The lock manager infrastructure we recently added to QEMU only has
two possible drivers at this time, 'nop' and 'sanlock'. The former
does absolutely nothing, while the latter requires a 3rd party
package installed and is a little heavy on disk I/O and storage
requirements.
This series adds a new daemon 'virtlockd' which is intended to be
enabled by default on all hosts running 'libvirtd'. This daemon
provides a service for disk locking based on the traditional
fcntl() lock primitives. There is a new libvirt manager plugin
which talks to this daemon over RPC. The reason for doing the
locks in a separate process is that we want the locks to remain
active, even if libvirtd crashes, or is restarted. The virtlockd
daemon has this one single job so should be pretty reliable and
selfcontained. This patch series really benefits from the new RPC
APIs, requiring minimal code for the new daemon / client
At this time, virtlockd does not lock the actual disk files, but
instead creates a lockspace & leases under /var/lib/libvirt/lockd.
The lockspace we use for disks is named org.libvirt.lockd.files,
and lease names are based on a SHA256 checksum of the fully
qualified disk name. eg
/var/lib/libvirt/lockd/org.libvirt.lockd.files/adf94fc33a24da1abff7dd7374a9919bb51efee646da8c3ac464c10cd59750bd
These leases are all zero-bytes long and no I/O is ever performed
on them, only fcntl() is used. So there is material overhead.
Whenever creating or deleting leases, we first acquire a lock on
/var/lib/libvirt/lockd/org.libvirt.lockd.files/org.libvirt.lockd.index
A non-root virtlockd will instead use $HOME/.libvirt/lockd
By default we gain protection out of the box against
- Starting two guests on the same host with the same disk image
not marked with <shareable/>
- libvirtd getting confused and forgetting a guest, allowing it
to be started for a 2nd time
If the admin mounts a shared filesytem (eg NFS) on /var/lib/libvirt/lockd
then this protection is extended across all hosts sharing that
mount volume.
As part of this series, I also introduce support for systemd
services for libvirtd and libvir-guests.