tests/storage-volumes-vm: Root volume disk device attachments #366
Conversation
simondeziel
left a comment
simondeziel
left a comment
There was a problem hiding this comment.
LGTM, I made some comments but they are mostly nit picks.
I haven't seen it run in GHA due to the extension not being in latest/edge just yet. I'm assuming it all works locally but wanted to check how much longer it made the test :)
@hamistao any experience with this? |
|
Not particularly, but it is not the first time we have seen udev or other packages mangling with disk devices that LXD manages (canonical/lxd#13701 (comment)) and since it only happens on a specific distro version and not on minimal it is almost certainly a problem of the same nature and probably isn't worth digging too deep into. On |
MggMuggins
force-pushed
the
attach-vm-root-volumes
branch
from
4ea7f64 to
2040505
Compare
|
Thanks @tomponline @hamistao, I agree that this isn't worth chasing. @simondeziel They do pass locally 😉 . It looks like it goes from 5 |
tests/storage-volumes-vm
Outdated
| lxc init --empty --vm v2 --storage "${poolName}" --device root,size=8KiB | ||
| lxc init --empty --vm v3 --storage "${poolName}" --device root,size=8KiB |
There was a problem hiding this comment.
It's good to test with such small volumes. I'm pretty sure LVM will round them up but that should happen all transparently, hopefully!
Dunno how it would fare with PowerFlex's minimum of 8GiB though. I guess we'll see when we run it there :)
There was a problem hiding this comment.
powerflex doesnt round up to 8gib afaik @roosterfish ?
There was a problem hiding this comment.
AFAIK, it only allows multiples of 8GiB which is why it's special cased everywhere in tests/storage-vm like in https://github.com/canonical/lxd-ci/blob/main/tests/storage-vm#L89-L95
There was a problem hiding this comment.
Pushed a special case for powerflex.
MggMuggins
force-pushed
the
attach-vm-root-volumes
branch
from
2040505 to
533a96f
Compare
|
Added a check to make sure that |
MggMuggins
force-pushed
the
attach-vm-root-volumes
branch
from
533a96f to
ef82585
Compare
|
Added a check for instance rename. |
MggMuggins
force-pushed
the
attach-vm-root-volumes
branch
from
ef82585 to
259b5b9
Compare
This should have a check for all corner cases around VM root volume attachments: - security.protection.start allows one other VM to attach the machine's root disk, and can only be removed if the disk is not attached - security.shared allows unchecked attachments of root disks - VM attachments are correctly reported in used_by - hotplug of VM root attachments works (as this is the method reccomended by the docs to avoid UUID/LABEL conflicts) - Rename/Delete of instances when their root disk is attached elsewhere is disallowed Signed-off-by: Wesley Hershberger <[email protected]>
MggMuggins
force-pushed
the
attach-vm-root-volumes
branch
from
259b5b9 to
6abe711
Compare
Includes commits from #14491 This PR enables attaching a virtual machine's root storage volume to another virtual machine via a disk device: ``` # vm2 yaml ... devices: v1-root: type: disk pool: default source: virtual-machine/vm1 ``` This has some constraints because simultaneous access to storage volumes with content-type `block` is unsafe: - `vm1`'s root volume can be attached to exactly one other instance if `vm1` has `security.protection.start: true` - `vm1`'s root volume can be attached to any number of other instances if the storage volume `virtual-machine/vm1` has `security.shared: true` `security.protection.start` is recommended for interactive use; e.g. a user temporarily needs to access a bricked machine's root volume to fix it or recover data. `security.shared` can be used if more than one running instance must have access to the block volume. ## TODO - [x] Docs - [x] [lxd-ci](https://github.com/canonical/lxd-ci/) tests to validate attachments to running VMs. [Done](canonical/lxd-ci#366) - [x] Bootorder bug (see comment) - current workaround is to hotplug disk devices to avoid UUID/LABEL collisions at boot time.
|
@MggMuggins seems to be failing:
|
|
The qemu driver infers the volume type based on the source path (here). It seems to me that the "RBDFormat" (see here) should really be sending over the volume name as it appears to Ceph, rather than requiring the driver to figure out project and volume type info. I'm working on building a reproducer and should have a fix up by EOD Wed. |
|
canonical/lxd#14807 fixes this. |
Different calls of `DiskGetRBDFormat` and `DiskParseRBDFormat` are currently using both senses of "volume": - A Ceph block device (RBD Image) - A LXD storage volume Because a disk device can specify an RBD image with source `ceph:<pool_name>/<volume_name>"`, these functions should use the first meaning: the name passed should be the name of a RADOS block device (RBD image), not a LXD storage volume. These functions should (in future) be replaced with a more comprehensive abstraction for what `MountInfo.DevPath` is currently doing. This serialization doesn't seem to be written anywhere, it's just deserialized when it gets to the instance driver. This fixes the failures from canonical/lxd-ci#366; the QEMU driver was inferring a virtual-machine `VolumeType` only when `TargetPath == "/"`
|
@MggMuggins this will need to be updated now too since canonical/lxd#14886 right? |
|
Sorry, just saw this. As we discussed last week, canonical/lxd#14886 only changes the device config keys used by the server; the cli interface didn't change, so this is alright without updates. |
4 participants
This should have a check for all corner cases around VM root volume attachments (coverage for canonical/lxd#14532):
I ran into an interesting behavior of udev in Noble VMs while testing that slowed this down a bit. In order for udev to create a symlink for
SCSI_IDENT_SERIAL(/dev/disk/by-id/scsi-SQEMU_QEMU_HARDDISK_lxd_virtual--machine-vm5), I had to hotplug the device in anubuntu:24.04VM. Starting the VM from cold didn't create the link, andubuntu-minimal:24.04VMs never created it at all.Without hotplug or in an
ubuntu-minimal:24.04:With hotplug:
I worked around it by using a shorter LXD device name so that the symlink name wouldn't be truncated; not sure if this is worth chasing further.