Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Filesystem limits #3432

Merged
merged 6 commits into from
Oct 21, 2023
Merged

Conversation

jbaublitz
Copy link
Member

Closes #3431

@jbaublitz jbaublitz self-assigned this Aug 31, 2023
@jbaublitz
Copy link
Member Author

This is just waiting on unit tests.

@jbaublitz
Copy link
Member Author

Just completed the unit tests.

@jbaublitz jbaublitz force-pushed the filesystem-limits branch 3 times, most recently from f7ee53b to 73930d9 Compare September 29, 2023 14:44
src/dbus_api/filesystem/shared.rs Outdated Show resolved Hide resolved
@jbaublitz
Copy link
Member Author

/packit test

@jbaublitz jbaublitz requested a review from bmr-cymru October 4, 2023 13:28
Copy link
Member

@mulkieran mulkieran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One minor request AND ought we to allow the user to specify the filesystem size limit on filesystem creation?

src/dbus_api/filesystem/filesystem_3_6/props.rs Outdated Show resolved Hide resolved
Copy link
Member

@mulkieran mulkieran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tests revealed a typo.

src/dbus_api/filesystem/mod.rs Outdated Show resolved Hide resolved
@jbaublitz
Copy link
Member Author

@mulkieran I'm fine with letting the user specify filesystem size limits on creation if you'd like. It's more a matter of preference.

@jbaublitz jbaublitz force-pushed the filesystem-limits branch 3 times, most recently from 4c602af to 1d4c1ae Compare October 11, 2023 15:02
@jbaublitz
Copy link
Member Author

@mulkieran I agree that users might not know what the large value means. Some might believe that this is a supported size maximum or a value to test, these might not be reasons to no do it. I thought that Stratis might want to stay consistent with Key, where there is a set, unset, reset options, but the pool set-fs-limit doesn't have an unset or reset for good reasons. Another thought based on the maximum sizes is, does dm-thin and XFS share similar maximums?

The only reason we don't have an unset for set-fs-limit is because it's a metadata changing operation (as in we have to allocate more metadata room for each filesystem that we want to allow by the limit). I'm not convinced these two things are comparable because we don't store the filesystem size limit anywhere but the MDV so there is no additional space that needs to be allocated.

@jbaublitz
Copy link
Member Author

My objection to these changes is that in general:

  1. I think no filesystem limit is easy to understand. We can solicit feedback from @mvollmer on this if we'd like because I know he's had some opinions about usability in the past. I personally think it's less usable to display a very large number with no explanation and allow no way to remove it. That feels like leaking implementation details to the user in a way that's not helpful and will generate more questions than anything.
  2. I think that maintaining the MAX_THINDEV_SIZE in our codebase at all may be a mistake, but an even bigger mistake to mix it in with the filesystem limit code where it will be relatively hard to remove in the future. I don't like duplicating constants that cannot be set and may change in the future. Sometimes it's necessary, but I don't see enough of a benefit here to support that. Here I would almost rather have filesystem creation or extension fail so that we don't have to support multiple values across kernels if it changes in the future.
  3. I don't see the simplifications as large enough to justify the drawbacks.

I want to put up the following proposal for a simplification in how we deal with the size limit property; we can talk about it in standup:

In stratisd:

1. Since we treat `MAX_THIN_DEV_SIZE` like a limit, treat it thus in `StratFilesystem::extend_size`, i.e. explicitly cap the size at `MAX_THIN_DEV_SIZE`. I expect that other constraints will cause that size never to be reached, but you never know.

2. Change the value representing the size limit in the engine so that it is non-optional.

3. Change the D-Bus property so that it non-optional and if no other limit has been set, report `MAX_THIN_DEV_SIZE`.

In stratis-cli:

1. Always report the filesystem limit, as a number, in the filesystem listing under the heading: `Total / Used / Free / Limit`.

The advantages of this are:

1. Some real simplification in the engine internals, due to non-optional value.

2. Some real simplification in the D-Bus API due to non-optional property.

3. Some real simplification in stratis-cli. This idea was prompted because of a request for an `unset-size-limit` command in stratis-cli. I would much rather keep the just the `set-size-limit` subcommand. It already takes one special value, `stratis fs set-fs-limit <poolname> <fsname> current` which just means set the filesystem limit to the filesystems current size, which seems sensible. I would prefer to add another special value for that subcommand, like `stratis fs set-fs-limit <poolname> <fsname> largest`.  The way stratis would implement this request would be to have the constant `MAX_THIN_DEV_SIZE` defined; it would put that value in its property set call.

The disadvantages of this approach are:

1. User will see a very large limit in their `filesystem list` and may interpret it as meaning something different than it really does.

@mulkieran
Copy link
Member

I'm willing to believe that dropping MAX_THIN_DEV_SIZE entirely might be the truly simplifying move. But then I think we should drop it from the checks we do for the size value as well in order to be consistent w/ ourselves. In theory, then xfs will return an error on filesystem creation that stratisd will report. We usually try to let xfs do its own work, and I'm not sure why we didn't in this case.

My objection to these changes is that in general:

1. I think no filesystem limit is easy to understand. We can solicit feedback from @mvollmer on this if we'd like because I know he's had some opinions about usability in the past. I personally think it's less usable to display a very large number with no explanation and allow no way to remove it. That feels like leaking implementation details to the user in a way that's not helpful and will generate more questions than anything.

2. I think that maintaining the `MAX_THINDEV_SIZE` in our codebase at all may be a mistake, but an even bigger mistake to mix it in with the filesystem limit code where it will be relatively hard to remove in the future. I don't like duplicating constants that cannot be set and may change in the future. Sometimes it's necessary, but I don't see enough of a benefit here to support that. Here I would almost rather have filesystem creation or extension fail so that we don't have to support multiple values across kernels if it changes in the future.

3. I don't see the simplifications as large enough to justify the drawbacks.

I want to put up the following proposal for a simplification in how we deal with the size limit property; we can talk about it in standup:
In stratisd:

1. Since we treat `MAX_THIN_DEV_SIZE` like a limit, treat it thus in `StratFilesystem::extend_size`, i.e. explicitly cap the size at `MAX_THIN_DEV_SIZE`. I expect that other constraints will cause that size never to be reached, but you never know.

2. Change the value representing the size limit in the engine so that it is non-optional.

3. Change the D-Bus property so that it non-optional and if no other limit has been set, report `MAX_THIN_DEV_SIZE`.

In stratis-cli:

1. Always report the filesystem limit, as a number, in the filesystem listing under the heading: `Total / Used / Free / Limit`.

The advantages of this are:

1. Some real simplification in the engine internals, due to non-optional value.

2. Some real simplification in the D-Bus API due to non-optional property.

3. Some real simplification in stratis-cli. This idea was prompted because of a request for an `unset-size-limit` command in stratis-cli. I would much rather keep the just the `set-size-limit` subcommand. It already takes one special value, `stratis fs set-fs-limit <poolname> <fsname> current` which just means set the filesystem limit to the filesystems current size, which seems sensible. I would prefer to add another special value for that subcommand, like `stratis fs set-fs-limit <poolname> <fsname> largest`.  The way stratis would implement this request would be to have the constant `MAX_THIN_DEV_SIZE` defined; it would put that value in its property set call.

The disadvantages of this approach are:

1. User will see a very large limit in their `filesystem list` and may interpret it as meaning something different than it really does.

@jbaublitz
Copy link
Member Author

Okay great! That's exactly what I wanted when I wrote the PR so I'll remove the MAX_THINDEV_SIZE altogether.

@jbaublitz
Copy link
Member Author

@mulkieran Should we also remove MIN_THINDEV_SIZE?

@mulkieran
Copy link
Member

@mulkieran Should we also remove MIN_THINDEV_SIZE?

@jbaublitz The version of xfs in f38+ now enforces its lower bound so I think that we might be able to do this. Let's discuss in standup.

@mulkieran mulkieran closed this Oct 17, 2023
@mulkieran mulkieran reopened this Oct 17, 2023
@mulkieran
Copy link
Member

whoops

Copy link
Member

@mulkieran mulkieran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In the sim engine only, it looks like setting the size-limit on creation somehow doesn't cause the sim filesystem's size limit to be set. This is confirmed by stratis report which shows size limit as None for the sim engine and the set value is not displayed in the filesystem list view. For the strat engine, everything seems to be working correctly. For the sim engine and for the strat engine, setting and unsetting the size property seems to work correctly.

@jbaublitz
Copy link
Member Author

In the sim engine only, it looks like setting the size-limit on creation somehow doesn't cause the sim filesystem's size limit to be set. This is confirmed by stratis report which shows size limit as None for the sim engine and the set value is not displayed in the filesystem list view. For the strat engine, everything seems to be working correctly. For the sim engine and for the strat engine, setting and unsetting the size property seems to work correctly.

Resolved. This was caught by the unit tests for the strat_engine but isn't tested in the sim_engine so it wasn't caught.

@jbaublitz
Copy link
Member Author

/packit test

@mulkieran
Copy link
Member

@jbaublitz Plz rebase when you get the chance.

@mulkieran mulkieran requested a review from bgurney-rh October 20, 2023 19:37
@mulkieran
Copy link
Member

/packit test

@mulkieran mulkieran removed the request for review from bmr-cymru October 21, 2023 00:52
@mulkieran mulkieran merged commit d72bd39 into stratis-storage:master Oct 21, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Filesystem size limits
5 participants