The virtlxcd daemon will be responsible for providing the lxc API
driver functionality. The lxc driver is still loaded by the main
libvirtd daemon at this stage, so virtlxcd must not be running at
the same time.
Reviewed-by: Andrea Bolognani <abologna(a)redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
.gitignore | 4 +++
libvirt.spec.in | 8 +++++
src/lxc/Makefile.inc.am | 62 +++++++++++++++++++++++++++++++++++++
src/lxc/virtlxcd.service.in | 40 ++++++++++++++++++++++++
4 files changed, 114 insertions(+)
create mode 100644 src/lxc/virtlxcd.service.in
diff --git a/.gitignore b/.gitignore
index d23ffa94f0..d279c7bc1f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -160,6 +160,9 @@
/src/lxc/lxc_monitor_protocol.h
/src/lxc/lxc_protocol.[ch]
/src/lxc/test_libvirtd_lxc.aug
+/src/lxc/test_virtlxcd.aug
+/src/lxc/virtlxcd.aug
+/src/lxc/virtlxcd.conf
/src/network/test_virtnetworkd.aug
/src/network/virtnetworkd.aug
/src/network/virtnetworkd.conf
@@ -197,6 +200,7 @@
/src/virtxend
/src/virtlockd
/src/virtlogd
+/src/virtlxcd
/src/virtnetworkd
/src/virtnodedevd
/src/virtnwfilterd
diff --git a/libvirt.spec.in b/libvirt.spec.in
index f86b0212c7..81fc1481e0 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1760,6 +1760,14 @@ exit 0
%if %{with_lxc}
%files daemon-driver-lxc
+%config(noreplace) %{_sysconfdir}/libvirt/virtlxcd.conf
+%{_datadir}/augeas/lenses/virtlxcd.aug
+%{_datadir}/augeas/lenses/tests/test_virtlxcd.aug
+%{_unitdir}/virtlxcd.service
+%{_unitdir}/virtlxcd.socket
+%{_unitdir}/virtlxcd-ro.socket
+%{_unitdir}/virtlxcd-admin.socket
+%attr(0755, root, root) %{_sbindir}/virtlxcd
%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/lxc/
%config(noreplace) %{_sysconfdir}/libvirt/lxc.conf
%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.lxc
diff --git a/src/lxc/Makefile.inc.am b/src/lxc/Makefile.inc.am
index 0c241fc5c1..4960ee4324 100644
--- a/src/lxc/Makefile.inc.am
+++ b/src/lxc/Makefile.inc.am
@@ -110,6 +110,68 @@ endif WITH_BLKID
libvirt_driver_lxc_impl_la_LIBADD += $(SECDRIVER_LIBS)
libvirt_driver_lxc_impl_la_SOURCES = $(LXC_DRIVER_SOURCES)
+
+sbin_PROGRAMS += virtlxcd
+
+nodist_conf_DATA += lxc/virtlxcd.conf
+augeas_DATA += lxc/virtlxcd.aug
+augeastest_DATA += lxc/test_virtlxcd.aug
+CLEANFILES += lxc/virtlxcd.aug
+
+virtlxcd_SOURCES = $(REMOTE_DAEMON_SOURCES)
+virtlxcd_CFLAGS = \
+ $(REMOTE_DAEMON_CFLAGS) \
+ -DDAEMON_NAME="\"virtlxcd\"" \
+ -DMODULE_NAME="\"lxc\"" \
+ $(NULL)
+virtlxcd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS)
+virtlxcd_LDADD = $(REMOTE_DAEMON_LD_ADD)
+
+SYSTEMD_UNIT_FILES += \
+ virtlxcd.service \
+ virtlxcd.socket \
+ virtlxcd-ro.socket \
+ virtlxcd-admin.socket \
+ $(NULL)
+SYSTEMD_UNIT_FILES_IN += \
+ lxc/virtlxcd.service.in \
+ $(NULL)
+
+VIRTLXCD_UNIT_VARS = \
+ $(VIRTD_UNIT_VARS) \
+ -e 's|[@]name[@]|Libvirt lxc|g' \
+ -e 's|[@]service[@]|virtlxcd|g' \
+ -e 's|[@]sockprefix[@]|virtlxcd|g' \
+ $(NULL)
+
+virtlxcd.service: lxc/virtlxcd.service.in $(top_builddir)/config.status
+ $(AM_V_GEN)sed $(VIRTLXCD_UNIT_VARS) < $< > $@-t && mv $@-t $@
+
+virtlxc%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status
+ $(AM_V_GEN)sed $(VIRTLXCD_UNIT_VARS) < $< > $@-t && mv $@-t $@
+
+lxc/virtlxcd.conf: remote/libvirtd.conf.in
+ $(AM_V_GEN)sed \
+ -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
+ -e 's/[@]DAEMON_NAME[@]/virtlxcd/' \
+ < $^ > $@
+
+lxc/virtlxcd.aug: remote/libvirtd.aug.in
+ $(AM_V_GEN)$(SED) \
+ -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
+ -e 's/[@]DAEMON_NAME[@]/virtlxcd/' \
+ -e 's/[@]DAEMON_NAME_UC[@]/Virtlxcd/' \
+ $< > $@
+
+lxc/test_virtlxcd.aug: remote/test_libvirtd.aug.in \
+ lxc/virtlxcd.conf $(AUG_GENTEST)
+ $(AM_V_GEN)$(AUG_GENTEST) lxc/virtlxcd.conf \
+ $(srcdir)/remote/test_libvirtd.aug.in | \
+ $(SED) -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
+ -e 's/[@]DAEMON_NAME[@]/virtlxcd/' \
+ -e 's/[@]DAEMON_NAME_UC[@]/Virtlxcd/' \
+ > $@ || rm -f $@
+
libexec_PROGRAMS += libvirt_lxc
libvirt_lxc_SOURCES = \
diff --git a/src/lxc/virtlxcd.service.in b/src/lxc/virtlxcd.service.in
new file mode 100644
index 0000000000..c732499a64
--- /dev/null
+++ b/src/lxc/virtlxcd.service.in
@@ -0,0 +1,40 @@
+[Unit]
+Description=Virtualization lxc daemon
+Conflicts=libvirtd.service
+Requires=virtlxcd.socket
+Requires=virtlxcd-ro.socket
+Requires=virtlxcd-admin.socket
+Wants=systemd-machined.service
+Before=libvirt-guests.service
+After=network.target
+After=dbus.service
+After=apparmor.service
+After=local-fs.target
+After=remote-fs.target
+After=systemd-logind.service
+After=systemd-machined.service
+Documentation=man:libvirtd(8)
+Documentation=https://libvirt.org
+
+[Service]
+Type=notify
+ExecStart=@sbindir@/virtlxcd --timeout 120
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=process
+Restart=on-failure
+# At least 1 FD per guest, often 2 (eg qemu monitor + qemu agent).
+# eg if we want to support 4096 guests, we'll typically need 8192 FDs
+# If changing this, also consider virtlogd.service & virtlockd.service
+# limits which are also related to number of guests
+LimitNOFILE=8192
+# The cgroups pids controller can limit the number of tasks started by
+# the daemon, which can limit the number of domains for some hypervisors.
+# A conservative default of 8 tasks per guest results in a TasksMax of
+# 32k to support 4096 guests.
+TasksMax=32768
+
+[Install]
+WantedBy=multi-user.target
+Also=virtlxcd.socket
+Also=virtlxcd-ro.socket
+Also=virtlxcd-admin.socket
--
2.21.0