systemd: Introduce systemd_service_limitmemlock_extra_in

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
This commit is contained in:
Andrea Bolognani 2023-09-28 12:14:45 +02:00
parent 13de087237
commit 5c83da1dfd
10 changed files with 12 additions and 24 deletions

View File

@ -64,6 +64,7 @@ if conf.has('WITH_CH')
files('virtchd.service.extra.in'),
systemd_service_limitnofile_extra_in,
systemd_service_tasksmax_extra_in,
systemd_service_limitmemlock_extra_in,
],
}

View File

@ -5,9 +5,3 @@ After=remote-fs.target
[Service]
KillMode=process
# With cgroups v2 there is no devices controller anymore, we have to use
# eBPF to control access to devices. In order to do that we create a eBPF
# hash MAP which locks memory. The default map size for 64 devices together
# with program takes 12k per guest. After rounding up we will get 64M to
# support 4096 guests.
LimitMEMLOCK=64M

View File

@ -169,6 +169,7 @@ if conf.has('WITH_LXC')
files('virtlxcd.service.extra.in'),
systemd_service_limitnofile_extra_in,
systemd_service_tasksmax_extra_in,
systemd_service_limitmemlock_extra_in,
],
}

View File

@ -5,9 +5,3 @@ After=remote-fs.target
[Service]
KillMode=process
# With cgroups v2 there is no devices controller anymore, we have to use
# eBPF to control access to devices. In order to do that we create a eBPF
# hash MAP which locks memory. The default map size for 64 devices together
# with program takes 12k per guest. After rounding up we will get 64M to
# support 4096 guests.
LimitMEMLOCK=64M

View File

@ -196,6 +196,7 @@ guest_unit_files = []
# can be used in service_extra_in/socket_extra_in (see below)
systemd_service_limitnofile_extra_in = files('virtd.service.limitnofile.extra.in')
systemd_service_tasksmax_extra_in = files('virtd.service.tasksmax.extra.in')
systemd_service_limitmemlock_extra_in = files('virtd.service.limitmemlock.extra.in')
# virt_daemon_units:
# generate libvirt daemon systemd unit files

View File

@ -188,6 +188,7 @@ if conf.has('WITH_QEMU')
files('virtqemud.service.extra.in'),
systemd_service_limitnofile_extra_in,
systemd_service_tasksmax_extra_in,
systemd_service_limitmemlock_extra_in,
],
}

View File

@ -9,12 +9,6 @@ After=remote-fs.target
[Service]
KillMode=process
# With cgroups v2 there is no devices controller anymore, we have to use
# eBPF to control access to devices. In order to do that we create a eBPF
# hash MAP which locks memory. The default map size for 64 devices together
# with program takes 12k per guest. After rounding up we will get 64M to
# support 4096 guests.
LimitMEMLOCK=64M
[Install]
Also=virtlogd.socket

View File

@ -33,12 +33,6 @@ ExecStart=@sbindir@/libvirtd $LIBVIRTD_ARGS
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
# With cgroups v2 there is no devices controller anymore, we have to use
# eBPF to control access to devices. In order to do that we create a eBPF
# hash MAP which locks memory. The default map size for 64 devices together
# with program takes 12k per guest. After rounding up we will get 64M to
# support 4096 guests.
LimitMEMLOCK=64M
[Install]
WantedBy=multi-user.target

View File

@ -194,6 +194,7 @@ if conf.has('WITH_REMOTE')
'service_extra_in': [
systemd_service_limitnofile_extra_in,
systemd_service_tasksmax_extra_in,
systemd_service_limitmemlock_extra_in,
],
'name': 'legacy monolithic',
'sockets': [ 'main', 'ro', 'admin', 'tcp', 'tls' ],

View File

@ -0,0 +1,7 @@
[Service]
# With cgroups v2 there is no devices controller anymore, we have to use
# eBPF to control access to devices. In order to do that we create a eBPF
# hash MAP which locks memory. The default map size for 64 devices together
# with program takes 12k per guest. After rounding up we will get 64M to
# support 4096 guests.
LimitMEMLOCK=64M