[libvirt] [PATCH] [0/6] implement synchronous hook scripts

[Daniel Veillard]

 As discussed previously this implement hook scripts which
may be called from libvirtd at specific times.
The script are supposed to be small, execute fast as it's synchronous,
their exit value is 0 otherwise it's considered a failure (which may
be ignored but in general will stops the ongoing operation).

Scripts are stored under
  /etc/libvirt/hook/
(or rather $SYSCONF_DIR/libvirt/hook/)
if missing no script invocation will ever be done. There is one script
per 'driver' there is currently hooks for the daemon, qemu and lxc,
so right now only
  /etc/libvirt/hook/daemon
  /etc/libvirt/hook/qemu
  /etc/libvirt/hook/lxc
are potentially used. The implemented set of operations is rather simple
currently daemon start, reload, and exit, and for domain operations,
domain startup and exit.

This can be extended to more drivers in the future of more fine-grained
modularity for the scripts.

The current API to the script israther simple it get passed arguments
about the object name, the operation name, suboperation, and an extra
string. Right now for the daemon the script would get the fallowing
calls:

/etc/libvirt/hooks/daemon - start - start
/etc/libvirt/hooks/daemon - reload begin SIGHUP
/etc/libvirt/hooks/daemon - shutdown - shutdown

and for qemu (or lxc):

/etc/libvirt/hooks/qemu RHEL-5.4-64 start begin -
/etc/libvirt/hooks/qemu RHEL-5.4-64 stopped end -

with the XML configuration of the domain passed on the script stdin if
needed.
In case of script failure at domain startup, this is raised as an normal
error, e.g.:

[root at paphio tmp]# virsh start RHEL-5.4-64
error: Failed to start domain RHEL-5.4-64
error: Hook script execution failed: Hook script /etc/libvirt/hooks/qemu
qemu failed with error code 256:forbidden startup


[root at paphio tmp]#

  Some hooks could certainly be added at different place in domain
lifetime operations, for example we plan to add some for migration,
but one thing to remember is that those synchronous scripts can have
a serious impact on execution, so to some extend it's better to use the
asynchronous async event mechanism when possible.

  Among the things left to improve and check, there is the behaviour
when the daemon is started by the user for example for qemu:///user
and double check some of the script interaction with security, SELinux
in particular.

  But the basics are there, and I would hope to have this in the next
release,

Daniel

-- 
Daniel Veillard      | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
daniel at veillard.com  | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library  http://libvirt.org/