mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-22 21:55:25 +00:00
Make max_clients in virtlockd configurable
Each new VM requires a new connection from libvirtd to virtlockd. The default max clients limit in virtlockd of 20 is thus woefully insufficient. virtlockd sockets are only accessible to matching users, so there is no security need for such a tight limit. Make it configurable and default to 1024. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
This commit is contained in:
parent
09adfdc62d
commit
9f5b4b1f62
@ -128,7 +128,7 @@ static void virLockDaemonLockSpaceDataFree(void *data,
|
||||
}
|
||||
|
||||
static virLockDaemonPtr
|
||||
virLockDaemonNew(bool privileged)
|
||||
virLockDaemonNew(virLockDaemonConfigPtr config, bool privileged)
|
||||
{
|
||||
virLockDaemonPtr lockd;
|
||||
|
||||
@ -142,7 +142,7 @@ virLockDaemonNew(bool privileged)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (!(lockd->srv = virNetServerNew(1, 1, 0, 20,
|
||||
if (!(lockd->srv = virNetServerNew(1, 1, 0, config->max_clients,
|
||||
-1, 0,
|
||||
false, NULL,
|
||||
virLockDaemonClientNew,
|
||||
@ -1335,7 +1335,7 @@ int main(int argc, char **argv) {
|
||||
/* rv == 1, means we setup everything from saved state,
|
||||
* so we only setup stuff from scratch if rv == 0 */
|
||||
if (rv == 0) {
|
||||
if (!(lockDaemon = virLockDaemonNew(privileged))) {
|
||||
if (!(lockDaemon = virLockDaemonNew(config, privileged))) {
|
||||
ret = VIR_LOCK_DAEMON_ERR_INIT;
|
||||
goto cleanup;
|
||||
}
|
||||
|
@ -114,6 +114,7 @@ virLockDaemonConfigNew(bool privileged ATTRIBUTE_UNUSED)
|
||||
return NULL;
|
||||
|
||||
data->log_buffer_size = 64;
|
||||
data->max_clients = 1024;
|
||||
|
||||
return data;
|
||||
}
|
||||
@ -139,6 +140,7 @@ virLockDaemonConfigLoadOptions(virLockDaemonConfigPtr data,
|
||||
GET_CONF_STR(conf, filename, log_filters);
|
||||
GET_CONF_STR(conf, filename, log_outputs);
|
||||
GET_CONF_INT(conf, filename, log_buffer_size);
|
||||
GET_CONF_INT(conf, filename, max_clients);
|
||||
|
||||
return 0;
|
||||
|
||||
|
@ -34,6 +34,7 @@ struct _virLockDaemonConfig {
|
||||
char *log_filters;
|
||||
char *log_outputs;
|
||||
int log_buffer_size;
|
||||
int max_clients;
|
||||
};
|
||||
|
||||
|
||||
|
@ -28,6 +28,7 @@ module Libvirtd =
|
||||
| str_entry "log_filters"
|
||||
| str_entry "log_outputs"
|
||||
| int_entry "log_buffer_size"
|
||||
| int_entry "max_clients"
|
||||
|
||||
(* Each enty in the config is one of the following three ... *)
|
||||
let entry = logging_entry
|
||||
|
@ -58,3 +58,10 @@
|
||||
# the default buffer size in kilobytes.
|
||||
# If value is 0 or less the debug log buffer is deactivated
|
||||
#log_buffer_size = 64
|
||||
|
||||
# The maximum number of concurrent client connections to allow
|
||||
# over all sockets combined.
|
||||
# Each running virtual machine will require one open connection
|
||||
# to virtlockd. So 'max_clients' will affect how many VMs can
|
||||
# be run on a host
|
||||
#max_clients = 1024
|
||||
|
Loading…
Reference in New Issue
Block a user