From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 565D169D60 for ; Mon, 14 Mar 2022 17:50:21 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id CBBA16696 for ; Mon, 14 Mar 2022 17:49:50 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id A53F66679 for ; Mon, 14 Mar 2022 17:49:49 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 79CF444154 for ; Mon, 14 Mar 2022 17:49:49 +0100 (CET) Message-ID: <799ce3b6-057f-6afa-9cd0-6de8ecf9a7de@proxmox.com> Date: Mon, 14 Mar 2022 17:49:48 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0 Content-Language: en-US To: Thomas Lamprecht , Proxmox VE development discussion References: <20220218113827.1415641-1-a.lauterer@proxmox.com> <20220218113827.1415641-5-a.lauterer@proxmox.com> From: Aaron Lauterer In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.025 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment NICE_REPLY_A -0.001 Looks like a legit reply (A) SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Subject: Re: [pve-devel] [PATCH manager 4/6] api: mon: mds: osd: add safety check endpoints X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Mar 2022 16:50:21 -0000 On 2/22/22 09:44, Thomas Lamprecht wrote: > On 18.02.22 12:38, Aaron Lauterer wrote: [...] > > In general I see lots of repetition, and in this case I'd rather have a single > enpoint that accepts one (or maybe better a list of) service-type(s), and an > action (stop/destroy) let's encode in the name (or at least description) that > it's a heuristical check, besides things that we possible miss to observe we > could never make it 100% safe as we cannot lock the whole ceph cluster between > checking and doing an operation, so this will always be a TOCTOU race that > expects the admins to have some change management so that they do not interfere > with each others maintenance work. > > So either `/nodes//ceph/cmd-safety-heuristic` or drop the heuristic > from the path and just refer to that detail in the description (which shows up > in the api viewer, so should be good enough) `/nodes//ceph/cmd-safety` > > params could be: node, type, id and command So IIUC, you prefer to not use the Ceph names transparently? 'ok-to-stop', 'ok-to-rm', 'safe-to-destroy'; yes, for Mons it is 'ok-to-rm' and for OSDs 'safe-to-destroy'... But rather to have our own with the list of services (mon, mds, osd), its ID and then the action of either "stop" or "destroy"? And ideally, the option to pass a list of IDs?