Re: [libvirt] [PATCH v2 0/8] Speed up waiting for the session daemon
On Tue, Jul 22, 2014 at 05:11:23PM +0200, Martin Kletzander wrote: On Tue, Jul 22, 2014 at 01:36:56PM +0100, Daniel P. Berrange wrote: On Wed, Jul 16, 2014 at 08:29:54PM +0200, Martin Kletzander wrote: This is complete rework of: http://www.redhat.com/archives/libvir-list/2013-April/msg01351.html where Daniel suggested we use systemd-like passing of socket fd in combination with the LISTEN_FDS environment variable: http://www.redhat.com/archives/libvir-list/2013-April/msg01356.html Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=927369 Obviously that bug is focused on starting of the session daemon, but the code we're adding here should work with systemd. Have you tested that this actually allows for systemd activation of the privileged libvirtd. If we're adding this FD passing, I think we really ought to make sure we support this, so we don't have to revisit it later. Should add a libvirtd.socket unit file too so we have systemd activation by default for libvirtd. Obviously I haven't. I just wanted to get rid of that silly, silly bug. And now I tried and ... it Just Works(TM). I'll add a configuration comment and libvirtd.socket.in file in the patch and send a v3. Let me know what do you think of those permission settings there. NB, we stil need to enable the daemon by default anyway since libvirtd needs todo autostart of VMs, but having the socket activation too avoids some race conditions with startup. Yes, that's one of the reasons why I think it will create more confusion than races it will resolve. I'll _try_ to work this in, but how would you suggest to set up the initial permissions? Anything the user will change in libvirtd.conf he will also have to change in the libvirt.socket file, because someone might use the filesystem-level permission checking for isolating some users (or anything else) because we don't want to break that. Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list signature.asc Description: Digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2 0/8] Speed up waiting for the session daemon
On Wed, Jul 23, 2014 at 10:49:33AM +0200, Martin Kletzander wrote: On Tue, Jul 22, 2014 at 05:11:23PM +0200, Martin Kletzander wrote: On Tue, Jul 22, 2014 at 01:36:56PM +0100, Daniel P. Berrange wrote: On Wed, Jul 16, 2014 at 08:29:54PM +0200, Martin Kletzander wrote: This is complete rework of: http://www.redhat.com/archives/libvir-list/2013-April/msg01351.html where Daniel suggested we use systemd-like passing of socket fd in combination with the LISTEN_FDS environment variable: http://www.redhat.com/archives/libvir-list/2013-April/msg01356.html Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=927369 Obviously that bug is focused on starting of the session daemon, but the code we're adding here should work with systemd. Have you tested that this actually allows for systemd activation of the privileged libvirtd. If we're adding this FD passing, I think we really ought to make sure we support this, so we don't have to revisit it later. Should add a libvirtd.socket unit file too so we have systemd activation by default for libvirtd. Obviously I haven't. I just wanted to get rid of that silly, silly bug. And now I tried and ... it Just Works(TM). I'll add a configuration comment and libvirtd.socket.in file in the patch and send a v3. Let me know what do you think of those permission settings there. That's great ! Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2 0/8] Speed up waiting for the session daemon
On Wed, Jul 16, 2014 at 08:29:54PM +0200, Martin Kletzander wrote: This is complete rework of: http://www.redhat.com/archives/libvir-list/2013-April/msg01351.html where Daniel suggested we use systemd-like passing of socket fd in combination with the LISTEN_FDS environment variable: http://www.redhat.com/archives/libvir-list/2013-April/msg01356.html Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=927369 Obviously that bug is focused on starting of the session daemon, but the code we're adding here should work with systemd. Have you tested that this actually allows for systemd activation of the privileged libvirtd. If we're adding this FD passing, I think we really ought to make sure we support this, so we don't have to revisit it later. Should add a libvirtd.socket unit file too so we have systemd activation by default for libvirtd. NB, we stil need to enable the daemon by default anyway since libvirtd needs todo autostart of VMs, but having the socket activation too avoids some race conditions with startup. Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2 0/8] Speed up waiting for the session daemon
On Tue, Jul 22, 2014 at 01:36:56PM +0100, Daniel P. Berrange wrote: On Wed, Jul 16, 2014 at 08:29:54PM +0200, Martin Kletzander wrote: This is complete rework of: http://www.redhat.com/archives/libvir-list/2013-April/msg01351.html where Daniel suggested we use systemd-like passing of socket fd in combination with the LISTEN_FDS environment variable: http://www.redhat.com/archives/libvir-list/2013-April/msg01356.html Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=927369 Obviously that bug is focused on starting of the session daemon, but the code we're adding here should work with systemd. Have you tested that this actually allows for systemd activation of the privileged libvirtd. If we're adding this FD passing, I think we really ought to make sure we support this, so we don't have to revisit it later. Should add a libvirtd.socket unit file too so we have systemd activation by default for libvirtd. Obviously I haven't. I just wanted to get rid of that silly, silly bug. NB, we stil need to enable the daemon by default anyway since libvirtd needs todo autostart of VMs, but having the socket activation too avoids some race conditions with startup. Yes, that's one of the reasons why I think it will create more confusion than races it will resolve. I'll _try_ to work this in, but how would you suggest to set up the initial permissions? Anything the user will change in libvirtd.conf he will also have to change in the libvirt.socket file, because someone might use the filesystem-level permission checking for isolating some users (or anything else) because we don't want to break that. Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| signature.asc Description: Digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v2 0/8] Speed up waiting for the session daemon
This is complete rework of: http://www.redhat.com/archives/libvir-list/2013-April/msg01351.html where Daniel suggested we use systemd-like passing of socket fd in combination with the LISTEN_FDS environment variable: http://www.redhat.com/archives/libvir-list/2013-April/msg01356.html Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=927369 Martin Kletzander (8): util: abstract parsing of passed FDs into virGetListenFDs() remote: create virNetServerServiceNewFDOrUNIX() wrapper rpc: set listen backlog on FDs as well as on other sockets daemon: support passing FDs from the calling process cfg.mk: allow integers to be assigned a value computed with i|j|k tests: support dynamic prefixes in commandtest util: add virCommandPassListenFDs() function rpc: pass listen FD to the daemon being started cfg.mk| 2 +- daemon/libvirtd.c | 45 ++ src/libvirt_private.syms | 2 + src/libvirt_remote.syms | 1 + src/locking/lock_daemon.c | 47 ++- src/rpc/virnetserverservice.c | 53 - src/rpc/virnetserverservice.h | 15 +- src/rpc/virnetsocket.c| 58 +++ src/util/vircommand.c | 99 +++ src/util/vircommand.h | 4 +- src/util/virutil.c| 51 src/util/virutil.h| 2 + tests/commanddata/test24.log | 7 +++ tests/commandtest.c | 105 ++ 14 files changed, 389 insertions(+), 102 deletions(-) create mode 100644 tests/commanddata/test24.log -- 2.0.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
