +0100 Subject: [PATCH] remote: add systemd socket units for UNIX/TCP sockets MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We don't do socket activation of libvirtd, since we need to unconditionally start libvirtd in order to perform autostart. This doesn't mean we can't have systemd socket units. Some use cases will not need libvirt's autostart & are thus free to use activation. Reviewed-by: Michal Privoznik Signed-off-by: Daniel P. Berrangé --- libvirt.spec.in | 24 +++++++++++++++++++- src/remote/Makefile.inc.am | 35 +++++++++++++++++++++++++++++ src/remote/libvirtd-admin.socket.in | 13 +++++++++++ src/remote/libvirtd-ro.socket.in | 13 +++++++++++ src/remote/libvirtd-tcp.socket.in | 12 ++++++++++ src/remote/libvirtd-tls.socket.in | 12 ++++++++++ src/remote/libvirtd.service.in | 10 ++++----- src/remote/libvirtd.socket.in | 11 +++++++++ 8 files changed, 124 insertions(+), 6 deletions(-) create mode 100644 src/remote/libvirtd-admin.socket.in create mode 100644 src/remote/libvirtd-ro.socket.in create mode 100644 src/remote/libvirtd-tcp.socket.in create mode 100644 src/remote/libvirtd-tls.socket.in create mode 100644 src/remote/libvirtd.socket.in diff --git a/libvirt.spec.in b/libvirt.spec.in index d54f58f1d4..b13b863928 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1342,6 +1342,8 @@ exit 0 %systemd_post virtlockd.socket virtlockd-admin.socket %systemd_post virtlogd.socket virtlogd-admin.socket +%systemd_post libvirtd.socket libvirtd-ro.socket libvirtd-admin.socket +%systemd_post libvirtd-tcp.socket libvirtd-tls.socket %systemd_post libvirtd.service # request daemon restart in posttrans @@ -1350,6 +1352,8 @@ touch %{_localstatedir}/lib/rpm-state/libvirt/restart || : %preun daemon %systemd_preun libvirtd.service +%systemd_preun libvirtd-tcp.socket libvirtd-tls.socket +%systemd_preun libvirtd.socket libvirtd-ro.socket libvirtd-admin.socket %systemd_preun virtlogd.socket virtlogd-admin.socket virtlogd.service %systemd_preun virtlockd.socket virtlockd-admin.socket virtlockd.service @@ -1374,7 +1378,20 @@ fi %posttrans daemon if [ -f %{_localstatedir}/lib/rpm-state/libvirt/restart ]; then - /bin/systemctl try-restart libvirtd.service >/dev/null 2>&1 || : + # Old libvirtd owns the sockets and will delete them on + # shutdown. Can't use a try-restart as libvirtd will simply + # own the sockets again when it comes back up. Thus we must + # do this particular ordering + /bin/systemctl is-active libvirtd.service 1>/dev/null 2>&1 + if test $? = 0 ; then + /bin/systemctl stop libvirtd.service >/dev/null 2>&1 || : + + /bin/systemctl try-restart libvirtd.socket >/dev/null 2>&1 || : + /bin/systemctl try-restart libvirtd-ro.socket >/dev/null 2>&1 || : + /bin/systemctl try-restart libvirtd-admin.socket >/dev/null 2>&1 || : + + /bin/systemctl start libvirtd.service >/dev/null 2>&1 || : + fi fi rm -rf %{_localstatedir}/lib/rpm-state/libvirt || : @@ -1505,6 +1522,11 @@ exit 0 %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/ %{_unitdir}/libvirtd.service +%{_unitdir}/libvirtd.socket +%{_unitdir}/libvirtd-ro.socket +%{_unitdir}/libvirtd-admin.socket +%{_unitdir}/libvirtd-tcp.socket +%{_unitdir}/libvirtd-tls.socket %{_unitdir}/virt-guest-shutdown.target %{_unitdir}/virtlogd.service %{_unitdir}/virtlogd.socket diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 851ab903fd..0cf00cb902 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -51,6 +51,11 @@ MANINFILES += libvirtd.8.in SYSTEMD_UNIT_FILES_IN += \ remote/libvirtd.service.in \ + remote/libvirtd.socket.in \ + remote/libvirtd-ro.socket.in \ + remote/libvirtd-admin.socket.in \ + remote/libvirtd-tcp.socket.in \ + remote/libvirtd-tls.socket.in \ remote/virt-guest-shutdown.target.in \ $(NULL) @@ -267,6 +272,36 @@ libvirtd.service: remote/libvirtd.service.in $(top_builddir)/config.status < $< > $@-t && \ mv $@-t $@ +libvirtd.socket: remote/libvirtd.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + < $< > $@-t && \ + mv $@-t $@ + +libvirtd-ro.socket: remote/libvirtd-ro.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + < $< > $@-t && \ + mv $@-t $@ + +libvirtd-admin.socket: remote/libvirtd-admin.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + < $< > $@-t && \ + mv $@-t $@ + +libvirtd-tcp.socket: remote/libvirtd-tcp.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + < $< > $@-t && \ + mv $@-t $@ + +libvirtd-tls.socket: remote/libvirtd-tls.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + < $< > $@-t && \ + mv $@-t $@ + virt-guest-shutdown.target: remote/virt-guest-shutdown.target.in \ $(top_builddir)/config.status $(AM_V_GEN)cp $< $@ diff --git a/src/remote/libvirtd-admin.socket.in b/src/remote/libvirtd-admin.socket.in new file mode 100644 index 0000000000..b791a2eb1b --- /dev/null +++ b/src/remote/libvirtd-admin.socket.in @@ -0,0 +1,13 @@ +[Unit] +Description=Libvirt admin socket +Before=libvirtd.service +BindsTo=libvirtd.socket +After=libvirtd.socket + +[Socket] +ListenStream=@localstatedir@/run/libvirt/libvirt-admin-sock +Service=libvirtd.service +SocketMode=0600 + +[Install] +WantedBy=sockets.target diff --git a/src/remote/libvirtd-ro.socket.in b/src/remote/libvirtd-ro.socket.in new file mode 100644 index 0000000000..55c44944b4 --- /dev/null +++ b/src/remote/libvirtd-ro.socket.in @@ -0,0 +1,13 @@ +[Unit] +Description=Libvirt local read-only socket +Before=libvirtd.service +BindsTo=libvirtd.socket +After=libvirtd.socket + +[Socket] +ListenStream=@localstatedir@/run/libvirt/libvirt-sock-ro +Service=libvirtd.service +SocketMode=0666 + +[Install] +WantedBy=sockets.target diff --git a/src/remote/libvirtd-tcp.socket.in b/src/remote/libvirtd-tcp.socket.in new file mode 100644 index 0000000000..09d5d3d67a --- /dev/null +++ b/src/remote/libvirtd-tcp.socket.in @@ -0,0 +1,12 @@ +[Unit] +Description=Libvirt non-TLS IP socket +Before=libvirtd.service +BindsTo=libvirtd.socket +After=libvirtd.socket + +[Socket] +ListenStream=16509 +Service=libvirtd.service + +[Install] +WantedBy=sockets.target diff --git a/src/remote/libvirtd-tls.socket.in b/src/remote/libvirtd-tls.socket.in new file mode 100644 index 0000000000..c60f0c9c77 --- /dev/null +++ b/src/remote/libvirtd-tls.socket.in @@ -0,0 +1,12 @@ +[Unit] +Description=Libvirt TLS IP socket +Before=libvirtd.service +BindsTo=libvirtd.socket +After=libvirtd.socket + +[Socket] +ListenStream=16514 +Service=libvirtd.service + +[Install] +WantedBy=sockets.target diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in index 7f689e08a8..047620f79b 100644 --- a/src/remote/libvirtd.service.in +++ b/src/remote/libvirtd.service.in @@ -1,12 +1,10 @@ -# NB we don't use socket activation. When libvirtd starts it will -# spawn any virtual machines registered for autostart. We want this -# to occur on every boot, regardless of whether any client connects -# to a socket. Thus socket activation doesn't have any benefit - [Unit] Description=Virtualization daemon Requires=virtlogd.socket Requires=virtlockd.socket +Requires=libvirtd.socket +Requires=libvirtd-ro.socket +Requires=libvirtd-admin.socket Wants=systemd-machined.service Before=libvirt-guests.service After=network.target @@ -42,3 +40,5 @@ TasksMax=32768 WantedBy=multi-user.target Also=virtlockd.socket Also=virtlogd.socket +Also=libvirtd.socket +Also=libvirtd-ro.socket diff --git a/src/remote/libvirtd.socket.in b/src/remote/libvirtd.socket.in new file mode 100644 index 0000000000..e194c6e76e --- /dev/null +++ b/src/remote/libvirtd.socket.in @@ -0,0 +1,11 @@ +[Unit] +Description=Libvirt local socket +Before=libvirtd.service + +[Socket] +ListenStream=@localstatedir@/run/libvirt/libvirt-sock +Service=libvirtd.service +SocketMode=0666 + +[Install] +WantedBy=sockets.target