diff options
author | Ryan Moe <ryan.moe@gmail.com> | 2017-07-28 16:50:37 -0700 |
---|---|---|
committer | Christopher Baines <mail@cbaines.net> | 2017-08-23 12:47:24 +0100 |
commit | e6051057ab926daa19a00a2d8dbd678ecb9be95c (patch) | |
tree | cdcc5849ab7f423c79a2f58063264b069195aa67 | |
parent | 903e051a71467bc96a054c9b4ed89348fdae8977 (diff) | |
download | patches-e6051057ab926daa19a00a2d8dbd678ecb9be95c.tar patches-e6051057ab926daa19a00a2d8dbd678ecb9be95c.tar.gz |
services: Add libvirt services
* gnu/services/virtualization.scm: New file.
* doc/guix.texi (Virtualization Services): Document it.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
Signed-off-by: Christopher Baines <mail@cbaines.net>
-rw-r--r-- | doc/guix.texi | 709 | ||||
-rw-r--r-- | gnu/local.mk | 1 | ||||
-rw-r--r-- | gnu/services/virtualization.scm | 492 |
3 files changed, 1202 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index ff306a4575..77435d897b 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -228,6 +228,7 @@ Services * Continuous Integration:: The Cuirass service. * Power management Services:: The TLP tool. * Audio Services:: The MPD. +* Virtualization Services:: Virtualization services. * Miscellaneous Services:: Other services. Defining Services @@ -9104,6 +9105,7 @@ declaration. * Continuous Integration:: The Cuirass service. * Power management Services:: The TLP tool. * Audio Services:: The MPD. +* Virtualization Services:: Virtualization services. * Miscellaneous Services:: Other services. @end menu @@ -15838,6 +15840,713 @@ an absolute path can be specified here. @end table @end deftp +@node Virtualization Services +@subsubsection Virtualization services +The @code{(gnu services virtualization)} module provides services for +the libvirt and virtlog daemons. + +@subsubheading Libvirt daemon +@code{libvirtd} is the server side daemon component of the libvirt +virtualization management system. This daemon runs on host servers +and performs required management tasks for virtualized guests. + +@deffn {Scheme Variable} libvirt-service-type +This is the type of the @uref{https://libvirt.org, libvirt daemon}. +Its value must be a @code{libvirt-configuration}. + +@example +(service libvirt-service-type + (libvirt-configuration + (unix-sock-group "libvirt") + (tls-port "16555"))) +@end example +@end deffn + +@c Auto-generated with (generate-libvirt-documentation) +Available @code{libvirt-configuration} fields are: + +@deftypevr {@code{libvirt-configuration} parameter} package libvirt +Libvirt package. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} boolean listen-tls? +Flag listening for secure TLS connections on the public TCP/IP port. +must set @code{listen} for this to have any effect. + +It is necessary to setup a CA and issue server certificates before using +this capability. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} boolean listen-tcp? +Listen for unencrypted TCP connections on the public TCP/IP port. must +set @code{listen} for this to have any effect. + +Using the TCP socket requires SASL authentication by default. Only SASL +mechanisms which support data encryption are allowed. This is +DIGEST_MD5 and GSSAPI (Kerberos5) + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string tls-port +Port for accepting secure TLS connections This can be a port number, or +service name + +Defaults to @samp{"16514"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string tcp-port +Port for accepting insecure TCP connections This can be a port number, +or service name + +Defaults to @samp{"16509"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string listen-addr +IP address or hostname used for client connections. + +Defaults to @samp{"0.0.0.0"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} boolean mdns-adv? +Flag toggling mDNS advertisement of the libvirt service. + +Alternatively can disable for all services on a host by stopping the +Avahi daemon. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string mdns-name +Default mDNS advertisement name. This must be unique on the immediate +broadcast network. + +Defaults to @samp{"Virtualization Host <hostname>"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string unix-sock-group +UNIX domain socket group ownership. This can be used to allow a +'trusted' set of users access to management capabilities without +becoming root. + +Defaults to @samp{"root"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string unix-sock-ro-perms +UNIX socket permissions for the R/O socket. This is used for monitoring +VM status only. + +Defaults to @samp{"0777"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string unix-sock-rw-perms +UNIX socket permissions for the R/W socket. Default allows only root. +If PolicyKit is enabled on the socket, the default will change to allow +everyone (eg, 0777) + +Defaults to @samp{"0770"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string unix-sock-admin-perms +UNIX socket permissions for the admin socket. Default allows only owner +(root), do not change it unless you are sure to whom you are exposing +the access to. + +Defaults to @samp{"0777"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string unix-sock-dir +The directory in which sockets will be found/created. + +Defaults to @samp{"/var/run/libvirt"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string auth-unix-ro +Authentication scheme for UNIX read-only sockets. By default socket +permissions allow anyone to connect + +Defaults to @samp{"polkit"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string auth-unix-rw +Authentication scheme for UNIX read-write sockets. By default socket +permissions only allow root. If PolicyKit support was compiled into +libvirt, the default will be to use 'polkit' auth. + +Defaults to @samp{"polkit"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string auth-tcp +Authentication scheme for TCP sockets. If you don't enable SASL, then +all TCP traffic is cleartext. Don't do this outside of a dev/test +scenario. + +Defaults to @samp{"sasl"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string auth-tls +Authentication scheme for TLS sockets. TLS sockets already have +encryption provided by the TLS layer, and limited authentication is done +by certificates. + +It is possible to make use of any SASL authentication mechanism as well, +by using 'sasl' for this option + +Defaults to @samp{"none"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} optional-list access-drivers +API access control scheme. + +By default an authenticated user is allowed access to all APIs. Access +drivers can place restrictions on this. + +Defaults to @samp{()}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string key-file +Server key file path. If set to an empty string, then no private key is +loaded. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string cert-file +Server key file path. If set to an empty string, then no certificate is +loaded. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string ca-file +Server key file path. If set to an empty string, then no CA certificate +is loaded. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string crl-file +Certificate revocation list path. If set to an empty string, then no +CRL is loaded. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} boolean tls-no-sanity-cert +Disable verification of our own server certificates. + +When libvirtd starts it performs some sanity checks against its own +certificates. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} boolean tls-no-verify-cert +Disable verification of client certificates. + +Client certificate verification is the primary authentication mechanism. +Any client which does not present a certificate signed by the CA will be +rejected. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} optional-list tls-allowed-dn-list +Whitelist of allowed x509 Distinguished Name. + +Defaults to @samp{()}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} optional-list sasl-allowed-usernames +Whitelist of allowed SASL usernames. The format for username depends on +the SASL authentication mechanism. + +Defaults to @samp{()}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string tls-priority +Override the compile time default TLS priority string. The default is +usually "NORMAL" unless overridden at build time. Only set this is it +is desired for libvirt to deviate from the global default settings. + +Defaults to @samp{"NORMAL"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer max-clients +Maximum number of concurrent client connections to allow over all +sockets combined. + +Defaults to @samp{5000}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer max-queued-clients +Maximum length of queue of connections waiting to be accepted by the +daemon. Note, that some protocols supporting retransmission may obey +this so that a later reattempt at connection succeeds. + +Defaults to @samp{1000}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer max-anonymous-clients +Maximum length of queue of accepted but not yet authenticated clients. +Set this to zero to turn this feature off + +Defaults to @samp{20}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer min-workers +Number of workers to start up initially. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer max-workers +Maximum number of worker threads. + +If the number of active clients exceeds @code{min-workers}, then more +threads are spawned, up to max_workers limit. Typically you'd want +max_workers to equal maximum number of clients allowed. + +Defaults to @samp{20}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer prio-workers +Number of priority workers. If all workers from above pool are stuck, +some calls marked as high priority (notably domainDestroy) can be +executed in this pool. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer max-requests +Total global limit on concurrent RPC calls. + +Defaults to @samp{20}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer max-client-requests +Limit on concurrent requests from a single client connection. To avoid +one client monopolizing the server this should be a small fraction of +the global max_requests and max_workers parameter. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer admin-min-workers +Same as @code{min-workers} but for the admin interface. + +Defaults to @samp{1}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer admin-max-workers +Same as @code{max-workers} but for the admin interface. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer admin-max-clients +Same as @code{max-clients} but for the admin interface. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer admin-max-queued-clients +Same as @code{max-queued-clients} but for the admin interface. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer admin-max-client-requests +Same as @code{max-client-requests} but for the admin interface. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer log-level +Logging level. 4 errors, 3 warnings, 2 information, 1 debug. + +Defaults to @samp{3}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string log-filters +Logging filters. + +A filter allows to select a different logging level for a given category +of logs The format for a filter is one of: + +@itemize @bullet +@item +x:name + +@item +x:+name + +@end itemize + +where @code{name} is a string which is matched against the category +given in the @code{VIR_LOG_INIT()} at the top of each libvirt source +file, e.g., "remote", "qemu", or "util.json" (the name in the filter can +be a substring of the full category name, in order to match multiple +similar categories), the optional "+" prefix tells libvirt to log stack +trace for each message matching name, and @code{x} is the minimal level +where matching messages should be logged: + +@itemize @bullet +@item +1: DEBUG + +@item +2: INFO + +@item +3: WARNING + +@item +4: ERROR + +@end itemize + +Multiple filters can be defined in a single filters statement, they just +need to be separated by spaces. + +Defaults to @samp{"3:remote 4:event"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string log-outputs +Logging outputs. + +An output is one of the places to save logging information The format +for an output can be: + +@table @code +@item x:stderr +output goes to stderr + +@item x:syslog:name +use syslog for the output and use the given name as the ident + +@item x:file:file_path +output to a file, with the given filepath + +@item x:journald +output to journald logging system + +@end table + +In all case the x prefix is the minimal level, acting as a filter + +@itemize @bullet +@item +1: DEBUG + +@item +2: INFO + +@item +3: WARNING + +@item +4: ERROR + +@end itemize + +Multiple outputs can be defined, they just need to be separated by +spaces. + +Defaults to @samp{"3:stderr"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer audit-level +Allows usage of the auditing subsystem to be altered + +@itemize @bullet +@item +0: disable all auditing + +@item +1: enable auditing, only if enabled on host + +@item +2: enable auditing, and exit if disabled on host. + +@end itemize + +Defaults to @samp{1}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} boolean audit-logging +Send audit messages via libvirt logging infrastructure. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} optional-string host-uuid +Host UUID. UUID must not have all digits be the same. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string host-uuid-source +Source to read host UUID. + +@itemize @bullet +@item +@code{smbios}: fetch the UUID from @code{dmidecode -s system-uuid} + +@item +@code{machine-id}: fetch the UUID from @code{/etc/machine-id} + +@end itemize + +If @code{dmidecode} does not provide a valid UUID a temporary UUID will +be generated. + +Defaults to @samp{"smbios"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer keepalive-interval +A keepalive message is sent to a client after @code{keepalive_interval} +seconds of inactivity to check if the client is still responding. If +set to -1, libvirtd will never send keepalive requests; however clients +can still send them and the daemon will send responses. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer keepalive-count +Maximum number of keepalive messages that are allowed to be sent to the +client without getting any response before the connection is considered +broken. + +In other words, the connection is automatically closed approximately +after @code{keepalive_interval * (keepalive_count + 1)} seconds since +the last message received from the client. When @code{keepalive-count} +is set to 0, connections will be automatically closed after +@code{keepalive-interval} seconds of inactivity without sending any +keepalive messages. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer admin-keepalive-interval +Same as above but for admin interface. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer admin-keepalive-count +Same as above but for admin interface. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer ovs-timeout +Timeout for Open vSwitch calls. + +The @code{ovs-vsctl} utility is used for the configuration and its +timeout option is set by default to 5 seconds to avoid potential +infinite waits blocking libvirt. + +Defaults to @samp{5}. + +@end deftypevr + +@c %end of autogenerated docs + +@subsubheading Virtlog daemon +The virtlogd service is a server side daemon component of libvirt that is +used to manage logs from virtual machine consoles. + +This daemon is not used directly by libvirt client applications, rather it +is called on their behalf by @code{libvirtd}. By maintaining the logs in a +standalone daemon, the main @code{libvirtd} daemon can be restarted without +risk of losing logs. The @code{virtlogd} daemon has the ability to re-exec() +itself upon receiving @code{SIGUSR1}, to allow live upgrades without downtime. + +@deffn {Scheme Variable} virtlog-service-type +This is the type of the virtlog daemon. +Its value must be a @code{virtlog-configuration}. + +@example +(service virtlog-service-type + (virtlog-configuration + (max-clients 1000))) +@end example +@end deffn + +@deftypevr {@code{virtlog-configuration} parameter} integer log-level +Logging level. 4 errors, 3 warnings, 2 information, 1 debug. + +Defaults to @samp{3}. + +@end deftypevr + +@deftypevr {@code{virtlog-configuration} parameter} string log-filters +Logging filters. + +A filter allows to select a different logging level for a given category +of logs The format for a filter is one of: + +@itemize @bullet +@item +x:name + +@item +x:+name + +@end itemize + +where @code{name} is a string which is matched against the category +given in the @code{VIR_LOG_INIT()} at the top of each libvirt source +file, e.g., "remote", "qemu", or "util.json" (the name in the filter can +be a substring of the full category name, in order to match multiple +similar categories), the optional "+" prefix tells libvirt to log stack +trace for each message matching name, and @code{x} is the minimal level +where matching messages should be logged: + +@itemize @bullet +@item +1: DEBUG + +@item +2: INFO + +@item +3: WARNING + +@item +4: ERROR + +@end itemize + +Multiple filters can be defined in a single filters statement, they just +need to be separated by spaces. + +Defaults to @samp{"3:remote 4:event"}. + +@end deftypevr + +@deftypevr {@code{virtlog-configuration} parameter} string log-outputs +Logging outputs. + +An output is one of the places to save logging information The format +for an output can be: + +@table @code +@item x:stderr +output goes to stderr + +@item x:syslog:name +use syslog for the output and use the given name as the ident + +@item x:file:file_path +output to a file, with the given filepath + +@item x:journald +output to journald logging system + +@end table + +In all case the x prefix is the minimal level, acting as a filter + +@itemize @bullet +@item +1: DEBUG + +@item +2: INFO + +@item +3: WARNING + +@item +4: ERROR + +@end itemize + +Multiple outputs can be defined, they just need to be separated by +spaces. + +Defaults to @samp{"3:stderr"}. + +@end deftypevr + +@deftypevr {@code{virtlog-configuration} parameter} integer max-clients +Maximum number of concurrent client connections to allow over all +sockets combined. + +Defaults to @samp{1024}. + +@end deftypevr + +@deftypevr {@code{virtlog-configuration} parameter} integer max-size +Maximum file size before rolling over. + +Defaults to @samp{2MB} + +@end deftypevr + +@deftypevr {@code{virtlog-configuration} parameter} integer max-backups +Maximum number of backup files to keep. + +Defaults to @samp{3} + +@end deftypevr + + @node Miscellaneous Services @subsubsection Miscellaneous Services diff --git a/gnu/local.mk b/gnu/local.mk index 1c6158cbfc..1bec2227ec 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -440,6 +440,7 @@ GNU_SYSTEM_MODULES = \ %D%/services/dns.scm \ %D%/services/kerberos.scm \ %D%/services/lirc.scm \ + %D%/services/virtualization.scm \ %D%/services/mail.scm \ %D%/services/mcron.scm \ %D%/services/messaging.scm \ diff --git a/gnu/services/virtualization.scm b/gnu/services/virtualization.scm new file mode 100644 index 0000000000..845cdb07ba --- /dev/null +++ b/gnu/services/virtualization.scm @@ -0,0 +1,492 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 Ryan Moe <ryan.moe@gmail.com> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (gnu services virtualization) + #:use-module (gnu services) + #:use-module (gnu services configuration) + #:use-module (gnu services base) + #:use-module (gnu services dbus) + #:use-module (gnu services shepherd) + #:use-module (gnu system shadow) + #:use-module (gnu packages admin) + #:use-module (gnu packages virtualization) + #:use-module (guix records) + #:use-module (guix gexp) + #:use-module (guix packages) + #:use-module (ice-9 match) + + #:export (libvirt-configuration + libvirt-service-type + virtlog-service-type)) + +(define (uglify-field-name field-name) + (let ((str (symbol->string field-name))) + (string-join + (string-split (string-delete #\? str) #\-) + "_"))) + +(define (quote-val val) + (string-append "\"" val "\"")) + +(define (serialize-field field-name val) + (format #t "~a = ~a\n" (uglify-field-name field-name) val)) + +(define (serialize-string field-name val) + (serialize-field field-name (quote-val val))) + +(define (serialize-boolean field-name val) + (serialize-field field-name (if val 1 0))) + +(define (serialize-integer field-name val) + (serialize-field field-name val)) + +(define (build-opt-list val) + (string-append + "[" + (string-join (map quote-val val) ",") + "]")) + +(define optional-list? list?) +(define optional-string? string?) + +(define (serialize-list field-name val) + (serialize-field field-name (build-opt-list val))) + +(define (serialize-optional-list field-name val) + (if (null? val) + (format #t "# ~a = []\n" (uglify-field-name field-name)) + (serialize-list field-name val))) + +(define (serialize-optional-string field-name val) + (if (string-null? val) + (format #t "# ~a = \"\"\n" (uglify-field-name field-name)) + (serialize-string field-name val))) + +(define-configuration libvirt-configuration + (libvirt + (package libvirt) + "Libvirt package.") + (listen-tls? + (boolean #t) + "Flag listening for secure TLS connections on the public TCP/IP port. +must set @code{listen} for this to have any effect. + +It is necessary to setup a CA and issue server certificates before +using this capability.") + (listen-tcp? + (boolean #f) + "Listen for unencrypted TCP connections on the public TCP/IP port. +must set @code{listen} for this to have any effect. + +Using the TCP socket requires SASL authentication by default. Only +SASL mechanisms which support data encryption are allowed. This is +DIGEST_MD5 and GSSAPI (Kerberos5)") + (tls-port + (string "16514") + "Port for accepting secure TLS connections This can be a port number, +or service name") + (tcp-port + (string "16509") + "Port for accepting insecure TCP connections This can be a port number, +or service name") + (listen-addr + (string "0.0.0.0") + "IP address or hostname used for client connections.") + (mdns-adv? + (boolean #f) + "Flag toggling mDNS advertisement of the libvirt service. + +Alternatively can disable for all services on a host by +stopping the Avahi daemon.") + (mdns-name + (string (string-append "Virtualization Host " (gethostname))) + "Default mDNS advertisement name. This must be unique on the +immediate broadcast network.") + (unix-sock-group + (string "root") + "UNIX domain socket group ownership. This can be used to +allow a 'trusted' set of users access to management capabilities +without becoming root.") + (unix-sock-ro-perms + (string "0777") + "UNIX socket permissions for the R/O socket. This is used +for monitoring VM status only.") + (unix-sock-rw-perms + (string "0770") + "UNIX socket permissions for the R/W socket. Default allows +only root. If PolicyKit is enabled on the socket, the default +will change to allow everyone (eg, 0777)") + (unix-sock-admin-perms + (string "0777") + "UNIX socket permissions for the admin socket. Default allows +only owner (root), do not change it unless you are sure to whom +you are exposing the access to.") + (unix-sock-dir + (string "/var/run/libvirt") + "The directory in which sockets will be found/created.") + (auth-unix-ro + (string "polkit") + "Authentication scheme for UNIX read-only sockets. By default +socket permissions allow anyone to connect") + (auth-unix-rw + (string "polkit") + "Authentication scheme for UNIX read-write sockets. By default +socket permissions only allow root. If PolicyKit support was compiled +into libvirt, the default will be to use 'polkit' auth.") + (auth-tcp + (string "sasl") + "Authentication scheme for TCP sockets. If you don't enable SASL, +then all TCP traffic is cleartext. Don't do this outside of a dev/test +scenario.") + (auth-tls + (string "none") + "Authentication scheme for TLS sockets. TLS sockets already have +encryption provided by the TLS layer, and limited authentication is +done by certificates. + +It is possible to make use of any SASL authentication mechanism as +well, by using 'sasl' for this option") + (access-drivers + (optional-list '()) + "API access control scheme. + +By default an authenticated user is allowed access to all APIs. Access +drivers can place restrictions on this.") + (key-file + (string "") + "Server key file path. If set to an empty string, then no private key +is loaded.") + (cert-file + (string "") + "Server key file path. If set to an empty string, then no certificate +is loaded.") + (ca-file + (string "") + "Server key file path. If set to an empty string, then no CA certificate +is loaded.") + (crl-file + (string "") + "Certificate revocation list path. If set to an empty string, then no +CRL is loaded.") + (tls-no-sanity-cert + (boolean #f) + "Disable verification of our own server certificates. + +When libvirtd starts it performs some sanity checks against its own +certificates.") + (tls-no-verify-cert + (boolean #f) + "Disable verification of client certificates. + +Client certificate verification is the primary authentication mechanism. +Any client which does not present a certificate signed by the CA +will be rejected.") + (tls-allowed-dn-list + (optional-list '()) + "Whitelist of allowed x509 Distinguished Name.") + (sasl-allowed-usernames + (optional-list '()) + "Whitelist of allowed SASL usernames. The format for username +depends on the SASL authentication mechanism.") + (tls-priority + (string "NORMAL") + "Override the compile time default TLS priority string. The +default is usually \"NORMAL\" unless overridden at build time. +Only set this is it is desired for libvirt to deviate from +the global default settings.") + (max-clients + (integer 5000) + "Maximum number of concurrent client connections to allow +over all sockets combined.") + (max-queued-clients + (integer 1000) + "Maximum length of queue of connections waiting to be +accepted by the daemon. Note, that some protocols supporting +retransmission may obey this so that a later reattempt at +connection succeeds.") + (max-anonymous-clients + (integer 20) + "Maximum length of queue of accepted but not yet authenticated +clients. Set this to zero to turn this feature off") + (min-workers + (integer 5) + "Number of workers to start up initially.") + (max-workers + (integer 20) + "Maximum number of worker threads. + +If the number of active clients exceeds @code{min-workers}, +then more threads are spawned, up to max_workers limit. +Typically you'd want max_workers to equal maximum number +of clients allowed.") + (prio-workers + (integer 5) + "Number of priority workers. If all workers from above +pool are stuck, some calls marked as high priority +(notably domainDestroy) can be executed in this pool.") + (max-requests + (integer 20) + "Total global limit on concurrent RPC calls.") + (max-client-requests + (integer 5) + "Limit on concurrent requests from a single client +connection. To avoid one client monopolizing the server +this should be a small fraction of the global max_requests +and max_workers parameter.") + (admin-min-workers + (integer 1) + "Same as @code{min-workers} but for the admin interface.") + (admin-max-workers + (integer 5) + "Same as @code{max-workers} but for the admin interface.") + (admin-max-clients + (integer 5) + "Same as @code{max-clients} but for the admin interface.") + (admin-max-queued-clients + (integer 5) + "Same as @code{max-queued-clients} but for the admin interface.") + (admin-max-client-requests + (integer 5) + "Same as @code{max-client-requests} but for the admin interface.") + (log-level + (integer 3) + "Logging level. 4 errors, 3 warnings, 2 information, 1 debug.") + (log-filters + (string "3:remote 4:event") + "Logging filters. + +A filter allows to select a different logging level for a given category +of logs +The format for a filter is one of: +@itemize +@item x:name + +@item x:+name +@end itemize + +where @code{name} is a string which is matched against the category +given in the @code{VIR_LOG_INIT()} at the top of each libvirt source +file, e.g., \"remote\", \"qemu\", or \"util.json\" (the name in the +filter can be a substring of the full category name, in order +to match multiple similar categories), the optional \"+\" prefix +tells libvirt to log stack trace for each message matching +name, and @code{x} is the minimal level where matching messages should +be logged: + +@itemize +@item 1: DEBUG +@item 2: INFO +@item 3: WARNING +@item 4: ERROR +@end itemize + +Multiple filters can be defined in a single filters statement, they just +need to be separated by spaces.") + (log-outputs + (string "3:stderr") + "Logging outputs. + +An output is one of the places to save logging information +The format for an output can be: + +@table @code +@item x:stderr +output goes to stderr + +@item x:syslog:name +use syslog for the output and use the given name as the ident + +@item x:file:file_path +output to a file, with the given filepath + +@item x:journald +output to journald logging system +@end table + +In all case the x prefix is the minimal level, acting as a filter + +@itemize +@item 1: DEBUG +@item 2: INFO +@item 3: WARNING +@item 4: ERROR +@end itemize + +Multiple outputs can be defined, they just need to be separated by spaces.") + (audit-level + (integer 1) + "Allows usage of the auditing subsystem to be altered + +@itemize +@item 0: disable all auditing +@item 1: enable auditing, only if enabled on host +@item 2: enable auditing, and exit if disabled on host. +@end itemize +") + (audit-logging + (boolean #f) + "Send audit messages via libvirt logging infrastructure.") + (host-uuid + (optional-string "") + "Host UUID. UUID must not have all digits be the same.") + (host-uuid-source + (string "smbios") + "Source to read host UUID. + +@itemize + +@item @code{smbios}: fetch the UUID from @code{dmidecode -s system-uuid} + +@item @code{machine-id}: fetch the UUID from @code{/etc/machine-id} + +@end itemize + +If @code{dmidecode} does not provide a valid UUID a temporary UUID +will be generated.") + (keepalive-interval + (integer 5) + "A keepalive message is sent to a client after +@code{keepalive_interval} seconds of inactivity to check if +the client is still responding. If set to -1, libvirtd will +never send keepalive requests; however clients can still send +them and the daemon will send responses.") + (keepalive-count + (integer 5) + "Maximum number of keepalive messages that are allowed to be sent +to the client without getting any response before the connection is +considered broken. + +In other words, the connection is automatically +closed approximately after +@code{keepalive_interval * (keepalive_count + 1)} seconds since the last +message received from the client. When @code{keepalive-count} is +set to 0, connections will be automatically closed after +@code{keepalive-interval} seconds of inactivity without sending any +keepalive messages.") + (admin-keepalive-interval + (integer 5) + "Same as above but for admin interface.") + (admin-keepalive-count + (integer 5) + "Same as above but for admin interface.") + (ovs-timeout + (integer 5) + "Timeout for Open vSwitch calls. + +The @code{ovs-vsctl} utility is used for the configuration and +its timeout option is set by default to 5 seconds to avoid +potential infinite waits blocking libvirt.")) + +(define* (libvirt-conf-file config) + "Return a libvirtd config file." + (plain-file "libvirtd.conf" + (with-output-to-string + (lambda () + (serialize-configuration config libvirt-configuration-fields))))) + +(define %libvirt-accounts + (list (user-group (name "libvirt") (system? #t)))) + +(define (%libvirt-activation config) + (let ((sock-dir (libvirt-configuration-unix-sock-dir config))) + #~(begin + (use-modules (guix build utils)) + (mkdir-p #$sock-dir)))) + + +(define (libvirt-shepherd-service config) + (let* ((config-file (libvirt-conf-file config)) + (libvirt (libvirt-configuration-libvirt config))) + (list (shepherd-service + (documentation "Run the libvirt daemon.") + (provision '(libvirtd)) + (start #~(make-forkexec-constructor + (list (string-append #$libvirt "/sbin/libvirtd") + "-f" #$config-file))) + (stop #~(make-kill-destructor)))))) + +(define libvirt-service-type + (service-type (name 'libvirt) + (extensions + (list + (service-extension polkit-service-type + (compose list libvirt-configuration-libvirt)) + (service-extension profile-service-type + (compose list + libvirt-configuration-libvirt)) + (service-extension activation-service-type + %libvirt-activation) + (service-extension shepherd-root-service-type + libvirt-shepherd-service) + (service-extension account-service-type + (const %libvirt-accounts)))) + (default-value (libvirt-configuration)))) + + +(define-record-type* <virtlog-configuration> + virtlog-configuration make-virtlog-configuration + virtlog-configuration? + (libvirt virtlog-configuration-libvirt + (default libvirt)) + (log-level virtlog-configuration-log-level + (default 3)) + (log-filters virtlog-configuration-log-filters + (default "3:remote 4:event")) + (log-outputs virtlog-configuration-log-outputs + (default "3:syslog:virtlogd")) + (max-clients virtlog-configuration-max-clients + (default 1024)) + (max-size virtlog-configuration-max-size + (default 2097152)) ;; 2MB + (max-backups virtlog-configuration-max-backups + (default 3))) + +(define* (virtlogd-conf-file config) + "Return a virtlogd config file." + (plain-file "virtlogd.conf" + (string-append + "log_level = " (number->string (virtlog-configuration-log-level config)) "\n" + "log_filters = \"" (virtlog-configuration-log-filters config) "\"\n" + "log_outputs = \"" (virtlog-configuration-log-outputs config) "\"\n" + "max_clients = " (number->string (virtlog-configuration-max-clients config)) "\n" + "max_size = " (number->string (virtlog-configuration-max-size config)) "\n" + "max_backups = " (number->string (virtlog-configuration-max-backups config)) "\n"))) + +(define (virtlogd-shepherd-service config) + (let* ((config-file (virtlogd-conf-file config)) + (libvirt (virtlog-configuration-libvirt config))) + (list (shepherd-service + (documentation "Run the virtlog daemon.") + (provision '(virtlogd)) + (start #~(make-forkexec-constructor + (list (string-append #$libvirt "/sbin/virtlogd") + "-f" #$config-file))) + (stop #~(make-kill-destructor)))))) + +(define virtlog-service-type + (service-type (name 'virtlogd) + (extensions + (list + (service-extension shepherd-root-service-type + virtlogd-shepherd-service))) + (default-value (virtlog-configuration)))) + +(define (generate-libvirt-documentation) + (generate-documentation + `((libvirt-configuration ,libvirt-configuration-fields)) + 'libvirt-configuration)) |