[libvirt] [PATCHv4 11/18] blockjob: support pivot operation on cancel
Jiri Denemark
jdenemar at redhat.com
Fri Apr 13 13:05:51 UTC 2012
On Mon, Apr 09, 2012 at 21:52:20 -0600, Eric Blake wrote:
> This is the bare minimum to end a copy job (of course, until a
> later patch adds the ability to start a copy job, this patch
> doesn't do much in isolation; I've just split the patches to
> ease the review).
Yeah, thanks for doing that.
> This patch intentionally avoids SELinux, lock manager, and audit
> actions, saving that for a later patch that affects the overall
> lifecycle of a disk copy. In particular, I'm still fuzzy on the
> exact qemu error semantics, and whether I need to make more of
> an effort after a 'drive-reopen' fails.
>
> When a mirror job is started, cancelling the job safely reverts back
> to the source disk, regardless of whether the destination is in
> phase 1 (streaming, in which case the destination is worthless) or
> phase 2 (mirroring, in which case the destination is sync'd up to
> the source at the time of the cancel). Our existing code does just
> fine in either phase, other than some bookkeeping cleanup.
>
> Pivoting the job requires the use of the new 'drive-reopen' command.
> Here, failure of the command is potentially catastrophic to the
> domain, since it rips out the old disk before attempting to open
> the new one; if our recovery path of retrying the reopen on the
> original source disk also fails, the domain is hosed. If only qemu
> could get 'drive-reopen' inside 'transaction'...
>
> Interesting side note: while snapshot-create --disk-only creates a
> copy of the disk at a point in time by moving the domain on to a
> new file (the copy is the file now in the just-extended backing
> chain), blockjob --abort of a copy job creates a copy of the disk
> while keeping the domain on the original file. There may be
> potential improvements to the snapshot code to exploit block copy
> over multiple disks all at one point in time. And, if
> 'block_job_cancel' were made part of 'transaction', you could
> copy multiple disks at the same point in time without pausing
> the domain. This also implies we may want to add a --quiesce
> flag to the pivot operation, so that when breaking a mirror, the
> side of the mirror that we are abandoning is at least in a stable
> state with regards to guest I/O.
>
> * src/qemu/qemu_driver.c (qemuDomainBlockJobAbort): Accept new flag.
> (qemuDomainBlockPivot): New helper function.
> (qemuDomainBlockJobImpl): Implement it.
> ---
> src/qemu/qemu_driver.c | 115 +++++++++++++++++++++++++++++++++++++++++++++--
> 1 files changed, 110 insertions(+), 5 deletions(-)
OK
Jirka
More information about the libvir-list
mailing list