Full systemd socket activation support

Bug #1612440 reported by Stéphane Graber
30
This bug affects 5 people
Affects Status Importance Assigned to Milestone
Snapcraft
Fix Released
Undecided
Chris Patterson
snapd
Fix Released
Undecided
Unassigned

Bug Description

For the LXD snap we'd like to use socket activation, similarly to what
we do in our existing packages.

This is used to save resources on machines until LXD is actually used
and also to allow flexibility as far as the sockets (unix or tcp) that
will point to LXD.

This is all supported by systemd. Ideally we'd like to have a way to use
the following features through snapd and snapcraft:
 - Support for multiple sockets triggering the same service
 - Support for ListenStream (supports unix sockets, abstract unix sockets and tcp)
 - Support for SocketGroup (group owner of the socket created by systemd)
 - Support for SocketMode (file mode of the socket created by systemd)

I would probably recommend also adding SocketUser just for consistency.
It's the same logic as Socketgroup but sets the owning user (or uid).

The current implementation in snapd is done with two options on the app:
 - socket (boolean, requires listen-stream)
 - listen-stream (the systemd listen-stream string)

This should probably be changed to something more like:

sockets:
 lxd-unix:
   listen-stream: /run/lxd/unix.socket
   socket-group: lxd
   socket-mode: 0660
 lxd-tcp:
   listen-stream: [::]:8443

That would lead to the creation of two systemd socket units, one for
each socket, using the provided options and pointing to the service unit
defined for the app.

When sockets are defined, I would expect snapd NOT to start the service
unit, leaving things up to systemd socket activation.

Systemd provides a lot more options around socket activation, but the
ones above are the most commonly used ones. The others tend to be around
less common socket types, special socket options and pre/post actions.

Tags: lxd
tags: added: lxd
Leo Arias (elopio)
affects: snappy → snapd
Changed in snapd:
status: New → Confirmed
Revision history for this message
Sergio Schvezov (sergiusens) wrote :

I have taken this to the forums to get more eyes on, post is here https://forum.snapcraft.io/t/socket-activation-support/2050

Revision history for this message
Alberto Donato (ack) wrote :

Link to the forum discussion about this bug: https://forum.snapcraft.io/t/socket-activation-support/2050

Revision history for this message
Alberto Donato (ack) wrote :
Revision history for this message
Michael Vogt (mvo) wrote :

Socket supported was added in https://github.com/snapcore/snapd/pull/3916 - please reopen if this is not sufficient.

Changed in snapd:
status: Confirmed → Fix Committed
Revision history for this message
Casey Marshall (cmars) wrote :

I need snapcraft support for this in order to support a twisted python service that seems to require socket activation.

Changed in snapd:
status: Fix Committed → Fix Released
Revision history for this message
Oliver Grawert (ogra) wrote :

is there any progress on the snapcraft side ... ?

using something like:

    daemon: simple
    sockets:
      listen-stream: 19532

gets me (using snapcraft 3.8):

$ SNAPCRAFT_BUILD_ENVIRONMENT=host snapcraft
Issues while validating snapcraft.yaml: The 'apps/remote/sockets/listen-stream' property does not match the required schema: 19532 is not of type 'object'

Revision history for this message
Oliver Grawert (ogra) wrote :

note that:

https://forum.snapcraft.io/t/snapcraft-yaml-reference/4276

claims "listen-stream: 12345" should be valid ...

Revision history for this message
Ian Johnson (anonymouse67) wrote :

An example of how to do this is in the lxd snap:

```
    sockets:
      unix:
        listen-stream: $SNAP_COMMON/lxd/unix.socket
        socket-mode: 0660
```

So sockets should go to a map of <socket-name> to objects which specify the listen-stream and (optionally) the socket-mode.

Revision history for this message
Oliver Grawert (ogra) wrote :

well, the documentation is definitely not clear an googling finds exactly one (outdated) tcp socket example at

https://github.com/canonical-webteam-archive/snappy-docs/blob/master/build-snaps/syntax.md#listen-stream

but yeah, i finally found that something like:

    daemon: simple
    sockets:
      systemd-journal-remote:
        listen-stream: 19532

works ... yet, our documentation is nowhere clear ... :(

Revision history for this message
Stéphane Graber (stgraber) wrote :

LXD uses:

```
    sockets:
      unix:
        listen-stream: $SNAP_COMMON/lxd/unix.socket
        socket-mode: 0660
```

Looking at the snapcraft doc, it's way more confusing than it ought to be, a quick update seems in order.

Chris Patterson (cjp256)
Changed in snapcraft:
assignee: nobody → Chris Patterson (cjp256)
Changed in snapcraft:
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers