[libvirt PATCH 34/42] systemd: Make modular daemons conflict with libvirtd

Mon Sep 25 18:58:32 UTC 2023

We want to make sure that, at any given time, we have either the
modular daemons or the monolithic one running, never both. In
order to achieve that, make every single modular unit conflict
with the corresponding libvirtd unit.

We set both Conflicts=libvirtd.unit and After=libvirtd.unit: this
tells systemd that, whenever virtfood.unit and libvirtd.unit are
part of the same transaction, the former should win out.

Thanks to this, if both the modular daemons and the monolithic
one have been enabled because of outdated automation or a simple
mistake of the administrator, the request to start libvirtd at
boot will be ignored and the result will be a regular modular
deployment.

If the request to start libvirtd is made when the modular daemons
are already running, we have no way to prevent systemd from
complying with that request; however, thanks to the way the
conflict relationship has been declared, they will be shut down
cleanly before libvirtd is started. From the user's point of
view, the transition from modular to monolithic will be
completely transparent: it's basically the same scenario as a
regular package upgrade, just with an extra twist.

Note that, while switching from modular to monolithic at runtime
happens automatically, going back requires manual intervention,
i.e. starting all the necessary sockets one by one. That's okay:
the goal here is to prevent misconfiguration and force of habit
to accidentally disrupt a working setup, not to encourage the
scenario. In a correctly configured and managed host, it should
never occur.

Signed-off-by: Andrea Bolognani <abologna at redhat.com>
---
 src/virtd-admin.socket.in | 2 ++
 src/virtd-ro.socket.in    | 2 ++
 src/virtd-tcp.socket.in   | 2 ++
 src/virtd-tls.socket.in   | 2 ++
 src/virtd.service.in      | 3 ++-
 src/virtd.socket.in       | 2 ++
 6 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/src/virtd-admin.socket.in b/src/virtd-admin.socket.in
index 3a09951b12..e43f4df82d 100644
--- a/src/virtd-admin.socket.in
+++ b/src/virtd-admin.socket.in
@@ -3,6 +3,8 @@ Description=@name@ admin socket
 Before=@service at .service
 BindsTo=@service at .socket
 After=@service at .socket
+Conflicts=libvirtd-admin.socket
+After=libvirtd-admin.socket
 @socket_unit_extra@
 
 [Socket]
diff --git a/src/virtd-ro.socket.in b/src/virtd-ro.socket.in
index e882f25a7b..7b91f0d657 100644
--- a/src/virtd-ro.socket.in
+++ b/src/virtd-ro.socket.in
@@ -3,6 +3,8 @@ Description=@name@ local read-only socket
 Before=@service at .service
 BindsTo=@service at .socket
 After=@service at .socket
+Conflicts=libvirtd-ro.socket
+After=libvirtd-ro.socket
 @socket_unit_extra@
 
 [Socket]
diff --git a/src/virtd-tcp.socket.in b/src/virtd-tcp.socket.in
index 26c6dfa75b..d715e2d00d 100644
--- a/src/virtd-tcp.socket.in
+++ b/src/virtd-tcp.socket.in
@@ -3,6 +3,8 @@ Description=@name@ non-TLS IP socket
 Before=@service at .service
 BindsTo=@service at .socket
 After=@service at .socket
+Conflicts=libvirtd-tcp.socket
+After=libvirtd-tcp.socket
 @socket_unit_extra@
 
 [Socket]
diff --git a/src/virtd-tls.socket.in b/src/virtd-tls.socket.in
index 077c320cce..5b2550fb1d 100644
--- a/src/virtd-tls.socket.in
+++ b/src/virtd-tls.socket.in
@@ -3,6 +3,8 @@ Description=@name@ TLS IP socket
 Before=@service at .service
 BindsTo=@service at .socket
 After=@service at .socket
+Conflicts=libvirt-tls.socket
+After=libvirt-tls.socket
 @socket_unit_extra@
 
 [Socket]
diff --git a/src/virtd.service.in b/src/virtd.service.in
index c9afecad73..21391a65b0 100644
--- a/src/virtd.service.in
+++ b/src/virtd.service.in
@@ -1,9 +1,10 @@
 [Unit]
 Description=@name@ daemon
-Conflicts=libvirtd.service
 Requires=@service at .socket
 Requires=@service at -ro.socket
 Requires=@service at -admin.socket
+Conflicts=libvirtd.service
+After=libvirtd.service
 After=network.target
 After=dbus.service
 After=apparmor.service
diff --git a/src/virtd.socket.in b/src/virtd.socket.in
index 278f59ef1c..e4dc94b277 100644
--- a/src/virtd.socket.in
+++ b/src/virtd.socket.in
@@ -1,6 +1,8 @@
 [Unit]
 Description=@name@ local socket
 Before=@service at .service
+Conflicts=libvirtd.socket
+After=libvirtd.socket
 @socket_unit_extra@
 
 [Socket]
-- 
2.41.0

