]>
Commit | Line | Data |
---|---|---|
ade16ee6 WB |
1 | From 1bdcf98811093349ca856dac4beb3f5bd0dd501b Mon Sep 17 00:00:00 2001 |
2 | From: Wolfgang Bumiller <w.bumiller@proxmox.com> | |
3 | Date: Fri, 10 Feb 2017 10:23:36 +0100 | |
4 | Subject: [PATCH 8/8] possibility to run lxc-monitord as a regular daemon | |
5 | ||
6 | This includes an lxc-monitord.service, required by | |
7 | lxc@.service which is now of Type=forking. | |
8 | ||
9 | Previously the init process' output was dumped into the log | |
10 | files since the service used Type=simple and | |
11 | StandardOutput/Error=syslog. Using lxc-start's daemon mode | |
12 | on the other hand used a wait call spawning an lxc-monitord | |
13 | in the background which could potentially stick around | |
14 | forever if there were clients connected to it. Since it was | |
15 | considered part of the lxc@foo.service unit by systemd this | |
16 | also meant the unit was considered active until not only the | |
17 | container but also lxc-monitord exited. | |
18 | This is now corrected by creating a separate lxc-monitord | |
19 | unit which lxc@.service depends on. | |
20 | ||
21 | Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> | |
22 | --- | |
23 | config/init/systemd/Makefile.am | 10 +++-- | |
24 | config/init/systemd/lxc-monitord.service.in | 12 ++++++ | |
25 | config/init/systemd/lxc@.service.in | 7 ++-- | |
26 | configure.ac | 1 + | |
27 | lxc.spec.in | 1 + | |
28 | src/lxc/lxc_monitord.c | 60 +++++++++++++++++++++-------- | |
29 | 6 files changed, 67 insertions(+), 24 deletions(-) | |
30 | create mode 100644 config/init/systemd/lxc-monitord.service.in | |
31 | ||
32 | diff --git a/config/init/systemd/Makefile.am b/config/init/systemd/Makefile.am | |
33 | index c448850..4a4fde5 100644 | |
34 | --- a/config/init/systemd/Makefile.am | |
35 | +++ b/config/init/systemd/Makefile.am | |
36 | @@ -2,19 +2,21 @@ EXTRA_DIST = \ | |
37 | lxc-apparmor-load \ | |
38 | lxc.service.in \ | |
39 | lxc@.service.in \ | |
40 | - lxc-net.service.in | |
41 | + lxc-net.service.in \ | |
42 | + lxc-monitord.service.in | |
43 | ||
44 | if INIT_SCRIPT_SYSTEMD | |
45 | -BUILT_SOURCES = lxc.service lxc@.service lxc-net.service | |
46 | +BUILT_SOURCES = lxc.service lxc@.service lxc-net.service lxc-monitord.service | |
47 | ||
48 | -install-systemd: lxc.service lxc@.service lxc-net.service lxc-apparmor-load | |
49 | +install-systemd: lxc.service lxc@.service lxc-net.service lxc-monitord.service lxc-apparmor-load | |
50 | $(MKDIR_P) $(DESTDIR)$(SYSTEMD_UNIT_DIR) | |
51 | - $(INSTALL_DATA) lxc.service lxc@.service lxc-net.service $(DESTDIR)$(SYSTEMD_UNIT_DIR)/ | |
52 | + $(INSTALL_DATA) lxc.service lxc@.service lxc-net.service lxc-monitord.service $(DESTDIR)$(SYSTEMD_UNIT_DIR)/ | |
53 | ||
54 | uninstall-systemd: | |
55 | rm -f $(DESTDIR)$(SYSTEMD_UNIT_DIR)/lxc.service | |
56 | rm -f $(DESTDIR)$(SYSTEMD_UNIT_DIR)/lxc@.service | |
57 | rm -f $(DESTDIR)$(SYSTEMD_UNIT_DIR)/lxc-net.service | |
58 | + rm -f $(DESTDIR)$(SYSTEMD_UNIT_DIR)/lxc-monitord.service | |
59 | rmdir $(DESTDIR)$(SYSTEMD_UNIT_DIR) || : | |
60 | ||
61 | pkglibexec_SCRIPTS = lxc-apparmor-load | |
62 | diff --git a/config/init/systemd/lxc-monitord.service.in b/config/init/systemd/lxc-monitord.service.in | |
63 | new file mode 100644 | |
64 | index 0000000..4063516 | |
65 | --- /dev/null | |
66 | +++ b/config/init/systemd/lxc-monitord.service.in | |
67 | @@ -0,0 +1,12 @@ | |
68 | +[Unit] | |
69 | +Description=LXC Container Monitoring Daemon | |
70 | +After=syslog.service network.target | |
71 | + | |
72 | +[Service] | |
73 | +Type=simple | |
74 | +ExecStart=@LIBEXECDIR@/lxc/lxc-monitord --daemon | |
75 | +StandardOutput=syslog | |
76 | +StandardError=syslog | |
77 | + | |
78 | +[Install] | |
79 | +WantedBy=multi-user.target | |
80 | diff --git a/config/init/systemd/lxc@.service.in b/config/init/systemd/lxc@.service.in | |
81 | index 6b8b5ff..ffb9136 100644 | |
82 | --- a/config/init/systemd/lxc@.service.in | |
83 | +++ b/config/init/systemd/lxc@.service.in | |
84 | @@ -1,16 +1,17 @@ | |
85 | [Unit] | |
86 | Description=LXC Container: %i | |
87 | # This pulls in apparmor, dev-setup, lxc-net | |
88 | -After=lxc.service | |
89 | +After=lxc.service lxc-monitord.service | |
90 | Wants=lxc.service | |
9bf17fcb | 91 | +Requires=lxc-monitord.service |
ade16ee6 WB |
92 | Documentation=man:lxc-start man:lxc |
93 | ||
94 | [Service] | |
95 | -Type=simple | |
96 | +Type=forking | |
97 | KillMode=mixed | |
98 | KillSignal=SIGPWR | |
99 | TimeoutStopSec=120s | |
100 | -ExecStart=@BINDIR@/lxc-start -F -n %i | |
101 | +ExecStart=@BINDIR@/lxc-start -n %i | |
102 | # Environment=BOOTUP=serial | |
103 | # Environment=CONSOLETYPE=serial | |
104 | StandardOutput=syslog | |
105 | diff --git a/configure.ac b/configure.ac | |
106 | index 42ece7a..c6b2a78 100644 | |
107 | --- a/configure.ac | |
108 | +++ b/configure.ac | |
109 | @@ -694,6 +694,7 @@ AC_CONFIG_FILES([ | |
110 | config/init/systemd/lxc.service | |
111 | config/init/systemd/lxc@.service | |
112 | config/init/systemd/lxc-net.service | |
113 | + config/init/systemd/lxc-monitord.service | |
114 | config/init/sysvinit/Makefile | |
115 | config/init/sysvinit/lxc-containers | |
116 | config/init/sysvinit/lxc-net | |
117 | diff --git a/lxc.spec.in b/lxc.spec.in | |
118 | index 0e64907..f35d81c 100644 | |
119 | --- a/lxc.spec.in | |
120 | +++ b/lxc.spec.in | |
121 | @@ -259,6 +259,7 @@ fi | |
122 | %{_unitdir}/lxc-net.service | |
123 | %{_unitdir}/lxc.service | |
124 | %{_unitdir}/lxc@.service | |
125 | +%{_unitdir}/lxc-monitord.service | |
126 | %else | |
127 | %{_sysconfdir}/rc.d/init.d/lxc | |
128 | %{_sysconfdir}/rc.d/init.d/lxc-net | |
129 | diff --git a/src/lxc/lxc_monitord.c b/src/lxc/lxc_monitord.c | |
130 | index 62e2121..ad40dbe 100644 | |
131 | --- a/src/lxc/lxc_monitord.c | |
132 | +++ b/src/lxc/lxc_monitord.c | |
133 | @@ -344,16 +344,43 @@ static void lxc_monitord_sig_handler(int sig) | |
134 | ||
135 | int main(int argc, char *argv[]) | |
136 | { | |
137 | - int ret, pipefd; | |
138 | + int ret, pipefd = -1; | |
139 | char logpath[PATH_MAX]; | |
140 | sigset_t mask; | |
141 | - char *lxcpath = argv[1]; | |
142 | + const char *lxcpath = NULL; | |
143 | bool mainloop_opened = false; | |
144 | bool monitord_created = false; | |
145 | + bool persistent = false; | |
146 | ||
147 | - if (argc != 3) { | |
148 | + if (argc > 1 && !strcmp(argv[1], "--daemon")) { | |
149 | + persistent = true; | |
150 | + --argc; | |
151 | + ++argv; | |
152 | + } | |
153 | + | |
154 | + if (argc > 1) { | |
155 | + lxcpath = argv[1]; | |
156 | + --argc; | |
157 | + ++argv; | |
158 | + } else { | |
159 | + lxcpath = lxc_global_config_value("lxc.lxcpath"); | |
160 | + if (!lxcpath) { | |
161 | + ERROR("Out of memory getting lxcpath"); | |
162 | + exit(EXIT_FAILURE); | |
163 | + } | |
164 | + } | |
165 | + | |
166 | + if (argc > 1) { | |
167 | + if (lxc_safe_int(argv[1], &pipefd) < 0) | |
168 | + exit(EXIT_FAILURE); | |
169 | + --argc; | |
170 | + ++argv; | |
171 | + } | |
172 | + | |
173 | + if (argc != 1 || (persistent != (pipefd == -1))) { | |
174 | fprintf(stderr, | |
175 | - "Usage: lxc-monitord lxcpath sync-pipe-fd\n\n" | |
176 | + "Usage: lxc-monitord lxcpath sync-pipe-fd\n" | |
177 | + " lxc-monitord --daemon lxcpath\n\n" | |
178 | "NOTE: lxc-monitord is intended for use by lxc internally\n" | |
179 | " and does not need to be run by hand\n\n"); | |
180 | exit(EXIT_FAILURE); | |
181 | @@ -369,9 +396,6 @@ int main(int argc, char *argv[]) | |
182 | INFO("Failed to open log file %s, log will be lost.", lxcpath); | |
183 | lxc_log_options_no_override(); | |
184 | ||
185 | - if (lxc_safe_int(argv[2], &pipefd) < 0) | |
186 | - exit(EXIT_FAILURE); | |
187 | - | |
188 | if (sigfillset(&mask) || | |
189 | sigdelset(&mask, SIGILL) || | |
190 | sigdelset(&mask, SIGSEGV) || | |
191 | @@ -403,15 +427,17 @@ int main(int argc, char *argv[]) | |
192 | goto on_error; | |
193 | monitord_created = true; | |
194 | ||
195 | - /* sync with parent, we're ignoring the return from write | |
196 | - * because regardless if it works or not, the following | |
197 | - * close will sync us with the parent process. the | |
198 | - * if-empty-statement construct is to quiet the | |
199 | - * warn-unused-result warning. | |
200 | - */ | |
201 | - if (write(pipefd, "S", 1)) | |
202 | - ; | |
203 | - close(pipefd); | |
204 | + if (pipefd != -1) { | |
205 | + /* sync with parent, we're ignoring the return from write | |
206 | + * because regardless if it works or not, the following | |
207 | + * close will sync us with the parent process. the | |
208 | + * if-empty-statement construct is to quiet the | |
209 | + * warn-unused-result warning. | |
210 | + */ | |
211 | + if (write(pipefd, "S", 1)) | |
212 | + ; | |
213 | + close(pipefd); | |
214 | + } | |
215 | ||
216 | if (lxc_monitord_mainloop_add(&mon)) { | |
217 | ERROR("Failed to add mainloop handlers."); | |
218 | @@ -421,7 +447,7 @@ int main(int argc, char *argv[]) | |
219 | NOTICE("lxc-monitord with pid %d is now monitoring lxcpath %s.", | |
220 | getpid(), mon.lxcpath); | |
221 | for (;;) { | |
222 | - ret = lxc_mainloop(&mon.descr, 1000 * 30); | |
223 | + ret = lxc_mainloop(&mon.descr, persistent ? -1 : 1000 * 30); | |
224 | if (mon.clientfds_cnt <= 0) { | |
225 | NOTICE("No remaining clients. lxc-monitord is exiting."); | |
226 | break; | |
227 | -- | |
228 | 2.1.4 | |
229 |