The virtlxcd daemon will be responsible for providing the lxc API
driver functionality. The lxc driver is still loaded by the main
libvirtd daemon at this stage, so virtlxcd must not be running at
the same time.
Reviewed-by: Andrea Bolognani <abologna(a)redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
.gitignore | 4 +++
libvirt.spec.in | 8 +++++
src/lxc/Makefile.inc.am | 63 +++++++++++++++++++++++++++++++++++++
src/lxc/virtlxcd.service.in | 40 +++++++++++++++++++++++
4 files changed, 115 insertions(+)
create mode 100644 src/lxc/virtlxcd.service.in
diff --git a/.gitignore b/.gitignore
index 67962a696e..8e396d6127 100644
--- a/.gitignore
+++ b/.gitignore
@@ -160,6 +160,9 @@
/src/lxc/lxc_monitor_protocol.h
/src/lxc/lxc_protocol.[ch]
/src/lxc/test_libvirtd_lxc.aug
+/src/lxc/test_virtlxcd.aug
+/src/lxc/virtlxcd.aug
+/src/lxc/virtlxcd.conf
/src/network/test_virtnetworkd.aug
/src/network/virtnetworkd.aug
/src/network/virtnetworkd.conf
@@ -198,6 +201,7 @@
/src/virtxend
/src/virtlockd
/src/virtlogd
+/src/virtlxcd
/src/virtnetworkd
/src/virtnodedevd
/src/virtnwfilterd
diff --git a/libvirt.spec.in b/libvirt.spec.in
index d1093db847..1c3d988136 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1760,6 +1760,14 @@ exit 0
%if %{with_lxc}
%files daemon-driver-lxc
+%config(noreplace) %{_sysconfdir}/libvirt/virtlxcd.conf
+%{_datadir}/augeas/lenses/virtlxcd.aug
+%{_datadir}/augeas/lenses/tests/test_virtlxcd.aug
+%{_unitdir}/virtlxcd.service
+%{_unitdir}/virtlxcd.socket
+%{_unitdir}/virtlxcd-ro.socket
+%{_unitdir}/virtlxcd-admin.socket
+%attr(0755, root, root) %{_sbindir}/virtlxcd
%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/lxc/
%config(noreplace) %{_sysconfdir}/libvirt/lxc.conf
%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.lxc
diff --git a/src/lxc/Makefile.inc.am b/src/lxc/Makefile.inc.am
index 0c241fc5c1..22c582c380 100644
--- a/src/lxc/Makefile.inc.am
+++ b/src/lxc/Makefile.inc.am
@@ -110,6 +110,69 @@ endif WITH_BLKID
libvirt_driver_lxc_impl_la_LIBADD += $(SECDRIVER_LIBS)
libvirt_driver_lxc_impl_la_SOURCES = $(LXC_DRIVER_SOURCES)
+
+sbin_PROGRAMS += virtlxcd
+
+nodist_conf_DATA += lxc/virtlxcd.conf
+augeas_DATA += lxc/virtlxcd.aug
+augeastest_DATA += lxc/test_virtlxcd.aug
+CLEANFILES += lxc/virtlxcd.aug
+
+virtlxcd_SOURCES = $(REMOTE_DAEMON_SOURCES)
+virtlxcd_CFLAGS = \
+ $(REMOTE_DAEMON_CFLAGS) \
+ -DDAEMON_NAME="\"virtlxcd\"" \
+ -DMODULE_NAME="\"lxc\"" \
+ $(NULL)
+virtlxcd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS)
+virtlxcd_LDADD = $(REMOTE_DAEMON_LD_ADD)
+
+SYSTEMD_UNIT_FILES += \
+ virtlxcd.service \
+ virtlxcd.socket \
+ virtlxcd-ro.socket \
+ virtlxcd-admin.socket \
+ $(NULL)
+SYSTEMD_UNIT_FILES_IN += \
+ lxc/virtlxcd.service.in \
+ $(NULL)
+
+VIRTLXCD_UNIT_VARS = \
+ $(VIRTD_UNIT_VARS) \
+ -e 's|[@]name[@]|Libvirt lxc|g' \
+ -e 's|[@]service[@]|virtlxcd|g' \
+ -e 's|[@]sockprefix[@]|virtlxcd|g' \
+ $(NULL)
+
+virtlxcd.service: lxc/virtlxcd.service.in $(top_builddir)/config.status
+ $(AM_V_GEN)$(SED) $(VIRTLXCD_UNIT_VARS) $< > $@-t && mv $@-t $@
+
+virtlxc%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status
+ $(AM_V_GEN)$(SED) $(VIRTLXCD_UNIT_VARS) $< > $@-t && mv $@-t $@
+
+lxc/virtlxcd.conf: remote/libvirtd.conf.in
+ $(AM_V_GEN)$(SED) \
+ -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
+ -e 's/[@]DAEMON_NAME[@]/virtlxcd/' \
+ $< > $@
+
+lxc/virtlxcd.aug: remote/libvirtd.aug.in
+ $(AM_V_GEN)$(SED) \
+ -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
+ -e 's/[@]DAEMON_NAME[@]/virtlxcd/' \
+ -e 's/[@]DAEMON_NAME_UC[@]/Virtlxcd/' \
+ $< > $@
+
+lxc/test_virtlxcd.aug: remote/test_libvirtd.aug.in \
+ lxc/virtlxcd.conf $(AUG_GENTEST)
+ $(AM_V_GEN)$(AUG_GENTEST) lxc/virtlxcd.conf \
+ $(srcdir)/remote/test_libvirtd.aug.in | \
+ $(SED) \
+ -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
+ -e 's/[@]DAEMON_NAME[@]/virtlxcd/' \
+ -e 's/[@]DAEMON_NAME_UC[@]/Virtlxcd/' \
+ > $@ || rm -f $@
+
libexec_PROGRAMS += libvirt_lxc
libvirt_lxc_SOURCES = \
diff --git a/src/lxc/virtlxcd.service.in b/src/lxc/virtlxcd.service.in
new file mode 100644
index 0000000000..c732499a64
--- /dev/null
+++ b/src/lxc/virtlxcd.service.in
@@ -0,0 +1,40 @@
+[Unit]
+Description=Virtualization lxc daemon
+Conflicts=libvirtd.service
+Requires=virtlxcd.socket
+Requires=virtlxcd-ro.socket
+Requires=virtlxcd-admin.socket
+Wants=systemd-machined.service
+Before=libvirt-guests.service
+After=network.target
+After=dbus.service
+After=apparmor.service
+After=local-fs.target
+After=remote-fs.target
+After=systemd-logind.service
+After=systemd-machined.service
+Documentation=man:libvirtd(8)
+Documentation=https://libvirt.org
+
+[Service]
+Type=notify
+ExecStart=@sbindir@/virtlxcd --timeout 120
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=process
+Restart=on-failure
+# At least 1 FD per guest, often 2 (eg qemu monitor + qemu agent).
+# eg if we want to support 4096 guests, we'll typically need 8192 FDs
+# If changing this, also consider virtlogd.service & virtlockd.service
+# limits which are also related to number of guests
+LimitNOFILE=8192
+# The cgroups pids controller can limit the number of tasks started by
+# the daemon, which can limit the number of domains for some hypervisors.
+# A conservative default of 8 tasks per guest results in a TasksMax of
+# 32k to support 4096 guests.
+TasksMax=32768
+
+[Install]
+WantedBy=multi-user.target
+Also=virtlxcd.socket
+Also=virtlxcd-ro.socket
+Also=virtlxcd-admin.socket
--
2.21.0