Bug 1233129
| Summary: | Libvirt should check if source device is used by a disk pool when defining a logical pool, vice versa | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Yang Yang <yanyang> |
| Component: | libvirt | Assignee: | John Ferlan <jferlan> |
| Status: | CLOSED ERRATA | QA Contact: | Meina Li <meili> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.2 | CC: | dyuan, jferlan, mzhan, rbalakri, xuzhang |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | libvirt-3.7.0-1.el7 | Doc Type: | No Doc Update |
| Doc Text: |
undefined
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-04-10 10:33:22 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1401400 | ||
John,
In the case of gluster in following function, source will conflict once source dir and source host of any 2 pools are same. It does not take account of source name. So even if source names of 2 pools are different, they are treated to source conflicts. But in fact, they should not conflict.
virStoragePoolSourceFindDuplicate(virConnectPtr conn,
virStoragePoolObjListPtr pools,
virStoragePoolDefPtr def)
......
case VIR_STORAGE_POOL_GLUSTER:
if (STREQ(pool->def->source.dir, def->source.dir) &&
virStoragePoolSourceMatchSingleHost(&pool->def->source,
&def->source))
matchpool = pool;
break;
Repro steps
1. prepare 2 gluster volumes in a host
e.g. I have 2 volumes, gluster-vol1 and gluster-vol2 on my gluster server
# gluster volume info
Volume Name: gluster-vol1
Type: Distribute
Volume ID: 28c86ac7-eab3-436b-930f-8bfaa8d6559f
Status: Started
Snap Volume: no
Number of Bricks: 1
Transport-type: tcp
Bricks:
Brick1: 10.66.4.164:/br1
Options Reconfigured:
performance.readdir-ahead: on
server.allow-insecure: on
nfs.disable: on
auto-delete: disable
snap-max-soft-limit: 90
snap-max-hard-limit: 256
Volume Name: gluster-vol2
Type: Distribute
Volume ID: 7b96a8b7-56d4-4e94-bf4e-4fab7db56988
Status: Started
Snap Volume: no
Number of Bricks: 1
Transport-type: tcp
Bricks:
Brick1: 10.66.4.164:/br2
Options Reconfigured:
server.allow-insecure: on
performance.readdir-ahead: on
auto-delete: disable
snap-max-soft-limit: 90
snap-max-hard-limit: 256
2. define/start a gluster pool using gluster-vol1 as source
#virsh pool-define gluster.xml
#virsh pool-start gluster
# virsh pool-dumpxml gluster
<pool type='gluster'>
<name>gluster</name>
<uuid>6a65fea0-6546-41be-98f0-1c4180eadca9</uuid>
<capacity unit='bytes'>75125227520</capacity>
<allocation unit='bytes'>70293786624</allocation>
<available unit='bytes'>4831440896</available>
<source>
<host name='10.66.4.164'/>
<dir path='/'/>
<name>gluster-vol1</name>
</source>
</pool>
3. define one more gluster pool using gluster-vol2 as source
# cat gluster-pool.xml
<pool type="gluster">
<name>gluster1</name>
<source>
<name>gluster-vol2</name> ----> source name is different from 1st gluster pool, but host and dir are same with 1st gluster pool
<host name='10.66.4.164'/>
<dir path='/'/>
</source>
</pool>
# virsh pool-define gluster-pool.xml
error: Failed to define pool from gluster-pool.xml
error: operation failed: Storage source conflict with pool: 'gluster'
Regards
Yang
Another concern about gluster pool is that, given a gluster volume consists of over 2 bricks, define 1st gluster pool with host-0, then define 2st gluster pool with host-1, both pools have same source name and dir path (IOW, both pools are using same gluster volume as source), the function cannot check thus conflict. Maybe it's difficult to check.
Repro steps
1. prepare a gluster volume consists of 2 bricks
# gluster volume info gluster-vol2
Volume Name: gluster-vol2
Type: Distribute
Volume ID: 7b96a8b7-56d4-4e94-bf4e-4fab7db56988
Status: Started
Snap Volume: no
Number of Bricks: 2
Transport-type: tcp
Bricks:
Brick1: 10.66.4.164:/br2
Brick2: 10.66.5.63:/br2
Options Reconfigured:
server.allow-insecure: on
performance.readdir-ahead: on
auto-delete: disable
snap-max-soft-limit: 90
snap-max-hard-limit: 256
2. define 1st gluster pool using Brick1 as source
# virsh pool-define gluster.xml
Pool gluster defined from gluster.xml
# virsh pool-dumpxml gluster
<pool type='gluster'>
<name>gluster</name>
<uuid>6a65fea0-6546-41be-98f0-1c4180eadca9</uuid>
<capacity unit='bytes'>158970347520</capacity>
<allocation unit='bytes'>107715432448</allocation>
<available unit='bytes'>51254915072</available>
<source>
<host name='10.66.4.164'/>
<dir path='/'/>
<name>gluster-vol2</name>
</source>
</pool>
3. define 2st gluster pool using Brick2 as source
# virsh pool-define gluster-pool.xml
Pool gluster1 defined from gluster-pool.xml
# virsh pool-dumpxml gluster1
<pool type='gluster'>
<name>gluster1</name>
<uuid>1fa4a4c7-0828-436a-a7f4-e5655ab01968</uuid>
<capacity unit='bytes'>158970347520</capacity>
<allocation unit='bytes'>107715416064</allocation>
<available unit='bytes'>51254931456</available>
<source>
<host name='10.66.5.63'/>
<dir path='/'/>
<name>gluster-vol2</name>
</source>
</pool>
Mixing disk, logical, and gluster in one bz is to say the least confusing. With respect to disk/logical and using /dev/sdc - that's perhaps something that can be addressed. Of course cross pool checking in general isn't address. I'm sure you could come up with a way to take an iSCSI pool created /dev/sdX and use it for a disk pool (it's what I do), so restricting it is a double edged sword. I'm not as sure this is a "bug" per se - it may be one of those you know your storage configuration and not configure in this manner. If you do, then you're on your own. I'm going to condnak design on this as the existing duplicate algorithm is heavily reliant on the pool types being the same. Having to build in knowledge of pool types that "could" use a "similar" path could be a bit more tricky. Realistically the best fix would be some sort of locking system that would handle these cross pool issues. As for gluster, the check done in virStoragePoolSourceFindDuplicate is meant to cover some generic cases. I request a different bug on this. Yes, it is much more difficult to check duplication. You can go out of your way to make some sort of duplication occur, but is that a "real world" example? (In reply to John Ferlan from comment #4) > Mixing disk, logical, and gluster in one bz is to say the least confusing. > > With respect to disk/logical and using /dev/sdc - that's perhaps something > that can be addressed. Of course cross pool checking in general isn't > address. I'm sure you could come up with a way to take an iSCSI pool > created /dev/sdX and use it for a disk pool (it's what I do), so restricting > it is a double edged sword. I'm not as sure this is a "bug" per se - it may > be one of those you know your storage configuration and not configure in > this manner. If you do, then you're on your own. I'm going to condnak > design on this as the existing duplicate algorithm is heavily reliant on the > pool types being the same. Having to build in knowledge of pool types that > "could" use a "similar" path could be a bit more tricky. Realistically the > best fix would be some sort of locking system that would handle these cross > pool issues. > > As for gluster, the check done in virStoragePoolSourceFindDuplicate is meant > to cover some generic cases. I request a different bug on this. Yes, it is > much more difficult to check duplication. You can go out of your way to > make some sort of duplication occur, but is that a "real world" example? Opened a separate bug 1236438 to track issues for gluster. Yes, it is common example in the real world. As a cluster, a gluster volume often consists of multiple bricks. So users can use any brick as pool source. Moving to consideration for 7.3 moving to 7.4 Posted some patches upstream that will resolve this: https://www.redhat.com/archives/libvir-list/2017-April/msg00243.html Pushed patches upstream:
commit 4143b194ce29867929b05517c178ef9371ebb8b4
Author: John Ferlan <jferlan>
Date: Wed Apr 5 09:04:54 2017 -0400
conf: Check for storage conflicts across pool types
...
The virStoragePoolObjSourceFindDuplicate logic used by PoolCreateXML
and PoolDefineXML avoids comparing the new definition against "other"
pool types. This can cause unexpected corruption if two different pool
source types used the same source device path. For example, a 'disk'
pool using source type device=/dev/sdc could be unwittingly overwritten
by using /dev/sdc for a 'logical' pool which also uses the source
device path.
So rather than blindly ignoring those checks when def->type !=
pool->def->type - have the pool->def->type switch logic handle the
check for which def->type's should be checked.
$ git describe 4143b194ce29867929b05517c178ef9371ebb8b4
v3.2.0-158-g4143b19
$
Verified components version:
libvirt-3.9.0-6.el7.x86_64
Verified steps:
1. Define/build/start a logical pool using /dev/sdb as source device.
# virsh pool-dumpxml HostVG
<pool type='logical'>
<name>HostVG</name>
<uuid>db456984-d54b-4e6d-a36d-ea939fab00d2</uuid>
<capacity unit='bytes'>1069547520</capacity>
<allocation unit='bytes'>314572800</allocation>
<available unit='bytes'>754974720</available>
<source>
<device path='/dev/sdb'/>
<name>HostVG</name>
<format type='lvm2'/>
</source>
<target>
<path>/dev/HostVG</path>
</target>
</pool>
2. Define/create a disk pool using the same /dev/sdb sa source device.
# vim disk-pool.xml
<pool type='disk'>
<name>disk1</name>
<uuid>9146cba7-efb3-4059-b791-f45e70b1ed26</uuid>
<source>
<device path='/dev/sdb'/>
<format type='dos'/>
</source>
<target>
<path>/dev</path>
<permissions>
<mode>0755</mode>
</permissions>
</target>
</pool>
# virsh pool-define disk-pool.xml
error: Failed to define pool from disk-pool.xml
error: operation failed: Storage source conflict with pool: 'HostVG'
# virsh pool-create disk-pool.xml
error: Failed to create pool from disk-pool.xml
error: operation failed: Storage source conflict with pool: 'HostVG'
3. Change /dev/sdb to /dev/sdc in disk-pool.xml, define/create disk pool successfully.
4. Opposite test: define/create disk pool firstly, and then define/create logical pool using the same source device with disk pool, the result is expected.
Move it to verified.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2018:0704 |
Description of problem: Currently, a logical pool can be defined/built/start when the source device has been used by a running disk pool. It will make the disk pool unavailable, vice versa. Version-Release number of selected component (if applicable): libvirt-1.2.16-1.el7.x86_64 How reproducible: 100% Steps to Reproduce: 1. define/build/start a disk pool using /dev/sdc as source device # virsh pool-define disk.xml #virsh pool-build disk1 #virsh pool-start disk1 <pool type='disk'> <name>disk1</name> <uuid>9146cba7-efb3-4059-b791-f45e70b1ed26</uuid> <capacity unit='bytes'>0</capacity> <allocation unit='bytes'>0</allocation> <available unit='bytes'>0</available> <source> <device path='/dev/sdc'/> <format type='dos'/> </source> <target> <path>/dev</path> <permissions> <mode>0755</mode> </permissions> </target> </pool> 2. define/build/start a logical pool using /dev/sdc as source device #virsh pool-define logical.xml #virsh pool-build HostVG #virsh pool-start HostVG <pool type='logical'> <name>HostVG</name> <uuid>469f950e-33de-470d-8e7a-63c285866f95</uuid> <capacity unit='bytes'>16018046976</capacity> <allocation unit='bytes'>209715200</allocation> <available unit='bytes'>15808331776</available> <source> <device path='/dev/sdc'/> <name>HostVG</name> <format type='lvm2'/> </source> <target> <path>/dev/HostVG</path> <permissions> <mode>0755</mode> </permissions> </target> </pool> 3. refresh disk pool # virsh pool-refresh disk1 error: Failed to refresh pool disk1 error: internal error: Child process (/usr/libexec/libvirt_parthelper /dev/sdc) unexpected exit status 2 Actual results: in step 2, logical pool is defined/built/started successfully Expected results: It's better check if the source device is already used by some logical pool and disk pool Additional info: