Bug 1192399

Summary: virtlock doesn't work well with images which have backing file
Product: Red Hat Enterprise Linux 7 Reporter: Shanzhi Yu <shyu>
Component: libvirtAssignee: Michal Privoznik <mprivozn>
Status: CLOSED NOTABUG QA Contact: Virtualization Bugs <virt-bugs>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.1CC: berrange, dyuan, mzhan, rbalakri, xuzhang, yanyang
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-09-10 12:30:12 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Shanzhi Yu 2015-02-13 09:56:36 UTC 
Description of problem:

virtlock doesn't work well with images which have backing file

Version-Release number of selected component (if applicable):

libvirt-1.2.8-16.el7.x86_64

How reproducible:

100%

Steps to Reproduce:

1. Enable virtlock

# grep -E -v "^#|^$" /etc/libvirt/qemu.conf
lock_manager = "lockd"
# grep -E -v "^#|^$" /etc/libvirt/qemu-lockd.conf
auto_disk_leases = 1
require_lease_for_disks = 1
file_lockspace_dir = "/var/lib/libvirt/lockd/files"

# systemctl restart virtlockd.service
# systemctl restart libvirtd.service

# ll /var/lib/libvirt/lockd/files
total 0


2. Prepare two image, one is using another one as backing file
# qemu-img create -f qcow2 /var/lib/libvirt/images/rh7.img 1G
Formatting '/var/lib/libvirt/images/rh7.img', fmt=qcow2 size=1073741824 encryption=off cluster_size=65536 lazy_refcounts=off

# qemu-img create -f qcow2 /var/lib/libvirt/images/rh7.s1 -b /var/lib/libvirt/images/rh7.img -o backing_fmt=qcow2
Formatting '/var/lib/libvirt/images/rh7.s1', fmt=qcow2 size=1073741824 backing_file='/var/lib/libvirt/images/rh7.img' backing_fmt='qcow2' encryption=off cluster_size=65536 lazy_refcounts=off

3. Prepare two guest use the image created in step2 as source file
# virsh domblklist rh7
Target Source
------------------------------------------------
vda /var/lib/libvirt/images/rh7.img

# virsh domblklist r7
Target Source
------------------------------------------------
vda /var/lib/libvirt/images/rh7.s1

4. Try to boot up two guest

# virsh start rh7
Domain rh7 started

# virsh start r7
Domain r7 started

# ll /var/lib/libvirt/lockd/files
total 0
-rw-------. 1 root root 0 Feb 13 13:44 79c8f5f8e3b82d8ea4bc28e8c8bdcb3a4ce4b2d6fe86feb0fe4e82188f5a9092
-rw-------. 1 root root 0 Feb 13 13:44 cb17138f2c90610971067166bec89c92184bdcf2c3a2201e72ddd946fc9f3af7


Actual results:

as above

Expected results:

Guest r7 shouldn't boot up with rh7.s1 since its backing file rh7.img is using by another guest.
This is the scenario we also try to prevent


Additional info:
Comment 1 Michal Privoznik 2015-09-08 15:17:48 UTC 
Patches proposed upstream:

https://www.redhat.com/archives/libvir-list/2015-September/msg00262.html
Comment 2 Michal Privoznik 2015-09-10 12:30:12 UTC 
So, as turned out in the upstream discussion, this falls out of libvirt scope. While my patches fix the scenario from the comment 0 they will not prevent user from running a domain over a layer somewhere in the middle of the chain. I mean. consider the following backing chain A (top level) -> B -> C -> D (bottom). If you run a domain over A, my patches will lock the whole chain. However, if you configure the domain to run over B, even though my patches will lock all the underlying layers (that is C and D), they will not lock A. In fact, there's no way to the detect whether A even exists and where. Therefore once the domain is started over B, A is effectively invalidated.

Therefore I think this is a misconfiguration and as such falls out of libvirt's scope. However, if somebody disagrees, feel free to reopen with a proper solution outlined.