librbd/api: don't mask images in group with read-only as part of image_demote()
if the images are part of a group wait until group_demote() is finally done
with GroupUnlinkPeerRequest() and then mask the images part of the group with
IMAGE_READ_ONLY_FLAG_NON_PRIMARY.
Thanks to Nithya for working along for a better fix here.
librbd/api: finalize the API's about skip-quiesce and ignore-quiesce-error flags
* leave --skip-quiesce and --ignore-quiesce-error options only on
rbd mirror group snapshot command
* drop flags argument from mirror_group_enable(), mirror_group_promote() and
mirror_group_demote() APIs, it will remain only on
mirror_group_create_snapshot() and aio_mirror_group_create_snapshot() APIs
* mirror_group_promote() and mirror_group_demote() should behave as if
RBD_SNAP_CREATE_SKIP_QUIESCE flag was passed
* mirror_group_enable() should use get_default_snap_create_flags() to get flags
-- it will be governed by rbd_default_snapshot_quiesce_mode config option
* make each of the mentioned APIs explicitly do either
a) snap_create_flags_api_to_internal(<flags passed by the user>, &snap_create_flags),
b) snap_create_flags_api_to_internal(get_default_snap_create_flags(), &snap_create_flags)
Credits to Ilya Dryomov <idryomov@gmail.com> for the above finalisation.
rbd-mirror: don't call group_snap_set for every image snap for regular group snap
It looks like we fixed avoiding of calling group_snap_set() for each image
snapshot update for mirror group snapshot, but for regular group snapshot,
it is still happening. This commit will fix it.
For 1 & 2 cases, we can simply delete the so far created group snapshot
in the respective callback handler which is basically an empty INCOMPLETE
group snapshot and let the state machine recreate it again later.
For 3 & 4 cases, we are cannot delete the created snapshot, because the
image snapshots whould have synced/syncing by now, deleting the group
snapshot will bring additional comlications (if there is a failover at
the same time). Hence setting m_retry_validate_snap flag in this case,
this would all the rescan even for regular group snapshots, if the
snapshot is yet INCOMPLETE on disk the validate_image_snaps_sync_complete()
will be called again.
For case 5, added logic to retry remove_mirror_peer_uuid() again.
rbd-mirror: fix m_stop_requested leading to a race
* if m_stop_requested is set then is_replay_interrupted return true.
* also shut_down should set m_stop_requested to false, it is instead
setting it to true this will lead to race and a possible crash accessing GR
b/w shut_down() and notify_group_listener_stop()
librbd/api: fail group promote when there is no previous snapshot
If the group enable time initial snapshot didn't sync to the secondary and
is in incomplete state, but then there happens a force promote on secondary,
there is no previous snapshot for that force promote to rollback to.
John Agombar [Thu, 20 Mar 2025 20:48:57 +0000 (20:48 +0000)]
qa/workunits/rbd: update to mirror group snapshot tests
Updated status() helper function to dump contents of stderr and stdout for last command
New helper functions to check for image snaps existence
Added new environment variable RBD_MIRROR_HIDE_BASH_DEBUGGING to turn off set -x output.
Previously RBD_MIRROR_SHOW_CLI_CMD was being used for this and controlling the display of cli output.
New tests:
• test_group_rename - test that a group rename is only mirrored to the remote after a mirror group
snapshot command. Also test that a group rename is not inadvertantly mirrored or undone
(test commented out as it is failing)
• test_enable_mirroring_when_duplicate_group_exists - various scenarios that check an empty group
and approaches to fixing the duplicate names on either site.
(test is commented out as it is not yet finished)
• test_enable_mirroring_when_duplicate_group_and_images_exists - builds on the previous test
but has duplicate named images too (test is commented out as it is failing)
• test_image_snapshots_with_group - test regular image snapshots along with mirror group snapshots
Enabled tests:
- test_force_promote scenarios 1,2,3 and 5 pass
rbd-mirror: group-replayer check for remote demote state
I'm seeing a possibility for 3 situations here for resync flagging and
rbd-mirror daemon working on it:
1. No Demotion on Primary while/just-before resync is play'ed
there is no demote snap along side resync, we can cancel syncing other
snaps, and start resync as soon as resync is flagged, because there is
no point syncing snaps that we are anyway going to delete the whole
group and resync fresh.
2. first Demote + immediately Resync
demote came first, this mean before proceeding with resync, we should
always see if the last remote snap is PRIMARY (validate if the remote
is still primary, which is on point) and only proceed
3. first Resync + immediately Demote
resync Came first, so we head straight to resync.
Ilya Dryomov [Sun, 16 Mar 2025 16:23:22 +0000 (17:23 +0100)]
qa/workunits/rbd: fix looping in remove_image_retry()
remove_image_retry() is to be called on images that may still have
a watcher (i.e. considered to be open), in which case either of "rbd
snap purge" and "rbd rm" commands can fail.
This unbreaks "TEST: delete images during bootstrap".
Ilya Dryomov [Sat, 15 Mar 2025 19:42:02 +0000 (20:42 +0100)]
qa/workunits/rbd: fix positional argument expansion in create_image()
Sticking $@ into a string that is supposed to form a command isn't
right because the string would be broken apart when $@ has more than
one argument:
If the double-quoted expansion occurs within a word, the expansion of
the first parameter is joined with the beginning part of the original
word, and the expansion of the last parameter is joined with the last
part of the original word.
Resort to $* despite its shortcomings -- given run_cmd() signature it's
the only practical fixup. A wrapper such as run_cmd() should really be
variadic or take an array instead of insisting on a single string.
Ilya Dryomov [Sat, 15 Mar 2025 17:02:49 +0000 (18:02 +0100)]
qa/workunits/rbd: fix looping in wait_for_snapshot_sync_complete()
get_primary_snap_id_for_newest_mirror_snapshot_on_secondary() may be
called on a freshly created image where the only non-primary snapshot
is still incomplete. In this scenario it fails because a snapshot ID
can't be produced, but wait_for_snapshot_sync_complete() should keep
retrying the same as in the regular case.
This fixes sporadic failures in "TEST: add image and test replay",
"TEST: stop mirror, add image, start mirror and test replay" and other
tests that use wait_for_snapshot_sync_complete().
Ilya Dryomov [Sat, 15 Mar 2025 15:42:28 +0000 (16:42 +0100)]
qa/workunits/rbd: make wait_for_omap_keys() work on a non-existent object
wait_for_image_in_omap() may be called on a cluster with mirroring
configured but rbd-mirror daemon never started. rbd_mirror_leader
object isn't expected to exist in that case.
This unbreaks "TEST: check if removed images' OMAP are removed (with
rbd-mirror on one cluster)".
Ilya Dryomov [Sat, 15 Mar 2025 12:56:45 +0000 (13:56 +0100)]
librbd: tolerate image not existing in ImageRemoveRequest
ImageRemoveRequest may be called when the image no longer exists (or
even never existed in case of a clone image whose creation is pending
on its parent showing up on the secondary) to clean up leftover mirror
metadata. Upon failure to get the group spec on a non-existing image
header, the state machine should be advanced to remove_mirror_image().
This fixes sporadic failures in "TEST: cloned images" and "TEST: check
if removed images' OMAP are removed".
John Agombar [Thu, 13 Mar 2025 14:37:57 +0000 (14:37 +0000)]
qa/workunits/rbd: update to mirror group snapshot tests
Update run_test_secnarios function to support a non-contiguous sequence of scenario numbers
Remove assert that checked empty omap keys between tests - now just logs to testlog
New tests:
- test_odf_failover_failback - new scenario with resync request on test_odf_failover_failback
Disabled tests:
- test_force_promote all scenarios fail since test is now checking group
consistency during rollback
Issue II:
src/tools/rbd_mirror/GroupReplayer.h:178:10:
error: lambda capture 'this' is not used [-Werror,-Wunused-lambda-capture]
178 | [this](int r) {
| ^
Issue III:
src/test/rbd_mirror/test_mock_ImageSync.cc:258:16:
error: no matching constructor for initialization of 'MockImageSync'
(aka 'ImageSync<librbd::MockTestImageCtx>')
258 | return new MockImageSync(
* group_snap_set() currently is called per image snapshot ack in group
snapshot, with this change, now on it is called
1. locally, on empty group snap creation with state INCOMPLETE
2. locally when, group snap move to COMPLETE with all image snap details
3. on remote snapshot when remove peer uuid on a previous COMEPLETE snap
* group_snap_set() revert conditioning and return value around check for
"snap key already exists"
* fix user snapshot removal need two succeeding snapshots
John Agombar [Tue, 4 Mar 2025 14:24:43 +0000 (14:24 +0000)]
qa/workunits/rbd: update to mirror group snapshot tests
New tests:
- force promote test with daemon running on both clusters
- test_enable_mirroring_when_duplicate_group_exists
- test_odf_failover_failback test
- test_resync_marker test
- test_force_promote_before_initial_sync test
- scenarios in test_create_group_with_images_then_mirror_with_regular_snapshots
Renamed tests:
- test_multiple_user_snapshot_time to test_multiple_mirror_group_snapshot_unlink_time
- test_multiple_user_snapshot_whilst_stopped to test_multiple_mirror_group_snapshot_whilst_stopped
* moved the internal functions scope to private
* use m_on_start_finish to save the init time Context and use later,
instead of passing it in various functions
N Balachandran [Tue, 11 Mar 2025 10:19:16 +0000 (15:49 +0530)]
rbd-mirror: reuse the ImageReplayers in the GroupReplayer
This fix will start image replayers even if the group replayer
is primary so as to have the correctmirror pool status.
The group replayer will also attempt to reuse the image replayers where
possible on restart.
Signed-off-by: N Balachandran <nithya.balachandran@ibm.com>
N Balachandran [Fri, 7 Mar 2025 07:26:35 +0000 (12:56 +0530)]
rbd-mirror: fix image map notifications for groups
The Group replayer Bootstrap now sends mirroring notifications
when creating or deleting the local group. The ImageMap will only
send the acquire_group notifications once for each group.
Signed-off-by: N Balachandran <nithya.balachandran@ibm.com>
Ramana Raja [Wed, 5 Mar 2025 19:29:16 +0000 (14:29 -0500)]
librbd/mirror: cleanup redundant parameters in CreatePrimaryRequest and
... CreateNonPrimaryRequest constructors. The objects can figure out
the image's group ID and group pool ID from the group_spec stored in
their image_ctx data member. No need to pass in group ID and
group pool ID into the constructors.
Ramana Raja [Tue, 4 Mar 2025 17:43:19 +0000 (12:43 -0500)]
librbd/mirror: change naming format of member image snap
... of primary and non-primary mirror group snaps.
Set the naming format of member image snap of a mirror group snap to be,
mirror.primary.<global_image_id>.<global_group_id>.<group_pool_id>_<group_id>_<group_snap_id>,
or
mirror.non_primary.<global_image_id>.<global_group_id>.<group_pool_id>_<group_id>_<group_snap_id>
Ramana Raja [Fri, 28 Feb 2025 21:49:27 +0000 (16:49 -0500)]
librbd/api: set `image_snap_name` as empty string for mirror gp snap
The member image snapshots of a mirror group snap do not share a
common name unlike those of a user group snap. So set the
`image_snap_name` to an empty string.
The following steps leaves stale group on seondary left undeleted,
1. Create and mirror enable a group with 2 images.
2. Let it sync to the secondary
3. Demote on the primary and promote on the secondary
4. Wait until it starts replaying on the original primary
5. Delete the group on the new primary
Credits to Nithya Balachandran for highlighting the issue with detailed steps.
Following issues are fixed:
* Allow to flag resync, but if remote is not primary do not resync or
even delete the local group.
- Wait for remote to turn primary, if it turns primary, then continue
to resync.
- Just in case if the same site is made primary right after issuing
resync, then clear that flag immediatly.
* Revert some old code in PoolWatcher, unintentional edits/changes.
* Do not send MIRROR_GROUP_STATE_DISABLED notification from group_resync
API, this will lead to release_group(). Credits to Nithya Balachandran
for pointing about this notification deatils.
rbd_mirror: avoid rescans in busy loop to detect new snapshots
Instead move the state to STATE_IDLE once the snapshot limits cannot be met
and move back to STATE_REPLAYING on a call from group_replayer to
set_remote_snap_id_end_limit()
Issue I:
As part of the remove_local_mirror_group if local mirror group global_group_id
doesn't match with GroupReplayer instance (m_global_group_id), then
remove_local_group()
In a case where the daemon is down then group is disabled then removed/added
images then re-enabled groups and then brought the daemon back to life,
the Groupreplayer instances belonging to same group name will mess
leading to path of create_local_mirror_group(), which is wrong.
Issue II:
Also, in cases where local mirror group global_group_id doesn't match with
GroupReplayer instance, if there are ENOENT errors in the bootstrapping
then retry the bootstrapping.
With out this fix, this will lead to group_replayer destroy of a valid instance.
Ramana Raja [Thu, 20 Feb 2025 00:09:32 +0000 (19:09 -0500)]
librbd/api: disallow mirror image operations on a group's member image
Disallow the following mirror image APIs when called directly on an
image that is member of a group:
- mirror image demote
- mirror image disable
- mirror image enable
- mirror image promote
- mirror image resync
- mirror image snapshot
Only allow mirror operations on a group's member image via the mirror
group APIs.
John Agombar [Thu, 13 Feb 2025 17:20:01 +0000 (17:20 +0000)]
qa/workunits/rbd: add new tests and improve existing
Change admin socket mirror group status checks to query status on normal CLI too
Disable test_stopped_daemon test whichhas intermittent failures.
Remove sleep 5 which is no longer needed in RBD mirror group tests
Fix test_image_replay_state() helper function to work without SHOW_CLI_CMD env variable set
rbd_mirror_group_group.sh:
+ testlog "TEST: add a large image to group and test replay"
Also this fix replace the set_finished(), which was removed in the previous
commit, which will cause a regression in the GroupReplayer destroy code path.
N Balachandran [Fri, 21 Feb 2025 06:17:19 +0000 (11:47 +0530)]
rbd-mirror: fixes multiple issues in the group replayer
The commit includes the following:
- Fixed crashes in the start/stop in GroupReplayer
- Fixed crashes in the shut_down sequence in group_replayer::Replayer
- ImageMap will now send release_group notifications for non-empty
groups.
- InstanceReplayer no longer checks if the GroupReplayer needs to be
restarted. The GroupReplayer will stop itself if it determines that it
needs to be restarted.
Signed-off-by: N Balachandran <nithya.balachandran@ibm.com>
Ramana Raja [Tue, 4 Feb 2025 00:55:08 +0000 (19:55 -0500)]
librbd: remove mirror APIs that change mirror group membership
Remove mirror APIs, group_image_add() and group_image_remove() that
are never called as we don't allow adding/removing images to/from a
mirrored group.
rbd-mirror: do not move the images to trash while the disabling is in progress
Images cannot be moved to trash if the state is disabling because its a
transient state where some of the images might have got the oportunity to
disable and some of them part of the group might still be enabled
waiting for the oportunity while a group disable is in progress.
So we wait until the state DISABLING moves to next state, and see if there are
any stale image to move into a trash queue later.
rbd-mirror: bootstrap wait for previous disabling group to cleanup
Was seeing a case where the following operations are done:
1. daemon is stopped on secondary
2. then mirroring on the group is disabled
3. added/removed image[s] to/from the group
4. enabled group back for mirroring
5. Mirroring daemon is brought back to life
From the handling:
1. Two GroupReplayer's are started by the InstanceReplayer, one for old group
and one for new group (not surprisingly both deal with the same pool images)
2. The GroupReplayer for old group instance enters into
group_replayer::BootstrapRequest, notices remote_group_id is not found, and
starts cleaning-up the group, """tries to remove local group and all the
images. Finally returns to GroupReplayer, stop the GroupReplayer setting
the state as stopped with description group removed and finally unregister
admin socket hook."""
3. On the other hand the GroupReplayer for new group instance runs in concurrent
to the old one, figures out local group_id by name exists and """tries to
remove local group and all the images. Finally returns to GroupReplayer,
stop the GroupReplayer setting the state as stopped with description group
removed and finally unregister admin socket hook."""
You can see 2 and 3 are ending up in the same situation because of the
concurrent behaviour. i.e one has to add the group with a name and create
images in the pool. Where as the other has to remove the group with same name
from the same pool.
Thanks to Ilya for the suggestion here, according to the suggestion the
fix is simple. The way this is handled for standalone images is that the
second replayer (i.e. (3)) sees that the image is in MIRROR_IMAGE_STATE_DISABLING
state and backs off (i.e.second group waits and retries later).
If the second replayer backs off with ERESTART, the first replayer should
eventually clean up the old group which would allow the second replayer to
proceed with creating a new group.
rbd_mirror: cleanup group status keys in the rbd_mirroring object
Keys & Values for "gremote_status_global_*" and "gstatus_global_*" are
getting readded in the rbd_mirroring object after they were removed at
group disable time as part of group_status_set(), as it doesn't defend
for disabled groups today.
Also librbd::cls_client::mirror_group_status_remove_down() was added in
the code but not levearaged, hence added code for unhappy path cleanup
as part of MirrorStatusWatcher::init() like it is calls
librbd::cls_client::mirror_image_status_remove_down() today.
rbd_mirror: update local {group_pool, group_pool} in ImageSnapshotNamespaceGroup
* Fix user group snapshot not moving to complete when the pool_id differ on
remote and locally.
* The Image snapshot namespace ImageSnapshotNamespaceGroup is copied
from remote src directly to dst locally and {group_pool, group_pool}
still hold remote details. This fix updates the namespace in the
image snapshot.
N Balachandran [Mon, 10 Feb 2025 15:10:07 +0000 (20:40 +0530)]
librbd: fix group snapshot unlink
Changes to the group mirror snapshot unlink:
- Fixes the group mirror snapshot unlink to behave like the
image mirror unlink.
- Renames UnlinkGroupPeerRequest to GroupUnlinkPeerRequest
and moves it into librbd/mirror/snapshot.
- Modifies prepare_group_images() to return the mirror_peer_uuids
which are then passed as an argument to GroupUnlinkPeerRequest.
Signed-off-by: N Balachandran <nithya.balachandran@ibm.com>
John Agombar [Thu, 6 Feb 2025 12:03:36 +0000 (12:03 +0000)]
qa/workunits/rbd: improvements to smoke tests
- Remove dynamic group behaviour in rbd_mirror_group.sh tests
- Add test for group enable/disable after force promote
- Test new fields in group info cmd
rbd-mirror: add peer_uuids for non-primary demoted group snapshot
GroupReplayer should add peer uuid for group snapshot if it is a
non-primary demoted snapshot, other wise this snapshot will be
unconditionally unlinked further, as doesn't have a peer uuid leading to
split-brain scenarios.
Credits to N Balachandran <nithya.balachandran@ibm.com> for the find.
John Agombar [Thu, 30 Jan 2025 13:04:13 +0000 (13:04 +0000)]
qa/workunits/rbd: updates to mirror group bash scripts
- support cli parameters to specify the test to run
- support cli parameter to specify the number of times to repeat the test
- new tests
- added RBD_MIRROR_NEW_IMPLICIT_BEHAVIOUR env variable in preparation for
changes to group snapshot behaviour
1. If group snapshot is syncing do not remove mirror peer uuid of last complete
snapshot [ i.e. currently incomlpete - 1] (on remote)
2. If group snapshot is synced do not remove mirror peer uuid of its
respective on remote yet.
Creating a global, pool or namespace level mirror snapshot
schedule shouldn't schedule mirror snapshots of images that
are part of a group and reside in the pool or namespace.
Also disallow directly scheduling mirror image snapshots on
images that are part of a group.
Ramana Raja [Tue, 5 Nov 2024 16:12:54 +0000 (11:12 -0500)]
qa/workunits/rbd: add basic tests for mirror group snapshot scheduler
Add tests to check the basic functionality of the
mirror_group_snapshot_schedule module. Check that
- `rbd mirror group snapshot schedule add/rm/status/ls` commands work
- the module can recover from blocklisting of its client and continue
to process requests
projects / ceph.git / log