4:54 a.m.
We don't do socket activation of libvirtd, since we need to
unconditionally start libvirtd in order to perform autostart. This
doesn't mean we can't have systemd socket units. Some use cases will
not need libvirt's autostart & are thus free to use activation.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
libvirt.spec.in | 24 +++++++++++++++++++-
src/remote/Makefile.inc.am | 35 +++++++++++++++++++++++++++++
src/remote/libvirtd-admin.socket.in | 13 +++++++++++
src/remote/libvirtd-ro.socket.in | 13 +++++++++++
src/remote/libvirtd-tcp.socket.in | 12 ++++++++++
src/remote/libvirtd-tls.socket.in | 12 ++++++++++
src/remote/libvirtd.service.in | 10 ++++-----
src/remote/libvirtd.socket.in | 11 +++++++++
8 files changed, 124 insertions(+), 6 deletions(-)
create mode 100644 src/remote/libvirtd-admin.socket.in
create mode 100644 src/remote/libvirtd-ro.socket.in
create mode 100644 src/remote/libvirtd-tcp.socket.in
create mode 100644 src/remote/libvirtd-tls.socket.in
create mode 100644 src/remote/libvirtd.socket.in
diff --git a/libvirt.spec.in b/libvirt.spec.in
index d54f58f1d4..ec562d5f7a 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1342,6 +1342,8 @@ exit 0
%systemd_post virtlockd.socket virtlockd-admin.socket
%systemd_post virtlogd.socket virtlogd-admin.socket
+%systemd_post libvirtd.socket libvirtd-ro.socket libvirtd-admin.socket
+%systemd_post libvirtd-tcp.socket libvirtd-tls.socket
%systemd_post libvirtd.service
# request daemon restart in posttrans
@@ -1350,6 +1352,8 @@ touch %{_localstatedir}/lib/rpm-state/libvirt/restart || :
%preun daemon
%systemd_preun libvirtd.service
+%systemd_preun libvirtd-tcp.socket libvirtd-tls.socket
+%systemd_preun libvirtd.socket libvirtd-ro.socket libvirtd-admin.socket
%systemd_preun virtlogd.socket virtlogd-admin.socket virtlogd.service
%systemd_preun virtlockd.socket virtlockd-admin.socket virtlockd.service
@@ -1374,7 +1378,20 @@ fi
%posttrans daemon
if [ -f %{_localstatedir}/lib/rpm-state/libvirt/restart ]; then
- /bin/systemctl try-restart libvirtd.service >/dev/null 2>&1 || :
+ /bin/systemctl is-active libvirtd.service 1>/dev/null 2>&1
+ # Old libvirtd owns the sockets and will delete them on
+ # shutdown. Can't use a try-restart as libvirtd will simply
+ # own the sockets again when it comes back up. Thus we must
+ # do this particular ordering
+ if test $? == 0 ; then
+ /bin/systemctl stop libvirtd.service >/dev/null 2>&1 || :
+
+ /bin/systemctl try-restart libvirtd.socket >/dev/null 2>&1 || :
+ /bin/systemctl try-restart libvirtd-ro.socket >/dev/null 2>&1 || :
+ /bin/systemctl try-restart libvirtd-admin.socket >/dev/null 2>&1 || :
+
+ /bin/systemctl start libvirtd.service >/dev/null 2>&1 || :
+ fi
fi
rm -rf %{_localstatedir}/lib/rpm-state/libvirt || :
@@ -1505,6 +1522,11 @@ exit 0
%dir %attr(0700, root, root) %{_sysconfdir}/libvirt/
%{_unitdir}/libvirtd.service
+%{_unitdir}/libvirtd.socket
+%{_unitdir}/libvirtd-ro.socket
+%{_unitdir}/libvirtd-admin.socket
+%{_unitdir}/libvirtd-tcp.socket
+%{_unitdir}/libvirtd-tls.socket
%{_unitdir}/virt-guest-shutdown.target
%{_unitdir}/virtlogd.service
%{_unitdir}/virtlogd.socket
diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am
index 06714249b4..0479c2ddd1 100644
--- a/src/remote/Makefile.inc.am
+++ b/src/remote/Makefile.inc.am
@@ -51,6 +51,11 @@ MANINFILES += libvirtd.8.in
SYSTEMD_UNIT_FILES_IN += \
remote/libvirtd.service.in \
+ remote/libvirtd.socket.in \
+ remote/libvirtd-ro.socket.in \
+ remote/libvirtd-admin.socket.in \
+ remote/libvirtd-tcp.socket.in \
+ remote/libvirtd-tls.socket.in \
remote/virt-guest-shutdown.target.in \
$(NULL)
@@ -276,6 +281,36 @@ libvirtd.service: remote/libvirtd.service.in
$(top_builddir)/config.status
< $< > $@-t && \
mv $@-t $@
+libvirtd.socket: remote/libvirtd.socket.in $(top_builddir)/config.status
+ $(AM_V_GEN)sed \
+ -e 's|[@]localstatedir[@]|$(localstatedir)|g' \
+ < $< > $@-t && \
+ mv $@-t $@
+
+libvirtd-ro.socket: remote/libvirtd-ro.socket.in $(top_builddir)/config.status
+ $(AM_V_GEN)sed \
+ -e 's|[@]localstatedir[@]|$(localstatedir)|g' \
+ < $< > $@-t && \
+ mv $@-t $@
+
+libvirtd-admin.socket: remote/libvirtd-admin.socket.in $(top_builddir)/config.status
+ $(AM_V_GEN)sed \
+ -e 's|[@]localstatedir[@]|$(localstatedir)|g' \
+ < $< > $@-t && \
+ mv $@-t $@
+
+libvirtd-tcp.socket: remote/libvirtd-tcp.socket.in $(top_builddir)/config.status
+ $(AM_V_GEN)sed \
+ -e 's|[@]localstatedir[@]|$(localstatedir)|g' \
+ < $< > $@-t && \
+ mv $@-t $@
+
+libvirtd-tls.socket: remote/libvirtd-tls.socket.in $(top_builddir)/config.status
+ $(AM_V_GEN)sed \
+ -e 's|[@]localstatedir[@]|$(localstatedir)|g' \
+ < $< > $@-t && \
+ mv $@-t $@
+
virt-guest-shutdown.target: remote/virt-guest-shutdown.target.in \
$(top_builddir)/config.status
$(AM_V_GEN)cp $< $@
diff --git a/src/remote/libvirtd-admin.socket.in b/src/remote/libvirtd-admin.socket.in
new file mode 100644
index 0000000000..b791a2eb1b
--- /dev/null
+++ b/src/remote/libvirtd-admin.socket.in
@@ -0,0 +1,13 @@
+[Unit]
+Description=Libvirt admin socket
+Before=libvirtd.service
+BindsTo=libvirtd.socket
+After=libvirtd.socket
+
+[Socket]
+ListenStream=@localstatedir@/run/libvirt/libvirt-admin-sock
+Service=libvirtd.service
+SocketMode=0600
+
+[Install]
+WantedBy=sockets.target
diff --git a/src/remote/libvirtd-ro.socket.in b/src/remote/libvirtd-ro.socket.in
new file mode 100644
index 0000000000..55c44944b4
--- /dev/null
+++ b/src/remote/libvirtd-ro.socket.in
@@ -0,0 +1,13 @@
+[Unit]
+Description=Libvirt local read-only socket
+Before=libvirtd.service
+BindsTo=libvirtd.socket
+After=libvirtd.socket
+
+[Socket]
+ListenStream=@localstatedir@/run/libvirt/libvirt-sock-ro
+Service=libvirtd.service
+SocketMode=0666
+
+[Install]
+WantedBy=sockets.target
diff --git a/src/remote/libvirtd-tcp.socket.in b/src/remote/libvirtd-tcp.socket.in
new file mode 100644
index 0000000000..09d5d3d67a
--- /dev/null
+++ b/src/remote/libvirtd-tcp.socket.in
@@ -0,0 +1,12 @@
+[Unit]
+Description=Libvirt non-TLS IP socket
+Before=libvirtd.service
+BindsTo=libvirtd.socket
+After=libvirtd.socket
+
+[Socket]
+ListenStream=16509
+Service=libvirtd.service
+
+[Install]
+WantedBy=sockets.target
diff --git a/src/remote/libvirtd-tls.socket.in b/src/remote/libvirtd-tls.socket.in
new file mode 100644
index 0000000000..c60f0c9c77
--- /dev/null
+++ b/src/remote/libvirtd-tls.socket.in
@@ -0,0 +1,12 @@
+[Unit]
+Description=Libvirt TLS IP socket
+Before=libvirtd.service
+BindsTo=libvirtd.socket
+After=libvirtd.socket
+
+[Socket]
+ListenStream=16514
+Service=libvirtd.service
+
+[Install]
+WantedBy=sockets.target
diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in
index 7f689e08a8..047620f79b 100644
--- a/src/remote/libvirtd.service.in
+++ b/src/remote/libvirtd.service.in
@@ -1,12 +1,10 @@
-# NB we don't use socket activation. When libvirtd starts it will
-# spawn any virtual machines registered for autostart. We want this
-# to occur on every boot, regardless of whether any client connects
-# to a socket. Thus socket activation doesn't have any benefit
-
[Unit]
Description=Virtualization daemon
Requires=virtlogd.socket
Requires=virtlockd.socket
+Requires=libvirtd.socket
+Requires=libvirtd-ro.socket
+Requires=libvirtd-admin.socket
Wants=systemd-machined.service
Before=libvirt-guests.service
After=network.target
@@ -42,3 +40,5 @@ TasksMax=32768
WantedBy=multi-user.target
Also=virtlockd.socket
Also=virtlogd.socket
+Also=libvirtd.socket
+Also=libvirtd-ro.socket
diff --git a/src/remote/libvirtd.socket.in b/src/remote/libvirtd.socket.in
new file mode 100644
index 0000000000..e194c6e76e
--- /dev/null
+++ b/src/remote/libvirtd.socket.in
@@ -0,0 +1,11 @@
+[Unit]
+Description=Libvirt local socket
+Before=libvirtd.service
+
+[Socket]
+ListenStream=@localstatedir@/run/libvirt/libvirt-sock
+Service=libvirtd.service
+SocketMode=0666
+
+[Install]
+WantedBy=sockets.target
--
2.21.0