[systemd-devel] We are working on Secure Container Applications.
"Jóhann B. Guðmundsson"
johannbg at gmail.com
Mon Jan 9 15:26:17 PST 2012
On 01/09/2012 09:42 PM, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> The idea is to run multiple instances of the same application within a
> container. For example multiple Apache servers.
> I am working on a tool to create these containers, which will create a
> service unit file.
> # virt-sandbox-service create -e /usr/sbin/httpd httpd_sanbox
> Created container dir /var/lib/libvirt/filesystems/httpd_sanbox
> Created sandbox config /etc/libvirt-sandbox/httpd_sanbox.sandbox
> Created unit file /etc/systemd/system/httpd_sanbox.service
> One problem we see with this is when the httpd program gets updated,
> it runs a systemctl reload httpd.service, to cause the httpd service
> to restart. We would like to get this reload command from systemd
> What do you guys think of adding something like the following to the
> service unit?
> ReloadRequest: httpd.service
> Then anyone asking to reload the httpd.service would also cause the
> httpd_sandbox.service to get the reload.
Hum should that not happen automatically when you BindTo a unit as in if
you automatically start/reload/restart/stop an bound unit it would also
start/reload/restart/stop the unit(s) it's bound to.
So the httpd_sandbox.service should just be bound to the httpd.service.
If that's broken I would rather think it should be fixed as opposed to
add another switch.
More information about the systemd-devel