[libvirt] [PATCH 0/6] Enable fd passing / socket activation with LXC guest

Thu Jul 18 08:43:02 UTC 2013

On 12.07.2013 17:38, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" <berrange at redhat.com>
> 
> Systemd has a concept of socket activation whereby systemd
> will listen on a TCP socket in the host. When a client arrives
> on the socket, systemd will run a service, passing it the
> pre-opened TCP server socket. The service can then accept the
> client connection.
> 
> This patch series adds the ability to pass pre-opened file
> descriptors into LXC guests. The file descriptors will be
> made available to the 'init' process in the container,
> starting from STDERR_FILENO + 1.
> 
> For example, assuming you have pre-opened a file descriptors
> in your shell
> 
>  # exec 10>/tmp/foo
>  # exec 20>/tmp/bar
>  # exec 30>/tmp/wizz
> 
> You can then start a container with:
> 
>  # virsh -c lxc:/// start --pass-fds 10,20,30  demo
> 
> Inside that container the FDs will appear as 3, 4, 5:
> 
>  # virsh -c lxc:/// console demo
>  Connected to domain demo
>  Escape character is ^]
>  sh-4.2# lsof -p 1 | grep /tmp
>  sh        1 root    3w   REG   0,32        0 90226444 /tmp/foo
>  sh        1 root    4w   REG   0,32        0 90238163 /tmp/bar
>  sh        1 root    5w   REG   0,32        0 90238164 /tmp/wizz
> 
> Finally, if you run systemd inside the container, it can then
> use these pre-opened file descriptors, passing them along when
> launching services inside the container. So you have end-to-end
> socket activation between the host & guest systemd instances.
> 
> Daniel P. Berrange (6):
>   Introduce new domain create APIs to pass pre-opened FDs to LXC
>   Introduce remote protocol support for virDomainCreate{XML}WithFiles
>   Fix impl of virDomainCreateWithFlags remote client helper
>   LXC: Wire up the virDomainCreate{XML}WithFiles methods
>   Enable FD passing when starting guests with virsh
>   Merge virCommandPreserveFD / virCommandTransferFD
> 
>  daemon/remote.c                       | 104 ++++++++++++++++++++++
>  include/libvirt/libvirt.h.in          |  10 +++
>  python/generator.py                   |   3 +
>  python/libvirt-override-virConnect.py |  30 +++++++
>  python/libvirt-override-virDomain.py  |  38 ++++++++
>  python/libvirt-override.c             |  89 +++++++++++++++++++
>  src/driver.h                          |  13 +++
>  src/fdstream.c                        |   3 +-
>  src/libvirt.c                         | 154 ++++++++++++++++++++++++++++++++
>  src/libvirt_private.syms              |   3 +-
>  src/libvirt_public.syms               |   6 ++
>  src/lxc/lxc_container.c               | 136 ++++++++++++++++++++++-------
>  src/lxc/lxc_container.h               |   6 +-
>  src/lxc/lxc_controller.c              |  36 +++++++-
>  src/lxc/lxc_driver.c                  |  45 ++++++++--
>  src/lxc/lxc_process.c                 |  20 ++++-
>  src/lxc/lxc_process.h                 |   1 +
>  src/qemu/qemu_command.c               |  16 ++--
>  src/remote/remote_driver.c            |  91 +++++++++++++++----
>  src/remote/remote_protocol.x          |  32 ++++++-
>  src/remote_protocol-structs           |  16 ++++
>  src/uml/uml_conf.c                    |   3 +-
>  src/util/vircommand.c                 | 159 ++++++++++++++++------------------
>  src/util/vircommand.h                 |  13 +--
>  tests/commandtest.c                   |   5 +-
>  tools/virsh-domain.c                  |  82 +++++++++++++++++-
>  tools/virsh.pod                       |  13 ++-
>  27 files changed, 960 insertions(+), 167 deletions(-)
> 

I've pointed out some small issues that I believe you can fix without me
needing to see a v2.

ACK series.

Michal