[libvirt PATCH 0/4] remote: switch to modular daemons by default

Daniel P. Berrangé berrange at redhat.com
Tue Jun 15 08:42:15 UTC 2021 

On Mon, Jun 14, 2021 at 05:22:22PM -0600, Jim Fehlig wrote:
> On 6/10/21 7:43 AM, Daniel P. Berrangé wrote:
> > This series first improves driver probing when using modular daemons.
> > 
> > Currently when URI is NULL, we connect to virtproxyd and it looks
> > at which UNIX sockets exist and what binaries exist, to decide which
> > modular hypervisor daemon to connect to.
> > 
> > This means the common case results in all traffic going via virtproxyd.
> > Moving the logic out of virtproxyd into the remote client means we can
> > avoid using virtproxyd by default.
> > 
> > With this, we can now switch to the modular daemons by default. The
> > latter change primarily impacts how autostart works
> > 
> > When running as root we simply connect to whatever UNIX socket exists
> > and rely on systemd to autostart if needed. Whether the UNIX sockets
> > are for the modular daemon or libvirt doesn't matter - we'll look for
> > both. Defaults are dependent on the distros' systemd presets. I intend
> > to get Fedora / RHEL-9 presets changed to use the modular daemons.
> 
> I'll need to do the same for the SUSE presets, along with adjusting zypper
> patterns that include libvirtd, and other downstream tweaks. Additional
> testing may uncover other issues I haven't considered. I don't _think_
> apparmor will prevent things from working since there are no profiles for
> the modular daemons. But yes, I'll need to work on some profiles :-).

FWIW, with SELinux we have just copied the existing libvirtd profile
to the modular daemons. That is not optimal of course, but it is as
least no worse than current system. Over time we can refine the profile
to be more strict.

Also note if you're not ready to switch SUSE, you can just pass the
-Dremote_default_mode=legacy option to meson, which will retain
current behaviour when autostarting.

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

More information about the libvir-list mailing list