Better error recovery in devmapper

mxpv · mxpv · commit 878a3205cdfe · 2019-07-30T15:17:17.000-07:00
Signed-off-by: Maksym Pavlenko &lt;makpav@amazon.com&gt;
diff --git a/snapshots/devmapper/device_info.go b/snapshots/devmapper/device_info.go
@@ -56,6 +56,8 @@ const (
 	Removing
 	// Removed means that device successfully removed but not yet deleted from meta store
 	Removed
+	// Faulty means that the device is errored and the snapshotter failed to rollback it
+	Faulty
 )
 
 func (s DeviceState) String() string {
@@ -84,6 +86,8 @@ func (s DeviceState) String() string {
 		return "Removing"
 	case Removed:
 		return "Removed"
+	case Faulty:
+		return "Faulty"
 	default:
 		return fmt.Sprintf("unknown %d", s)
 	}
diff --git a/snapshots/devmapper/metadata.go b/snapshots/devmapper/metadata.go
@@ -24,6 +24,7 @@ import (
 	"fmt"
 	"strconv"
 
+	"github.com/hashicorp/go-multierror"
 	"github.com/pkg/errors"
 	bolt "go.etcd.io/bbolt"
 )
@@ -38,6 +39,7 @@ type deviceIDState byte
 const (
 	deviceFree deviceIDState = iota
 	deviceTaken
+	deviceFaulty
 )
 
 // Bucket names
@@ -92,11 +94,14 @@ func (m *PoolMetadata) ensureDatabaseInitialized() error {
 
 // AddDevice saves device info to database.
 func (m *PoolMetadata) AddDevice(ctx context.Context, info *DeviceInfo) error {
-	return m.db.Update(func(tx *bolt.Tx) error {
+	err := m.db.Update(func(tx *bolt.Tx) error {
 		devicesBucket := tx.Bucket(devicesBucketName)
 
-		// Make sure device name is unique
-		if err := getObject(devicesBucket, info.Name, nil); err == nil {
+		// Make sure device name is unique. If there is already a device with the same name,
+		// but in Faulty state, give it a try with another devmapper device ID.
+		// See https://github.com/containerd/containerd/pull/3436 for more context.
+		var existing DeviceInfo
+		if err := getObject(devicesBucket, info.Name, &existing); err == nil && existing.State != Faulty {
 			return ErrAlreadyExists
 		}
 
@@ -108,8 +113,37 @@ func (m *PoolMetadata) AddDevice(ctx context.Context, info *DeviceInfo) error {
 
 		info.DeviceID = deviceID
 
-		return putObject(devicesBucket, info.Name, info, false)
+		return putObject(devicesBucket, info.Name, info, true)
 	})
+
+	if err != nil {
+		return errors.Wrapf(err, "failed to save metadata for device %q (parent: %q)", info.Name, info.ParentName)
+	}
+
+	return nil
+}
+
+// MarkFaulty marks the given device and corresponding devmapper device ID as faulty.
+// The snapshotter might attempt to recreate a device in 'Faulty' state with another devmapper ID in
+// subsequent calls, and in case of success it's status will be changed to 'Created' or 'Activated'.
+// The devmapper dev ID will remain in 'deviceFaulty' state until manually handled by a user.
+func (m *PoolMetadata) MarkFaulty(ctx context.Context, info *DeviceInfo) error {
+	var result error
+
+	if err := m.UpdateDevice(ctx, info.Name, func(deviceInfo *DeviceInfo) error {
+		deviceInfo.State = Faulty
+		return nil
+	}); err != nil {
+		result = multierror.Append(result, err)
+	}
+
+	if err := m.db.Update(func(tx *bolt.Tx) error {
+		return markDeviceID(tx, info.DeviceID, deviceFaulty)
+	}); err != nil {
+		result = multierror.Append(result, err)
+	}
+
+	return result
 }
 
 // getNextDeviceID finds the next free device ID by taking a cursor
diff --git a/snapshots/devmapper/metadata_test.go b/snapshots/devmapper/metadata_test.go
@@ -23,8 +23,11 @@ import (
 	"io/ioutil"
 	"os"
 	"path/filepath"
+	"strconv"
 	"testing"
 
+	"github.com/pkg/errors"
+	"go.etcd.io/bbolt"
 	"gotest.tools/assert"
 	is "gotest.tools/assert/cmp"
 )
@@ -77,7 +80,7 @@ func TestPoolMetadata_AddDeviceDuplicate(t *testing.T) {
 	assert.NilError(t, err)
 
 	err = store.AddDevice(testCtx, &DeviceInfo{Name: "test"})
-	assert.Equal(t, ErrAlreadyExists, err)
+	assert.Equal(t, ErrAlreadyExists, errors.Cause(err))
 }
 
 func TestPoolMetadata_ReuseDeviceID(t *testing.T) {
@@ -151,6 +154,33 @@ func TestPoolMetadata_UpdateDevice(t *testing.T) {
 	assert.Equal(t, Created, newInfo.State)
 }
 
+func TestPoolMetadata_MarkFaulty(t *testing.T) {
+	tempDir, store := createStore(t)
+	defer cleanupStore(t, tempDir, store)
+
+	info := &DeviceInfo{Name: "test"}
+	err := store.AddDevice(testCtx, info)
+	assert.NilError(t, err)
+
+	err = store.MarkFaulty(testCtx, info)
+	assert.NilError(t, err)
+
+	saved, err := store.GetDevice(testCtx, info.Name)
+	assert.NilError(t, err)
+	assert.Equal(t, saved.State, Faulty)
+	assert.Assert(t, saved.DeviceID > 0)
+
+	// Make sure a device ID marked as faulty as well
+	err = store.db.View(func(tx *bbolt.Tx) error {
+		bucket := tx.Bucket(deviceIDBucketName)
+		key := strconv.FormatUint(uint64(saved.DeviceID), 10)
+		value := bucket.Get([]byte(key))
+		assert.Equal(t, value[0], byte(deviceFaulty))
+		return nil
+	})
+	assert.NilError(t, err)
+}
+
 func TestPoolMetadata_GetDeviceNames(t *testing.T) {
 	tempDir, store := createStore(t)
 	defer cleanupStore(t, tempDir, store)
diff --git a/snapshots/devmapper/pool_device.go b/snapshots/devmapper/pool_device.go
@@ -118,35 +118,59 @@ func (p *PoolDevice) CreateThinDevice(ctx context.Context, deviceName string, vi
 		State: Unknown,
 	}
 
-	// Save initial device metadata and allocate new device ID from store
-	if err := p.metadata.AddDevice(ctx, info); err != nil {
-		return errors.Wrapf(err, "failed to save initial metadata for new thin device %q", deviceName)
-	}
+	var (
+		metaErr   error
+		devErr    error
+		activeErr error
+	)
 
 	defer func() {
-		if retErr == nil {
+		// We've created a devmapper device, but failed to activate it, try rollback everything
+		if activeErr != nil {
+			// Delete the device first.
+			delErr := p.deleteDevice(ctx, info)
+			if delErr != nil {
+				// Failed to rollback, mark the device as faulty and keep metadata in order to
+				// preserve the faulty device ID
+				retErr = multierror.Append(retErr, delErr, p.metadata.MarkFaulty(ctx, info))
+				return
+			}
+
+			// The devmapper device has been successfully deleted, deallocate device ID
+			if err := p.RemoveDevice(ctx, info.Name); err != nil {
+				retErr = multierror.Append(retErr, err)
+				return
+			}
+
 			return
 		}
 
-		// Rollback metadata
-		retErr = multierror.Append(retErr, p.metadata.RemoveDevice(ctx, info.Name))
+		// We're unable to create the devmapper device, most likely something wrong with the deviceID
+		if devErr != nil {
+			retErr = multierror.Append(retErr, p.metadata.MarkFaulty(ctx, info))
+			return
+		}
 	}()
 
-	// Create thin device
-	if err := p.createDevice(ctx, info); err != nil {
-		return err
+	// Save initial device metadata and allocate new device ID from store
+	metaErr = p.metadata.AddDevice(ctx, info)
+	if metaErr != nil {
+		return metaErr
 	}
 
-	defer func() {
-		if retErr == nil {
-			return
-		}
+	// Create thin device
+	devErr = p.createDevice(ctx, info)
+	if devErr != nil {
+		return devErr
+	}
 
-		// Rollback creation
-		retErr = multierror.Append(retErr, p.deleteDevice(ctx, info))
-	}()
+	// Activate thin device
+	activeErr = p.activateDevice(ctx, info)
+	if activeErr != nil {
+		return activeErr
+	}
 
-	return p.activateDevice(ctx, info)
+	return nil
 }
 
 // createDevice creates thin device
@@ -185,36 +209,59 @@ func (p *PoolDevice) CreateSnapshotDevice(ctx context.Context, deviceName string
 		State:      Unknown,
 	}
 
-	// Save snapshot metadata and allocate new device ID
-	if err := p.metadata.AddDevice(ctx, snapInfo); err != nil {
-		return errors.Wrapf(err, "failed to save initial metadata for snapshot %q", snapshotName)
-	}
+	var (
+		metaErr   error
+		devErr    error
+		activeErr error
+	)
 
 	defer func() {
-		if retErr == nil {
+		// We've created a devmapper device, but failed to activate it, try rollback everything
+		if activeErr != nil {
+			// Delete the device first.
+			delErr := p.deleteDevice(ctx, snapInfo)
+			if delErr != nil {
+				// Failed to rollback, mark the device as faulty and keep metadata in order to
+				// preserve the faulty device ID
+				retErr = multierror.Append(retErr, delErr, p.metadata.MarkFaulty(ctx, snapInfo))
+				return
+			}
+
+			// The devmapper device has been successfully deleted, deallocate device ID
+			if err := p.RemoveDevice(ctx, snapInfo.Name); err != nil {
+				retErr = multierror.Append(retErr, err)
+				return
+			}
+
 			return
 		}
 
-		// Rollback metadata
-		retErr = multierror.Append(retErr, p.metadata.RemoveDevice(ctx, snapInfo.Name))
+		// We're unable to create the devmapper device, most likely something wrong with the deviceID
+		if devErr != nil {
+			retErr = multierror.Append(retErr, p.metadata.MarkFaulty(ctx, snapInfo))
+			return
+		}
 	}()
 
-	// Create thin device snapshot
-	if err := p.createSnapshot(ctx, baseInfo, snapInfo); err != nil {
-		return err
+	// Save snapshot metadata and allocate new device ID
+	metaErr = p.metadata.AddDevice(ctx, snapInfo)
+	if metaErr != nil {
+		return metaErr
 	}
 
-	defer func() {
-		if retErr == nil {
-			return
-		}
+	// Create thin device snapshot
+	devErr = p.createSnapshot(ctx, baseInfo, snapInfo)
+	if devErr != nil {
+		return devErr
+	}
 
-		// Rollback snapshot creation
-		retErr = multierror.Append(retErr, p.deleteDevice(ctx, snapInfo))
-	}()
+	// Activate the snapshot device
+	activeErr = p.activateDevice(ctx, snapInfo)
+	if activeErr != nil {
+		return activeErr
+	}
 
-	// Activate snapshot device
-	return p.activateDevice(ctx, snapInfo)
+	return nil
 }
 
 func (p *PoolDevice) createSnapshot(ctx context.Context, baseInfo, snapInfo *DeviceInfo) error {
