NuKVM/libvirt
3
0
Fork 0
mirror of https://github.com/libvirt/libvirt.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

nwfilter: introduce virtnwfilterd daemon

Browse Source 
The virtnwfilterd daemon will be responsible for providing the nwfilter API
driver functionality. The nwfilter driver is still loaded by the main
libvirtd daemon at this stage, so virtnwfilterd must not be running at
the same time.

Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrangé 2018-03-16 17:05:24 +00:00
parent e4de8857ad
commit 653ddc2e64
4 changed files with 99 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored
View File

@ -163,6 +163,9 @@
/src/node_device/test_virtnodedevd.aug /src/node_device/test_virtnodedevd.aug
/src/node_device/virtnodedevd.aug /src/node_device/virtnodedevd.aug
/src/node_device/virtnodedevd.conf /src/node_device/virtnodedevd.conf
/src/nwfilter/test_virtnwfilterd.aug
/src/nwfilter/virtnwfilterd.aug
/src/nwfilter/virtnwfilterd.conf
/src/qemu/test_libvirtd_qemu.aug /src/qemu/test_libvirtd_qemu.aug
/src/remote/*_client_bodies.h /src/remote/*_client_bodies.h
/src/remote/*_protocol.[ch] /src/remote/*_protocol.[ch]
@ -190,6 +193,7 @@
/src/virtlogd /src/virtlogd
/src/virtnetworkd /src/virtnetworkd
/src/virtnodedevd /src/virtnodedevd
/src/virtnwfilterd
/src/virtproxyd /src/virtproxyd
/src/virtsecretd /src/virtsecretd
/src/virtstoraged /src/virtstoraged

8
libvirt.spec.in
View File

@ -1653,6 +1653,14 @@ exit 0
%{_libdir}/%{name}/connection-driver/libvirt_driver_nodedev.so %{_libdir}/%{name}/connection-driver/libvirt_driver_nodedev.so
%files daemon-driver-nwfilter %files daemon-driver-nwfilter
%config(noreplace) %{_sysconfdir}/libvirt/virtnwfilterd.conf
%{_datadir}/augeas/lenses/virtnwfilterd.aug
%{_datadir}/augeas/lenses/tests/test_virtnwfilterd.aug
%{_unitdir}/virtnwfilterd.service
%{_unitdir}/virtnwfilterd.socket
%{_unitdir}/virtnwfilterd-ro.socket
%{_unitdir}/virtnwfilterd-admin.socket
%attr(0755, root, root) %{_sbindir}/virtnwfilterd
%dir %attr(0700, root, root) %{_sysconfdir}/libvirt/nwfilter/ %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/nwfilter/
%ghost %dir %{_localstatedir}/run/libvirt/network/ %ghost %dir %{_localstatedir}/run/libvirt/network/
%{_libdir}/%{name}/connection-driver/libvirt_driver_nwfilter.so %{_libdir}/%{name}/connection-driver/libvirt_driver_nwfilter.so

63
src/nwfilter/Makefile.inc.am
View File

@ -41,4 +41,67 @@ libvirt_driver_nwfilter_impl_la_LIBADD = \
../gnulib/lib/libgnu.la \ ../gnulib/lib/libgnu.la \
$(NULL) $(NULL)
libvirt_driver_nwfilter_impl_la_SOURCES = $(NWFILTER_DRIVER_SOURCES) libvirt_driver_nwfilter_impl_la_SOURCES = $(NWFILTER_DRIVER_SOURCES)
sbin_PROGRAMS += virtnwfilterd
nodist_conf_DATA += nwfilter/virtnwfilterd.conf
augeas_DATA += nwfilter/virtnwfilterd.aug
augeastest_DATA += nwfilter/test_virtnwfilterd.aug
CLEANFILES += nwfilter/virtnwfilterd.aug
virtnwfilterd_SOURCES = $(REMOTE_DAEMON_SOURCES)
virtnwfilterd_CFLAGS = \
$(REMOTE_DAEMON_CFLAGS) \
-DDAEMON_NAME="\"virtnwfilterd\"" \
-DMODULE_NAME="\"nwfilter\"" \
$(NULL)
virtnwfilterd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS)
virtnwfilterd_LDADD = $(REMOTE_DAEMON_LD_ADD)
SYSTEMD_UNIT_FILES += \
virtnwfilterd.service \
virtnwfilterd.socket \
virtnwfilterd-ro.socket \
virtnwfilterd-admin.socket \
$(NULL)
SYSTEMD_UNIT_FILES_IN += \
nwfilter/virtnwfilterd.service.in \
$(NULL)
VIRTNWFILTERD_UNIT_VARS = \
$(VIRTD_UNIT_VARS) \
-e 's|[@]name[@]|Libvirt nwfilter|g' \
-e 's|[@]service[@]|virtnwfilterd|g' \
-e 's|[@]sockprefix[@]|virtnwfilterd|g' \
$(NULL)
virtnwfilterd.service: nwfilter/virtnwfilterd.service.in $(top_builddir)/config.status
$(AM_V_GEN)$(SED) $(VIRTNWFILTERD_UNIT_VARS) $< > $@-t && mv $@-t $@
virtnwfilter%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status
$(AM_V_GEN)$(SED) $(VIRTNWFILTERD_UNIT_VARS) $< > $@-t && mv $@-t $@
nwfilter/virtnwfilterd.conf: remote/libvirtd.conf.in
$(AM_V_GEN)$(SED) \
-e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
-e 's/[@]DAEMON_NAME[@]/virtnwfilterd/' \
$< > $@
nwfilter/virtnwfilterd.aug: remote/libvirtd.aug.in
$(AM_V_GEN)$(SED) \
-e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
-e 's/[@]DAEMON_NAME[@]/virtnwfilterd/' \
-e 's/[@]DAEMON_NAME_UC[@]/Virtnwfilterd/' \
$< > $@
nwfilter/test_virtnwfilterd.aug: remote/test_libvirtd.aug.in \
nwfilter/virtnwfilterd.conf $(AUG_GENTEST)
$(AM_V_GEN)$(AUG_GENTEST) nwfilter/virtnwfilterd.conf \
$(srcdir)/remote/test_libvirtd.aug.in | \
$(SED) \
-e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
-e 's/[@]DAEMON_NAME[@]/virtnwfilterd/' \
-e 's/[@]DAEMON_NAME_UC[@]/Virtnwfilterd/' \
> $@ || rm -f $@
endif WITH_NWFILTER endif WITH_NWFILTER

24
src/nwfilter/virtnwfilterd.service.in Normal file
View File

@ -0,0 +1,24 @@
[Unit]
Description=Virtualization nwfilter daemon
Conflicts=libvirtd.service
Requires=virtnwfilterd.socket
Requires=virtnwfilterd-ro.socket
Requires=virtnwfilterd-admin.socket
After=network.target
After=dbus.service
After=apparmor.service
After=local-fs.target
Documentation=man:libvirtd(8)
Documentation=https://libvirt.org
[Service]
Type=notify
ExecStart=@sbindir@/virtnwfilterd --timeout 120
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-failure
[Install]
WantedBy=multi-user.target
Also=virtnwfilterd.socket
Also=virtnwfilterd-ro.socket
Also=virtnwfilterd-admin.socket