krbd: make sure the device node is accessible after the mapping #39606
Conversation
We have always assumed this to be the case and users' scripts and orchestration tools have grown to depend on this. Let's add some enforcement, prompted by [1]: "I am running my Kubernetes worker node inside of an LXC container which doesn't benefit from the device node created by the kernel, so I'm using udev to create the /dev/rbd* device nodes inside of the LXC container." which, through the unfortunate interaction with ceph-csi rbd plugin, results in data loss for "volumeMode: Filesystem" PVs because it ends up recreating the filesystem every time the PV is attached to the pod: "When deleting the pod and re-creating it, I can see that the RBD image is indeed being reformatted. This seems to be because when blkid is being run to check if the image is formatted, the /dev/rbd* device has not yet been created by udev. By the time the code gets down to running mkfs, the device is there and the damage is done." [1] ceph/ceph-csi#1820 Fixes: https://tracker.ceph.com/issues/49410 Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
|
jenkins test make check |
|
jenkins test api |
|
I'm not sure, but I'd rather not. I wanted it to be a warning at first, but given that actual data loss was observed I decided to make it an error. The error message says "mapping succeeded", clearly indicating that the device has been mapped. Outside of ceph-csi, I can imagine some *notify-based automation picking up the new device node and kicking off work. Even if that work is just logging for audit purposes, we probably don't want to interfere and attempt to unmap from a process called We used to have a similar failure mode with a udev-related timeout: |
We have always assumed this to be the case and users' scripts and
orchestration tools have grown to depend on this. Let's add some
enforcement, prompted by [1]:
"I am running my Kubernetes worker node inside of an LXC container
which doesn't benefit from the device node created by the kernel, so
I'm using udev to create the /dev/rbd* device nodes inside of the LXC
container."
which, through the unfortunate interaction with ceph-csi rbd plugin,
results in data loss for "volumeMode: Filesystem" PVs because it ends
up recreating the filesystem every time the PV is attached to the pod:
"When deleting the pod and re-creating it, I can see that the RBD
image is indeed being reformatted. This seems to be because when
blkid is being run to check if the image is formatted, the /dev/rbd*
device has not yet been created by udev. By the time the code gets
down to running mkfs, the device is there and the damage is done."
[1] ceph/ceph-csi#1820
Fixes: https://tracker.ceph.com/issues/49410
Signed-off-by: Ilya Dryomov idryomov@gmail.com