Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add additional sanity check when resuming a pool #6212

Closed
wants to merge 1 commit into from
Closed

Add additional sanity check when resuming a pool #6212

wants to merge 1 commit into from

Conversation

behlendorf
Copy link
Contributor

Description

A pool may only be resumed when the txg in the "best" uberblock
found on-disk matches the in-core last synced txg. This is done
to verify that the pool was not modified by another node or process
while it was suspended. If this were to happen the result would
be a corrupted pool.

Since a suspended pool may no longer always be resumable it was
necessary to extend the 'zpool export -F` command to allow a
suspended pool to be exported. This was accomplished by leveraging
the existing spa freeze functionality. During export if '-F' is
given and the pool is suspended the pool will be frozen at the last
synced txg and all in-core dirty data will be discarded. This
allows for the pool to be safely exported without having to reboot
the system.

In order to test this functionality the broken 'ztest -E' option,
which allows for ztest to use an existing pool, was fixed. The
code needed for this was copied over from zdb. ztest is used to
modify the test pool from user space while the kernel has the pool
imported and suspended.

This commit partially addresses issues #4003, #2023, #2878, #3256
by allowing a suspended pool to be exported, 'zpool export -F'.
There may still be cases where a reference on the pool, such as
a filesystem which cannot be unmounted, will prevent the pool
from being exported.

Motivation and Context

Related to multi-modifier protection, PR #6073.

How Has This Been Tested?

Added test case zpool_clear-resume.ksh.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Performance enhancement (non-breaking change which improves efficiency)
  • Code cleanup (non-breaking change which makes code smaller or more readable)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • My code follows the ZFS on Linux code style requirements.
  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.
  • All new and existing tests passed.
  • All commit messages are properly formatted and contain Signed-off-by.
  • Change has been approved by a ZFS on Linux member.

@mention-bot
Copy link

@behlendorf, thanks for your PR! By analyzing the history of the files in this pull request, we identified @FransUrbo, @dswartz and @ahrens to be potential reviewers.

@behlendorf behlendorf added Type: Feature Feature request or new feature Status: Work in Progress Not yet ready for general review labels Jun 10, 2017
@behlendorf behlendorf requested a review from dweeezil June 10, 2017 00:02
@behlendorf behlendorf mentioned this pull request Jun 12, 2017
Closed
12 tasks
@behlendorf
Add additional sanity check when resuming a pool
0bf4fb5 
A pool may only be resumed when the txg in the "best" uberblock
found on-disk matches the in-core last synced txg.  This is done
to verify that the pool was not modified by another node or process
while it was suspended.  If this were to happen the result would
be a corrupted pool.

Since a suspended pool may no longer always be resumable it was
necessary to extend the 'zpool export -F` command to allow a
suspended pool to be exported.  This was accomplished by leveraging
the existing spa freeze functionality.  During export if '-F' is
given and the pool is suspended the pool will be frozen at the last
synced txg and all in-core dirty data will be discarded.  This
allows for the pool to be safely exported without having to reboot
the system.

In order to test this functionality the broken 'ztest -E' option,
which allows for ztest to use an existing pool, was fixed.  The
code needed for this was copied over from zdb.  ztest is used to
modify the test pool from user space while the kernel has the pool
imported and suspended.

This commit partially addresses issues openzfs#4003, openzfs#2023, openzfs#2878, openzfs#3256
by allowing a suspended pool to be exported, 'zpool export -F'.
There may still be cases where a reference on the pool, such as
a filesystem which cannot be unmounted, will prevent the pool
from being exported.

Signed-off-by: Brian Behlendorf <[email protected]>
@behlendorf behlendorf force-pushed the zpool-clear-resume branch from 28c5c81 to 0bf4fb5 Compare June 16, 2017 00:32
@behlendorf behlendorf closed this Jun 28, 2017
@bunder2015
Copy link
Contributor

Had a question in IRC, was this patch merged? Is it still needed after MMP was merged?

@behlendorf
Copy link
Contributor Author

This patch isn't needed for MMP it only provides an additional level of safely when resuming a suspended pool. It still needs some work before it can be merged, which we plan to do.

@behlendorf behlendorf mentioned this pull request Jul 25, 2017
Closed
13 tasks
@behlendorf behlendorf mentioned this pull request Jan 17, 2018
Closed
@behlendorf behlendorf deleted the zpool-clear-resume branch April 19, 2021 20:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dweeezil dweeezil Awaiting requested review from dweeezil

Assignees
No one assigned
Labels
Status: Work in Progress Not yet ready for general review Type: Feature Feature request or new feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@behlendorf @mention-bot @bunder2015