all lists on lists.proxmox.com
 help / color / mirror / Atom feed
* [pve-devel] [PATCH container v2] Move volume activation to vm_start
@ 2020-07-14 17:50 Stoiko Ivanov
  2020-08-04 12:09 ` [pve-devel] applied: " Fabian Grünbichler
  0 siblings, 1 reply; 2+ messages in thread
From: Stoiko Ivanov @ 2020-07-14 17:50 UTC (permalink / raw)
  To: pve-devel

currently all volumes for a container are activated in the pre-start hook,
which runs in a separate mount namespace (lxc.monitor.unshare is set to 1
in our container config). This leads to problems with ZFS:
* if a pool is imported by this call the filesystems are mounted only inside
  the containers mount namespace

by running the volume activation inside vm_start, right before starting the
container via systemctl the volume activation happens before the unshare.

The other site where a container is started via systemctl is in
'pve-container-stop-wrapper' when a container is rebooted from the inside:
By activating the volumes in 'lxc-pve-poststop-hook' we avoid to try starting
a container with an inactive volume (LVM, kRBD), occuring when having a
mp-addtion pending during such a reboot

Starting a container manually using lxc-start is usually done for obtaining
debug-logs (after starting failed with our tooling) - so the potential for
regression in that case should also be small.

The $loopdevlist variable is not used anywhere in our codebase since 2015
(da6298481ea4dfe7d894f42fa105cda015ebe5ce).

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
---
v1 -> v2:
* added the volume activation to lxc-pve-poststop-hook, after the great review
  from Fabian caught the case of container reboots (huge thanks!)
* decided to put it in lxc-pve-poststop-hook instead of
  pve-container-stop-wrapper, since this avoids pulling in quite a few parts
  of our code-base into the latter, which currently has no imports.
  AFAICU the only case where this could lead to a problem is if someone uses
  `touch /var/lib/lxc/$vmid/reboot && systemctl restart pve-container@$vmid`
  for rebooting containers


 src/PVE/LXC.pm            | 5 +++++
 src/lxc-pve-poststop-hook | 6 ++++++
 src/lxc-pve-prestart-hook | 5 -----
 3 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index f3aca7a..db5b8ca 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -2186,6 +2186,11 @@ sub vm_start {
 	close($fh);
     }
 
+    my $storage_cfg = PVE::Storage::config();
+    my $vollist = PVE::LXC::Config->get_vm_volumes($conf);
+
+    PVE::Storage::activate_volumes($storage_cfg, $vollist);
+
     my $cmd = ['systemctl', 'start', "pve-container\@$vmid"];
 
     PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'pre-start', 1);
diff --git a/src/lxc-pve-poststop-hook b/src/lxc-pve-poststop-hook
index 2683ae2..0fdd49e 100755
--- a/src/lxc-pve-poststop-hook
+++ b/src/lxc-pve-poststop-hook
@@ -75,6 +75,12 @@ PVE::LXC::Tools::lxc_hook('post-stop', 'lxc', sub {
 	open(my $fh, '>', "/var/lib/lxc/$vmid/reboot")
 	    or die "failed to create reboot trigger file: $!\n";
 	close($fh);
+
+	# activate all volumes of the container in case pending changes added
+	# a not yet activated volume
+	my $vollist = PVE::LXC::Config->get_vm_volumes($conf);
+	PVE::Storage::activate_volumes($storage_cfg, $vollist);
+
 	# cause lxc to stop instead of rebooting
 	exit(1);
     }
diff --git a/src/lxc-pve-prestart-hook b/src/lxc-pve-prestart-hook
index ed25aa4..8823cad 100755
--- a/src/lxc-pve-prestart-hook
+++ b/src/lxc-pve-prestart-hook
@@ -38,11 +38,6 @@ PVE::LXC::Tools::lxc_hook('pre-start', 'lxc', sub {
 
     my $storage_cfg = PVE::Storage::config();
 
-    my $vollist = PVE::LXC::Config->get_vm_volumes($conf);
-    my $loopdevlist = PVE::LXC::Config->get_vm_volumes($conf, 'rootfs');
-
-    PVE::Storage::activate_volumes($storage_cfg, $vollist);
-
     my $rootdir = $vars->{ROOTFS_PATH};
 
     # Delete any leftover reboot-trigger file
-- 
2.20.1





^ permalink raw reply	[flat|nested] 2+ messages in thread

* [pve-devel] applied: [PATCH container v2] Move volume activation to vm_start
  2020-07-14 17:50 [pve-devel] [PATCH container v2] Move volume activation to vm_start Stoiko Ivanov
@ 2020-08-04 12:09 ` Fabian Grünbichler
  0 siblings, 0 replies; 2+ messages in thread
From: Fabian Grünbichler @ 2020-08-04 12:09 UTC (permalink / raw)
  To: Proxmox VE development discussion

On July 14, 2020 7:50 pm, Stoiko Ivanov wrote:
> currently all volumes for a container are activated in the pre-start hook,
> which runs in a separate mount namespace (lxc.monitor.unshare is set to 1
> in our container config). This leads to problems with ZFS:
> * if a pool is imported by this call the filesystems are mounted only inside
>   the containers mount namespace
> 
> by running the volume activation inside vm_start, right before starting the
> container via systemctl the volume activation happens before the unshare.
> 
> The other site where a container is started via systemctl is in
> 'pve-container-stop-wrapper' when a container is rebooted from the inside:
> By activating the volumes in 'lxc-pve-poststop-hook' we avoid to try starting
> a container with an inactive volume (LVM, kRBD), occuring when having a
> mp-addtion pending during such a reboot
> 
> Starting a container manually using lxc-start is usually done for obtaining
> debug-logs (after starting failed with our tooling) - so the potential for
> regression in that case should also be small.
> 
> The $loopdevlist variable is not used anywhere in our codebase since 2015
> (da6298481ea4dfe7d894f42fa105cda015ebe5ce).
> 
> Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
> ---
> v1 -> v2:
> * added the volume activation to lxc-pve-poststop-hook, after the great review
>   from Fabian caught the case of container reboots (huge thanks!)
> * decided to put it in lxc-pve-poststop-hook instead of
>   pve-container-stop-wrapper, since this avoids pulling in quite a few parts
>   of our code-base into the latter, which currently has no imports.
>   AFAICU the only case where this could lead to a problem is if someone uses
>   `touch /var/lib/lxc/$vmid/reboot && systemctl restart pve-container@$vmid`
>   for rebooting containers
> 
> 
>  src/PVE/LXC.pm            | 5 +++++
>  src/lxc-pve-poststop-hook | 6 ++++++
>  src/lxc-pve-prestart-hook | 5 -----
>  3 files changed, 11 insertions(+), 5 deletions(-)
> 
> diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
> index f3aca7a..db5b8ca 100644
> --- a/src/PVE/LXC.pm
> +++ b/src/PVE/LXC.pm
> @@ -2186,6 +2186,11 @@ sub vm_start {
>  	close($fh);
>      }
>  
> +    my $storage_cfg = PVE::Storage::config();
> +    my $vollist = PVE::LXC::Config->get_vm_volumes($conf);
> +
> +    PVE::Storage::activate_volumes($storage_cfg, $vollist);
> +
>      my $cmd = ['systemctl', 'start', "pve-container\@$vmid"];
>  
>      PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'pre-start', 1);
> diff --git a/src/lxc-pve-poststop-hook b/src/lxc-pve-poststop-hook
> index 2683ae2..0fdd49e 100755
> --- a/src/lxc-pve-poststop-hook
> +++ b/src/lxc-pve-poststop-hook
> @@ -75,6 +75,12 @@ PVE::LXC::Tools::lxc_hook('post-stop', 'lxc', sub {
>  	open(my $fh, '>', "/var/lib/lxc/$vmid/reboot")
>  	    or die "failed to create reboot trigger file: $!\n";
>  	close($fh);
> +
> +	# activate all volumes of the container in case pending changes added
> +	# a not yet activated volume
> +	my $vollist = PVE::LXC::Config->get_vm_volumes($conf);
> +	PVE::Storage::activate_volumes($storage_cfg, $vollist);
> +
>  	# cause lxc to stop instead of rebooting
>  	exit(1);
>      }
> diff --git a/src/lxc-pve-prestart-hook b/src/lxc-pve-prestart-hook
> index ed25aa4..8823cad 100755
> --- a/src/lxc-pve-prestart-hook
> +++ b/src/lxc-pve-prestart-hook
> @@ -38,11 +38,6 @@ PVE::LXC::Tools::lxc_hook('pre-start', 'lxc', sub {
>  
>      my $storage_cfg = PVE::Storage::config();
>  
> -    my $vollist = PVE::LXC::Config->get_vm_volumes($conf);
> -    my $loopdevlist = PVE::LXC::Config->get_vm_volumes($conf, 'rootfs');
> -
> -    PVE::Storage::activate_volumes($storage_cfg, $vollist);
> -
>      my $rootdir = $vars->{ROOTFS_PATH};
>  
>      # Delete any leftover reboot-trigger file
> -- 
> 2.20.1
> 
> 
> 
> _______________________________________________
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
> 
> 
> 




^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2020-08-04 12:09 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-14 17:50 [pve-devel] [PATCH container v2] Move volume activation to vm_start Stoiko Ivanov
2020-08-04 12:09 ` [pve-devel] applied: " Fabian Grünbichler

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal