[libvirt] [PATCH 0/6] Enable fd passing / socket activation with LXC guest
From: "Daniel P. Berrange" <berrange(a)redhat.com>
Systemd has a concept of socket activation whereby systemd
will listen on a TCP socket in the host. When a client arrives
on the socket, systemd will run a service, passing it the
pre-opened TCP server socket. The service can then accept the
client connection.
This patch series adds the ability to pass pre-opened file
descriptors into LXC guests. The file descriptors will be
made available to the 'init' process in the container,
starting from STDERR_FILENO + 1.
For example, assuming you have pre-opened a file descriptors
in your shell
# exec 10>/tmp/foo
# exec 20>/tmp/bar
# exec 30>/tmp/wizz
You can then start a container with:
# virsh -c lxc:/// start --pass-fds 10,20,30 demo
Inside that container the FDs will appear as 3, 4, 5:
# virsh -c lxc:/// console demo
Connected to domain demo
Escape character is ^]
sh-4.2# lsof -p 1 | grep /tmp
sh 1 root 3w REG 0,32 0 90226444 /tmp/foo
sh 1 root 4w REG 0,32 0 90238163 /tmp/bar
sh 1 root 5w REG 0,32 0 90238164 /tmp/wizz
Finally, if you run systemd inside the container, it can then
use these pre-opened file descriptors, passing them along when
launching services inside the container. So you have end-to-end
socket activation between the host & guest systemd instances.
Daniel P. Berrange (6):
Introduce new domain create APIs to pass pre-opened FDs to LXC
Introduce remote protocol support for virDomainCreate{XML}WithFiles
Fix impl of virDomainCreateWithFlags remote client helper
LXC: Wire up the virDomainCreate{XML}WithFiles methods
Enable FD passing when starting guests with virsh
Merge virCommandPreserveFD / virCommandTransferFD
daemon/remote.c | 104 ++++++++++++++++++++++
include/libvirt/libvirt.h.in | 10 +++
python/generator.py | 3 +
python/libvirt-override-virConnect.py | 30 +++++++
python/libvirt-override-virDomain.py | 38 ++++++++
python/libvirt-override.c | 89 +++++++++++++++++++
src/driver.h | 13 +++
src/fdstream.c | 3 +-
src/libvirt.c | 154 ++++++++++++++++++++++++++++++++
src/libvirt_private.syms | 3 +-
src/libvirt_public.syms | 6 ++
src/lxc/lxc_container.c | 136 ++++++++++++++++++++++-------
src/lxc/lxc_container.h | 6 +-
src/lxc/lxc_controller.c | 36 +++++++-
src/lxc/lxc_driver.c | 45 ++++++++--
src/lxc/lxc_process.c | 20 ++++-
src/lxc/lxc_process.h | 1 +
src/qemu/qemu_command.c | 16 ++--
src/remote/remote_driver.c | 91 +++++++++++++++----
src/remote/remote_protocol.x | 32 ++++++-
src/remote_protocol-structs | 16 ++++
src/uml/uml_conf.c | 3 +-
src/util/vircommand.c | 159 ++++++++++++++++------------------
src/util/vircommand.h | 13 +--
tests/commandtest.c | 5 +-
tools/virsh-domain.c | 82 +++++++++++++++++-
tools/virsh.pod | 13 ++-
27 files changed, 960 insertions(+), 167 deletions(-)
--
1.8.1.4