nwfilter: introduce virtnwfilterd daemon
The virtnwfilterd daemon will be responsible for providing the nwfilter API driver functionality. The nwfilter driver is still loaded by the main libvirtd daemon at this stage, so virtnwfilterd must not be running at the same time. Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrangé
parent
e4de8857ad
commit
653ddc2e64
4
.gitignore
vendored
4
.gitignore
vendored
@ -163,6 +163,9 @@
|
||||
/src/node_device/test_virtnodedevd.aug
|
||||
/src/node_device/virtnodedevd.aug
|
||||
/src/node_device/virtnodedevd.conf
|
||||
/src/nwfilter/test_virtnwfilterd.aug
|
||||
/src/nwfilter/virtnwfilterd.aug
|
||||
/src/nwfilter/virtnwfilterd.conf
|
||||
/src/qemu/test_libvirtd_qemu.aug
|
||||
/src/remote/*_client_bodies.h
|
||||
/src/remote/*_protocol.[ch]
|
||||
@ -190,6 +193,7 @@
|
||||
/src/virtlogd
|
||||
/src/virtnetworkd
|
||||
/src/virtnodedevd
|
||||
/src/virtnwfilterd
|
||||
/src/virtproxyd
|
||||
/src/virtsecretd
|
||||
/src/virtstoraged
|
||||
|
||||
@ -1653,6 +1653,14 @@ exit 0
|
||||
%{_libdir}/%{name}/connection-driver/libvirt_driver_nodedev.so
|
||||
|
||||
%files daemon-driver-nwfilter
|
||||
%config(noreplace) %{_sysconfdir}/libvirt/virtnwfilterd.conf
|
||||
%{_datadir}/augeas/lenses/virtnwfilterd.aug
|
||||
%{_datadir}/augeas/lenses/tests/test_virtnwfilterd.aug
|
||||
%{_unitdir}/virtnwfilterd.service
|
||||
%{_unitdir}/virtnwfilterd.socket
|
||||
%{_unitdir}/virtnwfilterd-ro.socket
|
||||
%{_unitdir}/virtnwfilterd-admin.socket
|
||||
%attr(0755, root, root) %{_sbindir}/virtnwfilterd
|
||||
%dir %attr(0700, root, root) %{_sysconfdir}/libvirt/nwfilter/
|
||||
%ghost %dir %{_localstatedir}/run/libvirt/network/
|
||||
%{_libdir}/%{name}/connection-driver/libvirt_driver_nwfilter.so
|
||||
|
||||
@ -41,4 +41,67 @@ libvirt_driver_nwfilter_impl_la_LIBADD = \
|
||||
../gnulib/lib/libgnu.la \
|
||||
$(NULL)
|
||||
libvirt_driver_nwfilter_impl_la_SOURCES = $(NWFILTER_DRIVER_SOURCES)
|
||||
|
||||
sbin_PROGRAMS += virtnwfilterd
|
||||
|
||||
nodist_conf_DATA += nwfilter/virtnwfilterd.conf
|
||||
augeas_DATA += nwfilter/virtnwfilterd.aug
|
||||
augeastest_DATA += nwfilter/test_virtnwfilterd.aug
|
||||
CLEANFILES += nwfilter/virtnwfilterd.aug
|
||||
|
||||
virtnwfilterd_SOURCES = $(REMOTE_DAEMON_SOURCES)
|
||||
virtnwfilterd_CFLAGS = \
|
||||
$(REMOTE_DAEMON_CFLAGS) \
|
||||
-DDAEMON_NAME="\"virtnwfilterd\"" \
|
||||
-DMODULE_NAME="\"nwfilter\"" \
|
||||
$(NULL)
|
||||
virtnwfilterd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS)
|
||||
virtnwfilterd_LDADD = $(REMOTE_DAEMON_LD_ADD)
|
||||
|
||||
SYSTEMD_UNIT_FILES += \
|
||||
virtnwfilterd.service \
|
||||
virtnwfilterd.socket \
|
||||
virtnwfilterd-ro.socket \
|
||||
virtnwfilterd-admin.socket \
|
||||
$(NULL)
|
||||
SYSTEMD_UNIT_FILES_IN += \
|
||||
nwfilter/virtnwfilterd.service.in \
|
||||
$(NULL)
|
||||
|
||||
VIRTNWFILTERD_UNIT_VARS = \
|
||||
$(VIRTD_UNIT_VARS) \
|
||||
-e 's|[@]name[@]|Libvirt nwfilter|g' \
|
||||
-e 's|[@]service[@]|virtnwfilterd|g' \
|
||||
-e 's|[@]sockprefix[@]|virtnwfilterd|g' \
|
||||
$(NULL)
|
||||
|
||||
virtnwfilterd.service: nwfilter/virtnwfilterd.service.in $(top_builddir)/config.status
|
||||
$(AM_V_GEN)$(SED) $(VIRTNWFILTERD_UNIT_VARS) $< > $@-t && mv $@-t $@
|
||||
|
||||
virtnwfilter%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status
|
||||
$(AM_V_GEN)$(SED) $(VIRTNWFILTERD_UNIT_VARS) $< > $@-t && mv $@-t $@
|
||||
|
||||
nwfilter/virtnwfilterd.conf: remote/libvirtd.conf.in
|
||||
$(AM_V_GEN)$(SED) \
|
||||
-e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
|
||||
-e 's/[@]DAEMON_NAME[@]/virtnwfilterd/' \
|
||||
$< > $@
|
||||
|
||||
nwfilter/virtnwfilterd.aug: remote/libvirtd.aug.in
|
||||
$(AM_V_GEN)$(SED) \
|
||||
-e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
|
||||
-e 's/[@]DAEMON_NAME[@]/virtnwfilterd/' \
|
||||
-e 's/[@]DAEMON_NAME_UC[@]/Virtnwfilterd/' \
|
||||
$< > $@
|
||||
|
||||
nwfilter/test_virtnwfilterd.aug: remote/test_libvirtd.aug.in \
|
||||
nwfilter/virtnwfilterd.conf $(AUG_GENTEST)
|
||||
$(AM_V_GEN)$(AUG_GENTEST) nwfilter/virtnwfilterd.conf \
|
||||
$(srcdir)/remote/test_libvirtd.aug.in | \
|
||||
$(SED) \
|
||||
-e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
|
||||
-e 's/[@]DAEMON_NAME[@]/virtnwfilterd/' \
|
||||
-e 's/[@]DAEMON_NAME_UC[@]/Virtnwfilterd/' \
|
||||
> $@ || rm -f $@
|
||||
|
||||
endif WITH_NWFILTER
|
||||
|
||||
24
src/nwfilter/virtnwfilterd.service.in
Normal file
24
src/nwfilter/virtnwfilterd.service.in
Normal file
@ -0,0 +1,24 @@
|
||||
[Unit]
|
||||
Description=Virtualization nwfilter daemon
|
||||
Conflicts=libvirtd.service
|
||||
Requires=virtnwfilterd.socket
|
||||
Requires=virtnwfilterd-ro.socket
|
||||
Requires=virtnwfilterd-admin.socket
|
||||
After=network.target
|
||||
After=dbus.service
|
||||
After=apparmor.service
|
||||
After=local-fs.target
|
||||
Documentation=man:libvirtd(8)
|
||||
Documentation=https://libvirt.org
|
||||
|
||||
[Service]
|
||||
Type=notify
|
||||
ExecStart=@sbindir@/virtnwfilterd --timeout 120
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
||||
Restart=on-failure
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
Also=virtnwfilterd.socket
|
||||
Also=virtnwfilterd-ro.socket
|
||||
Also=virtnwfilterd-admin.socket
|
||||
Loading…
x
Reference in New Issue
Block a user