openstack.live_snapshot的实现方法存在竞态

3490阅读 0评论2014-07-09 sak0
分类:虚拟化

openstack在H版中提供了live_snapshot,也就是不影响虚机业务运行的snapshot,代码中live_snapshot实现方法:

nova/virt/libvirt/driver.py

点击(此处)折叠或打开

  1. def _live_snapshot()

  3.         try:

  5.             # NOTE (rmk): blockRebase cannot be executed on persistent

  7.             # domains, so we need to temporarily undefine it.

  9.             # If any part of this block fails, the domain is

  11.             # re-defined regardless.

  13.             if domain.isPersistent():

  15.                 domain.undefine()

  17.  

  19.             # NOTE (rmk): Establish a temporary mirror of our root disk and

  21.             # issue an abort once we have a complete copy.

  23.             domain.blockRebase(disk_path, disk_delta, 0,

  25.                                libvirt.VIR_DOMAIN_BLOCK_REBASE_COPY |

  27.                                libvirt.VIR_DOMAIN_BLOCK_REBASE_REUSE_EXT |

  29.                                libvirt.VIR_DOMAIN_BLOCK_REBASE_SHALLOW)

  31.  

  33.             while self._wait_for_block_job(domain, disk_path):

  35.                 time.sleep(0.5)

  37.  

  39.             domain.blockJobAbort(disk_path, 0)

  41.             libvirt_utils.chown(disk_delta, os.getuid())

  43.         finally:

  45.             self._conn.defineXML(xml)

  47.  

  49. def _wait_for_block_job(domain, disk_path, abort_on_error=False):

  51.         status = domain.blockJobInfo(disk_path, 0)

  53.         if status == -1 and abort_on_error:

  55.             msg = _('libvirt error while requesting blockjob info.')

  57.             raise exception.NovaException(msg)

  59.         try:

  61.             cur = status.get('cur', 0)

  63.             end = status.get('end', 0)

  65.         except Exception:

  67.             return False

  69.  

  71.         if cur == end and cur != 0 and end != 0:

  73.             return False

  75.         else:

  77.             return True

过程分析:

openstack层面: 首先调用libvirt接口domain.blockRebase发起qemu对于磁盘的“mirror job",然后反复调用libvirt接口domain.blockJobInfo反复查询备份job,当current刻度与offset对齐时,调用domain.blockJobAbort结束job

libvirt层面: domain.blockRebase调用qemu接口drive_mirror,domain.blockJobInfo调用qemu接口info blockjob,domain.blockJobInfo是一个同步接口,先调用qemu blockjob-cancel停止任务,然后不断查询,直到任务被关闭才返回

qemu层面:mirror任务的注释”Start mirroring a block device's writes to a new destination,using the specified target.“,其中重要循环:

block/mirror.c


点击(此处)折叠或打开

  1. static void coroutine_fn mirror_run(void *opaque)

  3.  

  5.     for (;;) {

  7.         uint64_t delay_ns;

  9.         int64_t cnt;

  11.         bool should_complete;

  13.  

  15.         if (s->ret < 0) {

  17.             ret = s->ret;

  19.             goto immediate_exit;

  21.         }

  23.  

  25.         cnt = bdrv_get_dirty_count(bs, s->dirty_bitmap);

  27.  

  29.         /* Note that even when no rate limit is applied we need to yield

  31.          * periodically with no pending I/O so that qemu_aio_flush() returns.

  33.          * We do so every SLICE_TIME nanoseconds, or when there is an error,

  35.          * or when the source is clean, whichever comes first.

  37.          */

  39.         if (qemu_clock_get_ns(QEMU_CLOCK_REALTIME) - last_pause_ns < SLICE_TIME &&

  41.             s->common.iostatus == BLOCK_DEVICE_IO_STATUS_OK) {

  43.             if (s->in_flight == MAX_IN_FLIGHT || s->buf_free_count == 0 ||

  45.                 (cnt == 0 && s->in_flight > 0)) {

  47.                 trace_mirror_yield(s, s->in_flight, s->buf_free_count, cnt);

  49.                 qemu_coroutine_yield();

  51.                 continue;

  53.             } else if (cnt != 0) {

  55.                 mirror_iteration(s);

  57.                 continue;

  59.             }

  61.         }

  63.  

  65.         should_complete = false;

  67.         if (s->in_flight == 0 && cnt == 0) {

  69.             trace_mirror_before_flush(s);

  71.             ret = bdrv_flush(s->target);

  73.             if (ret < 0) {

  75.                 if (mirror_error_action(s, false, -ret) == BDRV_ACTION_REPORT) {

  77.                     goto immediate_exit;

  79.                 }

  81.             } else {

  83.                 /* We're out of the streaming phase. From now on, if the job

  85.                  * is cancelled we will actually complete all pending I/O and

  87.                  * report completion. This way, block-job-cancel will leave

  89.                  * the target in a consistent state.

  91.                  */

  93.                 s->common.offset = end * BDRV_SECTOR_SIZE;

  95.                 if (!s->synced) {

  97.                     block_job_ready(&s->common);

  99.                     s->synced = true;

  101.                 }

  103.  

  105.                 should_complete = s->should_complete ||

  107.                     block_job_is_cancelled(&s->common);

  109.                 cnt = bdrv_get_dirty_count(bs, s->dirty_bitmap);

  111.             }

  113.         }

  115.  

  117.         if (cnt == 0 && should_complete) {

  119.             /* The dirty bitmap is not updated while operations are pending.

  121.              * If we're about to exit, wait for pending operations before

  123.              * calling bdrv_get_dirty_count(bs), or we may exit while the

  125.              * source has dirty data to

  127.              *

  129.              * Note that I/O can be submitted by the guest while

  131.              * mirror_populate runs.

  133.              */

  135.             trace_mirror_before_drain(s, cnt);

  137.             bdrv_drain_all();

  139.             cnt = bdrv_get_dirty_count(bs, s->dirty_bitmap);

  141.         }

  143.  

  145.         ret = 0;

  147.         trace_mirror_before_sleep(s, cnt, s->synced);

  149.         if (!s->synced) {

  151.             /* Publish progress */

  153.             s->common.offset = (end - cnt) * BDRV_SECTOR_SIZE;

  155.  

  157.             if (s->common.speed) {

  159.                 delay_ns = ratelimit_calculate_delay(&s->limit, sectors_per_chunk);

  161.             } else {

  163.                 delay_ns = 0;

  165.             }

  167.  

  169.             block_job_sleep_ns(&s->common, QEMU_CLOCK_REALTIME, delay_ns);

  171.             if (block_job_is_cancelled(&s->common)) {

  173.                 break;

  175.             }

  177.         } else if (!should_complete) {

  179.             delay_ns = (s->in_flight == 0 && cnt == 0 ? SLICE_TIME : 0);

  181.             block_job_sleep_ns(&s->common, QEMU_CLOCK_REALTIME, delay_ns);

  183.         } else if (cnt == 0) {

  185.             /* The two disks are in sync. Exit and report successful

  187.              * completion.

  189.              */

  191.             assert(QLIST_EMPTY(&bs->tracked_requests));

  193.             s->common.cancelled = false;

  195.             break;

  197.         }

  199.         last_pause_ns = qemu_clock_get_ns(QEMU_CLOCK_REALTIME);

  201.     }

同步任务不断循环检查脏数据,有两种退出可能:1.source和target未同步时就设置了job->canceled 2.source和target   2.source和target同步后,should_complete && 迭代中脏页计数为0,而should_complete成立的条件是脏页为0的迭代并且job设置了退出;所以在这个设备不断IO的情况下,只有一个很小 的空当可以通过设置job状态而退出,而上层的openstack通过sleep(0.5)来钻这个空当,呵呵。

带来的后果:

1.同步任务会一直进行下去,直到GUEST OS中IO停止,造成宿主机资源一直被占用

2.libvirt的.blockJobAbort接口一直不返回,如果nova调用libvirt设置的阻塞方式,则nova也会被卡主

复现问题的方法:

将sleep(x)的值调大后非常容易复现这个竞争场景,默认的0,5也有出现的机会

 

解决方法:

1.在qemu中加入强制退出job的流程

2.慎用mirror接口,采用其他方法在线备份


上一篇:nova "image cache manager" 配置项分析
下一篇:qemu aio简记