Local storage 3/4: Allocate and deallocate #9499
+4,490
−108
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
|
|
@@ -37,6 +37,8 @@ use crate::db::update_and_check::UpdateStatus; | |||||
| use async_bb8_diesel::AsyncRunQueryDsl; | ||||||
| use chrono::DateTime; | ||||||
| use chrono::Utc; | ||||||
| use diesel::dsl::exists; | ||||||
| use diesel::dsl::not; | ||||||
| use diesel::prelude::*; | ||||||
| use nexus_db_errors::ErrorHandler; | ||||||
| use nexus_db_errors::OptionalError; | ||||||
|
|
@@ -434,13 +436,24 @@ impl DataStore { | |||||
| authz_instance: &authz::Instance, | ||||||
| pagparams: &PaginatedBy<'_>, | ||||||
| ) -> ListResultVec<Disk> { | ||||||
| let conn = self.pool_connection_authorized(opctx).await?; | ||||||
|
|
||||||
| opctx.authorize(authz::Action::ListChildren, authz_instance).await?; | ||||||
|
|
||||||
| self.instance_list_disks_on_conn(&conn, authz_instance.id(), pagparams) | ||||||
| .await | ||||||
| } | ||||||
|
|
||||||
| /// List disks associated with a given instance by name. | ||||||
| pub async fn instance_list_disks_on_conn( | ||||||
| &self, | ||||||
| conn: &async_bb8_diesel::Connection<DbConnection>, | ||||||
| instance_id: Uuid, | ||||||
| pagparams: &PaginatedBy<'_>, | ||||||
| ) -> ListResultVec<Disk> { | ||||||
| use nexus_db_schema::schema::disk::dsl; | ||||||
| use nexus_db_schema::schema::disk_type_crucible::dsl as disk_type_crucible_dsl; | ||||||
| use nexus_db_schema::schema::disk_type_local_storage::dsl as disk_type_local_storage_dsl; | ||||||
|
|
||||||
| let results = match pagparams { | ||||||
| PaginatedBy::Id(pagparams) => { | ||||||
|
|
@@ -461,13 +474,13 @@ impl DataStore { | |||||
| .on(dsl::id.eq(disk_type_local_storage_dsl::disk_id)), | ||||||
| ) | ||||||
| .filter(dsl::time_deleted.is_null()) | ||||||
| .filter(dsl::attach_instance_id.eq(instance_id)) | ||||||
| .select(( | ||||||
| model::Disk::as_select(), | ||||||
| Option::<DiskTypeCrucible>::as_select(), | ||||||
| Option::<DiskTypeLocalStorage>::as_select(), | ||||||
| )) | ||||||
| .get_results_async(conn) | ||||||
| .await | ||||||
| .map_err(|e| public_error_from_diesel(e, ErrorHandler::Server))?; | ||||||
|
|
||||||
|
|
@@ -494,7 +507,7 @@ impl DataStore { | |||||
| let allocation = dsl::local_storage_dataset_allocation | ||||||
| .filter(dsl::id.eq(to_db_typed_uuid(allocation_id))) | ||||||
| .select(LocalStorageDatasetAllocation::as_select()) | ||||||
| .first_async(conn) | ||||||
| .await | ||||||
| .map_err(|e| { | ||||||
| public_error_from_diesel( | ||||||
|
|
@@ -747,7 +760,9 @@ impl DataStore { | |||||
| authz_disk: &authz::Disk, | ||||||
| max_disks: u32, | ||||||
| ) -> Result<(Instance, Disk), Error> { | ||||||
| use nexus_db_schema::schema::disk; | ||||||
| use nexus_db_schema::schema::instance; | ||||||
| use nexus_db_schema::schema::sled_resource_vmm; | ||||||
|
|
||||||
| opctx.authorize(authz::Action::Modify, authz_instance).await?; | ||||||
| opctx.authorize(authz::Action::Modify, authz_disk).await?; | ||||||
|
|
@@ -771,6 +786,74 @@ impl DataStore { | |||||
|
|
||||||
| let attach_update = DiskSetClauseForAttach::new(authz_instance.id()); | ||||||
|
|
||||||
| let disk = self.disk_get(&opctx, authz_disk.id()).await?; | ||||||
| let resource_query = match disk { | ||||||
| Disk::Crucible(_) => disk::table.into_boxed().filter( | ||||||
| disk::dsl::disk_state.eq_any(ok_to_attach_disk_state_labels), | ||||||
| ), | ||||||
|
|
||||||
| // Attaching a local storage disk to the instance has to be blocked | ||||||
| // if sled reservation has occured for this instance: local storage | ||||||
| // allocation records are only created during sled reservation, and | ||||||
| // importantly a particular configuration of local storage | ||||||
| // allocations for an instance are only _validated_ during the sled | ||||||
| // reservation. | ||||||
| // | ||||||
| // The instance start saga perform sled reservation, creates the | ||||||
|
Member
There was a problem hiding this comment. typo:
Suggested change
|
||||||
| // corresponding VMM record, and changes the instance's runtime | ||||||
| // state all in _separate saga nodes_. This means that there could | ||||||
|
Comment on lines
+802
to
+804
Member
There was a problem hiding this comment. take it or leave it: it may perhaps be worth noting something here about why this has to happen like that, so the future reader doesn't just think "well why not just change that part?". i recall that we went down that path briefly yesterday.
Contributor
Author
There was a problem hiding this comment. Definitely, though I can't recall the exact details here from the meeting, and I can't seem to find the recording of the call. I do remember it had something to do with the way the VMM state machine is defined. What were the details here? |
||||||
| // be an indeterminate amount of time between running the sled | ||||||
| // reservation query and changing the instance's state. | ||||||
| // | ||||||
| // If a client attaches a local storage disk to an instance after | ||||||
| // sled reservation occurs but before the instance's start moves to | ||||||
|
Member
There was a problem hiding this comment. nit, perhaps:
Suggested change
|
||||||
| // starting, and we do not block it, there are several problems that | ||||||
| // result: | ||||||
| // | ||||||
| // - if an allocation does not already exist for the local storage | ||||||
| // disk, the instance_start saga will fail (and unwind) when | ||||||
| // trying to ensure that the allocation's dataset and zvol exist | ||||||
|
Member
There was a problem hiding this comment.
Suggested change
|
||||||
| // because the allocation_id column is None. | ||||||
| // | ||||||
| // - if an allocation does already exist for the local storage disk, | ||||||
| // _it may not be for the same sled the VMM is on_. the sled | ||||||
| // reservation query would prevent this, but this attach (if not | ||||||
| // blocked) happened afterwards. This would mean Nexus would | ||||||
| // construct a InstanceSledLocalConfig that contains DelegatedZvol | ||||||
| // entries that refer to different sleds. | ||||||
|
Member
There was a problem hiding this comment. should we mayhaps explicitly note that this would result in a totally unstartable instance? or perhaps that's totally obvious. |
||||||
| // | ||||||
| // - if an allocation does exist already, and it's for the same sled | ||||||
| // the VMM is on, it may be colocated on a zpool with another | ||||||
| // local storage disk's allocation. again, the sled reservation | ||||||
| // query prevents this. | ||||||
| // | ||||||
| // - if an allocation does exist already, and it's for the same | ||||||
| // sled the VMM is on, and it's on a distinct zpool, then it's | ||||||
| // probably fine, but it's safer to let the sled reservation query | ||||||
| // validate everything, and it makes a much smaller query to block | ||||||
| // this case as well. | ||||||
| // | ||||||
| // `reserve_on_random_sled` will create an entry in | ||||||
| // `SledResourcesVmm` when the query is successful in finding a VMM | ||||||
| // reservation, so use that here: if there is a `SledResourcesVmm` | ||||||
| // record for this instance, then block attachment. | ||||||
| // | ||||||
| // Note that depending on our implementation, this may be the code | ||||||
| // path responsible for attaching disks to already-running instances | ||||||
| // when we support hot-plug. Local storage disks may never support | ||||||
| // hot-plug because running zones cannot be reconfigured (aka a new | ||||||
| // zvol rdsk device cannot be added to a running propolis zone). | ||||||
| Disk::LocalStorage(_) => disk::table | ||||||
| .into_boxed() | ||||||
| .filter( | ||||||
| disk::dsl::disk_state | ||||||
| .eq_any(ok_to_attach_disk_state_labels), | ||||||
| ) | ||||||
| .filter(not(exists(sled_resource_vmm::table.filter( | ||||||
| sled_resource_vmm::dsl::instance_id.eq(authz_instance.id()), | ||||||
| )))), | ||||||
| }; | ||||||
|
|
||||||
| let query = Instance::attach_resource( | ||||||
| authz_instance.id(), | ||||||
| authz_disk.id(), | ||||||
|
|
@@ -779,9 +862,7 @@ impl DataStore { | |||||
| .eq_any(ok_to_attach_instance_states) | ||||||
| .and(instance::dsl::active_propolis_id.is_null()), | ||||||
| ), | ||||||
| resource_query, | ||||||
|
Member
There was a problem hiding this comment. i believe that if the query to validate that no preexisting local storage allocations are present fails, we will return omicron/nexus/db-queries/src/db/datastore/disk.rs Lines 888 to 957 in 827bb37 because we don't check for this situation in that omicron/nexus/db-queries/src/db/datastore/disk.rs Lines 950 to 954 in 827bb37 but, that error won't be very helpful here, as it doesn't actually describe why the disk couldn't be attached. i think we should really be returning something more descriptive to the user here. it would be nice if we could say something like "cannot attach local storage disk to this instance, as local storage has already been allocated on a sled" or something. |
||||||
| max_disks, | ||||||
| diesel::update(disk::dsl::disk).set(attach_update), | ||||||
| ); | ||||||
|
|
||||||
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit, sorry: