Configuring communication between containers in QM and root partitions¶
Cross-environment communication works similar to communication within the QM partition. In addition to mounting a volume, or storage area, that contains a UNIX domain socket inside the quality-managed (QM) container, you must create another UNIX domain socket in the root partition to enable inter-process communication (IPC) between the containers in the two partitions.
Prerequisites
- A custom manifest file, such as the manifest file that you created in Configuring communication between QM containers
- A container in the root partition and a container in the QM partition that you want to communicate with each other
Procedure
-
To configure IPC between the two containers, update the Quadlet configuration to mount the volumes that contain the UNIX domain sockets in
/var/run/<another-dir>. In the example code,<another-dir>ismy-ipc-demo, but you can name the directory according to your own conventions.-
To connect the
engineapplication in the root partition withmy-client-appin the QM partition, add this line to theengine.containerfile to mount the volume where the root socket resides in the container, and set the correct SELinux label: -
Add this line to the
my-client-app.containerfile to mount the volume where the root socket resides in the container:
-
-
Create a Quadlet drop-in configuration for the QM container in the
files/root_fs/qm.container.d/10-extra-volume.conffile:Note
QM configuration is built into the partition and should not be changed. Using drop-in files allows you to make additional modifications to the QM partition without overwriting the inherent configuration settings.
-
Copy the drop-in Quadlet QM configuration file to the image:
-
Add a new
org.osbuild.mkdirstage in therootfspipeline of your manifest file: -
Add a new input item to the
org.osbuild.copystage in therootfspipeline of your manifest file:- type: org.osbuild.copy inputs: [...] inlinefile4: type: org.osbuild.files origin: org.osbuild.source mpp-embed: id: qm_extra_volume path: ../files/root_fs/qm.container.d/10-extra-volume.conf options: paths: [...] - from: mpp-format-string: input://inlinefile4/{embedded['qm_extra_volume']} to: tree:///etc/containers/systemd/qm.container.d/10-extra-volume.conf
-
-
Optional: To use
systemdto create a UNIX socket file, create a*.socketfile with the same name as the service with which the socket is associated, such asengine.socketfor the engine service.-
Create the
systemdsocket file infiles/root_fs/engine.socket:[Unit] Description=An example systemd unix socket [Socket] ListenStream=%t/my-ipc-demo/ipc.socket RuntimeDirectory=my-ipc-demo [Install] WantedBy=sockets.targetNote
This step is optional because server application that binds and activates the UNIX socket can manage socket creation. However,
systemdmanages socket creation natively, which ultimately helps service synchronization. -
To enable the application to start after you create the socket, add these lines to the
engine.containerfile to create a dependency with thesystemdsocket service: -
To copy the
systemdsocket file for the QM container into the image, add a new input item to theorg.osbuild.copystage in therootfspipeline of your manifest file:- type: org.osbuild.copy inputs: [...] inlinefile5: type: org.osbuild.files origin: org.osbuild.source mpp-embed: id: engine_socket path: ../files/root_fs/engine.socket options: paths: [...] - from: mpp-format-string: input://inlinefile5/{embedded['engine_socket']} to: tree:///etc/systemd/system/engine.socket
-
-
Optional: Set the
SELinuxconfiguration topermissivein the automotive image builder manifest:
Additional resources