2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* CDDL HEADER START
|
|
|
|
*
|
|
|
|
* The contents of this file are subject to the terms of the
|
|
|
|
* Common Development and Distribution License (the "License").
|
|
|
|
* You may not use this file except in compliance with the License.
|
|
|
|
*
|
|
|
|
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
|
|
|
|
* or http://www.opensolaris.org/os/licensing.
|
|
|
|
* See the License for the specific language governing permissions
|
|
|
|
* and limitations under the License.
|
|
|
|
*
|
|
|
|
* When distributing Covered Code, include this CDDL HEADER in each
|
|
|
|
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
|
|
|
|
* If applicable, add the following below this CDDL HEADER, with the
|
|
|
|
* fields enclosed by brackets "[]" replaced with your own identifying
|
|
|
|
* information: Portions Copyright [yyyy] [name of copyright owner]
|
|
|
|
*
|
|
|
|
* CDDL HEADER END
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
2010-05-29 00:45:14 +04:00
|
|
|
* Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
|
2017-04-24 19:34:36 +03:00
|
|
|
* Copyright (c) 2011, 2017 by Delphix. All rights reserved.
|
2016-07-28 01:29:15 +03:00
|
|
|
* Copyright (c) 2015, Nexenta Systems, Inc. All rights reserved.
|
2014-10-18 19:58:11 +04:00
|
|
|
* Copyright (c) 2013, 2014, Nexenta Systems, Inc. All rights reserved.
|
2015-04-02 06:44:32 +03:00
|
|
|
* Copyright (c) 2014 Spectra Logic Corporation, All rights reserved.
|
2016-06-16 01:47:05 +03:00
|
|
|
* Copyright 2013 Saso Kiselkov. All rights reserved.
|
2017-04-13 19:40:00 +03:00
|
|
|
* Copyright (c) 2014 Integros [integros.com]
|
|
|
|
* Copyright 2016 Toomas Soome <tsoome@me.com>
|
2014-03-22 13:07:14 +04:00
|
|
|
* Copyright (c) 2016 Actifio, Inc. All rights reserved.
|
2017-07-07 08:16:13 +03:00
|
|
|
* Copyright (c) 2017 Datto Inc.
|
2017-05-30 21:39:17 +03:00
|
|
|
* Copyright 2017 Joyent, Inc.
|
2011-11-08 04:26:52 +04:00
|
|
|
*/
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
2013-06-11 21:12:34 +04:00
|
|
|
* SPA: Storage Pool Allocator
|
|
|
|
*
|
2008-11-20 23:01:55 +03:00
|
|
|
* This file contains all the routines used when modifying on-disk SPA state.
|
|
|
|
* This includes opening, importing, destroying, exporting a pool, and syncing a
|
|
|
|
* pool.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <sys/zfs_context.h>
|
|
|
|
#include <sys/fm/fs/zfs.h>
|
|
|
|
#include <sys/spa_impl.h>
|
|
|
|
#include <sys/zio.h>
|
|
|
|
#include <sys/zio_checksum.h>
|
|
|
|
#include <sys/dmu.h>
|
|
|
|
#include <sys/dmu_tx.h>
|
|
|
|
#include <sys/zap.h>
|
|
|
|
#include <sys/zil.h>
|
2010-05-29 00:45:14 +04:00
|
|
|
#include <sys/ddt.h>
|
2008-11-20 23:01:55 +03:00
|
|
|
#include <sys/vdev_impl.h>
|
2010-08-26 22:49:16 +04:00
|
|
|
#include <sys/vdev_disk.h>
|
2008-11-20 23:01:55 +03:00
|
|
|
#include <sys/metaslab.h>
|
2010-05-29 00:45:14 +04:00
|
|
|
#include <sys/metaslab_impl.h>
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
#include <sys/mmp.h>
|
2008-11-20 23:01:55 +03:00
|
|
|
#include <sys/uberblock_impl.h>
|
|
|
|
#include <sys/txg.h>
|
|
|
|
#include <sys/avl.h>
|
|
|
|
#include <sys/dmu_traverse.h>
|
|
|
|
#include <sys/dmu_objset.h>
|
|
|
|
#include <sys/unique.h>
|
|
|
|
#include <sys/dsl_pool.h>
|
|
|
|
#include <sys/dsl_dataset.h>
|
|
|
|
#include <sys/dsl_dir.h>
|
|
|
|
#include <sys/dsl_prop.h>
|
|
|
|
#include <sys/dsl_synctask.h>
|
|
|
|
#include <sys/fs/zfs.h>
|
|
|
|
#include <sys/arc.h>
|
|
|
|
#include <sys/callb.h>
|
|
|
|
#include <sys/systeminfo.h>
|
|
|
|
#include <sys/spa_boot.h>
|
2009-07-03 02:44:48 +04:00
|
|
|
#include <sys/zfs_ioctl.h>
|
2010-05-29 00:45:14 +04:00
|
|
|
#include <sys/dsl_scan.h>
|
2012-12-14 03:24:15 +04:00
|
|
|
#include <sys/zfeature.h>
|
2013-09-04 16:00:57 +04:00
|
|
|
#include <sys/dsl_destroy.h>
|
2013-05-28 15:50:38 +04:00
|
|
|
#include <sys/zvol.h>
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2009-02-18 23:51:31 +03:00
|
|
|
#ifdef _KERNEL
|
2017-05-30 21:39:17 +03:00
|
|
|
#include <sys/fm/protocol.h>
|
|
|
|
#include <sys/fm/util.h>
|
2010-05-29 00:45:14 +04:00
|
|
|
#include <sys/bootprops.h>
|
|
|
|
#include <sys/callb.h>
|
|
|
|
#include <sys/cpupart.h>
|
|
|
|
#include <sys/pool.h>
|
|
|
|
#include <sys/sysdc.h>
|
2009-02-18 23:51:31 +03:00
|
|
|
#include <sys/zone.h>
|
|
|
|
#endif /* _KERNEL */
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
#include "zfs_prop.h"
|
|
|
|
#include "zfs_comutil.h"
|
|
|
|
|
2015-12-31 19:38:59 +03:00
|
|
|
/*
|
|
|
|
* The interval, in seconds, at which failed configuration cache file writes
|
|
|
|
* should be retried.
|
|
|
|
*/
|
|
|
|
static int zfs_ccw_retry_interval = 300;
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
typedef enum zti_modes {
|
2013-05-06 23:24:30 +04:00
|
|
|
ZTI_MODE_FIXED, /* value is # of threads (min 1) */
|
|
|
|
ZTI_MODE_BATCH, /* cpu-intensive; value is ignored */
|
|
|
|
ZTI_MODE_NULL, /* don't create a taskq */
|
|
|
|
ZTI_NMODES
|
2010-05-29 00:45:14 +04:00
|
|
|
} zti_modes_t;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2013-05-06 23:24:30 +04:00
|
|
|
#define ZTI_P(n, q) { ZTI_MODE_FIXED, (n), (q) }
|
|
|
|
#define ZTI_PCT(n) { ZTI_MODE_ONLINE_PERCENT, (n), 1 }
|
|
|
|
#define ZTI_BATCH { ZTI_MODE_BATCH, 0, 1 }
|
|
|
|
#define ZTI_NULL { ZTI_MODE_NULL, 0, 0 }
|
2009-07-03 02:44:48 +04:00
|
|
|
|
2013-05-06 23:24:30 +04:00
|
|
|
#define ZTI_N(n) ZTI_P(n, 1)
|
|
|
|
#define ZTI_ONE ZTI_N(1)
|
2009-07-03 02:44:48 +04:00
|
|
|
|
|
|
|
typedef struct zio_taskq_info {
|
2013-05-06 23:24:30 +04:00
|
|
|
zti_modes_t zti_mode;
|
2010-05-29 00:45:14 +04:00
|
|
|
uint_t zti_value;
|
2013-05-06 23:24:30 +04:00
|
|
|
uint_t zti_count;
|
2009-07-03 02:44:48 +04:00
|
|
|
} zio_taskq_info_t;
|
|
|
|
|
|
|
|
static const char *const zio_taskq_types[ZIO_TASKQ_TYPES] = {
|
2010-10-28 21:36:50 +04:00
|
|
|
"iss", "iss_h", "int", "int_h"
|
2009-07-03 02:44:48 +04:00
|
|
|
};
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
2013-05-06 23:24:30 +04:00
|
|
|
* This table defines the taskq settings for each ZFS I/O type. When
|
|
|
|
* initializing a pool, we use this table to create an appropriately sized
|
|
|
|
* taskq. Some operations are low volume and therefore have a small, static
|
|
|
|
* number of threads assigned to their taskqs using the ZTI_N(#) or ZTI_ONE
|
|
|
|
* macros. Other operations process a large amount of data; the ZTI_BATCH
|
|
|
|
* macro causes us to create a taskq oriented for throughput. Some operations
|
|
|
|
* are so high frequency and short-lived that the taskq itself can become a a
|
|
|
|
* point of lock contention. The ZTI_P(#, #) macro indicates that we need an
|
|
|
|
* additional degree of parallelism specified by the number of threads per-
|
|
|
|
* taskq and the number of taskqs; when dispatching an event in this case, the
|
|
|
|
* particular taskq is chosen at random.
|
|
|
|
*
|
|
|
|
* The different taskq priorities are to handle the different contexts (issue
|
|
|
|
* and interrupt) and then to reserve threads for ZIO_PRIORITY_NOW I/Os that
|
|
|
|
* need to be handled with minimum delay.
|
2010-05-29 00:45:14 +04:00
|
|
|
*/
|
|
|
|
const zio_taskq_info_t zio_taskqs[ZIO_TYPES][ZIO_TASKQ_TYPES] = {
|
|
|
|
/* ISSUE ISSUE_HIGH INTR INTR_HIGH */
|
2013-05-06 23:24:30 +04:00
|
|
|
{ ZTI_ONE, ZTI_NULL, ZTI_ONE, ZTI_NULL }, /* NULL */
|
2015-06-03 21:43:30 +03:00
|
|
|
{ ZTI_N(8), ZTI_NULL, ZTI_P(12, 8), ZTI_NULL }, /* READ */
|
|
|
|
{ ZTI_BATCH, ZTI_N(5), ZTI_P(12, 8), ZTI_N(5) }, /* WRITE */
|
|
|
|
{ ZTI_P(12, 8), ZTI_NULL, ZTI_ONE, ZTI_NULL }, /* FREE */
|
2013-05-06 23:24:30 +04:00
|
|
|
{ ZTI_ONE, ZTI_NULL, ZTI_ONE, ZTI_NULL }, /* CLAIM */
|
|
|
|
{ ZTI_ONE, ZTI_NULL, ZTI_ONE, ZTI_NULL }, /* IOCTL */
|
2009-07-03 02:44:48 +04:00
|
|
|
};
|
|
|
|
|
2017-05-30 21:39:17 +03:00
|
|
|
static sysevent_t *spa_event_create(spa_t *spa, vdev_t *vd, nvlist_t *hist_nvl,
|
|
|
|
const char *name);
|
|
|
|
static void spa_event_post(sysevent_t *ev);
|
2013-09-04 16:00:57 +04:00
|
|
|
static void spa_sync_version(void *arg, dmu_tx_t *tx);
|
|
|
|
static void spa_sync_props(void *arg, dmu_tx_t *tx);
|
2008-12-03 23:09:06 +03:00
|
|
|
static boolean_t spa_has_active_shared_spare(spa_t *spa);
|
2010-08-26 21:58:00 +04:00
|
|
|
static inline int spa_load_impl(spa_t *spa, uint64_t, nvlist_t *config,
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_load_state_t state, spa_import_type_t type, boolean_t mosconfig,
|
|
|
|
char **ereport);
|
2010-08-27 01:24:34 +04:00
|
|
|
static void spa_vdev_resilver_done(spa_t *spa);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
Illumos #4045 write throttle & i/o scheduler performance work
4045 zfs write throttle & i/o scheduler performance work
1. The ZFS i/o scheduler (vdev_queue.c) now divides i/os into 5 classes: sync
read, sync write, async read, async write, and scrub/resilver. The scheduler
issues a number of concurrent i/os from each class to the device. Once a class
has been selected, an i/o is selected from this class using either an elevator
algorithem (async, scrub classes) or FIFO (sync classes). The number of
concurrent async write i/os is tuned dynamically based on i/o load, to achieve
good sync i/o latency when there is not a high load of writes, and good write
throughput when there is. See the block comment in vdev_queue.c (reproduced
below) for more details.
2. The write throttle (dsl_pool_tempreserve_space() and
txg_constrain_throughput()) is rewritten to produce much more consistent delays
when under constant load. The new write throttle is based on the amount of
dirty data, rather than guesses about future performance of the system. When
there is a lot of dirty data, each transaction (e.g. write() syscall) will be
delayed by the same small amount. This eliminates the "brick wall of wait"
that the old write throttle could hit, causing all transactions to wait several
seconds until the next txg opens. One of the keys to the new write throttle is
decrementing the amount of dirty data as i/o completes, rather than at the end
of spa_sync(). Note that the write throttle is only applied once the i/o
scheduler is issuing the maximum number of outstanding async writes. See the
block comments in dsl_pool.c and above dmu_tx_delay() (reproduced below) for
more details.
This diff has several other effects, including:
* the commonly-tuned global variable zfs_vdev_max_pending has been removed;
use per-class zfs_vdev_*_max_active values or zfs_vdev_max_active instead.
* the size of each txg (meaning the amount of dirty data written, and thus the
time it takes to write out) is now controlled differently. There is no longer
an explicit time goal; the primary determinant is amount of dirty data.
Systems that are under light or medium load will now often see that a txg is
always syncing, but the impact to performance (e.g. read latency) is minimal.
Tune zfs_dirty_data_max and zfs_dirty_data_sync to control this.
* zio_taskq_batch_pct = 75 -- Only use 75% of all CPUs for compression,
checksum, etc. This improves latency by not allowing these CPU-intensive tasks
to consume all CPU (on machines with at least 4 CPU's; the percentage is
rounded up).
--matt
APPENDIX: problems with the current i/o scheduler
The current ZFS i/o scheduler (vdev_queue.c) is deadline based. The problem
with this is that if there are always i/os pending, then certain classes of
i/os can see very long delays.
For example, if there are always synchronous reads outstanding, then no async
writes will be serviced until they become "past due". One symptom of this
situation is that each pass of the txg sync takes at least several seconds
(typically 3 seconds).
If many i/os become "past due" (their deadline is in the past), then we must
service all of these overdue i/os before any new i/os. This happens when we
enqueue a batch of async writes for the txg sync, with deadlines 2.5 seconds in
the future. If we can't complete all the i/os in 2.5 seconds (e.g. because
there were always reads pending), then these i/os will become past due. Now we
must service all the "async" writes (which could be hundreds of megabytes)
before we service any reads, introducing considerable latency to synchronous
i/os (reads or ZIL writes).
Notes on porting to ZFS on Linux:
- zio_t gained new members io_physdone and io_phys_children. Because
object caches in the Linux port call the constructor only once at
allocation time, objects may contain residual data when retrieved
from the cache. Therefore zio_create() was updated to zero out the two
new fields.
- vdev_mirror_pending() relied on the depth of the per-vdev pending queue
(vq->vq_pending_tree) to select the least-busy leaf vdev to read from.
This tree has been replaced by vq->vq_active_tree which is now used
for the same purpose.
- vdev_queue_init() used the value of zfs_vdev_max_pending to determine
the number of vdev I/O buffers to pre-allocate. That global no longer
exists, so we instead use the sum of the *_max_active values for each of
the five I/O classes described above.
- The Illumos implementation of dmu_tx_delay() delays a transaction by
sleeping in condition variable embedded in the thread
(curthread->t_delay_cv). We do not have an equivalent CV to use in
Linux, so this change replaced the delay logic with a wrapper called
zfs_sleep_until(). This wrapper could be adopted upstream and in other
downstream ports to abstract away operating system-specific delay logic.
- These tunables are added as module parameters, and descriptions added
to the zfs-module-parameters.5 man page.
spa_asize_inflation
zfs_deadman_synctime_ms
zfs_vdev_max_active
zfs_vdev_async_write_active_min_dirty_percent
zfs_vdev_async_write_active_max_dirty_percent
zfs_vdev_async_read_max_active
zfs_vdev_async_read_min_active
zfs_vdev_async_write_max_active
zfs_vdev_async_write_min_active
zfs_vdev_scrub_max_active
zfs_vdev_scrub_min_active
zfs_vdev_sync_read_max_active
zfs_vdev_sync_read_min_active
zfs_vdev_sync_write_max_active
zfs_vdev_sync_write_min_active
zfs_dirty_data_max_percent
zfs_delay_min_dirty_percent
zfs_dirty_data_max_max_percent
zfs_dirty_data_max
zfs_dirty_data_max_max
zfs_dirty_data_sync
zfs_delay_scale
The latter four have type unsigned long, whereas they are uint64_t in
Illumos. This accommodates Linux's module_param() supported types, but
means they may overflow on 32-bit architectures.
The values zfs_dirty_data_max and zfs_dirty_data_max_max are the most
likely to overflow on 32-bit systems, since they express physical RAM
sizes in bytes. In fact, Illumos initializes zfs_dirty_data_max_max to
2^32 which does overflow. To resolve that, this port instead initializes
it in arc_init() to 25% of physical RAM, and adds the tunable
zfs_dirty_data_max_max_percent to override that percentage. While this
solution doesn't completely avoid the overflow issue, it should be a
reasonable default for most systems, and the minority of affected
systems can work around the issue by overriding the defaults.
- Fixed reversed logic in comment above zfs_delay_scale declaration.
- Clarified comments in vdev_queue.c regarding when per-queue minimums take
effect.
- Replaced dmu_tx_write_limit in the dmu_tx kstat file
with dmu_tx_dirty_delay and dmu_tx_dirty_over_max. The first counts
how many times a transaction has been delayed because the pool dirty
data has exceeded zfs_delay_min_dirty_percent. The latter counts how
many times the pool dirty data has exceeded zfs_dirty_data_max (which
we expect to never happen).
- The original patch would have regressed the bug fixed in
zfsonlinux/zfs@c418410, which prevented users from setting the
zfs_vdev_aggregation_limit tuning larger than SPA_MAXBLOCKSIZE.
A similar fix is added to vdev_queue_aggregate().
- In vdev_queue_io_to_issue(), dynamically allocate 'zio_t search' on the
heap instead of the stack. In Linux we can't afford such large
structures on the stack.
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Christopher Siden <christopher.siden@delphix.com>
Reviewed by: Ned Bass <bass6@llnl.gov>
Reviewed by: Brendan Gregg <brendan.gregg@joyent.com>
Approved by: Robert Mustacchi <rm@joyent.com>
References:
http://www.illumos.org/issues/4045
illumos/illumos-gate@69962b5647e4a8b9b14998733b765925381b727e
Ported-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #1913
2013-08-29 07:01:20 +04:00
|
|
|
uint_t zio_taskq_batch_pct = 75; /* 1 thread per cpu in pset */
|
2010-05-29 00:45:14 +04:00
|
|
|
id_t zio_taskq_psrset_bind = PS_NONE;
|
|
|
|
boolean_t zio_taskq_sysdc = B_TRUE; /* use SDC scheduling class */
|
|
|
|
uint_t zio_taskq_basedc = 80; /* base duty cycle */
|
|
|
|
|
|
|
|
boolean_t spa_create_process = B_TRUE; /* no process ==> no sysdc */
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This (illegal) pool name is used when temporarily importing a spa_t in order
|
|
|
|
* to get the vdev stats associated with the imported devices.
|
|
|
|
*/
|
|
|
|
#define TRYIMPORT_NAME "$import"
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* ==========================================================================
|
|
|
|
* SPA properties routines
|
|
|
|
* ==========================================================================
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Add a (source=src, propname=propval) list to an nvlist.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_prop_add_list(nvlist_t *nvl, zpool_prop_t prop, char *strval,
|
|
|
|
uint64_t intval, zprop_source_t src)
|
|
|
|
{
|
|
|
|
const char *propname = zpool_prop_to_name(prop);
|
|
|
|
nvlist_t *propval;
|
|
|
|
|
2014-11-21 03:09:39 +03:00
|
|
|
VERIFY(nvlist_alloc(&propval, NV_UNIQUE_NAME, KM_SLEEP) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
VERIFY(nvlist_add_uint64(propval, ZPROP_SOURCE, src) == 0);
|
|
|
|
|
|
|
|
if (strval != NULL)
|
|
|
|
VERIFY(nvlist_add_string(propval, ZPROP_VALUE, strval) == 0);
|
|
|
|
else
|
|
|
|
VERIFY(nvlist_add_uint64(propval, ZPROP_VALUE, intval) == 0);
|
|
|
|
|
|
|
|
VERIFY(nvlist_add_nvlist(nvl, propname, propval) == 0);
|
|
|
|
nvlist_free(propval);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Get property values from the spa configuration.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_prop_get_config(spa_t *spa, nvlist_t **nvp)
|
|
|
|
{
|
2012-01-24 06:43:32 +04:00
|
|
|
vdev_t *rvd = spa->spa_root_vdev;
|
2012-12-14 03:24:15 +04:00
|
|
|
dsl_pool_t *pool = spa->spa_dsl_pool;
|
2014-07-20 00:19:24 +04:00
|
|
|
uint64_t size, alloc, cap, version;
|
2016-01-06 00:46:54 +03:00
|
|
|
const zprop_source_t src = ZPROP_SRC_NONE;
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_dirent_t *dp;
|
2014-07-20 00:19:24 +04:00
|
|
|
metaslab_class_t *mc = spa_normal_class(spa);
|
2008-12-03 23:09:06 +03:00
|
|
|
|
|
|
|
ASSERT(MUTEX_HELD(&spa->spa_props_lock));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2012-01-24 06:43:32 +04:00
|
|
|
if (rvd != NULL) {
|
2010-05-29 00:45:14 +04:00
|
|
|
alloc = metaslab_class_get_alloc(spa_normal_class(spa));
|
|
|
|
size = metaslab_class_get_space(spa_normal_class(spa));
|
2009-02-18 23:51:31 +03:00
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_NAME, spa_name(spa), 0, src);
|
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_SIZE, NULL, size, src);
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_ALLOCATED, NULL, alloc, src);
|
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_FREE, NULL,
|
|
|
|
size - alloc, src);
|
2012-01-24 06:43:32 +04:00
|
|
|
|
2014-07-20 00:19:24 +04:00
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_FRAGMENTATION, NULL,
|
|
|
|
metaslab_class_fragmentation(mc), src);
|
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_EXPANDSZ, NULL,
|
|
|
|
metaslab_class_expandable_space(mc), src);
|
2010-08-27 01:24:34 +04:00
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_READONLY, NULL,
|
|
|
|
(spa_mode(spa) == FREAD), src);
|
2009-02-18 23:51:31 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
cap = (size == 0) ? 0 : (alloc * 100 / size);
|
2009-02-18 23:51:31 +03:00
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_CAPACITY, NULL, cap, src);
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_DEDUPRATIO, NULL,
|
|
|
|
ddt_get_pool_dedup_ratio(spa), src);
|
|
|
|
|
2009-02-18 23:51:31 +03:00
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_HEALTH, NULL,
|
2012-01-24 06:43:32 +04:00
|
|
|
rvd->vdev_state, src);
|
2009-02-18 23:51:31 +03:00
|
|
|
|
|
|
|
version = spa_version(spa);
|
2016-01-06 00:46:54 +03:00
|
|
|
if (version == zpool_prop_default_numeric(ZPOOL_PROP_VERSION)) {
|
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_VERSION, NULL,
|
|
|
|
version, ZPROP_SRC_DEFAULT);
|
|
|
|
} else {
|
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_VERSION, NULL,
|
|
|
|
version, ZPROP_SRC_LOCAL);
|
|
|
|
}
|
2009-02-18 23:51:31 +03:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
if (pool != NULL) {
|
|
|
|
/*
|
|
|
|
* The $FREE directory was introduced in SPA_VERSION_DEADLISTS,
|
|
|
|
* when opening pools before this version freedir will be NULL.
|
|
|
|
*/
|
2014-06-06 01:20:08 +04:00
|
|
|
if (pool->dp_free_dir != NULL) {
|
2012-12-14 03:24:15 +04:00
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_FREEING, NULL,
|
2015-04-01 18:14:34 +03:00
|
|
|
dsl_dir_phys(pool->dp_free_dir)->dd_used_bytes,
|
|
|
|
src);
|
2012-12-14 03:24:15 +04:00
|
|
|
} else {
|
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_FREEING,
|
|
|
|
NULL, 0, src);
|
|
|
|
}
|
2014-06-06 01:20:08 +04:00
|
|
|
|
|
|
|
if (pool->dp_leak_dir != NULL) {
|
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_LEAKED, NULL,
|
2015-04-01 18:14:34 +03:00
|
|
|
dsl_dir_phys(pool->dp_leak_dir)->dd_used_bytes,
|
|
|
|
src);
|
2014-06-06 01:20:08 +04:00
|
|
|
} else {
|
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_LEAKED,
|
|
|
|
NULL, 0, src);
|
|
|
|
}
|
2012-12-14 03:24:15 +04:00
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_GUID, NULL, spa_guid(spa), src);
|
|
|
|
|
2011-11-15 23:01:27 +04:00
|
|
|
if (spa->spa_comment != NULL) {
|
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_COMMENT, spa->spa_comment,
|
|
|
|
0, ZPROP_SRC_LOCAL);
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
if (spa->spa_root != NULL)
|
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_ALTROOT, spa->spa_root,
|
|
|
|
0, ZPROP_SRC_LOCAL);
|
|
|
|
|
2014-11-03 23:15:08 +03:00
|
|
|
if (spa_feature_is_enabled(spa, SPA_FEATURE_LARGE_BLOCKS)) {
|
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_MAXBLOCKSIZE, NULL,
|
|
|
|
MIN(zfs_max_recordsize, SPA_MAXBLOCKSIZE), ZPROP_SRC_NONE);
|
|
|
|
} else {
|
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_MAXBLOCKSIZE, NULL,
|
|
|
|
SPA_OLD_MAXBLOCKSIZE, ZPROP_SRC_NONE);
|
|
|
|
}
|
|
|
|
|
Implement large_dnode pool feature
Justification
-------------
This feature adds support for variable length dnodes. Our motivation is
to eliminate the overhead associated with using spill blocks. Spill
blocks are used to store system attribute data (i.e. file metadata) that
does not fit in the dnode's bonus buffer. By allowing a larger bonus
buffer area the use of a spill block can be avoided. Spill blocks
potentially incur an additional read I/O for every dnode in a dnode
block. As a worst case example, reading 32 dnodes from a 16k dnode block
and all of the spill blocks could issue 33 separate reads. Now suppose
those dnodes have size 1024 and therefore don't need spill blocks. Then
the worst case number of blocks read is reduced to from 33 to two--one
per dnode block. In practice spill blocks may tend to be co-located on
disk with the dnode blocks so the reduction in I/O would not be this
drastic. In a badly fragmented pool, however, the improvement could be
significant.
ZFS-on-Linux systems that make heavy use of extended attributes would
benefit from this feature. In particular, ZFS-on-Linux supports the
xattr=sa dataset property which allows file extended attribute data
to be stored in the dnode bonus buffer as an alternative to the
traditional directory-based format. Workloads such as SELinux and the
Lustre distributed filesystem often store enough xattr data to force
spill bocks when xattr=sa is in effect. Large dnodes may therefore
provide a performance benefit to such systems.
Other use cases that may benefit from this feature include files with
large ACLs and symbolic links with long target names. Furthermore,
this feature may be desirable on other platforms in case future
applications or features are developed that could make use of a
larger bonus buffer area.
Implementation
--------------
The size of a dnode may be a multiple of 512 bytes up to the size of
a dnode block (currently 16384 bytes). A dn_extra_slots field was
added to the current on-disk dnode_phys_t structure to describe the
size of the physical dnode on disk. The 8 bits for this field were
taken from the zero filled dn_pad2 field. The field represents how
many "extra" dnode_phys_t slots a dnode consumes in its dnode block.
This convention results in a value of 0 for 512 byte dnodes which
preserves on-disk format compatibility with older software.
Similarly, the in-memory dnode_t structure has a new dn_num_slots field
to represent the total number of dnode_phys_t slots consumed on disk.
Thus dn->dn_num_slots is 1 greater than the corresponding
dnp->dn_extra_slots. This difference in convention was adopted
because, unlike on-disk structures, backward compatibility is not a
concern for in-memory objects, so we used a more natural way to
represent size for a dnode_t.
The default size for newly created dnodes is determined by the value of
a new "dnodesize" dataset property. By default the property is set to
"legacy" which is compatible with older software. Setting the property
to "auto" will allow the filesystem to choose the most suitable dnode
size. Currently this just sets the default dnode size to 1k, but future
code improvements could dynamically choose a size based on observed
workload patterns. Dnodes of varying sizes can coexist within the same
dataset and even within the same dnode block. For example, to enable
automatically-sized dnodes, run
# zfs set dnodesize=auto tank/fish
The user can also specify literal values for the dnodesize property.
These are currently limited to powers of two from 1k to 16k. The
power-of-2 limitation is only for simplicity of the user interface.
Internally the implementation can handle any multiple of 512 up to 16k,
and consumers of the DMU API can specify any legal dnode value.
The size of a new dnode is determined at object allocation time and
stored as a new field in the znode in-memory structure. New DMU
interfaces are added to allow the consumer to specify the dnode size
that a newly allocated object should use. Existing interfaces are
unchanged to avoid having to update every call site and to preserve
compatibility with external consumers such as Lustre. The new
interfaces names are given below. The versions of these functions that
don't take a dnodesize parameter now just call the _dnsize() versions
with a dnodesize of 0, which means use the legacy dnode size.
New DMU interfaces:
dmu_object_alloc_dnsize()
dmu_object_claim_dnsize()
dmu_object_reclaim_dnsize()
New ZAP interfaces:
zap_create_dnsize()
zap_create_norm_dnsize()
zap_create_flags_dnsize()
zap_create_claim_norm_dnsize()
zap_create_link_dnsize()
The constant DN_MAX_BONUSLEN is renamed to DN_OLD_MAX_BONUSLEN. The
spa_maxdnodesize() function should be used to determine the maximum
bonus length for a pool.
These are a few noteworthy changes to key functions:
* The prototype for dnode_hold_impl() now takes a "slots" parameter.
When the DNODE_MUST_BE_FREE flag is set, this parameter is used to
ensure the hole at the specified object offset is large enough to
hold the dnode being created. The slots parameter is also used
to ensure a dnode does not span multiple dnode blocks. In both of
these cases, if a failure occurs, ENOSPC is returned. Keep in mind,
these failure cases are only possible when using DNODE_MUST_BE_FREE.
If the DNODE_MUST_BE_ALLOCATED flag is set, "slots" must be 0.
dnode_hold_impl() will check if the requested dnode is already
consumed as an extra dnode slot by an large dnode, in which case
it returns ENOENT.
* The function dmu_object_alloc() advances to the next dnode block
if dnode_hold_impl() returns an error for a requested object.
This is because the beginning of the next dnode block is the only
location it can safely assume to either be a hole or a valid
starting point for a dnode.
* dnode_next_offset_level() and other functions that iterate
through dnode blocks may no longer use a simple array indexing
scheme. These now use the current dnode's dn_num_slots field to
advance to the next dnode in the block. This is to ensure we
properly skip the current dnode's bonus area and don't interpret it
as a valid dnode.
zdb
---
The zdb command was updated to display a dnode's size under the
"dnsize" column when the object is dumped.
For ZIL create log records, zdb will now display the slot count for
the object.
ztest
-----
Ztest chooses a random dnodesize for every newly created object. The
random distribution is more heavily weighted toward small dnodes to
better simulate real-world datasets.
Unused bonus buffer space is filled with non-zero values computed from
the object number, dataset id, offset, and generation number. This
helps ensure that the dnode traversal code properly skips the interior
regions of large dnodes, and that these interior regions are not
overwritten by data belonging to other dnodes. A new test visits each
object in a dataset. It verifies that the actual dnode size matches what
was stored in the ztest block tag when it was created. It also verifies
that the unused bonus buffer space is filled with the expected data
patterns.
ZFS Test Suite
--------------
Added six new large dnode-specific tests, and integrated the dnodesize
property into existing tests for zfs allow and send/recv.
Send/Receive
------------
ZFS send streams for datasets containing large dnodes cannot be received
on pools that don't support the large_dnode feature. A send stream with
large dnodes sets a DMU_BACKUP_FEATURE_LARGE_DNODE flag which will be
unrecognized by an incompatible receiving pool so that the zfs receive
will fail gracefully.
While not implemented here, it may be possible to generate a
backward-compatible send stream from a dataset containing large
dnodes. The implementation may be tricky, however, because the send
object record for a large dnode would need to be resized to a 512
byte dnode, possibly kicking in a spill block in the process. This
means we would need to construct a new SA layout and possibly
register it in the SA layout object. The SA layout is normally just
sent as an ordinary object record. But if we are constructing new
layouts while generating the send stream we'd have to build the SA
layout object dynamically and send it at the end of the stream.
For sending and receiving between pools that do support large dnodes,
the drr_object send record type is extended with a new field to store
the dnode slot count. This field was repurposed from unused padding
in the structure.
ZIL Replay
----------
The dnode slot count is stored in the uppermost 8 bits of the lr_foid
field. The bits were unused as the object id is currently capped at
48 bits.
Resizing Dnodes
---------------
It should be possible to resize a dnode when it is dirtied if the
current dnodesize dataset property differs from the dnode's size, but
this functionality is not currently implemented. Clearly a dnode can
only grow if there are sufficient contiguous unused slots in the
dnode block, but it should always be possible to shrink a dnode.
Growing dnodes may be useful to reduce fragmentation in a pool with
many spill blocks in use. Shrinking dnodes may be useful to allow
sending a dataset to a pool that doesn't support the large_dnode
feature.
Feature Reference Counting
--------------------------
The reference count for the large_dnode pool feature tracks the
number of datasets that have ever contained a dnode of size larger
than 512 bytes. The first time a large dnode is created in a dataset
the dataset is converted to an extensible dataset. This is a one-way
operation and the only way to decrement the feature count is to
destroy the dataset, even if the dataset no longer contains any large
dnodes. The complexity of reference counting on a per-dnode basis was
too high, so we chose to track it on a per-dataset basis similarly to
the large_block feature.
Signed-off-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #3542
2016-03-17 04:25:34 +03:00
|
|
|
if (spa_feature_is_enabled(spa, SPA_FEATURE_LARGE_DNODE)) {
|
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_MAXDNODESIZE, NULL,
|
|
|
|
DNODE_MAX_SIZE, ZPROP_SRC_NONE);
|
|
|
|
} else {
|
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_MAXDNODESIZE, NULL,
|
|
|
|
DNODE_MIN_SIZE, ZPROP_SRC_NONE);
|
|
|
|
}
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
if ((dp = list_head(&spa->spa_config_list)) != NULL) {
|
|
|
|
if (dp->scd_path == NULL) {
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_CACHEFILE,
|
2008-12-03 23:09:06 +03:00
|
|
|
"none", 0, ZPROP_SRC_LOCAL);
|
|
|
|
} else if (strcmp(dp->scd_path, spa_config_path) != 0) {
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_prop_add_list(*nvp, ZPOOL_PROP_CACHEFILE,
|
2008-12-03 23:09:06 +03:00
|
|
|
dp->scd_path, 0, ZPROP_SRC_LOCAL);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Get zpool property values.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
spa_prop_get(spa_t *spa, nvlist_t **nvp)
|
|
|
|
{
|
2010-05-29 00:45:14 +04:00
|
|
|
objset_t *mos = spa->spa_meta_objset;
|
2008-11-20 23:01:55 +03:00
|
|
|
zap_cursor_t zc;
|
|
|
|
zap_attribute_t za;
|
|
|
|
int err;
|
|
|
|
|
2014-11-21 03:09:39 +03:00
|
|
|
err = nvlist_alloc(nvp, NV_UNIQUE_NAME, KM_SLEEP);
|
2010-08-26 22:49:16 +04:00
|
|
|
if (err)
|
2013-11-01 23:26:11 +04:00
|
|
|
return (err);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
mutex_enter(&spa->spa_props_lock);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Get properties from the spa config.
|
|
|
|
*/
|
|
|
|
spa_prop_get_config(spa, nvp);
|
|
|
|
|
|
|
|
/* If no pool property object, no more prop to get. */
|
2010-05-29 00:45:14 +04:00
|
|
|
if (mos == NULL || spa->spa_pool_props_object == 0) {
|
2008-11-20 23:01:55 +03:00
|
|
|
mutex_exit(&spa->spa_props_lock);
|
2010-08-26 22:49:16 +04:00
|
|
|
goto out;
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Get properties from the MOS pool property object.
|
|
|
|
*/
|
|
|
|
for (zap_cursor_init(&zc, mos, spa->spa_pool_props_object);
|
|
|
|
(err = zap_cursor_retrieve(&zc, &za)) == 0;
|
|
|
|
zap_cursor_advance(&zc)) {
|
|
|
|
uint64_t intval = 0;
|
|
|
|
char *strval = NULL;
|
|
|
|
zprop_source_t src = ZPROP_SRC_DEFAULT;
|
|
|
|
zpool_prop_t prop;
|
|
|
|
|
|
|
|
if ((prop = zpool_name_to_prop(za.za_name)) == ZPROP_INVAL)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
switch (za.za_integer_length) {
|
|
|
|
case 8:
|
|
|
|
/* integer property */
|
|
|
|
if (za.za_first_integer !=
|
|
|
|
zpool_prop_default_numeric(prop))
|
|
|
|
src = ZPROP_SRC_LOCAL;
|
|
|
|
|
|
|
|
if (prop == ZPOOL_PROP_BOOTFS) {
|
|
|
|
dsl_pool_t *dp;
|
|
|
|
dsl_dataset_t *ds = NULL;
|
|
|
|
|
|
|
|
dp = spa_get_dsl(spa);
|
2013-09-04 16:00:57 +04:00
|
|
|
dsl_pool_config_enter(dp, FTAG);
|
2010-08-26 20:52:42 +04:00
|
|
|
if ((err = dsl_dataset_hold_obj(dp,
|
|
|
|
za.za_first_integer, FTAG, &ds))) {
|
2013-09-04 16:00:57 +04:00
|
|
|
dsl_pool_config_exit(dp, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2016-06-16 00:28:36 +03:00
|
|
|
strval = kmem_alloc(ZFS_MAX_DATASET_NAME_LEN,
|
2014-11-21 03:09:39 +03:00
|
|
|
KM_SLEEP);
|
2008-11-20 23:01:55 +03:00
|
|
|
dsl_dataset_name(ds, strval);
|
2008-12-03 23:09:06 +03:00
|
|
|
dsl_dataset_rele(ds, FTAG);
|
2013-09-04 16:00:57 +04:00
|
|
|
dsl_pool_config_exit(dp, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
} else {
|
|
|
|
strval = NULL;
|
|
|
|
intval = za.za_first_integer;
|
|
|
|
}
|
|
|
|
|
|
|
|
spa_prop_add_list(*nvp, prop, strval, intval, src);
|
|
|
|
|
|
|
|
if (strval != NULL)
|
2016-06-16 00:28:36 +03:00
|
|
|
kmem_free(strval, ZFS_MAX_DATASET_NAME_LEN);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
case 1:
|
|
|
|
/* string property */
|
2014-11-21 03:09:39 +03:00
|
|
|
strval = kmem_alloc(za.za_num_integers, KM_SLEEP);
|
2008-11-20 23:01:55 +03:00
|
|
|
err = zap_lookup(mos, spa->spa_pool_props_object,
|
|
|
|
za.za_name, 1, za.za_num_integers, strval);
|
|
|
|
if (err) {
|
|
|
|
kmem_free(strval, za.za_num_integers);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
spa_prop_add_list(*nvp, prop, strval, 0, src);
|
|
|
|
kmem_free(strval, za.za_num_integers);
|
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
zap_cursor_fini(&zc);
|
|
|
|
mutex_exit(&spa->spa_props_lock);
|
|
|
|
out:
|
|
|
|
if (err && err != ENOENT) {
|
|
|
|
nvlist_free(*nvp);
|
|
|
|
*nvp = NULL;
|
|
|
|
return (err);
|
|
|
|
}
|
|
|
|
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Validate the given pool properties nvlist and modify the list
|
|
|
|
* for the property values to be set.
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
spa_prop_validate(spa_t *spa, nvlist_t *props)
|
|
|
|
{
|
|
|
|
nvpair_t *elem;
|
|
|
|
int error = 0, reset_bootfs = 0;
|
2010-08-26 20:58:04 +04:00
|
|
|
uint64_t objnum = 0;
|
2012-12-14 03:24:15 +04:00
|
|
|
boolean_t has_feature = B_FALSE;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
elem = NULL;
|
|
|
|
while ((elem = nvlist_next_nvpair(props, elem)) != NULL) {
|
|
|
|
uint64_t intval;
|
2012-12-14 03:24:15 +04:00
|
|
|
char *strval, *slash, *check, *fname;
|
|
|
|
const char *propname = nvpair_name(elem);
|
|
|
|
zpool_prop_t prop = zpool_name_to_prop(propname);
|
|
|
|
|
|
|
|
switch ((int)prop) {
|
|
|
|
case ZPROP_INVAL:
|
|
|
|
if (!zpool_prop_feature(propname)) {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2012-12-14 03:24:15 +04:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Sanitize the input.
|
|
|
|
*/
|
|
|
|
if (nvpair_type(elem) != DATA_TYPE_UINT64) {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2012-12-14 03:24:15 +04:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (nvpair_value_uint64(elem, &intval) != 0) {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2012-12-14 03:24:15 +04:00
|
|
|
break;
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
if (intval != 0) {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2012-12-14 03:24:15 +04:00
|
|
|
break;
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
fname = strchr(propname, '@') + 1;
|
|
|
|
if (zfeature_lookup_name(fname, NULL) != 0) {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2012-12-14 03:24:15 +04:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
has_feature = B_TRUE;
|
|
|
|
break;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
case ZPOOL_PROP_VERSION:
|
|
|
|
error = nvpair_value_uint64(elem, &intval);
|
|
|
|
if (!error &&
|
2012-12-14 03:24:15 +04:00
|
|
|
(intval < spa_version(spa) ||
|
|
|
|
intval > SPA_VERSION_BEFORE_FEATURES ||
|
|
|
|
has_feature))
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
|
|
|
|
|
|
|
case ZPOOL_PROP_DELEGATION:
|
|
|
|
case ZPOOL_PROP_AUTOREPLACE:
|
2008-12-03 23:09:06 +03:00
|
|
|
case ZPOOL_PROP_LISTSNAPS:
|
2009-07-03 02:44:48 +04:00
|
|
|
case ZPOOL_PROP_AUTOEXPAND:
|
2008-11-20 23:01:55 +03:00
|
|
|
error = nvpair_value_uint64(elem, &intval);
|
|
|
|
if (!error && intval > 1)
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
|
|
|
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
case ZPOOL_PROP_MULTIHOST:
|
|
|
|
error = nvpair_value_uint64(elem, &intval);
|
|
|
|
if (!error && intval > 1)
|
|
|
|
error = SET_ERROR(EINVAL);
|
|
|
|
|
|
|
|
if (!error && !spa_get_hostid())
|
|
|
|
error = SET_ERROR(ENOTSUP);
|
|
|
|
|
|
|
|
break;
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
case ZPOOL_PROP_BOOTFS:
|
2009-07-03 02:44:48 +04:00
|
|
|
/*
|
|
|
|
* If the pool version is less than SPA_VERSION_BOOTFS,
|
|
|
|
* or the pool is still being created (version == 0),
|
|
|
|
* the bootfs property cannot be set.
|
|
|
|
*/
|
2008-11-20 23:01:55 +03:00
|
|
|
if (spa_version(spa) < SPA_VERSION_BOOTFS) {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(ENOTSUP);
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2008-12-03 23:09:06 +03:00
|
|
|
* Make sure the vdev config is bootable
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2008-12-03 23:09:06 +03:00
|
|
|
if (!vdev_is_bootable(spa->spa_root_vdev)) {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(ENOTSUP);
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
reset_bootfs = 1;
|
|
|
|
|
|
|
|
error = nvpair_value_string(elem, &strval);
|
|
|
|
|
|
|
|
if (!error) {
|
2012-12-14 03:24:15 +04:00
|
|
|
objset_t *os;
|
2014-11-03 23:15:08 +03:00
|
|
|
uint64_t propval;
|
2008-12-03 23:09:06 +03:00
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
if (strval == NULL || strval[0] == '\0') {
|
|
|
|
objnum = zpool_prop_default_numeric(
|
|
|
|
ZPOOL_PROP_BOOTFS);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2013-11-01 23:26:11 +04:00
|
|
|
error = dmu_objset_hold(strval, FTAG, &os);
|
|
|
|
if (error)
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
2008-12-03 23:09:06 +03:00
|
|
|
|
2014-11-03 23:15:08 +03:00
|
|
|
/*
|
|
|
|
* Must be ZPL, and its property settings
|
|
|
|
* must be supported by GRUB (compression
|
Implement large_dnode pool feature
Justification
-------------
This feature adds support for variable length dnodes. Our motivation is
to eliminate the overhead associated with using spill blocks. Spill
blocks are used to store system attribute data (i.e. file metadata) that
does not fit in the dnode's bonus buffer. By allowing a larger bonus
buffer area the use of a spill block can be avoided. Spill blocks
potentially incur an additional read I/O for every dnode in a dnode
block. As a worst case example, reading 32 dnodes from a 16k dnode block
and all of the spill blocks could issue 33 separate reads. Now suppose
those dnodes have size 1024 and therefore don't need spill blocks. Then
the worst case number of blocks read is reduced to from 33 to two--one
per dnode block. In practice spill blocks may tend to be co-located on
disk with the dnode blocks so the reduction in I/O would not be this
drastic. In a badly fragmented pool, however, the improvement could be
significant.
ZFS-on-Linux systems that make heavy use of extended attributes would
benefit from this feature. In particular, ZFS-on-Linux supports the
xattr=sa dataset property which allows file extended attribute data
to be stored in the dnode bonus buffer as an alternative to the
traditional directory-based format. Workloads such as SELinux and the
Lustre distributed filesystem often store enough xattr data to force
spill bocks when xattr=sa is in effect. Large dnodes may therefore
provide a performance benefit to such systems.
Other use cases that may benefit from this feature include files with
large ACLs and symbolic links with long target names. Furthermore,
this feature may be desirable on other platforms in case future
applications or features are developed that could make use of a
larger bonus buffer area.
Implementation
--------------
The size of a dnode may be a multiple of 512 bytes up to the size of
a dnode block (currently 16384 bytes). A dn_extra_slots field was
added to the current on-disk dnode_phys_t structure to describe the
size of the physical dnode on disk. The 8 bits for this field were
taken from the zero filled dn_pad2 field. The field represents how
many "extra" dnode_phys_t slots a dnode consumes in its dnode block.
This convention results in a value of 0 for 512 byte dnodes which
preserves on-disk format compatibility with older software.
Similarly, the in-memory dnode_t structure has a new dn_num_slots field
to represent the total number of dnode_phys_t slots consumed on disk.
Thus dn->dn_num_slots is 1 greater than the corresponding
dnp->dn_extra_slots. This difference in convention was adopted
because, unlike on-disk structures, backward compatibility is not a
concern for in-memory objects, so we used a more natural way to
represent size for a dnode_t.
The default size for newly created dnodes is determined by the value of
a new "dnodesize" dataset property. By default the property is set to
"legacy" which is compatible with older software. Setting the property
to "auto" will allow the filesystem to choose the most suitable dnode
size. Currently this just sets the default dnode size to 1k, but future
code improvements could dynamically choose a size based on observed
workload patterns. Dnodes of varying sizes can coexist within the same
dataset and even within the same dnode block. For example, to enable
automatically-sized dnodes, run
# zfs set dnodesize=auto tank/fish
The user can also specify literal values for the dnodesize property.
These are currently limited to powers of two from 1k to 16k. The
power-of-2 limitation is only for simplicity of the user interface.
Internally the implementation can handle any multiple of 512 up to 16k,
and consumers of the DMU API can specify any legal dnode value.
The size of a new dnode is determined at object allocation time and
stored as a new field in the znode in-memory structure. New DMU
interfaces are added to allow the consumer to specify the dnode size
that a newly allocated object should use. Existing interfaces are
unchanged to avoid having to update every call site and to preserve
compatibility with external consumers such as Lustre. The new
interfaces names are given below. The versions of these functions that
don't take a dnodesize parameter now just call the _dnsize() versions
with a dnodesize of 0, which means use the legacy dnode size.
New DMU interfaces:
dmu_object_alloc_dnsize()
dmu_object_claim_dnsize()
dmu_object_reclaim_dnsize()
New ZAP interfaces:
zap_create_dnsize()
zap_create_norm_dnsize()
zap_create_flags_dnsize()
zap_create_claim_norm_dnsize()
zap_create_link_dnsize()
The constant DN_MAX_BONUSLEN is renamed to DN_OLD_MAX_BONUSLEN. The
spa_maxdnodesize() function should be used to determine the maximum
bonus length for a pool.
These are a few noteworthy changes to key functions:
* The prototype for dnode_hold_impl() now takes a "slots" parameter.
When the DNODE_MUST_BE_FREE flag is set, this parameter is used to
ensure the hole at the specified object offset is large enough to
hold the dnode being created. The slots parameter is also used
to ensure a dnode does not span multiple dnode blocks. In both of
these cases, if a failure occurs, ENOSPC is returned. Keep in mind,
these failure cases are only possible when using DNODE_MUST_BE_FREE.
If the DNODE_MUST_BE_ALLOCATED flag is set, "slots" must be 0.
dnode_hold_impl() will check if the requested dnode is already
consumed as an extra dnode slot by an large dnode, in which case
it returns ENOENT.
* The function dmu_object_alloc() advances to the next dnode block
if dnode_hold_impl() returns an error for a requested object.
This is because the beginning of the next dnode block is the only
location it can safely assume to either be a hole or a valid
starting point for a dnode.
* dnode_next_offset_level() and other functions that iterate
through dnode blocks may no longer use a simple array indexing
scheme. These now use the current dnode's dn_num_slots field to
advance to the next dnode in the block. This is to ensure we
properly skip the current dnode's bonus area and don't interpret it
as a valid dnode.
zdb
---
The zdb command was updated to display a dnode's size under the
"dnsize" column when the object is dumped.
For ZIL create log records, zdb will now display the slot count for
the object.
ztest
-----
Ztest chooses a random dnodesize for every newly created object. The
random distribution is more heavily weighted toward small dnodes to
better simulate real-world datasets.
Unused bonus buffer space is filled with non-zero values computed from
the object number, dataset id, offset, and generation number. This
helps ensure that the dnode traversal code properly skips the interior
regions of large dnodes, and that these interior regions are not
overwritten by data belonging to other dnodes. A new test visits each
object in a dataset. It verifies that the actual dnode size matches what
was stored in the ztest block tag when it was created. It also verifies
that the unused bonus buffer space is filled with the expected data
patterns.
ZFS Test Suite
--------------
Added six new large dnode-specific tests, and integrated the dnodesize
property into existing tests for zfs allow and send/recv.
Send/Receive
------------
ZFS send streams for datasets containing large dnodes cannot be received
on pools that don't support the large_dnode feature. A send stream with
large dnodes sets a DMU_BACKUP_FEATURE_LARGE_DNODE flag which will be
unrecognized by an incompatible receiving pool so that the zfs receive
will fail gracefully.
While not implemented here, it may be possible to generate a
backward-compatible send stream from a dataset containing large
dnodes. The implementation may be tricky, however, because the send
object record for a large dnode would need to be resized to a 512
byte dnode, possibly kicking in a spill block in the process. This
means we would need to construct a new SA layout and possibly
register it in the SA layout object. The SA layout is normally just
sent as an ordinary object record. But if we are constructing new
layouts while generating the send stream we'd have to build the SA
layout object dynamically and send it at the end of the stream.
For sending and receiving between pools that do support large dnodes,
the drr_object send record type is extended with a new field to store
the dnode slot count. This field was repurposed from unused padding
in the structure.
ZIL Replay
----------
The dnode slot count is stored in the uppermost 8 bits of the lr_foid
field. The bits were unused as the object id is currently capped at
48 bits.
Resizing Dnodes
---------------
It should be possible to resize a dnode when it is dirtied if the
current dnodesize dataset property differs from the dnode's size, but
this functionality is not currently implemented. Clearly a dnode can
only grow if there are sufficient contiguous unused slots in the
dnode block, but it should always be possible to shrink a dnode.
Growing dnodes may be useful to reduce fragmentation in a pool with
many spill blocks in use. Shrinking dnodes may be useful to allow
sending a dataset to a pool that doesn't support the large_dnode
feature.
Feature Reference Counting
--------------------------
The reference count for the large_dnode pool feature tracks the
number of datasets that have ever contained a dnode of size larger
than 512 bytes. The first time a large dnode is created in a dataset
the dataset is converted to an extensible dataset. This is a one-way
operation and the only way to decrement the feature count is to
destroy the dataset, even if the dataset no longer contains any large
dnodes. The complexity of reference counting on a per-dnode basis was
too high, so we chose to track it on a per-dataset basis similarly to
the large_block feature.
Signed-off-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #3542
2016-03-17 04:25:34 +03:00
|
|
|
* is not gzip, and large blocks or large
|
|
|
|
* dnodes are not used).
|
2014-11-03 23:15:08 +03:00
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
if (dmu_objset_type(os) != DMU_OST_ZFS) {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(ENOTSUP);
|
2013-09-04 16:00:57 +04:00
|
|
|
} else if ((error =
|
|
|
|
dsl_prop_get_int_ds(dmu_objset_ds(os),
|
2008-12-03 23:09:06 +03:00
|
|
|
zfs_prop_to_name(ZFS_PROP_COMPRESSION),
|
2014-11-03 23:15:08 +03:00
|
|
|
&propval)) == 0 &&
|
|
|
|
!BOOTFS_COMPRESS_VALID(propval)) {
|
|
|
|
error = SET_ERROR(ENOTSUP);
|
Implement large_dnode pool feature
Justification
-------------
This feature adds support for variable length dnodes. Our motivation is
to eliminate the overhead associated with using spill blocks. Spill
blocks are used to store system attribute data (i.e. file metadata) that
does not fit in the dnode's bonus buffer. By allowing a larger bonus
buffer area the use of a spill block can be avoided. Spill blocks
potentially incur an additional read I/O for every dnode in a dnode
block. As a worst case example, reading 32 dnodes from a 16k dnode block
and all of the spill blocks could issue 33 separate reads. Now suppose
those dnodes have size 1024 and therefore don't need spill blocks. Then
the worst case number of blocks read is reduced to from 33 to two--one
per dnode block. In practice spill blocks may tend to be co-located on
disk with the dnode blocks so the reduction in I/O would not be this
drastic. In a badly fragmented pool, however, the improvement could be
significant.
ZFS-on-Linux systems that make heavy use of extended attributes would
benefit from this feature. In particular, ZFS-on-Linux supports the
xattr=sa dataset property which allows file extended attribute data
to be stored in the dnode bonus buffer as an alternative to the
traditional directory-based format. Workloads such as SELinux and the
Lustre distributed filesystem often store enough xattr data to force
spill bocks when xattr=sa is in effect. Large dnodes may therefore
provide a performance benefit to such systems.
Other use cases that may benefit from this feature include files with
large ACLs and symbolic links with long target names. Furthermore,
this feature may be desirable on other platforms in case future
applications or features are developed that could make use of a
larger bonus buffer area.
Implementation
--------------
The size of a dnode may be a multiple of 512 bytes up to the size of
a dnode block (currently 16384 bytes). A dn_extra_slots field was
added to the current on-disk dnode_phys_t structure to describe the
size of the physical dnode on disk. The 8 bits for this field were
taken from the zero filled dn_pad2 field. The field represents how
many "extra" dnode_phys_t slots a dnode consumes in its dnode block.
This convention results in a value of 0 for 512 byte dnodes which
preserves on-disk format compatibility with older software.
Similarly, the in-memory dnode_t structure has a new dn_num_slots field
to represent the total number of dnode_phys_t slots consumed on disk.
Thus dn->dn_num_slots is 1 greater than the corresponding
dnp->dn_extra_slots. This difference in convention was adopted
because, unlike on-disk structures, backward compatibility is not a
concern for in-memory objects, so we used a more natural way to
represent size for a dnode_t.
The default size for newly created dnodes is determined by the value of
a new "dnodesize" dataset property. By default the property is set to
"legacy" which is compatible with older software. Setting the property
to "auto" will allow the filesystem to choose the most suitable dnode
size. Currently this just sets the default dnode size to 1k, but future
code improvements could dynamically choose a size based on observed
workload patterns. Dnodes of varying sizes can coexist within the same
dataset and even within the same dnode block. For example, to enable
automatically-sized dnodes, run
# zfs set dnodesize=auto tank/fish
The user can also specify literal values for the dnodesize property.
These are currently limited to powers of two from 1k to 16k. The
power-of-2 limitation is only for simplicity of the user interface.
Internally the implementation can handle any multiple of 512 up to 16k,
and consumers of the DMU API can specify any legal dnode value.
The size of a new dnode is determined at object allocation time and
stored as a new field in the znode in-memory structure. New DMU
interfaces are added to allow the consumer to specify the dnode size
that a newly allocated object should use. Existing interfaces are
unchanged to avoid having to update every call site and to preserve
compatibility with external consumers such as Lustre. The new
interfaces names are given below. The versions of these functions that
don't take a dnodesize parameter now just call the _dnsize() versions
with a dnodesize of 0, which means use the legacy dnode size.
New DMU interfaces:
dmu_object_alloc_dnsize()
dmu_object_claim_dnsize()
dmu_object_reclaim_dnsize()
New ZAP interfaces:
zap_create_dnsize()
zap_create_norm_dnsize()
zap_create_flags_dnsize()
zap_create_claim_norm_dnsize()
zap_create_link_dnsize()
The constant DN_MAX_BONUSLEN is renamed to DN_OLD_MAX_BONUSLEN. The
spa_maxdnodesize() function should be used to determine the maximum
bonus length for a pool.
These are a few noteworthy changes to key functions:
* The prototype for dnode_hold_impl() now takes a "slots" parameter.
When the DNODE_MUST_BE_FREE flag is set, this parameter is used to
ensure the hole at the specified object offset is large enough to
hold the dnode being created. The slots parameter is also used
to ensure a dnode does not span multiple dnode blocks. In both of
these cases, if a failure occurs, ENOSPC is returned. Keep in mind,
these failure cases are only possible when using DNODE_MUST_BE_FREE.
If the DNODE_MUST_BE_ALLOCATED flag is set, "slots" must be 0.
dnode_hold_impl() will check if the requested dnode is already
consumed as an extra dnode slot by an large dnode, in which case
it returns ENOENT.
* The function dmu_object_alloc() advances to the next dnode block
if dnode_hold_impl() returns an error for a requested object.
This is because the beginning of the next dnode block is the only
location it can safely assume to either be a hole or a valid
starting point for a dnode.
* dnode_next_offset_level() and other functions that iterate
through dnode blocks may no longer use a simple array indexing
scheme. These now use the current dnode's dn_num_slots field to
advance to the next dnode in the block. This is to ensure we
properly skip the current dnode's bonus area and don't interpret it
as a valid dnode.
zdb
---
The zdb command was updated to display a dnode's size under the
"dnsize" column when the object is dumped.
For ZIL create log records, zdb will now display the slot count for
the object.
ztest
-----
Ztest chooses a random dnodesize for every newly created object. The
random distribution is more heavily weighted toward small dnodes to
better simulate real-world datasets.
Unused bonus buffer space is filled with non-zero values computed from
the object number, dataset id, offset, and generation number. This
helps ensure that the dnode traversal code properly skips the interior
regions of large dnodes, and that these interior regions are not
overwritten by data belonging to other dnodes. A new test visits each
object in a dataset. It verifies that the actual dnode size matches what
was stored in the ztest block tag when it was created. It also verifies
that the unused bonus buffer space is filled with the expected data
patterns.
ZFS Test Suite
--------------
Added six new large dnode-specific tests, and integrated the dnodesize
property into existing tests for zfs allow and send/recv.
Send/Receive
------------
ZFS send streams for datasets containing large dnodes cannot be received
on pools that don't support the large_dnode feature. A send stream with
large dnodes sets a DMU_BACKUP_FEATURE_LARGE_DNODE flag which will be
unrecognized by an incompatible receiving pool so that the zfs receive
will fail gracefully.
While not implemented here, it may be possible to generate a
backward-compatible send stream from a dataset containing large
dnodes. The implementation may be tricky, however, because the send
object record for a large dnode would need to be resized to a 512
byte dnode, possibly kicking in a spill block in the process. This
means we would need to construct a new SA layout and possibly
register it in the SA layout object. The SA layout is normally just
sent as an ordinary object record. But if we are constructing new
layouts while generating the send stream we'd have to build the SA
layout object dynamically and send it at the end of the stream.
For sending and receiving between pools that do support large dnodes,
the drr_object send record type is extended with a new field to store
the dnode slot count. This field was repurposed from unused padding
in the structure.
ZIL Replay
----------
The dnode slot count is stored in the uppermost 8 bits of the lr_foid
field. The bits were unused as the object id is currently capped at
48 bits.
Resizing Dnodes
---------------
It should be possible to resize a dnode when it is dirtied if the
current dnodesize dataset property differs from the dnode's size, but
this functionality is not currently implemented. Clearly a dnode can
only grow if there are sufficient contiguous unused slots in the
dnode block, but it should always be possible to shrink a dnode.
Growing dnodes may be useful to reduce fragmentation in a pool with
many spill blocks in use. Shrinking dnodes may be useful to allow
sending a dataset to a pool that doesn't support the large_dnode
feature.
Feature Reference Counting
--------------------------
The reference count for the large_dnode pool feature tracks the
number of datasets that have ever contained a dnode of size larger
than 512 bytes. The first time a large dnode is created in a dataset
the dataset is converted to an extensible dataset. This is a one-way
operation and the only way to decrement the feature count is to
destroy the dataset, even if the dataset no longer contains any large
dnodes. The complexity of reference counting on a per-dnode basis was
too high, so we chose to track it on a per-dataset basis similarly to
the large_block feature.
Signed-off-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #3542
2016-03-17 04:25:34 +03:00
|
|
|
} else if ((error =
|
|
|
|
dsl_prop_get_int_ds(dmu_objset_ds(os),
|
|
|
|
zfs_prop_to_name(ZFS_PROP_DNODESIZE),
|
|
|
|
&propval)) == 0 &&
|
|
|
|
propval != ZFS_DNSIZE_LEGACY) {
|
|
|
|
error = SET_ERROR(ENOTSUP);
|
2008-12-03 23:09:06 +03:00
|
|
|
} else {
|
|
|
|
objnum = dmu_objset_id(os);
|
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
dmu_objset_rele(os, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
break;
|
2008-12-03 23:09:06 +03:00
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
case ZPOOL_PROP_FAILUREMODE:
|
|
|
|
error = nvpair_value_uint64(elem, &intval);
|
2016-11-10 04:35:26 +03:00
|
|
|
if (!error && intval > ZIO_FAILURE_MODE_PANIC)
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* This is a special case which only occurs when
|
|
|
|
* the pool has completely failed. This allows
|
|
|
|
* the user to change the in-core failmode property
|
|
|
|
* without syncing it out to disk (I/Os might
|
|
|
|
* currently be blocked). We do this by returning
|
|
|
|
* EIO to the caller (spa_prop_set) to trick it
|
|
|
|
* into thinking we encountered a property validation
|
|
|
|
* error.
|
|
|
|
*/
|
2008-12-03 23:09:06 +03:00
|
|
|
if (!error && spa_suspended(spa)) {
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_failmode = intval;
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EIO);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
|
|
|
case ZPOOL_PROP_CACHEFILE:
|
|
|
|
if ((error = nvpair_value_string(elem, &strval)) != 0)
|
|
|
|
break;
|
|
|
|
|
|
|
|
if (strval[0] == '\0')
|
|
|
|
break;
|
|
|
|
|
|
|
|
if (strcmp(strval, "none") == 0)
|
|
|
|
break;
|
|
|
|
|
|
|
|
if (strval[0] != '/') {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
slash = strrchr(strval, '/');
|
|
|
|
ASSERT(slash != NULL);
|
|
|
|
|
|
|
|
if (slash[1] == '\0' || strcmp(slash, "/.") == 0 ||
|
|
|
|
strcmp(slash, "/..") == 0)
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2011-11-15 23:01:27 +04:00
|
|
|
case ZPOOL_PROP_COMMENT:
|
|
|
|
if ((error = nvpair_value_string(elem, &strval)) != 0)
|
|
|
|
break;
|
|
|
|
for (check = strval; *check != '\0'; check++) {
|
|
|
|
if (!isprint(*check)) {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2011-11-15 23:01:27 +04:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (strlen(strval) > ZPROP_MAX_COMMENT)
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(E2BIG);
|
2011-11-15 23:01:27 +04:00
|
|
|
break;
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
case ZPOOL_PROP_DEDUPDITTO:
|
|
|
|
if (spa_version(spa) < SPA_VERSION_DEDUP)
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(ENOTSUP);
|
2010-05-29 00:45:14 +04:00
|
|
|
else
|
|
|
|
error = nvpair_value_uint64(elem, &intval);
|
|
|
|
if (error == 0 &&
|
|
|
|
intval != 0 && intval < ZIO_DEDUPDITTO_MIN)
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2010-05-29 00:45:14 +04:00
|
|
|
break;
|
2010-08-26 20:52:41 +04:00
|
|
|
|
|
|
|
default:
|
|
|
|
break;
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
if (error)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!error && reset_bootfs) {
|
|
|
|
error = nvlist_remove(props,
|
|
|
|
zpool_prop_to_name(ZPOOL_PROP_BOOTFS), DATA_TYPE_STRING);
|
|
|
|
|
|
|
|
if (!error) {
|
|
|
|
error = nvlist_add_uint64(props,
|
|
|
|
zpool_prop_to_name(ZPOOL_PROP_BOOTFS), objnum);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
2009-02-18 23:51:31 +03:00
|
|
|
void
|
|
|
|
spa_configfile_set(spa_t *spa, nvlist_t *nvp, boolean_t need_sync)
|
|
|
|
{
|
|
|
|
char *cachefile;
|
|
|
|
spa_config_dirent_t *dp;
|
|
|
|
|
|
|
|
if (nvlist_lookup_string(nvp, zpool_prop_to_name(ZPOOL_PROP_CACHEFILE),
|
|
|
|
&cachefile) != 0)
|
|
|
|
return;
|
|
|
|
|
|
|
|
dp = kmem_alloc(sizeof (spa_config_dirent_t),
|
2014-11-21 03:09:39 +03:00
|
|
|
KM_SLEEP);
|
2009-02-18 23:51:31 +03:00
|
|
|
|
|
|
|
if (cachefile[0] == '\0')
|
|
|
|
dp->scd_path = spa_strdup(spa_config_path);
|
|
|
|
else if (strcmp(cachefile, "none") == 0)
|
|
|
|
dp->scd_path = NULL;
|
|
|
|
else
|
|
|
|
dp->scd_path = spa_strdup(cachefile);
|
|
|
|
|
|
|
|
list_insert_head(&spa->spa_config_list, dp);
|
|
|
|
if (need_sync)
|
|
|
|
spa_async_request(spa, SPA_ASYNC_CONFIG_UPDATE);
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
int
|
|
|
|
spa_prop_set(spa_t *spa, nvlist_t *nvp)
|
|
|
|
{
|
|
|
|
int error;
|
2012-12-14 03:24:15 +04:00
|
|
|
nvpair_t *elem = NULL;
|
2009-02-18 23:51:31 +03:00
|
|
|
boolean_t need_sync = B_FALSE;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
if ((error = spa_prop_validate(spa, nvp)) != 0)
|
|
|
|
return (error);
|
|
|
|
|
2009-02-18 23:51:31 +03:00
|
|
|
while ((elem = nvlist_next_nvpair(nvp, elem)) != NULL) {
|
2012-12-14 03:24:15 +04:00
|
|
|
zpool_prop_t prop = zpool_name_to_prop(nvpair_name(elem));
|
2009-02-18 23:51:31 +03:00
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
if (prop == ZPOOL_PROP_CACHEFILE ||
|
|
|
|
prop == ZPOOL_PROP_ALTROOT ||
|
|
|
|
prop == ZPOOL_PROP_READONLY)
|
2009-02-18 23:51:31 +03:00
|
|
|
continue;
|
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
if (prop == ZPOOL_PROP_VERSION || prop == ZPROP_INVAL) {
|
|
|
|
uint64_t ver;
|
|
|
|
|
|
|
|
if (prop == ZPOOL_PROP_VERSION) {
|
|
|
|
VERIFY(nvpair_value_uint64(elem, &ver) == 0);
|
|
|
|
} else {
|
|
|
|
ASSERT(zpool_prop_feature(nvpair_name(elem)));
|
|
|
|
ver = SPA_VERSION_FEATURES;
|
|
|
|
need_sync = B_TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Save time if the version is already set. */
|
|
|
|
if (ver == spa_version(spa))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* In addition to the pool directory object, we might
|
|
|
|
* create the pool properties object, the features for
|
|
|
|
* read object, the features for write object, or the
|
|
|
|
* feature descriptions object.
|
|
|
|
*/
|
2013-09-04 16:00:57 +04:00
|
|
|
error = dsl_sync_task(spa->spa_name, NULL,
|
2014-11-03 23:28:43 +03:00
|
|
|
spa_sync_version, &ver,
|
|
|
|
6, ZFS_SPACE_CHECK_RESERVED);
|
2012-12-14 03:24:15 +04:00
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2009-02-18 23:51:31 +03:00
|
|
|
need_sync = B_TRUE;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
if (need_sync) {
|
2013-09-04 16:00:57 +04:00
|
|
|
return (dsl_sync_task(spa->spa_name, NULL, spa_sync_props,
|
2014-11-03 23:28:43 +03:00
|
|
|
nvp, 6, ZFS_SPACE_CHECK_RESERVED));
|
2012-12-14 03:24:15 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
return (0);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If the bootfs property value is dsobj, clear it.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
spa_prop_clear_bootfs(spa_t *spa, uint64_t dsobj, dmu_tx_t *tx)
|
|
|
|
{
|
|
|
|
if (spa->spa_bootfs == dsobj && spa->spa_pool_props_object != 0) {
|
|
|
|
VERIFY(zap_remove(spa->spa_meta_objset,
|
|
|
|
spa->spa_pool_props_object,
|
|
|
|
zpool_prop_to_name(ZPOOL_PROP_BOOTFS), tx) == 0);
|
|
|
|
spa->spa_bootfs = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-12-15 00:38:04 +04:00
|
|
|
/*ARGSUSED*/
|
|
|
|
static int
|
2013-09-04 16:00:57 +04:00
|
|
|
spa_change_guid_check(void *arg, dmu_tx_t *tx)
|
2012-12-15 00:38:04 +04:00
|
|
|
{
|
2017-11-04 23:25:13 +03:00
|
|
|
ASSERTV(uint64_t *newguid = arg);
|
2013-09-04 16:00:57 +04:00
|
|
|
spa_t *spa = dmu_tx_pool(tx)->dp_spa;
|
2012-12-15 00:38:04 +04:00
|
|
|
vdev_t *rvd = spa->spa_root_vdev;
|
|
|
|
uint64_t vdev_state;
|
|
|
|
|
|
|
|
spa_config_enter(spa, SCL_STATE, FTAG, RW_READER);
|
|
|
|
vdev_state = rvd->vdev_state;
|
|
|
|
spa_config_exit(spa, SCL_STATE, FTAG);
|
|
|
|
|
|
|
|
if (vdev_state != VDEV_STATE_HEALTHY)
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(ENXIO));
|
2012-12-15 00:38:04 +04:00
|
|
|
|
|
|
|
ASSERT3U(spa_guid(spa), !=, *newguid);
|
|
|
|
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
2013-09-04 16:00:57 +04:00
|
|
|
spa_change_guid_sync(void *arg, dmu_tx_t *tx)
|
2012-12-15 00:38:04 +04:00
|
|
|
{
|
2013-09-04 16:00:57 +04:00
|
|
|
uint64_t *newguid = arg;
|
|
|
|
spa_t *spa = dmu_tx_pool(tx)->dp_spa;
|
2012-12-15 00:38:04 +04:00
|
|
|
uint64_t oldguid;
|
|
|
|
vdev_t *rvd = spa->spa_root_vdev;
|
|
|
|
|
|
|
|
oldguid = spa_guid(spa);
|
|
|
|
|
|
|
|
spa_config_enter(spa, SCL_STATE, FTAG, RW_READER);
|
|
|
|
rvd->vdev_guid = *newguid;
|
|
|
|
rvd->vdev_guid_sum += (*newguid - oldguid);
|
|
|
|
vdev_config_dirty(rvd);
|
|
|
|
spa_config_exit(spa, SCL_STATE, FTAG);
|
|
|
|
|
2013-08-28 15:45:09 +04:00
|
|
|
spa_history_log_internal(spa, "guid change", tx, "old=%llu new=%llu",
|
|
|
|
oldguid, *newguid);
|
2012-12-15 00:38:04 +04:00
|
|
|
}
|
|
|
|
|
2011-11-12 02:07:54 +04:00
|
|
|
/*
|
|
|
|
* Change the GUID for the pool. This is done so that we can later
|
|
|
|
* re-import a pool built from a clone of our own vdevs. We will modify
|
|
|
|
* the root vdev's guid, our own pool guid, and then mark all of our
|
|
|
|
* vdevs dirty. Note that we must make sure that all our vdevs are
|
|
|
|
* online when we do this, or else any vdevs that weren't present
|
|
|
|
* would be orphaned from our pool. We are also going to issue a
|
|
|
|
* sysevent to update any watchers.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
spa_change_guid(spa_t *spa)
|
|
|
|
{
|
2012-12-15 00:38:04 +04:00
|
|
|
int error;
|
|
|
|
uint64_t guid;
|
2011-11-12 02:07:54 +04:00
|
|
|
|
2013-08-07 22:24:34 +04:00
|
|
|
mutex_enter(&spa->spa_vdev_top_lock);
|
2012-12-15 00:38:04 +04:00
|
|
|
mutex_enter(&spa_namespace_lock);
|
|
|
|
guid = spa_generate_guid(NULL);
|
2011-11-12 02:07:54 +04:00
|
|
|
|
2013-09-04 16:00:57 +04:00
|
|
|
error = dsl_sync_task(spa->spa_name, spa_change_guid_check,
|
2014-11-03 23:28:43 +03:00
|
|
|
spa_change_guid_sync, &guid, 5, ZFS_SPACE_CHECK_RESERVED);
|
2011-11-12 02:07:54 +04:00
|
|
|
|
2012-12-15 00:38:04 +04:00
|
|
|
if (error == 0) {
|
|
|
|
spa_config_sync(spa, B_FALSE, B_TRUE);
|
2017-05-30 21:39:17 +03:00
|
|
|
spa_event_notify(spa, NULL, NULL, ESC_ZFS_POOL_REGUID);
|
2012-12-15 00:38:04 +04:00
|
|
|
}
|
2011-11-12 02:07:54 +04:00
|
|
|
|
2012-12-15 00:38:04 +04:00
|
|
|
mutex_exit(&spa_namespace_lock);
|
2013-08-07 22:24:34 +04:00
|
|
|
mutex_exit(&spa->spa_vdev_top_lock);
|
2011-11-12 02:07:54 +04:00
|
|
|
|
2012-12-15 00:38:04 +04:00
|
|
|
return (error);
|
2011-11-12 02:07:54 +04:00
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* ==========================================================================
|
|
|
|
* SPA state manipulation (open/create/destroy/import/export)
|
|
|
|
* ==========================================================================
|
|
|
|
*/
|
|
|
|
|
|
|
|
static int
|
|
|
|
spa_error_entry_compare(const void *a, const void *b)
|
|
|
|
{
|
2016-08-27 21:12:53 +03:00
|
|
|
const spa_error_entry_t *sa = (const spa_error_entry_t *)a;
|
|
|
|
const spa_error_entry_t *sb = (const spa_error_entry_t *)b;
|
2008-11-20 23:01:55 +03:00
|
|
|
int ret;
|
|
|
|
|
2016-08-27 21:12:53 +03:00
|
|
|
ret = memcmp(&sa->se_bookmark, &sb->se_bookmark,
|
2014-06-25 22:37:59 +04:00
|
|
|
sizeof (zbookmark_phys_t));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2016-08-27 21:12:53 +03:00
|
|
|
return (AVL_ISIGN(ret));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Utility function which retrieves copies of the current logs and
|
|
|
|
* re-initializes them in the process.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
spa_get_errlists(spa_t *spa, avl_tree_t *last, avl_tree_t *scrub)
|
|
|
|
{
|
|
|
|
ASSERT(MUTEX_HELD(&spa->spa_errlist_lock));
|
|
|
|
|
|
|
|
bcopy(&spa->spa_errlist_last, last, sizeof (avl_tree_t));
|
|
|
|
bcopy(&spa->spa_errlist_scrub, scrub, sizeof (avl_tree_t));
|
|
|
|
|
|
|
|
avl_create(&spa->spa_errlist_scrub,
|
|
|
|
spa_error_entry_compare, sizeof (spa_error_entry_t),
|
|
|
|
offsetof(spa_error_entry_t, se_avl));
|
|
|
|
avl_create(&spa->spa_errlist_last,
|
|
|
|
spa_error_entry_compare, sizeof (spa_error_entry_t),
|
|
|
|
offsetof(spa_error_entry_t, se_avl));
|
|
|
|
}
|
|
|
|
|
2013-05-06 23:24:30 +04:00
|
|
|
static void
|
|
|
|
spa_taskqs_init(spa_t *spa, zio_type_t t, zio_taskq_type_t q)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2013-05-06 23:24:30 +04:00
|
|
|
const zio_taskq_info_t *ztip = &zio_taskqs[t][q];
|
|
|
|
enum zti_modes mode = ztip->zti_mode;
|
|
|
|
uint_t value = ztip->zti_value;
|
|
|
|
uint_t count = ztip->zti_count;
|
|
|
|
spa_taskqs_t *tqs = &spa->spa_zio_taskq[t][q];
|
|
|
|
char name[32];
|
2017-11-04 23:25:13 +03:00
|
|
|
uint_t flags = 0;
|
2010-05-29 00:45:14 +04:00
|
|
|
boolean_t batch = B_FALSE;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2013-05-06 23:24:30 +04:00
|
|
|
if (mode == ZTI_MODE_NULL) {
|
|
|
|
tqs->stqs_count = 0;
|
|
|
|
tqs->stqs_taskq = NULL;
|
|
|
|
return;
|
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2013-05-06 23:24:30 +04:00
|
|
|
ASSERT3U(count, >, 0);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2013-05-06 23:24:30 +04:00
|
|
|
tqs->stqs_count = count;
|
|
|
|
tqs->stqs_taskq = kmem_alloc(count * sizeof (taskq_t *), KM_SLEEP);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
Illumos #4045 write throttle & i/o scheduler performance work
4045 zfs write throttle & i/o scheduler performance work
1. The ZFS i/o scheduler (vdev_queue.c) now divides i/os into 5 classes: sync
read, sync write, async read, async write, and scrub/resilver. The scheduler
issues a number of concurrent i/os from each class to the device. Once a class
has been selected, an i/o is selected from this class using either an elevator
algorithem (async, scrub classes) or FIFO (sync classes). The number of
concurrent async write i/os is tuned dynamically based on i/o load, to achieve
good sync i/o latency when there is not a high load of writes, and good write
throughput when there is. See the block comment in vdev_queue.c (reproduced
below) for more details.
2. The write throttle (dsl_pool_tempreserve_space() and
txg_constrain_throughput()) is rewritten to produce much more consistent delays
when under constant load. The new write throttle is based on the amount of
dirty data, rather than guesses about future performance of the system. When
there is a lot of dirty data, each transaction (e.g. write() syscall) will be
delayed by the same small amount. This eliminates the "brick wall of wait"
that the old write throttle could hit, causing all transactions to wait several
seconds until the next txg opens. One of the keys to the new write throttle is
decrementing the amount of dirty data as i/o completes, rather than at the end
of spa_sync(). Note that the write throttle is only applied once the i/o
scheduler is issuing the maximum number of outstanding async writes. See the
block comments in dsl_pool.c and above dmu_tx_delay() (reproduced below) for
more details.
This diff has several other effects, including:
* the commonly-tuned global variable zfs_vdev_max_pending has been removed;
use per-class zfs_vdev_*_max_active values or zfs_vdev_max_active instead.
* the size of each txg (meaning the amount of dirty data written, and thus the
time it takes to write out) is now controlled differently. There is no longer
an explicit time goal; the primary determinant is amount of dirty data.
Systems that are under light or medium load will now often see that a txg is
always syncing, but the impact to performance (e.g. read latency) is minimal.
Tune zfs_dirty_data_max and zfs_dirty_data_sync to control this.
* zio_taskq_batch_pct = 75 -- Only use 75% of all CPUs for compression,
checksum, etc. This improves latency by not allowing these CPU-intensive tasks
to consume all CPU (on machines with at least 4 CPU's; the percentage is
rounded up).
--matt
APPENDIX: problems with the current i/o scheduler
The current ZFS i/o scheduler (vdev_queue.c) is deadline based. The problem
with this is that if there are always i/os pending, then certain classes of
i/os can see very long delays.
For example, if there are always synchronous reads outstanding, then no async
writes will be serviced until they become "past due". One symptom of this
situation is that each pass of the txg sync takes at least several seconds
(typically 3 seconds).
If many i/os become "past due" (their deadline is in the past), then we must
service all of these overdue i/os before any new i/os. This happens when we
enqueue a batch of async writes for the txg sync, with deadlines 2.5 seconds in
the future. If we can't complete all the i/os in 2.5 seconds (e.g. because
there were always reads pending), then these i/os will become past due. Now we
must service all the "async" writes (which could be hundreds of megabytes)
before we service any reads, introducing considerable latency to synchronous
i/os (reads or ZIL writes).
Notes on porting to ZFS on Linux:
- zio_t gained new members io_physdone and io_phys_children. Because
object caches in the Linux port call the constructor only once at
allocation time, objects may contain residual data when retrieved
from the cache. Therefore zio_create() was updated to zero out the two
new fields.
- vdev_mirror_pending() relied on the depth of the per-vdev pending queue
(vq->vq_pending_tree) to select the least-busy leaf vdev to read from.
This tree has been replaced by vq->vq_active_tree which is now used
for the same purpose.
- vdev_queue_init() used the value of zfs_vdev_max_pending to determine
the number of vdev I/O buffers to pre-allocate. That global no longer
exists, so we instead use the sum of the *_max_active values for each of
the five I/O classes described above.
- The Illumos implementation of dmu_tx_delay() delays a transaction by
sleeping in condition variable embedded in the thread
(curthread->t_delay_cv). We do not have an equivalent CV to use in
Linux, so this change replaced the delay logic with a wrapper called
zfs_sleep_until(). This wrapper could be adopted upstream and in other
downstream ports to abstract away operating system-specific delay logic.
- These tunables are added as module parameters, and descriptions added
to the zfs-module-parameters.5 man page.
spa_asize_inflation
zfs_deadman_synctime_ms
zfs_vdev_max_active
zfs_vdev_async_write_active_min_dirty_percent
zfs_vdev_async_write_active_max_dirty_percent
zfs_vdev_async_read_max_active
zfs_vdev_async_read_min_active
zfs_vdev_async_write_max_active
zfs_vdev_async_write_min_active
zfs_vdev_scrub_max_active
zfs_vdev_scrub_min_active
zfs_vdev_sync_read_max_active
zfs_vdev_sync_read_min_active
zfs_vdev_sync_write_max_active
zfs_vdev_sync_write_min_active
zfs_dirty_data_max_percent
zfs_delay_min_dirty_percent
zfs_dirty_data_max_max_percent
zfs_dirty_data_max
zfs_dirty_data_max_max
zfs_dirty_data_sync
zfs_delay_scale
The latter four have type unsigned long, whereas they are uint64_t in
Illumos. This accommodates Linux's module_param() supported types, but
means they may overflow on 32-bit architectures.
The values zfs_dirty_data_max and zfs_dirty_data_max_max are the most
likely to overflow on 32-bit systems, since they express physical RAM
sizes in bytes. In fact, Illumos initializes zfs_dirty_data_max_max to
2^32 which does overflow. To resolve that, this port instead initializes
it in arc_init() to 25% of physical RAM, and adds the tunable
zfs_dirty_data_max_max_percent to override that percentage. While this
solution doesn't completely avoid the overflow issue, it should be a
reasonable default for most systems, and the minority of affected
systems can work around the issue by overriding the defaults.
- Fixed reversed logic in comment above zfs_delay_scale declaration.
- Clarified comments in vdev_queue.c regarding when per-queue minimums take
effect.
- Replaced dmu_tx_write_limit in the dmu_tx kstat file
with dmu_tx_dirty_delay and dmu_tx_dirty_over_max. The first counts
how many times a transaction has been delayed because the pool dirty
data has exceeded zfs_delay_min_dirty_percent. The latter counts how
many times the pool dirty data has exceeded zfs_dirty_data_max (which
we expect to never happen).
- The original patch would have regressed the bug fixed in
zfsonlinux/zfs@c418410, which prevented users from setting the
zfs_vdev_aggregation_limit tuning larger than SPA_MAXBLOCKSIZE.
A similar fix is added to vdev_queue_aggregate().
- In vdev_queue_io_to_issue(), dynamically allocate 'zio_t search' on the
heap instead of the stack. In Linux we can't afford such large
structures on the stack.
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Christopher Siden <christopher.siden@delphix.com>
Reviewed by: Ned Bass <bass6@llnl.gov>
Reviewed by: Brendan Gregg <brendan.gregg@joyent.com>
Approved by: Robert Mustacchi <rm@joyent.com>
References:
http://www.illumos.org/issues/4045
illumos/illumos-gate@69962b5647e4a8b9b14998733b765925381b727e
Ported-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #1913
2013-08-29 07:01:20 +04:00
|
|
|
switch (mode) {
|
|
|
|
case ZTI_MODE_FIXED:
|
|
|
|
ASSERT3U(value, >=, 1);
|
|
|
|
value = MAX(value, 1);
|
2016-10-11 01:19:14 +03:00
|
|
|
flags |= TASKQ_DYNAMIC;
|
Illumos #4045 write throttle & i/o scheduler performance work
4045 zfs write throttle & i/o scheduler performance work
1. The ZFS i/o scheduler (vdev_queue.c) now divides i/os into 5 classes: sync
read, sync write, async read, async write, and scrub/resilver. The scheduler
issues a number of concurrent i/os from each class to the device. Once a class
has been selected, an i/o is selected from this class using either an elevator
algorithem (async, scrub classes) or FIFO (sync classes). The number of
concurrent async write i/os is tuned dynamically based on i/o load, to achieve
good sync i/o latency when there is not a high load of writes, and good write
throughput when there is. See the block comment in vdev_queue.c (reproduced
below) for more details.
2. The write throttle (dsl_pool_tempreserve_space() and
txg_constrain_throughput()) is rewritten to produce much more consistent delays
when under constant load. The new write throttle is based on the amount of
dirty data, rather than guesses about future performance of the system. When
there is a lot of dirty data, each transaction (e.g. write() syscall) will be
delayed by the same small amount. This eliminates the "brick wall of wait"
that the old write throttle could hit, causing all transactions to wait several
seconds until the next txg opens. One of the keys to the new write throttle is
decrementing the amount of dirty data as i/o completes, rather than at the end
of spa_sync(). Note that the write throttle is only applied once the i/o
scheduler is issuing the maximum number of outstanding async writes. See the
block comments in dsl_pool.c and above dmu_tx_delay() (reproduced below) for
more details.
This diff has several other effects, including:
* the commonly-tuned global variable zfs_vdev_max_pending has been removed;
use per-class zfs_vdev_*_max_active values or zfs_vdev_max_active instead.
* the size of each txg (meaning the amount of dirty data written, and thus the
time it takes to write out) is now controlled differently. There is no longer
an explicit time goal; the primary determinant is amount of dirty data.
Systems that are under light or medium load will now often see that a txg is
always syncing, but the impact to performance (e.g. read latency) is minimal.
Tune zfs_dirty_data_max and zfs_dirty_data_sync to control this.
* zio_taskq_batch_pct = 75 -- Only use 75% of all CPUs for compression,
checksum, etc. This improves latency by not allowing these CPU-intensive tasks
to consume all CPU (on machines with at least 4 CPU's; the percentage is
rounded up).
--matt
APPENDIX: problems with the current i/o scheduler
The current ZFS i/o scheduler (vdev_queue.c) is deadline based. The problem
with this is that if there are always i/os pending, then certain classes of
i/os can see very long delays.
For example, if there are always synchronous reads outstanding, then no async
writes will be serviced until they become "past due". One symptom of this
situation is that each pass of the txg sync takes at least several seconds
(typically 3 seconds).
If many i/os become "past due" (their deadline is in the past), then we must
service all of these overdue i/os before any new i/os. This happens when we
enqueue a batch of async writes for the txg sync, with deadlines 2.5 seconds in
the future. If we can't complete all the i/os in 2.5 seconds (e.g. because
there were always reads pending), then these i/os will become past due. Now we
must service all the "async" writes (which could be hundreds of megabytes)
before we service any reads, introducing considerable latency to synchronous
i/os (reads or ZIL writes).
Notes on porting to ZFS on Linux:
- zio_t gained new members io_physdone and io_phys_children. Because
object caches in the Linux port call the constructor only once at
allocation time, objects may contain residual data when retrieved
from the cache. Therefore zio_create() was updated to zero out the two
new fields.
- vdev_mirror_pending() relied on the depth of the per-vdev pending queue
(vq->vq_pending_tree) to select the least-busy leaf vdev to read from.
This tree has been replaced by vq->vq_active_tree which is now used
for the same purpose.
- vdev_queue_init() used the value of zfs_vdev_max_pending to determine
the number of vdev I/O buffers to pre-allocate. That global no longer
exists, so we instead use the sum of the *_max_active values for each of
the five I/O classes described above.
- The Illumos implementation of dmu_tx_delay() delays a transaction by
sleeping in condition variable embedded in the thread
(curthread->t_delay_cv). We do not have an equivalent CV to use in
Linux, so this change replaced the delay logic with a wrapper called
zfs_sleep_until(). This wrapper could be adopted upstream and in other
downstream ports to abstract away operating system-specific delay logic.
- These tunables are added as module parameters, and descriptions added
to the zfs-module-parameters.5 man page.
spa_asize_inflation
zfs_deadman_synctime_ms
zfs_vdev_max_active
zfs_vdev_async_write_active_min_dirty_percent
zfs_vdev_async_write_active_max_dirty_percent
zfs_vdev_async_read_max_active
zfs_vdev_async_read_min_active
zfs_vdev_async_write_max_active
zfs_vdev_async_write_min_active
zfs_vdev_scrub_max_active
zfs_vdev_scrub_min_active
zfs_vdev_sync_read_max_active
zfs_vdev_sync_read_min_active
zfs_vdev_sync_write_max_active
zfs_vdev_sync_write_min_active
zfs_dirty_data_max_percent
zfs_delay_min_dirty_percent
zfs_dirty_data_max_max_percent
zfs_dirty_data_max
zfs_dirty_data_max_max
zfs_dirty_data_sync
zfs_delay_scale
The latter four have type unsigned long, whereas they are uint64_t in
Illumos. This accommodates Linux's module_param() supported types, but
means they may overflow on 32-bit architectures.
The values zfs_dirty_data_max and zfs_dirty_data_max_max are the most
likely to overflow on 32-bit systems, since they express physical RAM
sizes in bytes. In fact, Illumos initializes zfs_dirty_data_max_max to
2^32 which does overflow. To resolve that, this port instead initializes
it in arc_init() to 25% of physical RAM, and adds the tunable
zfs_dirty_data_max_max_percent to override that percentage. While this
solution doesn't completely avoid the overflow issue, it should be a
reasonable default for most systems, and the minority of affected
systems can work around the issue by overriding the defaults.
- Fixed reversed logic in comment above zfs_delay_scale declaration.
- Clarified comments in vdev_queue.c regarding when per-queue minimums take
effect.
- Replaced dmu_tx_write_limit in the dmu_tx kstat file
with dmu_tx_dirty_delay and dmu_tx_dirty_over_max. The first counts
how many times a transaction has been delayed because the pool dirty
data has exceeded zfs_delay_min_dirty_percent. The latter counts how
many times the pool dirty data has exceeded zfs_dirty_data_max (which
we expect to never happen).
- The original patch would have regressed the bug fixed in
zfsonlinux/zfs@c418410, which prevented users from setting the
zfs_vdev_aggregation_limit tuning larger than SPA_MAXBLOCKSIZE.
A similar fix is added to vdev_queue_aggregate().
- In vdev_queue_io_to_issue(), dynamically allocate 'zio_t search' on the
heap instead of the stack. In Linux we can't afford such large
structures on the stack.
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Christopher Siden <christopher.siden@delphix.com>
Reviewed by: Ned Bass <bass6@llnl.gov>
Reviewed by: Brendan Gregg <brendan.gregg@joyent.com>
Approved by: Robert Mustacchi <rm@joyent.com>
References:
http://www.illumos.org/issues/4045
illumos/illumos-gate@69962b5647e4a8b9b14998733b765925381b727e
Ported-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #1913
2013-08-29 07:01:20 +04:00
|
|
|
break;
|
2013-05-06 23:24:30 +04:00
|
|
|
|
Illumos #4045 write throttle & i/o scheduler performance work
4045 zfs write throttle & i/o scheduler performance work
1. The ZFS i/o scheduler (vdev_queue.c) now divides i/os into 5 classes: sync
read, sync write, async read, async write, and scrub/resilver. The scheduler
issues a number of concurrent i/os from each class to the device. Once a class
has been selected, an i/o is selected from this class using either an elevator
algorithem (async, scrub classes) or FIFO (sync classes). The number of
concurrent async write i/os is tuned dynamically based on i/o load, to achieve
good sync i/o latency when there is not a high load of writes, and good write
throughput when there is. See the block comment in vdev_queue.c (reproduced
below) for more details.
2. The write throttle (dsl_pool_tempreserve_space() and
txg_constrain_throughput()) is rewritten to produce much more consistent delays
when under constant load. The new write throttle is based on the amount of
dirty data, rather than guesses about future performance of the system. When
there is a lot of dirty data, each transaction (e.g. write() syscall) will be
delayed by the same small amount. This eliminates the "brick wall of wait"
that the old write throttle could hit, causing all transactions to wait several
seconds until the next txg opens. One of the keys to the new write throttle is
decrementing the amount of dirty data as i/o completes, rather than at the end
of spa_sync(). Note that the write throttle is only applied once the i/o
scheduler is issuing the maximum number of outstanding async writes. See the
block comments in dsl_pool.c and above dmu_tx_delay() (reproduced below) for
more details.
This diff has several other effects, including:
* the commonly-tuned global variable zfs_vdev_max_pending has been removed;
use per-class zfs_vdev_*_max_active values or zfs_vdev_max_active instead.
* the size of each txg (meaning the amount of dirty data written, and thus the
time it takes to write out) is now controlled differently. There is no longer
an explicit time goal; the primary determinant is amount of dirty data.
Systems that are under light or medium load will now often see that a txg is
always syncing, but the impact to performance (e.g. read latency) is minimal.
Tune zfs_dirty_data_max and zfs_dirty_data_sync to control this.
* zio_taskq_batch_pct = 75 -- Only use 75% of all CPUs for compression,
checksum, etc. This improves latency by not allowing these CPU-intensive tasks
to consume all CPU (on machines with at least 4 CPU's; the percentage is
rounded up).
--matt
APPENDIX: problems with the current i/o scheduler
The current ZFS i/o scheduler (vdev_queue.c) is deadline based. The problem
with this is that if there are always i/os pending, then certain classes of
i/os can see very long delays.
For example, if there are always synchronous reads outstanding, then no async
writes will be serviced until they become "past due". One symptom of this
situation is that each pass of the txg sync takes at least several seconds
(typically 3 seconds).
If many i/os become "past due" (their deadline is in the past), then we must
service all of these overdue i/os before any new i/os. This happens when we
enqueue a batch of async writes for the txg sync, with deadlines 2.5 seconds in
the future. If we can't complete all the i/os in 2.5 seconds (e.g. because
there were always reads pending), then these i/os will become past due. Now we
must service all the "async" writes (which could be hundreds of megabytes)
before we service any reads, introducing considerable latency to synchronous
i/os (reads or ZIL writes).
Notes on porting to ZFS on Linux:
- zio_t gained new members io_physdone and io_phys_children. Because
object caches in the Linux port call the constructor only once at
allocation time, objects may contain residual data when retrieved
from the cache. Therefore zio_create() was updated to zero out the two
new fields.
- vdev_mirror_pending() relied on the depth of the per-vdev pending queue
(vq->vq_pending_tree) to select the least-busy leaf vdev to read from.
This tree has been replaced by vq->vq_active_tree which is now used
for the same purpose.
- vdev_queue_init() used the value of zfs_vdev_max_pending to determine
the number of vdev I/O buffers to pre-allocate. That global no longer
exists, so we instead use the sum of the *_max_active values for each of
the five I/O classes described above.
- The Illumos implementation of dmu_tx_delay() delays a transaction by
sleeping in condition variable embedded in the thread
(curthread->t_delay_cv). We do not have an equivalent CV to use in
Linux, so this change replaced the delay logic with a wrapper called
zfs_sleep_until(). This wrapper could be adopted upstream and in other
downstream ports to abstract away operating system-specific delay logic.
- These tunables are added as module parameters, and descriptions added
to the zfs-module-parameters.5 man page.
spa_asize_inflation
zfs_deadman_synctime_ms
zfs_vdev_max_active
zfs_vdev_async_write_active_min_dirty_percent
zfs_vdev_async_write_active_max_dirty_percent
zfs_vdev_async_read_max_active
zfs_vdev_async_read_min_active
zfs_vdev_async_write_max_active
zfs_vdev_async_write_min_active
zfs_vdev_scrub_max_active
zfs_vdev_scrub_min_active
zfs_vdev_sync_read_max_active
zfs_vdev_sync_read_min_active
zfs_vdev_sync_write_max_active
zfs_vdev_sync_write_min_active
zfs_dirty_data_max_percent
zfs_delay_min_dirty_percent
zfs_dirty_data_max_max_percent
zfs_dirty_data_max
zfs_dirty_data_max_max
zfs_dirty_data_sync
zfs_delay_scale
The latter four have type unsigned long, whereas they are uint64_t in
Illumos. This accommodates Linux's module_param() supported types, but
means they may overflow on 32-bit architectures.
The values zfs_dirty_data_max and zfs_dirty_data_max_max are the most
likely to overflow on 32-bit systems, since they express physical RAM
sizes in bytes. In fact, Illumos initializes zfs_dirty_data_max_max to
2^32 which does overflow. To resolve that, this port instead initializes
it in arc_init() to 25% of physical RAM, and adds the tunable
zfs_dirty_data_max_max_percent to override that percentage. While this
solution doesn't completely avoid the overflow issue, it should be a
reasonable default for most systems, and the minority of affected
systems can work around the issue by overriding the defaults.
- Fixed reversed logic in comment above zfs_delay_scale declaration.
- Clarified comments in vdev_queue.c regarding when per-queue minimums take
effect.
- Replaced dmu_tx_write_limit in the dmu_tx kstat file
with dmu_tx_dirty_delay and dmu_tx_dirty_over_max. The first counts
how many times a transaction has been delayed because the pool dirty
data has exceeded zfs_delay_min_dirty_percent. The latter counts how
many times the pool dirty data has exceeded zfs_dirty_data_max (which
we expect to never happen).
- The original patch would have regressed the bug fixed in
zfsonlinux/zfs@c418410, which prevented users from setting the
zfs_vdev_aggregation_limit tuning larger than SPA_MAXBLOCKSIZE.
A similar fix is added to vdev_queue_aggregate().
- In vdev_queue_io_to_issue(), dynamically allocate 'zio_t search' on the
heap instead of the stack. In Linux we can't afford such large
structures on the stack.
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Christopher Siden <christopher.siden@delphix.com>
Reviewed by: Ned Bass <bass6@llnl.gov>
Reviewed by: Brendan Gregg <brendan.gregg@joyent.com>
Approved by: Robert Mustacchi <rm@joyent.com>
References:
http://www.illumos.org/issues/4045
illumos/illumos-gate@69962b5647e4a8b9b14998733b765925381b727e
Ported-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #1913
2013-08-29 07:01:20 +04:00
|
|
|
case ZTI_MODE_BATCH:
|
|
|
|
batch = B_TRUE;
|
|
|
|
flags |= TASKQ_THREADS_CPU_PCT;
|
2015-12-16 22:22:32 +03:00
|
|
|
value = MIN(zio_taskq_batch_pct, 100);
|
Illumos #4045 write throttle & i/o scheduler performance work
4045 zfs write throttle & i/o scheduler performance work
1. The ZFS i/o scheduler (vdev_queue.c) now divides i/os into 5 classes: sync
read, sync write, async read, async write, and scrub/resilver. The scheduler
issues a number of concurrent i/os from each class to the device. Once a class
has been selected, an i/o is selected from this class using either an elevator
algorithem (async, scrub classes) or FIFO (sync classes). The number of
concurrent async write i/os is tuned dynamically based on i/o load, to achieve
good sync i/o latency when there is not a high load of writes, and good write
throughput when there is. See the block comment in vdev_queue.c (reproduced
below) for more details.
2. The write throttle (dsl_pool_tempreserve_space() and
txg_constrain_throughput()) is rewritten to produce much more consistent delays
when under constant load. The new write throttle is based on the amount of
dirty data, rather than guesses about future performance of the system. When
there is a lot of dirty data, each transaction (e.g. write() syscall) will be
delayed by the same small amount. This eliminates the "brick wall of wait"
that the old write throttle could hit, causing all transactions to wait several
seconds until the next txg opens. One of the keys to the new write throttle is
decrementing the amount of dirty data as i/o completes, rather than at the end
of spa_sync(). Note that the write throttle is only applied once the i/o
scheduler is issuing the maximum number of outstanding async writes. See the
block comments in dsl_pool.c and above dmu_tx_delay() (reproduced below) for
more details.
This diff has several other effects, including:
* the commonly-tuned global variable zfs_vdev_max_pending has been removed;
use per-class zfs_vdev_*_max_active values or zfs_vdev_max_active instead.
* the size of each txg (meaning the amount of dirty data written, and thus the
time it takes to write out) is now controlled differently. There is no longer
an explicit time goal; the primary determinant is amount of dirty data.
Systems that are under light or medium load will now often see that a txg is
always syncing, but the impact to performance (e.g. read latency) is minimal.
Tune zfs_dirty_data_max and zfs_dirty_data_sync to control this.
* zio_taskq_batch_pct = 75 -- Only use 75% of all CPUs for compression,
checksum, etc. This improves latency by not allowing these CPU-intensive tasks
to consume all CPU (on machines with at least 4 CPU's; the percentage is
rounded up).
--matt
APPENDIX: problems with the current i/o scheduler
The current ZFS i/o scheduler (vdev_queue.c) is deadline based. The problem
with this is that if there are always i/os pending, then certain classes of
i/os can see very long delays.
For example, if there are always synchronous reads outstanding, then no async
writes will be serviced until they become "past due". One symptom of this
situation is that each pass of the txg sync takes at least several seconds
(typically 3 seconds).
If many i/os become "past due" (their deadline is in the past), then we must
service all of these overdue i/os before any new i/os. This happens when we
enqueue a batch of async writes for the txg sync, with deadlines 2.5 seconds in
the future. If we can't complete all the i/os in 2.5 seconds (e.g. because
there were always reads pending), then these i/os will become past due. Now we
must service all the "async" writes (which could be hundreds of megabytes)
before we service any reads, introducing considerable latency to synchronous
i/os (reads or ZIL writes).
Notes on porting to ZFS on Linux:
- zio_t gained new members io_physdone and io_phys_children. Because
object caches in the Linux port call the constructor only once at
allocation time, objects may contain residual data when retrieved
from the cache. Therefore zio_create() was updated to zero out the two
new fields.
- vdev_mirror_pending() relied on the depth of the per-vdev pending queue
(vq->vq_pending_tree) to select the least-busy leaf vdev to read from.
This tree has been replaced by vq->vq_active_tree which is now used
for the same purpose.
- vdev_queue_init() used the value of zfs_vdev_max_pending to determine
the number of vdev I/O buffers to pre-allocate. That global no longer
exists, so we instead use the sum of the *_max_active values for each of
the five I/O classes described above.
- The Illumos implementation of dmu_tx_delay() delays a transaction by
sleeping in condition variable embedded in the thread
(curthread->t_delay_cv). We do not have an equivalent CV to use in
Linux, so this change replaced the delay logic with a wrapper called
zfs_sleep_until(). This wrapper could be adopted upstream and in other
downstream ports to abstract away operating system-specific delay logic.
- These tunables are added as module parameters, and descriptions added
to the zfs-module-parameters.5 man page.
spa_asize_inflation
zfs_deadman_synctime_ms
zfs_vdev_max_active
zfs_vdev_async_write_active_min_dirty_percent
zfs_vdev_async_write_active_max_dirty_percent
zfs_vdev_async_read_max_active
zfs_vdev_async_read_min_active
zfs_vdev_async_write_max_active
zfs_vdev_async_write_min_active
zfs_vdev_scrub_max_active
zfs_vdev_scrub_min_active
zfs_vdev_sync_read_max_active
zfs_vdev_sync_read_min_active
zfs_vdev_sync_write_max_active
zfs_vdev_sync_write_min_active
zfs_dirty_data_max_percent
zfs_delay_min_dirty_percent
zfs_dirty_data_max_max_percent
zfs_dirty_data_max
zfs_dirty_data_max_max
zfs_dirty_data_sync
zfs_delay_scale
The latter four have type unsigned long, whereas they are uint64_t in
Illumos. This accommodates Linux's module_param() supported types, but
means they may overflow on 32-bit architectures.
The values zfs_dirty_data_max and zfs_dirty_data_max_max are the most
likely to overflow on 32-bit systems, since they express physical RAM
sizes in bytes. In fact, Illumos initializes zfs_dirty_data_max_max to
2^32 which does overflow. To resolve that, this port instead initializes
it in arc_init() to 25% of physical RAM, and adds the tunable
zfs_dirty_data_max_max_percent to override that percentage. While this
solution doesn't completely avoid the overflow issue, it should be a
reasonable default for most systems, and the minority of affected
systems can work around the issue by overriding the defaults.
- Fixed reversed logic in comment above zfs_delay_scale declaration.
- Clarified comments in vdev_queue.c regarding when per-queue minimums take
effect.
- Replaced dmu_tx_write_limit in the dmu_tx kstat file
with dmu_tx_dirty_delay and dmu_tx_dirty_over_max. The first counts
how many times a transaction has been delayed because the pool dirty
data has exceeded zfs_delay_min_dirty_percent. The latter counts how
many times the pool dirty data has exceeded zfs_dirty_data_max (which
we expect to never happen).
- The original patch would have regressed the bug fixed in
zfsonlinux/zfs@c418410, which prevented users from setting the
zfs_vdev_aggregation_limit tuning larger than SPA_MAXBLOCKSIZE.
A similar fix is added to vdev_queue_aggregate().
- In vdev_queue_io_to_issue(), dynamically allocate 'zio_t search' on the
heap instead of the stack. In Linux we can't afford such large
structures on the stack.
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Christopher Siden <christopher.siden@delphix.com>
Reviewed by: Ned Bass <bass6@llnl.gov>
Reviewed by: Brendan Gregg <brendan.gregg@joyent.com>
Approved by: Robert Mustacchi <rm@joyent.com>
References:
http://www.illumos.org/issues/4045
illumos/illumos-gate@69962b5647e4a8b9b14998733b765925381b727e
Ported-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #1913
2013-08-29 07:01:20 +04:00
|
|
|
break;
|
2013-05-06 23:24:30 +04:00
|
|
|
|
Illumos #4045 write throttle & i/o scheduler performance work
4045 zfs write throttle & i/o scheduler performance work
1. The ZFS i/o scheduler (vdev_queue.c) now divides i/os into 5 classes: sync
read, sync write, async read, async write, and scrub/resilver. The scheduler
issues a number of concurrent i/os from each class to the device. Once a class
has been selected, an i/o is selected from this class using either an elevator
algorithem (async, scrub classes) or FIFO (sync classes). The number of
concurrent async write i/os is tuned dynamically based on i/o load, to achieve
good sync i/o latency when there is not a high load of writes, and good write
throughput when there is. See the block comment in vdev_queue.c (reproduced
below) for more details.
2. The write throttle (dsl_pool_tempreserve_space() and
txg_constrain_throughput()) is rewritten to produce much more consistent delays
when under constant load. The new write throttle is based on the amount of
dirty data, rather than guesses about future performance of the system. When
there is a lot of dirty data, each transaction (e.g. write() syscall) will be
delayed by the same small amount. This eliminates the "brick wall of wait"
that the old write throttle could hit, causing all transactions to wait several
seconds until the next txg opens. One of the keys to the new write throttle is
decrementing the amount of dirty data as i/o completes, rather than at the end
of spa_sync(). Note that the write throttle is only applied once the i/o
scheduler is issuing the maximum number of outstanding async writes. See the
block comments in dsl_pool.c and above dmu_tx_delay() (reproduced below) for
more details.
This diff has several other effects, including:
* the commonly-tuned global variable zfs_vdev_max_pending has been removed;
use per-class zfs_vdev_*_max_active values or zfs_vdev_max_active instead.
* the size of each txg (meaning the amount of dirty data written, and thus the
time it takes to write out) is now controlled differently. There is no longer
an explicit time goal; the primary determinant is amount of dirty data.
Systems that are under light or medium load will now often see that a txg is
always syncing, but the impact to performance (e.g. read latency) is minimal.
Tune zfs_dirty_data_max and zfs_dirty_data_sync to control this.
* zio_taskq_batch_pct = 75 -- Only use 75% of all CPUs for compression,
checksum, etc. This improves latency by not allowing these CPU-intensive tasks
to consume all CPU (on machines with at least 4 CPU's; the percentage is
rounded up).
--matt
APPENDIX: problems with the current i/o scheduler
The current ZFS i/o scheduler (vdev_queue.c) is deadline based. The problem
with this is that if there are always i/os pending, then certain classes of
i/os can see very long delays.
For example, if there are always synchronous reads outstanding, then no async
writes will be serviced until they become "past due". One symptom of this
situation is that each pass of the txg sync takes at least several seconds
(typically 3 seconds).
If many i/os become "past due" (their deadline is in the past), then we must
service all of these overdue i/os before any new i/os. This happens when we
enqueue a batch of async writes for the txg sync, with deadlines 2.5 seconds in
the future. If we can't complete all the i/os in 2.5 seconds (e.g. because
there were always reads pending), then these i/os will become past due. Now we
must service all the "async" writes (which could be hundreds of megabytes)
before we service any reads, introducing considerable latency to synchronous
i/os (reads or ZIL writes).
Notes on porting to ZFS on Linux:
- zio_t gained new members io_physdone and io_phys_children. Because
object caches in the Linux port call the constructor only once at
allocation time, objects may contain residual data when retrieved
from the cache. Therefore zio_create() was updated to zero out the two
new fields.
- vdev_mirror_pending() relied on the depth of the per-vdev pending queue
(vq->vq_pending_tree) to select the least-busy leaf vdev to read from.
This tree has been replaced by vq->vq_active_tree which is now used
for the same purpose.
- vdev_queue_init() used the value of zfs_vdev_max_pending to determine
the number of vdev I/O buffers to pre-allocate. That global no longer
exists, so we instead use the sum of the *_max_active values for each of
the five I/O classes described above.
- The Illumos implementation of dmu_tx_delay() delays a transaction by
sleeping in condition variable embedded in the thread
(curthread->t_delay_cv). We do not have an equivalent CV to use in
Linux, so this change replaced the delay logic with a wrapper called
zfs_sleep_until(). This wrapper could be adopted upstream and in other
downstream ports to abstract away operating system-specific delay logic.
- These tunables are added as module parameters, and descriptions added
to the zfs-module-parameters.5 man page.
spa_asize_inflation
zfs_deadman_synctime_ms
zfs_vdev_max_active
zfs_vdev_async_write_active_min_dirty_percent
zfs_vdev_async_write_active_max_dirty_percent
zfs_vdev_async_read_max_active
zfs_vdev_async_read_min_active
zfs_vdev_async_write_max_active
zfs_vdev_async_write_min_active
zfs_vdev_scrub_max_active
zfs_vdev_scrub_min_active
zfs_vdev_sync_read_max_active
zfs_vdev_sync_read_min_active
zfs_vdev_sync_write_max_active
zfs_vdev_sync_write_min_active
zfs_dirty_data_max_percent
zfs_delay_min_dirty_percent
zfs_dirty_data_max_max_percent
zfs_dirty_data_max
zfs_dirty_data_max_max
zfs_dirty_data_sync
zfs_delay_scale
The latter four have type unsigned long, whereas they are uint64_t in
Illumos. This accommodates Linux's module_param() supported types, but
means they may overflow on 32-bit architectures.
The values zfs_dirty_data_max and zfs_dirty_data_max_max are the most
likely to overflow on 32-bit systems, since they express physical RAM
sizes in bytes. In fact, Illumos initializes zfs_dirty_data_max_max to
2^32 which does overflow. To resolve that, this port instead initializes
it in arc_init() to 25% of physical RAM, and adds the tunable
zfs_dirty_data_max_max_percent to override that percentage. While this
solution doesn't completely avoid the overflow issue, it should be a
reasonable default for most systems, and the minority of affected
systems can work around the issue by overriding the defaults.
- Fixed reversed logic in comment above zfs_delay_scale declaration.
- Clarified comments in vdev_queue.c regarding when per-queue minimums take
effect.
- Replaced dmu_tx_write_limit in the dmu_tx kstat file
with dmu_tx_dirty_delay and dmu_tx_dirty_over_max. The first counts
how many times a transaction has been delayed because the pool dirty
data has exceeded zfs_delay_min_dirty_percent. The latter counts how
many times the pool dirty data has exceeded zfs_dirty_data_max (which
we expect to never happen).
- The original patch would have regressed the bug fixed in
zfsonlinux/zfs@c418410, which prevented users from setting the
zfs_vdev_aggregation_limit tuning larger than SPA_MAXBLOCKSIZE.
A similar fix is added to vdev_queue_aggregate().
- In vdev_queue_io_to_issue(), dynamically allocate 'zio_t search' on the
heap instead of the stack. In Linux we can't afford such large
structures on the stack.
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Christopher Siden <christopher.siden@delphix.com>
Reviewed by: Ned Bass <bass6@llnl.gov>
Reviewed by: Brendan Gregg <brendan.gregg@joyent.com>
Approved by: Robert Mustacchi <rm@joyent.com>
References:
http://www.illumos.org/issues/4045
illumos/illumos-gate@69962b5647e4a8b9b14998733b765925381b727e
Ported-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #1913
2013-08-29 07:01:20 +04:00
|
|
|
default:
|
|
|
|
panic("unrecognized mode for %s_%s taskq (%u:%u) in "
|
|
|
|
"spa_activate()",
|
|
|
|
zio_type_name[t], zio_taskq_types[q], mode, value);
|
|
|
|
break;
|
|
|
|
}
|
2013-05-06 23:24:30 +04:00
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (uint_t i = 0; i < count; i++) {
|
Illumos #4045 write throttle & i/o scheduler performance work
4045 zfs write throttle & i/o scheduler performance work
1. The ZFS i/o scheduler (vdev_queue.c) now divides i/os into 5 classes: sync
read, sync write, async read, async write, and scrub/resilver. The scheduler
issues a number of concurrent i/os from each class to the device. Once a class
has been selected, an i/o is selected from this class using either an elevator
algorithem (async, scrub classes) or FIFO (sync classes). The number of
concurrent async write i/os is tuned dynamically based on i/o load, to achieve
good sync i/o latency when there is not a high load of writes, and good write
throughput when there is. See the block comment in vdev_queue.c (reproduced
below) for more details.
2. The write throttle (dsl_pool_tempreserve_space() and
txg_constrain_throughput()) is rewritten to produce much more consistent delays
when under constant load. The new write throttle is based on the amount of
dirty data, rather than guesses about future performance of the system. When
there is a lot of dirty data, each transaction (e.g. write() syscall) will be
delayed by the same small amount. This eliminates the "brick wall of wait"
that the old write throttle could hit, causing all transactions to wait several
seconds until the next txg opens. One of the keys to the new write throttle is
decrementing the amount of dirty data as i/o completes, rather than at the end
of spa_sync(). Note that the write throttle is only applied once the i/o
scheduler is issuing the maximum number of outstanding async writes. See the
block comments in dsl_pool.c and above dmu_tx_delay() (reproduced below) for
more details.
This diff has several other effects, including:
* the commonly-tuned global variable zfs_vdev_max_pending has been removed;
use per-class zfs_vdev_*_max_active values or zfs_vdev_max_active instead.
* the size of each txg (meaning the amount of dirty data written, and thus the
time it takes to write out) is now controlled differently. There is no longer
an explicit time goal; the primary determinant is amount of dirty data.
Systems that are under light or medium load will now often see that a txg is
always syncing, but the impact to performance (e.g. read latency) is minimal.
Tune zfs_dirty_data_max and zfs_dirty_data_sync to control this.
* zio_taskq_batch_pct = 75 -- Only use 75% of all CPUs for compression,
checksum, etc. This improves latency by not allowing these CPU-intensive tasks
to consume all CPU (on machines with at least 4 CPU's; the percentage is
rounded up).
--matt
APPENDIX: problems with the current i/o scheduler
The current ZFS i/o scheduler (vdev_queue.c) is deadline based. The problem
with this is that if there are always i/os pending, then certain classes of
i/os can see very long delays.
For example, if there are always synchronous reads outstanding, then no async
writes will be serviced until they become "past due". One symptom of this
situation is that each pass of the txg sync takes at least several seconds
(typically 3 seconds).
If many i/os become "past due" (their deadline is in the past), then we must
service all of these overdue i/os before any new i/os. This happens when we
enqueue a batch of async writes for the txg sync, with deadlines 2.5 seconds in
the future. If we can't complete all the i/os in 2.5 seconds (e.g. because
there were always reads pending), then these i/os will become past due. Now we
must service all the "async" writes (which could be hundreds of megabytes)
before we service any reads, introducing considerable latency to synchronous
i/os (reads or ZIL writes).
Notes on porting to ZFS on Linux:
- zio_t gained new members io_physdone and io_phys_children. Because
object caches in the Linux port call the constructor only once at
allocation time, objects may contain residual data when retrieved
from the cache. Therefore zio_create() was updated to zero out the two
new fields.
- vdev_mirror_pending() relied on the depth of the per-vdev pending queue
(vq->vq_pending_tree) to select the least-busy leaf vdev to read from.
This tree has been replaced by vq->vq_active_tree which is now used
for the same purpose.
- vdev_queue_init() used the value of zfs_vdev_max_pending to determine
the number of vdev I/O buffers to pre-allocate. That global no longer
exists, so we instead use the sum of the *_max_active values for each of
the five I/O classes described above.
- The Illumos implementation of dmu_tx_delay() delays a transaction by
sleeping in condition variable embedded in the thread
(curthread->t_delay_cv). We do not have an equivalent CV to use in
Linux, so this change replaced the delay logic with a wrapper called
zfs_sleep_until(). This wrapper could be adopted upstream and in other
downstream ports to abstract away operating system-specific delay logic.
- These tunables are added as module parameters, and descriptions added
to the zfs-module-parameters.5 man page.
spa_asize_inflation
zfs_deadman_synctime_ms
zfs_vdev_max_active
zfs_vdev_async_write_active_min_dirty_percent
zfs_vdev_async_write_active_max_dirty_percent
zfs_vdev_async_read_max_active
zfs_vdev_async_read_min_active
zfs_vdev_async_write_max_active
zfs_vdev_async_write_min_active
zfs_vdev_scrub_max_active
zfs_vdev_scrub_min_active
zfs_vdev_sync_read_max_active
zfs_vdev_sync_read_min_active
zfs_vdev_sync_write_max_active
zfs_vdev_sync_write_min_active
zfs_dirty_data_max_percent
zfs_delay_min_dirty_percent
zfs_dirty_data_max_max_percent
zfs_dirty_data_max
zfs_dirty_data_max_max
zfs_dirty_data_sync
zfs_delay_scale
The latter four have type unsigned long, whereas they are uint64_t in
Illumos. This accommodates Linux's module_param() supported types, but
means they may overflow on 32-bit architectures.
The values zfs_dirty_data_max and zfs_dirty_data_max_max are the most
likely to overflow on 32-bit systems, since they express physical RAM
sizes in bytes. In fact, Illumos initializes zfs_dirty_data_max_max to
2^32 which does overflow. To resolve that, this port instead initializes
it in arc_init() to 25% of physical RAM, and adds the tunable
zfs_dirty_data_max_max_percent to override that percentage. While this
solution doesn't completely avoid the overflow issue, it should be a
reasonable default for most systems, and the minority of affected
systems can work around the issue by overriding the defaults.
- Fixed reversed logic in comment above zfs_delay_scale declaration.
- Clarified comments in vdev_queue.c regarding when per-queue minimums take
effect.
- Replaced dmu_tx_write_limit in the dmu_tx kstat file
with dmu_tx_dirty_delay and dmu_tx_dirty_over_max. The first counts
how many times a transaction has been delayed because the pool dirty
data has exceeded zfs_delay_min_dirty_percent. The latter counts how
many times the pool dirty data has exceeded zfs_dirty_data_max (which
we expect to never happen).
- The original patch would have regressed the bug fixed in
zfsonlinux/zfs@c418410, which prevented users from setting the
zfs_vdev_aggregation_limit tuning larger than SPA_MAXBLOCKSIZE.
A similar fix is added to vdev_queue_aggregate().
- In vdev_queue_io_to_issue(), dynamically allocate 'zio_t search' on the
heap instead of the stack. In Linux we can't afford such large
structures on the stack.
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Christopher Siden <christopher.siden@delphix.com>
Reviewed by: Ned Bass <bass6@llnl.gov>
Reviewed by: Brendan Gregg <brendan.gregg@joyent.com>
Approved by: Robert Mustacchi <rm@joyent.com>
References:
http://www.illumos.org/issues/4045
illumos/illumos-gate@69962b5647e4a8b9b14998733b765925381b727e
Ported-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #1913
2013-08-29 07:01:20 +04:00
|
|
|
taskq_t *tq;
|
2013-05-06 23:24:30 +04:00
|
|
|
|
|
|
|
if (count > 1) {
|
|
|
|
(void) snprintf(name, sizeof (name), "%s_%s_%u",
|
|
|
|
zio_type_name[t], zio_taskq_types[q], i);
|
|
|
|
} else {
|
|
|
|
(void) snprintf(name, sizeof (name), "%s_%s",
|
|
|
|
zio_type_name[t], zio_taskq_types[q]);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (zio_taskq_sysdc && spa->spa_proc != &p0) {
|
|
|
|
if (batch)
|
|
|
|
flags |= TASKQ_DC_BATCH;
|
|
|
|
|
|
|
|
tq = taskq_create_sysdc(name, value, 50, INT_MAX,
|
|
|
|
spa->spa_proc, zio_taskq_basedc, flags);
|
|
|
|
} else {
|
Illumos #4045 write throttle & i/o scheduler performance work
4045 zfs write throttle & i/o scheduler performance work
1. The ZFS i/o scheduler (vdev_queue.c) now divides i/os into 5 classes: sync
read, sync write, async read, async write, and scrub/resilver. The scheduler
issues a number of concurrent i/os from each class to the device. Once a class
has been selected, an i/o is selected from this class using either an elevator
algorithem (async, scrub classes) or FIFO (sync classes). The number of
concurrent async write i/os is tuned dynamically based on i/o load, to achieve
good sync i/o latency when there is not a high load of writes, and good write
throughput when there is. See the block comment in vdev_queue.c (reproduced
below) for more details.
2. The write throttle (dsl_pool_tempreserve_space() and
txg_constrain_throughput()) is rewritten to produce much more consistent delays
when under constant load. The new write throttle is based on the amount of
dirty data, rather than guesses about future performance of the system. When
there is a lot of dirty data, each transaction (e.g. write() syscall) will be
delayed by the same small amount. This eliminates the "brick wall of wait"
that the old write throttle could hit, causing all transactions to wait several
seconds until the next txg opens. One of the keys to the new write throttle is
decrementing the amount of dirty data as i/o completes, rather than at the end
of spa_sync(). Note that the write throttle is only applied once the i/o
scheduler is issuing the maximum number of outstanding async writes. See the
block comments in dsl_pool.c and above dmu_tx_delay() (reproduced below) for
more details.
This diff has several other effects, including:
* the commonly-tuned global variable zfs_vdev_max_pending has been removed;
use per-class zfs_vdev_*_max_active values or zfs_vdev_max_active instead.
* the size of each txg (meaning the amount of dirty data written, and thus the
time it takes to write out) is now controlled differently. There is no longer
an explicit time goal; the primary determinant is amount of dirty data.
Systems that are under light or medium load will now often see that a txg is
always syncing, but the impact to performance (e.g. read latency) is minimal.
Tune zfs_dirty_data_max and zfs_dirty_data_sync to control this.
* zio_taskq_batch_pct = 75 -- Only use 75% of all CPUs for compression,
checksum, etc. This improves latency by not allowing these CPU-intensive tasks
to consume all CPU (on machines with at least 4 CPU's; the percentage is
rounded up).
--matt
APPENDIX: problems with the current i/o scheduler
The current ZFS i/o scheduler (vdev_queue.c) is deadline based. The problem
with this is that if there are always i/os pending, then certain classes of
i/os can see very long delays.
For example, if there are always synchronous reads outstanding, then no async
writes will be serviced until they become "past due". One symptom of this
situation is that each pass of the txg sync takes at least several seconds
(typically 3 seconds).
If many i/os become "past due" (their deadline is in the past), then we must
service all of these overdue i/os before any new i/os. This happens when we
enqueue a batch of async writes for the txg sync, with deadlines 2.5 seconds in
the future. If we can't complete all the i/os in 2.5 seconds (e.g. because
there were always reads pending), then these i/os will become past due. Now we
must service all the "async" writes (which could be hundreds of megabytes)
before we service any reads, introducing considerable latency to synchronous
i/os (reads or ZIL writes).
Notes on porting to ZFS on Linux:
- zio_t gained new members io_physdone and io_phys_children. Because
object caches in the Linux port call the constructor only once at
allocation time, objects may contain residual data when retrieved
from the cache. Therefore zio_create() was updated to zero out the two
new fields.
- vdev_mirror_pending() relied on the depth of the per-vdev pending queue
(vq->vq_pending_tree) to select the least-busy leaf vdev to read from.
This tree has been replaced by vq->vq_active_tree which is now used
for the same purpose.
- vdev_queue_init() used the value of zfs_vdev_max_pending to determine
the number of vdev I/O buffers to pre-allocate. That global no longer
exists, so we instead use the sum of the *_max_active values for each of
the five I/O classes described above.
- The Illumos implementation of dmu_tx_delay() delays a transaction by
sleeping in condition variable embedded in the thread
(curthread->t_delay_cv). We do not have an equivalent CV to use in
Linux, so this change replaced the delay logic with a wrapper called
zfs_sleep_until(). This wrapper could be adopted upstream and in other
downstream ports to abstract away operating system-specific delay logic.
- These tunables are added as module parameters, and descriptions added
to the zfs-module-parameters.5 man page.
spa_asize_inflation
zfs_deadman_synctime_ms
zfs_vdev_max_active
zfs_vdev_async_write_active_min_dirty_percent
zfs_vdev_async_write_active_max_dirty_percent
zfs_vdev_async_read_max_active
zfs_vdev_async_read_min_active
zfs_vdev_async_write_max_active
zfs_vdev_async_write_min_active
zfs_vdev_scrub_max_active
zfs_vdev_scrub_min_active
zfs_vdev_sync_read_max_active
zfs_vdev_sync_read_min_active
zfs_vdev_sync_write_max_active
zfs_vdev_sync_write_min_active
zfs_dirty_data_max_percent
zfs_delay_min_dirty_percent
zfs_dirty_data_max_max_percent
zfs_dirty_data_max
zfs_dirty_data_max_max
zfs_dirty_data_sync
zfs_delay_scale
The latter four have type unsigned long, whereas they are uint64_t in
Illumos. This accommodates Linux's module_param() supported types, but
means they may overflow on 32-bit architectures.
The values zfs_dirty_data_max and zfs_dirty_data_max_max are the most
likely to overflow on 32-bit systems, since they express physical RAM
sizes in bytes. In fact, Illumos initializes zfs_dirty_data_max_max to
2^32 which does overflow. To resolve that, this port instead initializes
it in arc_init() to 25% of physical RAM, and adds the tunable
zfs_dirty_data_max_max_percent to override that percentage. While this
solution doesn't completely avoid the overflow issue, it should be a
reasonable default for most systems, and the minority of affected
systems can work around the issue by overriding the defaults.
- Fixed reversed logic in comment above zfs_delay_scale declaration.
- Clarified comments in vdev_queue.c regarding when per-queue minimums take
effect.
- Replaced dmu_tx_write_limit in the dmu_tx kstat file
with dmu_tx_dirty_delay and dmu_tx_dirty_over_max. The first counts
how many times a transaction has been delayed because the pool dirty
data has exceeded zfs_delay_min_dirty_percent. The latter counts how
many times the pool dirty data has exceeded zfs_dirty_data_max (which
we expect to never happen).
- The original patch would have regressed the bug fixed in
zfsonlinux/zfs@c418410, which prevented users from setting the
zfs_vdev_aggregation_limit tuning larger than SPA_MAXBLOCKSIZE.
A similar fix is added to vdev_queue_aggregate().
- In vdev_queue_io_to_issue(), dynamically allocate 'zio_t search' on the
heap instead of the stack. In Linux we can't afford such large
structures on the stack.
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Christopher Siden <christopher.siden@delphix.com>
Reviewed by: Ned Bass <bass6@llnl.gov>
Reviewed by: Brendan Gregg <brendan.gregg@joyent.com>
Approved by: Robert Mustacchi <rm@joyent.com>
References:
http://www.illumos.org/issues/4045
illumos/illumos-gate@69962b5647e4a8b9b14998733b765925381b727e
Ported-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #1913
2013-08-29 07:01:20 +04:00
|
|
|
pri_t pri = maxclsyspri;
|
|
|
|
/*
|
|
|
|
* The write issue taskq can be extremely CPU
|
2015-07-24 20:08:31 +03:00
|
|
|
* intensive. Run it at slightly less important
|
|
|
|
* priority than the other taskqs. Under Linux this
|
|
|
|
* means incrementing the priority value on platforms
|
|
|
|
* like illumos it should be decremented.
|
Illumos #4045 write throttle & i/o scheduler performance work
4045 zfs write throttle & i/o scheduler performance work
1. The ZFS i/o scheduler (vdev_queue.c) now divides i/os into 5 classes: sync
read, sync write, async read, async write, and scrub/resilver. The scheduler
issues a number of concurrent i/os from each class to the device. Once a class
has been selected, an i/o is selected from this class using either an elevator
algorithem (async, scrub classes) or FIFO (sync classes). The number of
concurrent async write i/os is tuned dynamically based on i/o load, to achieve
good sync i/o latency when there is not a high load of writes, and good write
throughput when there is. See the block comment in vdev_queue.c (reproduced
below) for more details.
2. The write throttle (dsl_pool_tempreserve_space() and
txg_constrain_throughput()) is rewritten to produce much more consistent delays
when under constant load. The new write throttle is based on the amount of
dirty data, rather than guesses about future performance of the system. When
there is a lot of dirty data, each transaction (e.g. write() syscall) will be
delayed by the same small amount. This eliminates the "brick wall of wait"
that the old write throttle could hit, causing all transactions to wait several
seconds until the next txg opens. One of the keys to the new write throttle is
decrementing the amount of dirty data as i/o completes, rather than at the end
of spa_sync(). Note that the write throttle is only applied once the i/o
scheduler is issuing the maximum number of outstanding async writes. See the
block comments in dsl_pool.c and above dmu_tx_delay() (reproduced below) for
more details.
This diff has several other effects, including:
* the commonly-tuned global variable zfs_vdev_max_pending has been removed;
use per-class zfs_vdev_*_max_active values or zfs_vdev_max_active instead.
* the size of each txg (meaning the amount of dirty data written, and thus the
time it takes to write out) is now controlled differently. There is no longer
an explicit time goal; the primary determinant is amount of dirty data.
Systems that are under light or medium load will now often see that a txg is
always syncing, but the impact to performance (e.g. read latency) is minimal.
Tune zfs_dirty_data_max and zfs_dirty_data_sync to control this.
* zio_taskq_batch_pct = 75 -- Only use 75% of all CPUs for compression,
checksum, etc. This improves latency by not allowing these CPU-intensive tasks
to consume all CPU (on machines with at least 4 CPU's; the percentage is
rounded up).
--matt
APPENDIX: problems with the current i/o scheduler
The current ZFS i/o scheduler (vdev_queue.c) is deadline based. The problem
with this is that if there are always i/os pending, then certain classes of
i/os can see very long delays.
For example, if there are always synchronous reads outstanding, then no async
writes will be serviced until they become "past due". One symptom of this
situation is that each pass of the txg sync takes at least several seconds
(typically 3 seconds).
If many i/os become "past due" (their deadline is in the past), then we must
service all of these overdue i/os before any new i/os. This happens when we
enqueue a batch of async writes for the txg sync, with deadlines 2.5 seconds in
the future. If we can't complete all the i/os in 2.5 seconds (e.g. because
there were always reads pending), then these i/os will become past due. Now we
must service all the "async" writes (which could be hundreds of megabytes)
before we service any reads, introducing considerable latency to synchronous
i/os (reads or ZIL writes).
Notes on porting to ZFS on Linux:
- zio_t gained new members io_physdone and io_phys_children. Because
object caches in the Linux port call the constructor only once at
allocation time, objects may contain residual data when retrieved
from the cache. Therefore zio_create() was updated to zero out the two
new fields.
- vdev_mirror_pending() relied on the depth of the per-vdev pending queue
(vq->vq_pending_tree) to select the least-busy leaf vdev to read from.
This tree has been replaced by vq->vq_active_tree which is now used
for the same purpose.
- vdev_queue_init() used the value of zfs_vdev_max_pending to determine
the number of vdev I/O buffers to pre-allocate. That global no longer
exists, so we instead use the sum of the *_max_active values for each of
the five I/O classes described above.
- The Illumos implementation of dmu_tx_delay() delays a transaction by
sleeping in condition variable embedded in the thread
(curthread->t_delay_cv). We do not have an equivalent CV to use in
Linux, so this change replaced the delay logic with a wrapper called
zfs_sleep_until(). This wrapper could be adopted upstream and in other
downstream ports to abstract away operating system-specific delay logic.
- These tunables are added as module parameters, and descriptions added
to the zfs-module-parameters.5 man page.
spa_asize_inflation
zfs_deadman_synctime_ms
zfs_vdev_max_active
zfs_vdev_async_write_active_min_dirty_percent
zfs_vdev_async_write_active_max_dirty_percent
zfs_vdev_async_read_max_active
zfs_vdev_async_read_min_active
zfs_vdev_async_write_max_active
zfs_vdev_async_write_min_active
zfs_vdev_scrub_max_active
zfs_vdev_scrub_min_active
zfs_vdev_sync_read_max_active
zfs_vdev_sync_read_min_active
zfs_vdev_sync_write_max_active
zfs_vdev_sync_write_min_active
zfs_dirty_data_max_percent
zfs_delay_min_dirty_percent
zfs_dirty_data_max_max_percent
zfs_dirty_data_max
zfs_dirty_data_max_max
zfs_dirty_data_sync
zfs_delay_scale
The latter four have type unsigned long, whereas they are uint64_t in
Illumos. This accommodates Linux's module_param() supported types, but
means they may overflow on 32-bit architectures.
The values zfs_dirty_data_max and zfs_dirty_data_max_max are the most
likely to overflow on 32-bit systems, since they express physical RAM
sizes in bytes. In fact, Illumos initializes zfs_dirty_data_max_max to
2^32 which does overflow. To resolve that, this port instead initializes
it in arc_init() to 25% of physical RAM, and adds the tunable
zfs_dirty_data_max_max_percent to override that percentage. While this
solution doesn't completely avoid the overflow issue, it should be a
reasonable default for most systems, and the minority of affected
systems can work around the issue by overriding the defaults.
- Fixed reversed logic in comment above zfs_delay_scale declaration.
- Clarified comments in vdev_queue.c regarding when per-queue minimums take
effect.
- Replaced dmu_tx_write_limit in the dmu_tx kstat file
with dmu_tx_dirty_delay and dmu_tx_dirty_over_max. The first counts
how many times a transaction has been delayed because the pool dirty
data has exceeded zfs_delay_min_dirty_percent. The latter counts how
many times the pool dirty data has exceeded zfs_dirty_data_max (which
we expect to never happen).
- The original patch would have regressed the bug fixed in
zfsonlinux/zfs@c418410, which prevented users from setting the
zfs_vdev_aggregation_limit tuning larger than SPA_MAXBLOCKSIZE.
A similar fix is added to vdev_queue_aggregate().
- In vdev_queue_io_to_issue(), dynamically allocate 'zio_t search' on the
heap instead of the stack. In Linux we can't afford such large
structures on the stack.
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Christopher Siden <christopher.siden@delphix.com>
Reviewed by: Ned Bass <bass6@llnl.gov>
Reviewed by: Brendan Gregg <brendan.gregg@joyent.com>
Approved by: Robert Mustacchi <rm@joyent.com>
References:
http://www.illumos.org/issues/4045
illumos/illumos-gate@69962b5647e4a8b9b14998733b765925381b727e
Ported-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #1913
2013-08-29 07:01:20 +04:00
|
|
|
*/
|
|
|
|
if (t == ZIO_TYPE_WRITE && q == ZIO_TASKQ_ISSUE)
|
2015-07-24 20:08:31 +03:00
|
|
|
pri++;
|
Illumos #4045 write throttle & i/o scheduler performance work
4045 zfs write throttle & i/o scheduler performance work
1. The ZFS i/o scheduler (vdev_queue.c) now divides i/os into 5 classes: sync
read, sync write, async read, async write, and scrub/resilver. The scheduler
issues a number of concurrent i/os from each class to the device. Once a class
has been selected, an i/o is selected from this class using either an elevator
algorithem (async, scrub classes) or FIFO (sync classes). The number of
concurrent async write i/os is tuned dynamically based on i/o load, to achieve
good sync i/o latency when there is not a high load of writes, and good write
throughput when there is. See the block comment in vdev_queue.c (reproduced
below) for more details.
2. The write throttle (dsl_pool_tempreserve_space() and
txg_constrain_throughput()) is rewritten to produce much more consistent delays
when under constant load. The new write throttle is based on the amount of
dirty data, rather than guesses about future performance of the system. When
there is a lot of dirty data, each transaction (e.g. write() syscall) will be
delayed by the same small amount. This eliminates the "brick wall of wait"
that the old write throttle could hit, causing all transactions to wait several
seconds until the next txg opens. One of the keys to the new write throttle is
decrementing the amount of dirty data as i/o completes, rather than at the end
of spa_sync(). Note that the write throttle is only applied once the i/o
scheduler is issuing the maximum number of outstanding async writes. See the
block comments in dsl_pool.c and above dmu_tx_delay() (reproduced below) for
more details.
This diff has several other effects, including:
* the commonly-tuned global variable zfs_vdev_max_pending has been removed;
use per-class zfs_vdev_*_max_active values or zfs_vdev_max_active instead.
* the size of each txg (meaning the amount of dirty data written, and thus the
time it takes to write out) is now controlled differently. There is no longer
an explicit time goal; the primary determinant is amount of dirty data.
Systems that are under light or medium load will now often see that a txg is
always syncing, but the impact to performance (e.g. read latency) is minimal.
Tune zfs_dirty_data_max and zfs_dirty_data_sync to control this.
* zio_taskq_batch_pct = 75 -- Only use 75% of all CPUs for compression,
checksum, etc. This improves latency by not allowing these CPU-intensive tasks
to consume all CPU (on machines with at least 4 CPU's; the percentage is
rounded up).
--matt
APPENDIX: problems with the current i/o scheduler
The current ZFS i/o scheduler (vdev_queue.c) is deadline based. The problem
with this is that if there are always i/os pending, then certain classes of
i/os can see very long delays.
For example, if there are always synchronous reads outstanding, then no async
writes will be serviced until they become "past due". One symptom of this
situation is that each pass of the txg sync takes at least several seconds
(typically 3 seconds).
If many i/os become "past due" (their deadline is in the past), then we must
service all of these overdue i/os before any new i/os. This happens when we
enqueue a batch of async writes for the txg sync, with deadlines 2.5 seconds in
the future. If we can't complete all the i/os in 2.5 seconds (e.g. because
there were always reads pending), then these i/os will become past due. Now we
must service all the "async" writes (which could be hundreds of megabytes)
before we service any reads, introducing considerable latency to synchronous
i/os (reads or ZIL writes).
Notes on porting to ZFS on Linux:
- zio_t gained new members io_physdone and io_phys_children. Because
object caches in the Linux port call the constructor only once at
allocation time, objects may contain residual data when retrieved
from the cache. Therefore zio_create() was updated to zero out the two
new fields.
- vdev_mirror_pending() relied on the depth of the per-vdev pending queue
(vq->vq_pending_tree) to select the least-busy leaf vdev to read from.
This tree has been replaced by vq->vq_active_tree which is now used
for the same purpose.
- vdev_queue_init() used the value of zfs_vdev_max_pending to determine
the number of vdev I/O buffers to pre-allocate. That global no longer
exists, so we instead use the sum of the *_max_active values for each of
the five I/O classes described above.
- The Illumos implementation of dmu_tx_delay() delays a transaction by
sleeping in condition variable embedded in the thread
(curthread->t_delay_cv). We do not have an equivalent CV to use in
Linux, so this change replaced the delay logic with a wrapper called
zfs_sleep_until(). This wrapper could be adopted upstream and in other
downstream ports to abstract away operating system-specific delay logic.
- These tunables are added as module parameters, and descriptions added
to the zfs-module-parameters.5 man page.
spa_asize_inflation
zfs_deadman_synctime_ms
zfs_vdev_max_active
zfs_vdev_async_write_active_min_dirty_percent
zfs_vdev_async_write_active_max_dirty_percent
zfs_vdev_async_read_max_active
zfs_vdev_async_read_min_active
zfs_vdev_async_write_max_active
zfs_vdev_async_write_min_active
zfs_vdev_scrub_max_active
zfs_vdev_scrub_min_active
zfs_vdev_sync_read_max_active
zfs_vdev_sync_read_min_active
zfs_vdev_sync_write_max_active
zfs_vdev_sync_write_min_active
zfs_dirty_data_max_percent
zfs_delay_min_dirty_percent
zfs_dirty_data_max_max_percent
zfs_dirty_data_max
zfs_dirty_data_max_max
zfs_dirty_data_sync
zfs_delay_scale
The latter four have type unsigned long, whereas they are uint64_t in
Illumos. This accommodates Linux's module_param() supported types, but
means they may overflow on 32-bit architectures.
The values zfs_dirty_data_max and zfs_dirty_data_max_max are the most
likely to overflow on 32-bit systems, since they express physical RAM
sizes in bytes. In fact, Illumos initializes zfs_dirty_data_max_max to
2^32 which does overflow. To resolve that, this port instead initializes
it in arc_init() to 25% of physical RAM, and adds the tunable
zfs_dirty_data_max_max_percent to override that percentage. While this
solution doesn't completely avoid the overflow issue, it should be a
reasonable default for most systems, and the minority of affected
systems can work around the issue by overriding the defaults.
- Fixed reversed logic in comment above zfs_delay_scale declaration.
- Clarified comments in vdev_queue.c regarding when per-queue minimums take
effect.
- Replaced dmu_tx_write_limit in the dmu_tx kstat file
with dmu_tx_dirty_delay and dmu_tx_dirty_over_max. The first counts
how many times a transaction has been delayed because the pool dirty
data has exceeded zfs_delay_min_dirty_percent. The latter counts how
many times the pool dirty data has exceeded zfs_dirty_data_max (which
we expect to never happen).
- The original patch would have regressed the bug fixed in
zfsonlinux/zfs@c418410, which prevented users from setting the
zfs_vdev_aggregation_limit tuning larger than SPA_MAXBLOCKSIZE.
A similar fix is added to vdev_queue_aggregate().
- In vdev_queue_io_to_issue(), dynamically allocate 'zio_t search' on the
heap instead of the stack. In Linux we can't afford such large
structures on the stack.
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Christopher Siden <christopher.siden@delphix.com>
Reviewed by: Ned Bass <bass6@llnl.gov>
Reviewed by: Brendan Gregg <brendan.gregg@joyent.com>
Approved by: Robert Mustacchi <rm@joyent.com>
References:
http://www.illumos.org/issues/4045
illumos/illumos-gate@69962b5647e4a8b9b14998733b765925381b727e
Ported-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #1913
2013-08-29 07:01:20 +04:00
|
|
|
|
|
|
|
tq = taskq_create_proc(name, value, pri, 50,
|
2013-05-06 23:24:30 +04:00
|
|
|
INT_MAX, spa->spa_proc, flags);
|
|
|
|
}
|
|
|
|
|
|
|
|
tqs->stqs_taskq[i] = tq;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
spa_taskqs_fini(spa_t *spa, zio_type_t t, zio_taskq_type_t q)
|
|
|
|
{
|
|
|
|
spa_taskqs_t *tqs = &spa->spa_zio_taskq[t][q];
|
|
|
|
|
|
|
|
if (tqs->stqs_taskq == NULL) {
|
|
|
|
ASSERT3U(tqs->stqs_count, ==, 0);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (uint_t i = 0; i < tqs->stqs_count; i++) {
|
2013-05-06 23:24:30 +04:00
|
|
|
ASSERT3P(tqs->stqs_taskq[i], !=, NULL);
|
|
|
|
taskq_destroy(tqs->stqs_taskq[i]);
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2013-05-06 23:24:30 +04:00
|
|
|
kmem_free(tqs->stqs_taskq, tqs->stqs_count * sizeof (taskq_t *));
|
|
|
|
tqs->stqs_taskq = NULL;
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2013-05-06 23:24:30 +04:00
|
|
|
/*
|
|
|
|
* Dispatch a task to the appropriate taskq for the ZFS I/O type and priority.
|
|
|
|
* Note that a type may have multiple discrete taskqs to avoid lock contention
|
|
|
|
* on the taskq itself. In that case we choose which taskq at random by using
|
|
|
|
* the low bits of gethrtime().
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
spa_taskq_dispatch_ent(spa_t *spa, zio_type_t t, zio_taskq_type_t q,
|
|
|
|
task_func_t *func, void *arg, uint_t flags, taskq_ent_t *ent)
|
|
|
|
{
|
|
|
|
spa_taskqs_t *tqs = &spa->spa_zio_taskq[t][q];
|
|
|
|
taskq_t *tq;
|
|
|
|
|
|
|
|
ASSERT3P(tqs->stqs_taskq, !=, NULL);
|
|
|
|
ASSERT3U(tqs->stqs_count, !=, 0);
|
|
|
|
|
|
|
|
if (tqs->stqs_count == 1) {
|
|
|
|
tq = tqs->stqs_taskq[0];
|
|
|
|
} else {
|
2013-06-27 15:41:30 +04:00
|
|
|
tq = tqs->stqs_taskq[((uint64_t)gethrtime()) % tqs->stqs_count];
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
2013-05-06 23:24:30 +04:00
|
|
|
|
|
|
|
taskq_dispatch_ent(tq, func, arg, flags, ent);
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
|
|
|
|
2013-05-04 01:17:21 +04:00
|
|
|
/*
|
|
|
|
* Same as spa_taskq_dispatch_ent() but block on the task until completion.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
spa_taskq_dispatch_sync(spa_t *spa, zio_type_t t, zio_taskq_type_t q,
|
|
|
|
task_func_t *func, void *arg, uint_t flags)
|
|
|
|
{
|
|
|
|
spa_taskqs_t *tqs = &spa->spa_zio_taskq[t][q];
|
|
|
|
taskq_t *tq;
|
|
|
|
taskqid_t id;
|
|
|
|
|
|
|
|
ASSERT3P(tqs->stqs_taskq, !=, NULL);
|
|
|
|
ASSERT3U(tqs->stqs_count, !=, 0);
|
|
|
|
|
|
|
|
if (tqs->stqs_count == 1) {
|
|
|
|
tq = tqs->stqs_taskq[0];
|
|
|
|
} else {
|
2013-06-27 15:41:30 +04:00
|
|
|
tq = tqs->stqs_taskq[((uint64_t)gethrtime()) % tqs->stqs_count];
|
2013-05-04 01:17:21 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
id = taskq_dispatch(tq, func, arg, flags);
|
|
|
|
if (id)
|
|
|
|
taskq_wait_id(tq, id);
|
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
static void
|
|
|
|
spa_create_zio_taskqs(spa_t *spa)
|
|
|
|
{
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int t = 0; t < ZIO_TYPES; t++) {
|
|
|
|
for (int q = 0; q < ZIO_TASKQ_TYPES; q++) {
|
2013-05-06 23:24:30 +04:00
|
|
|
spa_taskqs_init(spa, t, q);
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2009-07-03 02:44:48 +04:00
|
|
|
|
Simplify threads, mutexs, cvs and rwlocks
* Simplify threads, mutexs, cvs and rwlocks
* Update the zk_thread_create() function to use the same trick
as Illumos. Specifically, cast the new pthread_t to a void
pointer and return that as the kthread_t *. This avoids the
issues associated with managing a wrapper structure and is
safe as long as the callers never attempt to dereference it.
* Update all function prototypes passed to pthread_create() to
match the expected prototype. We were getting away this with
before since the function were explicitly cast.
* Replaced direct zk_thread_create() calls with thread_create()
for code consistency. All consumers of libzpool now use the
proper wrappers.
* The mutex_held() calls were converted to MUTEX_HELD().
* Removed all mutex_owner() calls and retired the interface.
Instead use MUTEX_HELD() which provides the same information
and allows the implementation details to be hidden. In this
case the use of the pthread_equals() function.
* The kthread_t, kmutex_t, krwlock_t, and krwlock_t types had
any non essential fields removed. In the case of kthread_t
and kcondvar_t they could be directly typedef'd to pthread_t
and pthread_cond_t respectively.
* Removed all extra ASSERTS from the thread, mutex, rwlock, and
cv wrapper functions. In practice, pthreads already provides
the vast majority of checks as long as we check the return
code. Removing this code from our wrappers help readability.
* Added TS_JOINABLE state flag to pass to request a joinable rather
than detached thread. This isn't a standard thread_create() state
but it's the least invasive way to pass this information and is
only used by ztest.
TEST_ZTEST_TIMEOUT=3600
Chunwei Chen <tuxoko@gmail.com>
Reviewed-by: Tom Caputi <tcaputi@datto.com>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #4547
Closes #5503
Closes #5523
Closes #6377
Closes #6495
2017-08-11 18:51:44 +03:00
|
|
|
/*
|
|
|
|
* Disabled until spa_thread() can be adapted for Linux.
|
|
|
|
*/
|
|
|
|
#undef HAVE_SPA_THREAD
|
|
|
|
|
2010-08-26 22:52:20 +04:00
|
|
|
#if defined(_KERNEL) && defined(HAVE_SPA_THREAD)
|
2010-05-29 00:45:14 +04:00
|
|
|
static void
|
|
|
|
spa_thread(void *arg)
|
|
|
|
{
|
|
|
|
callb_cpr_t cprinfo;
|
2009-07-03 02:44:48 +04:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_t *spa = arg;
|
|
|
|
user_t *pu = PTOU(curproc);
|
2009-07-03 02:44:48 +04:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
CALLB_CPR_INIT(&cprinfo, &spa->spa_proc_lock, callb_generic_cpr,
|
|
|
|
spa->spa_name);
|
2009-07-03 02:44:48 +04:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
ASSERT(curproc != &p0);
|
|
|
|
(void) snprintf(pu->u_psargs, sizeof (pu->u_psargs),
|
|
|
|
"zpool-%s", spa->spa_name);
|
|
|
|
(void) strlcpy(pu->u_comm, pu->u_psargs, sizeof (pu->u_comm));
|
|
|
|
|
|
|
|
/* bind this thread to the requested psrset */
|
|
|
|
if (zio_taskq_psrset_bind != PS_NONE) {
|
|
|
|
pool_lock();
|
|
|
|
mutex_enter(&cpu_lock);
|
|
|
|
mutex_enter(&pidlock);
|
|
|
|
mutex_enter(&curproc->p_lock);
|
|
|
|
|
|
|
|
if (cpupart_bind_thread(curthread, zio_taskq_psrset_bind,
|
|
|
|
0, NULL, NULL) == 0) {
|
|
|
|
curthread->t_bind_pset = zio_taskq_psrset_bind;
|
|
|
|
} else {
|
|
|
|
cmn_err(CE_WARN,
|
|
|
|
"Couldn't bind process for zfs pool \"%s\" to "
|
|
|
|
"pset %d\n", spa->spa_name, zio_taskq_psrset_bind);
|
|
|
|
}
|
|
|
|
|
|
|
|
mutex_exit(&curproc->p_lock);
|
|
|
|
mutex_exit(&pidlock);
|
|
|
|
mutex_exit(&cpu_lock);
|
|
|
|
pool_unlock();
|
|
|
|
}
|
|
|
|
|
|
|
|
if (zio_taskq_sysdc) {
|
|
|
|
sysdc_thread_enter(curthread, 100, 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
spa->spa_proc = curproc;
|
|
|
|
spa->spa_did = curthread->t_did;
|
|
|
|
|
|
|
|
spa_create_zio_taskqs(spa);
|
|
|
|
|
|
|
|
mutex_enter(&spa->spa_proc_lock);
|
|
|
|
ASSERT(spa->spa_proc_state == SPA_PROC_CREATED);
|
|
|
|
|
|
|
|
spa->spa_proc_state = SPA_PROC_ACTIVE;
|
|
|
|
cv_broadcast(&spa->spa_proc_cv);
|
|
|
|
|
|
|
|
CALLB_CPR_SAFE_BEGIN(&cprinfo);
|
|
|
|
while (spa->spa_proc_state == SPA_PROC_ACTIVE)
|
|
|
|
cv_wait(&spa->spa_proc_cv, &spa->spa_proc_lock);
|
|
|
|
CALLB_CPR_SAFE_END(&cprinfo, &spa->spa_proc_lock);
|
|
|
|
|
|
|
|
ASSERT(spa->spa_proc_state == SPA_PROC_DEACTIVATE);
|
|
|
|
spa->spa_proc_state = SPA_PROC_GONE;
|
|
|
|
spa->spa_proc = &p0;
|
|
|
|
cv_broadcast(&spa->spa_proc_cv);
|
|
|
|
CALLB_CPR_EXIT(&cprinfo); /* drops spa_proc_lock */
|
|
|
|
|
|
|
|
mutex_enter(&curproc->p_lock);
|
|
|
|
lwp_exit();
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Activate an uninitialized pool.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_activate(spa_t *spa, int mode)
|
|
|
|
{
|
|
|
|
ASSERT(spa->spa_state == POOL_STATE_UNINITIALIZED);
|
|
|
|
|
|
|
|
spa->spa_state = POOL_STATE_ACTIVE;
|
|
|
|
spa->spa_mode = mode;
|
|
|
|
|
|
|
|
spa->spa_normal_class = metaslab_class_create(spa, zfs_metaslab_ops);
|
|
|
|
spa->spa_log_class = metaslab_class_create(spa, zfs_metaslab_ops);
|
|
|
|
|
|
|
|
/* Try to create a covering process */
|
|
|
|
mutex_enter(&spa->spa_proc_lock);
|
|
|
|
ASSERT(spa->spa_proc_state == SPA_PROC_NONE);
|
|
|
|
ASSERT(spa->spa_proc == &p0);
|
|
|
|
spa->spa_did = 0;
|
|
|
|
|
2010-08-26 22:52:20 +04:00
|
|
|
#ifdef HAVE_SPA_THREAD
|
2010-05-29 00:45:14 +04:00
|
|
|
/* Only create a process if we're going to be around a while. */
|
|
|
|
if (spa_create_process && strcmp(spa->spa_name, TRYIMPORT_NAME) != 0) {
|
|
|
|
if (newproc(spa_thread, (caddr_t)spa, syscid, maxclsyspri,
|
|
|
|
NULL, 0) == 0) {
|
|
|
|
spa->spa_proc_state = SPA_PROC_CREATED;
|
|
|
|
while (spa->spa_proc_state == SPA_PROC_CREATED) {
|
|
|
|
cv_wait(&spa->spa_proc_cv,
|
|
|
|
&spa->spa_proc_lock);
|
2009-07-03 02:44:48 +04:00
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
ASSERT(spa->spa_proc_state == SPA_PROC_ACTIVE);
|
|
|
|
ASSERT(spa->spa_proc != &p0);
|
|
|
|
ASSERT(spa->spa_did != 0);
|
|
|
|
} else {
|
|
|
|
#ifdef _KERNEL
|
|
|
|
cmn_err(CE_WARN,
|
|
|
|
"Couldn't create process for zfs pool \"%s\"\n",
|
|
|
|
spa->spa_name);
|
|
|
|
#endif
|
2008-12-03 23:09:06 +03:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
2010-08-26 22:52:20 +04:00
|
|
|
#endif /* HAVE_SPA_THREAD */
|
2010-05-29 00:45:14 +04:00
|
|
|
mutex_exit(&spa->spa_proc_lock);
|
|
|
|
|
|
|
|
/* If we didn't create a process, we need to create our taskqs. */
|
|
|
|
if (spa->spa_proc == &p0) {
|
|
|
|
spa_create_zio_taskqs(spa);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
list_create(&spa->spa_config_dirty_list, sizeof (vdev_t),
|
|
|
|
offsetof(vdev_t, vdev_config_dirty_node));
|
2015-04-02 06:44:32 +03:00
|
|
|
list_create(&spa->spa_evicting_os_list, sizeof (objset_t),
|
|
|
|
offsetof(objset_t, os_evicting_node));
|
2008-12-03 23:09:06 +03:00
|
|
|
list_create(&spa->spa_state_dirty_list, sizeof (vdev_t),
|
|
|
|
offsetof(vdev_t, vdev_state_dirty_node));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-04-24 19:34:36 +03:00
|
|
|
txg_list_create(&spa->spa_vdev_txg_list, spa,
|
2008-11-20 23:01:55 +03:00
|
|
|
offsetof(struct vdev, vdev_txg_node));
|
|
|
|
|
|
|
|
avl_create(&spa->spa_errlist_scrub,
|
|
|
|
spa_error_entry_compare, sizeof (spa_error_entry_t),
|
|
|
|
offsetof(spa_error_entry_t, se_avl));
|
|
|
|
avl_create(&spa->spa_errlist_last,
|
|
|
|
spa_error_entry_compare, sizeof (spa_error_entry_t),
|
|
|
|
offsetof(spa_error_entry_t, se_avl));
|
2014-03-22 13:07:14 +04:00
|
|
|
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
spa_keystore_init(&spa->spa_keystore);
|
|
|
|
|
2014-03-22 13:07:14 +04:00
|
|
|
/*
|
|
|
|
* This taskq is used to perform zvol-minor-related tasks
|
|
|
|
* asynchronously. This has several advantages, including easy
|
|
|
|
* resolution of various deadlocks (zfsonlinux bug #3681).
|
|
|
|
*
|
|
|
|
* The taskq must be single threaded to ensure tasks are always
|
|
|
|
* processed in the order in which they were dispatched.
|
|
|
|
*
|
|
|
|
* A taskq per pool allows one to keep the pools independent.
|
|
|
|
* This way if one pool is suspended, it will not impact another.
|
|
|
|
*
|
|
|
|
* The preferred location to dispatch a zvol minor task is a sync
|
|
|
|
* task. In this context, there is easy access to the spa_t and minimal
|
|
|
|
* error handling is required because the sync task must succeed.
|
|
|
|
*/
|
|
|
|
spa->spa_zvol_taskq = taskq_create("z_zvol", 1, defclsyspri,
|
|
|
|
1, INT_MAX, 0);
|
2016-10-04 21:46:10 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* The taskq to upgrade datasets in this pool. Currently used by
|
|
|
|
* feature SPA_FEATURE_USEROBJ_ACCOUNTING.
|
|
|
|
*/
|
|
|
|
spa->spa_upgrade_taskq = taskq_create("z_upgrade", boot_ncpus,
|
|
|
|
defclsyspri, 1, INT_MAX, TASKQ_DYNAMIC);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Opposite of spa_activate().
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_deactivate(spa_t *spa)
|
|
|
|
{
|
|
|
|
ASSERT(spa->spa_sync_on == B_FALSE);
|
|
|
|
ASSERT(spa->spa_dsl_pool == NULL);
|
|
|
|
ASSERT(spa->spa_root_vdev == NULL);
|
2009-07-03 02:44:48 +04:00
|
|
|
ASSERT(spa->spa_async_zio_root == NULL);
|
2008-11-20 23:01:55 +03:00
|
|
|
ASSERT(spa->spa_state != POOL_STATE_UNINITIALIZED);
|
|
|
|
|
2015-04-02 06:44:32 +03:00
|
|
|
spa_evicting_os_wait(spa);
|
|
|
|
|
2014-03-22 13:07:14 +04:00
|
|
|
if (spa->spa_zvol_taskq) {
|
|
|
|
taskq_destroy(spa->spa_zvol_taskq);
|
|
|
|
spa->spa_zvol_taskq = NULL;
|
|
|
|
}
|
|
|
|
|
2016-10-04 21:46:10 +03:00
|
|
|
if (spa->spa_upgrade_taskq) {
|
|
|
|
taskq_destroy(spa->spa_upgrade_taskq);
|
|
|
|
spa->spa_upgrade_taskq = NULL;
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
txg_list_destroy(&spa->spa_vdev_txg_list);
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
list_destroy(&spa->spa_config_dirty_list);
|
2015-04-02 06:44:32 +03:00
|
|
|
list_destroy(&spa->spa_evicting_os_list);
|
2008-12-03 23:09:06 +03:00
|
|
|
list_destroy(&spa->spa_state_dirty_list);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2016-12-01 00:56:50 +03:00
|
|
|
taskq_cancel_id(system_delay_taskq, spa->spa_deadman_tqid);
|
2013-04-30 02:49:23 +04:00
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int t = 0; t < ZIO_TYPES; t++) {
|
|
|
|
for (int q = 0; q < ZIO_TASKQ_TYPES; q++) {
|
2013-05-06 23:24:30 +04:00
|
|
|
spa_taskqs_fini(spa, t, q);
|
2008-12-03 23:09:06 +03:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
metaslab_class_destroy(spa->spa_normal_class);
|
|
|
|
spa->spa_normal_class = NULL;
|
|
|
|
|
|
|
|
metaslab_class_destroy(spa->spa_log_class);
|
|
|
|
spa->spa_log_class = NULL;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If this was part of an import or the open otherwise failed, we may
|
|
|
|
* still have errors left in the queues. Empty them just in case.
|
|
|
|
*/
|
|
|
|
spa_errlog_drain(spa);
|
|
|
|
avl_destroy(&spa->spa_errlist_scrub);
|
|
|
|
avl_destroy(&spa->spa_errlist_last);
|
|
|
|
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
spa_keystore_fini(&spa->spa_keystore);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_state = POOL_STATE_UNINITIALIZED;
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
mutex_enter(&spa->spa_proc_lock);
|
|
|
|
if (spa->spa_proc_state != SPA_PROC_NONE) {
|
|
|
|
ASSERT(spa->spa_proc_state == SPA_PROC_ACTIVE);
|
|
|
|
spa->spa_proc_state = SPA_PROC_DEACTIVATE;
|
|
|
|
cv_broadcast(&spa->spa_proc_cv);
|
|
|
|
while (spa->spa_proc_state == SPA_PROC_DEACTIVATE) {
|
|
|
|
ASSERT(spa->spa_proc != &p0);
|
|
|
|
cv_wait(&spa->spa_proc_cv, &spa->spa_proc_lock);
|
|
|
|
}
|
|
|
|
ASSERT(spa->spa_proc_state == SPA_PROC_GONE);
|
|
|
|
spa->spa_proc_state = SPA_PROC_NONE;
|
|
|
|
}
|
|
|
|
ASSERT(spa->spa_proc == &p0);
|
|
|
|
mutex_exit(&spa->spa_proc_lock);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We want to make sure spa_thread() has actually exited the ZFS
|
|
|
|
* module, so that the module can't be unloaded out from underneath
|
|
|
|
* it.
|
|
|
|
*/
|
|
|
|
if (spa->spa_did != 0) {
|
|
|
|
thread_join(spa->spa_did);
|
|
|
|
spa->spa_did = 0;
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Verify a pool configuration, and construct the vdev tree appropriately. This
|
|
|
|
* will create all the necessary vdevs in the appropriate layout, with each vdev
|
|
|
|
* in the CLOSED state. This will prep the pool before open/creation/import.
|
|
|
|
* All vdev validation is done by the vdev_alloc() routine.
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
spa_config_parse(spa_t *spa, vdev_t **vdp, nvlist_t *nv, vdev_t *parent,
|
|
|
|
uint_t id, int atype)
|
|
|
|
{
|
|
|
|
nvlist_t **child;
|
2009-07-03 02:44:48 +04:00
|
|
|
uint_t children;
|
2008-11-20 23:01:55 +03:00
|
|
|
int error;
|
|
|
|
|
|
|
|
if ((error = vdev_alloc(spa, vdp, nv, parent, id, atype)) != 0)
|
|
|
|
return (error);
|
|
|
|
|
|
|
|
if ((*vdp)->vdev_ops->vdev_op_leaf)
|
|
|
|
return (0);
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
error = nvlist_lookup_nvlist_array(nv, ZPOOL_CONFIG_CHILDREN,
|
|
|
|
&child, &children);
|
|
|
|
|
|
|
|
if (error == ENOENT)
|
|
|
|
return (0);
|
|
|
|
|
|
|
|
if (error) {
|
2008-11-20 23:01:55 +03:00
|
|
|
vdev_free(*vdp);
|
|
|
|
*vdp = NULL;
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(EINVAL));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int c = 0; c < children; c++) {
|
2008-11-20 23:01:55 +03:00
|
|
|
vdev_t *vd;
|
|
|
|
if ((error = spa_config_parse(spa, &vd, child[c], *vdp, c,
|
|
|
|
atype)) != 0) {
|
|
|
|
vdev_free(*vdp);
|
|
|
|
*vdp = NULL;
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
ASSERT(*vdp != NULL);
|
|
|
|
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Opposite of spa_load().
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_unload(spa_t *spa)
|
|
|
|
{
|
2017-11-04 23:25:13 +03:00
|
|
|
int i;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
ASSERT(MUTEX_HELD(&spa_namespace_lock));
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Stop async tasks.
|
|
|
|
*/
|
|
|
|
spa_async_suspend(spa);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Stop syncing.
|
|
|
|
*/
|
|
|
|
if (spa->spa_sync_on) {
|
|
|
|
txg_sync_stop(spa->spa_dsl_pool);
|
|
|
|
spa->spa_sync_on = B_FALSE;
|
|
|
|
}
|
|
|
|
|
2017-01-12 22:52:56 +03:00
|
|
|
/*
|
|
|
|
* Even though vdev_free() also calls vdev_metaslab_fini, we need
|
|
|
|
* to call it earlier, before we wait for async i/o to complete.
|
|
|
|
* This ensures that there is no async metaslab prefetching, by
|
|
|
|
* calling taskq_wait(mg_taskq).
|
|
|
|
*/
|
|
|
|
if (spa->spa_root_vdev != NULL) {
|
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int c = 0; c < spa->spa_root_vdev->vdev_children; c++)
|
2017-01-12 22:52:56 +03:00
|
|
|
vdev_metaslab_fini(spa->spa_root_vdev->vdev_child[c]);
|
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
|
|
|
}
|
|
|
|
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
if (spa->spa_mmp.mmp_thread)
|
|
|
|
mmp_thread_stop(spa);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
2008-12-03 23:09:06 +03:00
|
|
|
* Wait for any outstanding async I/O to complete.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2009-07-03 02:44:48 +04:00
|
|
|
if (spa->spa_async_zio_root != NULL) {
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int i = 0; i < max_ncpus; i++)
|
2014-09-17 10:59:43 +04:00
|
|
|
(void) zio_wait(spa->spa_async_zio_root[i]);
|
|
|
|
kmem_free(spa->spa_async_zio_root, max_ncpus * sizeof (void *));
|
2009-07-03 02:44:48 +04:00
|
|
|
spa->spa_async_zio_root = NULL;
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
bpobj_close(&spa->spa_deferred_bpobj);
|
|
|
|
|
Illumos #4101, #4102, #4103, #4105, #4106
4101 metaslab_debug should allow for fine-grained control
4102 space_maps should store more information about themselves
4103 space map object blocksize should be increased
4105 removing a mirrored log device results in a leaked object
4106 asynchronously load metaslab
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Sebastien Roy <seb@delphix.com>
Approved by: Garrett D'Amore <garrett@damore.org>
Prior to this patch, space_maps were preferred solely based on the
amount of free space left in each. Unfortunately, this heuristic didn't
contain any information about the make-up of that free space, which
meant we could keep preferring and loading a highly fragmented space map
that wouldn't actually have enough contiguous space to satisfy the
allocation; then unloading that space_map and repeating the process.
This change modifies the space_map's to store additional information
about the contiguous space in the space_map, so that we can use this
information to make a better decision about which space_map to load.
This requires reallocating all space_map objects to increase their
bonus buffer size sizes enough to fit the new metadata.
The above feature can be enabled via a new feature flag introduced by
this change: com.delphix:spacemap_histogram
In addition to the above, this patch allows the space_map block size to
be increase. Currently the block size is set to be 4K in size, which has
certain implications including the following:
* 4K sector devices will not see any compression benefit
* large space_maps require more metadata on-disk
* large space_maps require more time to load (typically random reads)
Now the space_map block size can adjust as needed up to the maximum size
set via the space_map_max_blksz variable.
A bug was fixed which resulted in potentially leaking an object when
removing a mirrored log device. The previous logic for vdev_remove() did
not deal with removing top-level vdevs that are interior vdevs (i.e.
mirror) correctly. The problem would occur when removing a mirrored log
device, and result in the DTL space map object being leaked; because
top-level vdevs don't have DTL space map objects associated with them.
References:
https://www.illumos.org/issues/4101
https://www.illumos.org/issues/4102
https://www.illumos.org/issues/4103
https://www.illumos.org/issues/4105
https://www.illumos.org/issues/4106
https://github.com/illumos/illumos-gate/commit/0713e23
Porting notes:
A handful of kmem_alloc() calls were converted to kmem_zalloc(). Also,
the KM_PUSHPAGE and TQ_PUSHPAGE flags were used as necessary.
Ported-by: Tim Chase <tim@chase2k.com>
Signed-off-by: Prakash Surya <surya1@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #2488
2013-10-02 01:25:53 +04:00
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Close all vdevs.
|
|
|
|
*/
|
|
|
|
if (spa->spa_root_vdev)
|
|
|
|
vdev_free(spa->spa_root_vdev);
|
|
|
|
ASSERT(spa->spa_root_vdev == NULL);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Close the dsl pool.
|
|
|
|
*/
|
|
|
|
if (spa->spa_dsl_pool) {
|
|
|
|
dsl_pool_close(spa->spa_dsl_pool);
|
|
|
|
spa->spa_dsl_pool = NULL;
|
2010-05-29 00:45:14 +04:00
|
|
|
spa->spa_meta_objset = NULL;
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
ddt_unload(spa);
|
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
/*
|
|
|
|
* Drop and purge level 2 cache
|
|
|
|
*/
|
|
|
|
spa_l2cache_drop(spa);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
for (i = 0; i < spa->spa_spares.sav_count; i++)
|
|
|
|
vdev_free(spa->spa_spares.sav_vdevs[i]);
|
|
|
|
if (spa->spa_spares.sav_vdevs) {
|
|
|
|
kmem_free(spa->spa_spares.sav_vdevs,
|
|
|
|
spa->spa_spares.sav_count * sizeof (void *));
|
|
|
|
spa->spa_spares.sav_vdevs = NULL;
|
|
|
|
}
|
|
|
|
if (spa->spa_spares.sav_config) {
|
|
|
|
nvlist_free(spa->spa_spares.sav_config);
|
|
|
|
spa->spa_spares.sav_config = NULL;
|
|
|
|
}
|
2008-12-03 23:09:06 +03:00
|
|
|
spa->spa_spares.sav_count = 0;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2012-04-08 21:23:08 +04:00
|
|
|
for (i = 0; i < spa->spa_l2cache.sav_count; i++) {
|
|
|
|
vdev_clear_stats(spa->spa_l2cache.sav_vdevs[i]);
|
2008-11-20 23:01:55 +03:00
|
|
|
vdev_free(spa->spa_l2cache.sav_vdevs[i]);
|
2012-04-08 21:23:08 +04:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
if (spa->spa_l2cache.sav_vdevs) {
|
|
|
|
kmem_free(spa->spa_l2cache.sav_vdevs,
|
|
|
|
spa->spa_l2cache.sav_count * sizeof (void *));
|
|
|
|
spa->spa_l2cache.sav_vdevs = NULL;
|
|
|
|
}
|
|
|
|
if (spa->spa_l2cache.sav_config) {
|
|
|
|
nvlist_free(spa->spa_l2cache.sav_config);
|
|
|
|
spa->spa_l2cache.sav_config = NULL;
|
|
|
|
}
|
2008-12-03 23:09:06 +03:00
|
|
|
spa->spa_l2cache.sav_count = 0;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
spa->spa_async_suspended = 0;
|
2009-01-16 00:59:39 +03:00
|
|
|
|
2011-11-15 23:01:27 +04:00
|
|
|
if (spa->spa_comment != NULL) {
|
|
|
|
spa_strfree(spa->spa_comment);
|
|
|
|
spa->spa_comment = NULL;
|
|
|
|
}
|
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Load (or re-load) the current list of vdevs describing the active spares for
|
|
|
|
* this pool. When this is called, we have some form of basic information in
|
|
|
|
* 'spa_spares.sav_config'. We parse this into vdevs, try to open them, and
|
|
|
|
* then re-generate a more complete list including status information.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_load_spares(spa_t *spa)
|
|
|
|
{
|
|
|
|
nvlist_t **spares;
|
|
|
|
uint_t nspares;
|
|
|
|
int i;
|
|
|
|
vdev_t *vd, *tvd;
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
ASSERT(spa_config_held(spa, SCL_ALL, RW_WRITER) == SCL_ALL);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* First, close and free any existing spare vdevs.
|
|
|
|
*/
|
|
|
|
for (i = 0; i < spa->spa_spares.sav_count; i++) {
|
|
|
|
vd = spa->spa_spares.sav_vdevs[i];
|
|
|
|
|
|
|
|
/* Undo the call to spa_activate() below */
|
2008-12-03 23:09:06 +03:00
|
|
|
if ((tvd = spa_lookup_by_guid(spa, vd->vdev_guid,
|
|
|
|
B_FALSE)) != NULL && tvd->vdev_isspare)
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_spare_remove(tvd);
|
|
|
|
vdev_close(vd);
|
|
|
|
vdev_free(vd);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (spa->spa_spares.sav_vdevs)
|
|
|
|
kmem_free(spa->spa_spares.sav_vdevs,
|
|
|
|
spa->spa_spares.sav_count * sizeof (void *));
|
|
|
|
|
|
|
|
if (spa->spa_spares.sav_config == NULL)
|
|
|
|
nspares = 0;
|
|
|
|
else
|
|
|
|
VERIFY(nvlist_lookup_nvlist_array(spa->spa_spares.sav_config,
|
|
|
|
ZPOOL_CONFIG_SPARES, &spares, &nspares) == 0);
|
|
|
|
|
|
|
|
spa->spa_spares.sav_count = (int)nspares;
|
|
|
|
spa->spa_spares.sav_vdevs = NULL;
|
|
|
|
|
|
|
|
if (nspares == 0)
|
|
|
|
return;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Construct the array of vdevs, opening them to get status in the
|
|
|
|
* process. For each spare, there is potentially two different vdev_t
|
|
|
|
* structures associated with it: one in the list of spares (used only
|
|
|
|
* for basic validation purposes) and one in the active vdev
|
|
|
|
* configuration (if it's spared in). During this phase we open and
|
|
|
|
* validate each vdev on the spare list. If the vdev also exists in the
|
|
|
|
* active configuration, then we also mark this vdev as an active spare.
|
|
|
|
*/
|
2014-01-25 03:47:46 +04:00
|
|
|
spa->spa_spares.sav_vdevs = kmem_zalloc(nspares * sizeof (void *),
|
2014-11-21 03:09:39 +03:00
|
|
|
KM_SLEEP);
|
2008-11-20 23:01:55 +03:00
|
|
|
for (i = 0; i < spa->spa_spares.sav_count; i++) {
|
|
|
|
VERIFY(spa_config_parse(spa, &vd, spares[i], NULL, 0,
|
|
|
|
VDEV_ALLOC_SPARE) == 0);
|
|
|
|
ASSERT(vd != NULL);
|
|
|
|
|
|
|
|
spa->spa_spares.sav_vdevs[i] = vd;
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
if ((tvd = spa_lookup_by_guid(spa, vd->vdev_guid,
|
|
|
|
B_FALSE)) != NULL) {
|
2008-11-20 23:01:55 +03:00
|
|
|
if (!tvd->vdev_isspare)
|
|
|
|
spa_spare_add(tvd);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We only mark the spare active if we were successfully
|
|
|
|
* able to load the vdev. Otherwise, importing a pool
|
|
|
|
* with a bad active spare would result in strange
|
|
|
|
* behavior, because multiple pool would think the spare
|
|
|
|
* is actively in use.
|
|
|
|
*
|
|
|
|
* There is a vulnerability here to an equally bizarre
|
|
|
|
* circumstance, where a dead active spare is later
|
|
|
|
* brought back to life (onlined or otherwise). Given
|
|
|
|
* the rarity of this scenario, and the extra complexity
|
|
|
|
* it adds, we ignore the possibility.
|
|
|
|
*/
|
|
|
|
if (!vdev_is_dead(tvd))
|
|
|
|
spa_spare_activate(tvd);
|
|
|
|
}
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
vd->vdev_top = vd;
|
2009-07-03 02:44:48 +04:00
|
|
|
vd->vdev_aux = &spa->spa_spares;
|
2008-12-03 23:09:06 +03:00
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
if (vdev_open(vd) != 0)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (vdev_validate_aux(vd) == 0)
|
|
|
|
spa_spare_add(vd);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Recompute the stashed list of spares, with status information
|
|
|
|
* this time.
|
|
|
|
*/
|
|
|
|
VERIFY(nvlist_remove(spa->spa_spares.sav_config, ZPOOL_CONFIG_SPARES,
|
|
|
|
DATA_TYPE_NVLIST_ARRAY) == 0);
|
|
|
|
|
|
|
|
spares = kmem_alloc(spa->spa_spares.sav_count * sizeof (void *),
|
2014-11-21 03:09:39 +03:00
|
|
|
KM_SLEEP);
|
2008-11-20 23:01:55 +03:00
|
|
|
for (i = 0; i < spa->spa_spares.sav_count; i++)
|
|
|
|
spares[i] = vdev_config_generate(spa,
|
2010-05-29 00:45:14 +04:00
|
|
|
spa->spa_spares.sav_vdevs[i], B_TRUE, VDEV_CONFIG_SPARE);
|
2008-11-20 23:01:55 +03:00
|
|
|
VERIFY(nvlist_add_nvlist_array(spa->spa_spares.sav_config,
|
|
|
|
ZPOOL_CONFIG_SPARES, spares, spa->spa_spares.sav_count) == 0);
|
|
|
|
for (i = 0; i < spa->spa_spares.sav_count; i++)
|
|
|
|
nvlist_free(spares[i]);
|
|
|
|
kmem_free(spares, spa->spa_spares.sav_count * sizeof (void *));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Load (or re-load) the current list of vdevs describing the active l2cache for
|
|
|
|
* this pool. When this is called, we have some form of basic information in
|
|
|
|
* 'spa_l2cache.sav_config'. We parse this into vdevs, try to open them, and
|
|
|
|
* then re-generate a more complete list including status information.
|
|
|
|
* Devices which are already active have their details maintained, and are
|
|
|
|
* not re-opened.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_load_l2cache(spa_t *spa)
|
|
|
|
{
|
|
|
|
nvlist_t **l2cache;
|
|
|
|
uint_t nl2cache;
|
|
|
|
int i, j, oldnvdevs;
|
2009-07-03 02:44:48 +04:00
|
|
|
uint64_t guid;
|
2013-02-11 10:21:05 +04:00
|
|
|
vdev_t *vd, **oldvdevs, **newvdevs;
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_aux_vdev_t *sav = &spa->spa_l2cache;
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
ASSERT(spa_config_held(spa, SCL_ALL, RW_WRITER) == SCL_ALL);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
oldvdevs = sav->sav_vdevs;
|
|
|
|
oldnvdevs = sav->sav_count;
|
|
|
|
sav->sav_vdevs = NULL;
|
|
|
|
sav->sav_count = 0;
|
|
|
|
|
2016-09-10 23:06:17 +03:00
|
|
|
if (sav->sav_config == NULL) {
|
|
|
|
nl2cache = 0;
|
|
|
|
newvdevs = NULL;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
VERIFY(nvlist_lookup_nvlist_array(sav->sav_config,
|
|
|
|
ZPOOL_CONFIG_L2CACHE, &l2cache, &nl2cache) == 0);
|
|
|
|
newvdevs = kmem_alloc(nl2cache * sizeof (void *), KM_SLEEP);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Process new nvlist of vdevs.
|
|
|
|
*/
|
|
|
|
for (i = 0; i < nl2cache; i++) {
|
|
|
|
VERIFY(nvlist_lookup_uint64(l2cache[i], ZPOOL_CONFIG_GUID,
|
|
|
|
&guid) == 0);
|
|
|
|
|
|
|
|
newvdevs[i] = NULL;
|
|
|
|
for (j = 0; j < oldnvdevs; j++) {
|
|
|
|
vd = oldvdevs[j];
|
|
|
|
if (vd != NULL && guid == vd->vdev_guid) {
|
|
|
|
/*
|
|
|
|
* Retain previous vdev for add/remove ops.
|
|
|
|
*/
|
|
|
|
newvdevs[i] = vd;
|
|
|
|
oldvdevs[j] = NULL;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (newvdevs[i] == NULL) {
|
|
|
|
/*
|
|
|
|
* Create new vdev
|
|
|
|
*/
|
|
|
|
VERIFY(spa_config_parse(spa, &vd, l2cache[i], NULL, 0,
|
|
|
|
VDEV_ALLOC_L2CACHE) == 0);
|
|
|
|
ASSERT(vd != NULL);
|
|
|
|
newvdevs[i] = vd;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Commit this vdev as an l2cache device,
|
|
|
|
* even if it fails to open.
|
|
|
|
*/
|
|
|
|
spa_l2cache_add(vd);
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
vd->vdev_top = vd;
|
|
|
|
vd->vdev_aux = sav;
|
|
|
|
|
|
|
|
spa_l2cache_activate(vd);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
if (vdev_open(vd) != 0)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
(void) vdev_validate_aux(vd);
|
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
if (!vdev_is_dead(vd))
|
|
|
|
l2arc_add_vdev(spa, vd);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-09-10 23:06:17 +03:00
|
|
|
sav->sav_vdevs = newvdevs;
|
|
|
|
sav->sav_count = (int)nl2cache;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Recompute the stashed list of l2cache devices, with status
|
|
|
|
* information this time.
|
|
|
|
*/
|
|
|
|
VERIFY(nvlist_remove(sav->sav_config, ZPOOL_CONFIG_L2CACHE,
|
|
|
|
DATA_TYPE_NVLIST_ARRAY) == 0);
|
|
|
|
|
|
|
|
l2cache = kmem_alloc(sav->sav_count * sizeof (void *), KM_SLEEP);
|
|
|
|
for (i = 0; i < sav->sav_count; i++)
|
|
|
|
l2cache[i] = vdev_config_generate(spa,
|
|
|
|
sav->sav_vdevs[i], B_TRUE, VDEV_CONFIG_L2CACHE);
|
|
|
|
VERIFY(nvlist_add_nvlist_array(sav->sav_config,
|
|
|
|
ZPOOL_CONFIG_L2CACHE, l2cache, sav->sav_count) == 0);
|
|
|
|
|
|
|
|
out:
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Purge vdevs that were dropped
|
|
|
|
*/
|
|
|
|
for (i = 0; i < oldnvdevs; i++) {
|
|
|
|
uint64_t pool;
|
|
|
|
|
|
|
|
vd = oldvdevs[i];
|
|
|
|
if (vd != NULL) {
|
2012-04-08 21:23:08 +04:00
|
|
|
ASSERT(vd->vdev_isl2cache);
|
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
if (spa_l2cache_exists(vd->vdev_guid, &pool) &&
|
|
|
|
pool != 0ULL && l2arc_vdev_present(vd))
|
2008-11-20 23:01:55 +03:00
|
|
|
l2arc_remove_vdev(vd);
|
2012-04-08 21:23:08 +04:00
|
|
|
vdev_clear_stats(vd);
|
|
|
|
vdev_free(vd);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (oldvdevs)
|
|
|
|
kmem_free(oldvdevs, oldnvdevs * sizeof (void *));
|
|
|
|
|
|
|
|
for (i = 0; i < sav->sav_count; i++)
|
|
|
|
nvlist_free(l2cache[i]);
|
|
|
|
if (sav->sav_count)
|
|
|
|
kmem_free(l2cache, sav->sav_count * sizeof (void *));
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
load_nvlist(spa_t *spa, uint64_t obj, nvlist_t **value)
|
|
|
|
{
|
|
|
|
dmu_buf_t *db;
|
|
|
|
char *packed = NULL;
|
|
|
|
size_t nvsize = 0;
|
|
|
|
int error;
|
|
|
|
*value = NULL;
|
|
|
|
|
2012-11-30 23:23:38 +04:00
|
|
|
error = dmu_bonus_hold(spa->spa_meta_objset, obj, FTAG, &db);
|
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
nvsize = *(uint64_t *)db->db_data;
|
|
|
|
dmu_buf_rele(db, FTAG);
|
|
|
|
|
2015-02-05 23:43:37 +03:00
|
|
|
packed = vmem_alloc(nvsize, KM_SLEEP);
|
2009-07-03 02:44:48 +04:00
|
|
|
error = dmu_read(spa->spa_meta_objset, obj, 0, nvsize, packed,
|
|
|
|
DMU_READ_PREFETCH);
|
2008-11-20 23:01:55 +03:00
|
|
|
if (error == 0)
|
|
|
|
error = nvlist_unpack(packed, nvsize, value, 0);
|
2015-02-05 23:43:37 +03:00
|
|
|
vmem_free(packed, nvsize);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Checks to see if the given vdev could not be opened, in which case we post a
|
|
|
|
* sysevent to notify the autoreplace code that the device has been removed.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_check_removed(vdev_t *vd)
|
|
|
|
{
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int c = 0; c < vd->vdev_children; c++)
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_check_removed(vd->vdev_child[c]);
|
|
|
|
|
2013-03-07 05:57:09 +04:00
|
|
|
if (vd->vdev_ops->vdev_op_leaf && vdev_is_dead(vd) &&
|
|
|
|
!vd->vdev_ishole) {
|
2016-07-28 01:29:15 +03:00
|
|
|
zfs_post_autoreplace(vd->vdev_spa, vd);
|
2017-05-30 21:39:17 +03:00
|
|
|
spa_event_notify(vd->vdev_spa, vd, NULL, ESC_ZFS_VDEV_CHECK);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-04-11 23:16:57 +03:00
|
|
|
static void
|
|
|
|
spa_config_valid_zaps(vdev_t *vd, vdev_t *mvd)
|
|
|
|
{
|
|
|
|
ASSERT3U(vd->vdev_children, ==, mvd->vdev_children);
|
|
|
|
|
|
|
|
vd->vdev_top_zap = mvd->vdev_top_zap;
|
|
|
|
vd->vdev_leaf_zap = mvd->vdev_leaf_zap;
|
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (uint64_t i = 0; i < vd->vdev_children; i++) {
|
2016-04-11 23:16:57 +03:00
|
|
|
spa_config_valid_zaps(vd->vdev_child[i], mvd->vdev_child[i]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
/*
|
2010-08-27 01:24:34 +04:00
|
|
|
* Validate the current config against the MOS config
|
2009-07-03 02:44:48 +04:00
|
|
|
*/
|
2010-08-27 01:24:34 +04:00
|
|
|
static boolean_t
|
|
|
|
spa_config_valid(spa_t *spa, nvlist_t *config)
|
2009-07-03 02:44:48 +04:00
|
|
|
{
|
2010-08-27 01:24:34 +04:00
|
|
|
vdev_t *mrvd, *rvd = spa->spa_root_vdev;
|
|
|
|
nvlist_t *nv;
|
|
|
|
|
|
|
|
VERIFY(nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE, &nv) == 0);
|
|
|
|
|
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
|
|
|
VERIFY(spa_config_parse(spa, &mrvd, nv, NULL, 0, VDEV_ALLOC_LOAD) == 0);
|
|
|
|
|
|
|
|
ASSERT3U(rvd->vdev_children, ==, mrvd->vdev_children);
|
2009-07-03 02:44:48 +04:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
2010-08-27 01:24:34 +04:00
|
|
|
* If we're doing a normal import, then build up any additional
|
|
|
|
* diagnostic information about missing devices in this config.
|
|
|
|
* We'll pass this up to the user for further processing.
|
2010-05-29 00:45:14 +04:00
|
|
|
*/
|
2010-08-27 01:24:34 +04:00
|
|
|
if (!(spa->spa_import_flags & ZFS_IMPORT_MISSING_LOG)) {
|
|
|
|
nvlist_t **child, *nv;
|
|
|
|
uint64_t idx = 0;
|
|
|
|
|
2016-09-22 04:09:00 +03:00
|
|
|
child = kmem_alloc(rvd->vdev_children * sizeof (nvlist_t *),
|
2014-11-21 03:09:39 +03:00
|
|
|
KM_SLEEP);
|
|
|
|
VERIFY(nvlist_alloc(&nv, NV_UNIQUE_NAME, KM_SLEEP) == 0);
|
2010-08-27 01:24:34 +04:00
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int c = 0; c < rvd->vdev_children; c++) {
|
2010-08-27 01:24:34 +04:00
|
|
|
vdev_t *tvd = rvd->vdev_child[c];
|
|
|
|
vdev_t *mtvd = mrvd->vdev_child[c];
|
|
|
|
|
|
|
|
if (tvd->vdev_ops == &vdev_missing_ops &&
|
|
|
|
mtvd->vdev_ops != &vdev_missing_ops &&
|
|
|
|
mtvd->vdev_islog)
|
|
|
|
child[idx++] = vdev_config_generate(spa, mtvd,
|
|
|
|
B_FALSE, 0);
|
|
|
|
}
|
2009-07-03 02:44:48 +04:00
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
if (idx) {
|
|
|
|
VERIFY(nvlist_add_nvlist_array(nv,
|
|
|
|
ZPOOL_CONFIG_CHILDREN, child, idx) == 0);
|
|
|
|
VERIFY(nvlist_add_nvlist(spa->spa_load_info,
|
|
|
|
ZPOOL_CONFIG_MISSING_DEVICES, nv) == 0);
|
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int i = 0; i < idx; i++)
|
2010-08-27 01:24:34 +04:00
|
|
|
nvlist_free(child[i]);
|
|
|
|
}
|
|
|
|
nvlist_free(nv);
|
|
|
|
kmem_free(child, rvd->vdev_children * sizeof (char **));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Compare the root vdev tree with the information we have
|
|
|
|
* from the MOS config (mrvd). Check each top-level vdev
|
|
|
|
* with the corresponding MOS config top-level (mtvd).
|
|
|
|
*/
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int c = 0; c < rvd->vdev_children; c++) {
|
2010-08-27 01:24:34 +04:00
|
|
|
vdev_t *tvd = rvd->vdev_child[c];
|
|
|
|
vdev_t *mtvd = mrvd->vdev_child[c];
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Resolve any "missing" vdevs in the current configuration.
|
|
|
|
* If we find that the MOS config has more accurate information
|
|
|
|
* about the top-level vdev then use that vdev instead.
|
|
|
|
*/
|
|
|
|
if (tvd->vdev_ops == &vdev_missing_ops &&
|
|
|
|
mtvd->vdev_ops != &vdev_missing_ops) {
|
|
|
|
|
|
|
|
if (!(spa->spa_import_flags & ZFS_IMPORT_MISSING_LOG))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Device specific actions.
|
|
|
|
*/
|
|
|
|
if (mtvd->vdev_islog) {
|
|
|
|
spa_set_log_state(spa, SPA_LOG_CLEAR);
|
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* XXX - once we have 'readonly' pool
|
|
|
|
* support we should be able to handle
|
|
|
|
* missing data devices by transitioning
|
|
|
|
* the pool to readonly.
|
|
|
|
*/
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Swap the missing vdev with the data we were
|
|
|
|
* able to obtain from the MOS config.
|
|
|
|
*/
|
|
|
|
vdev_remove_child(rvd, tvd);
|
|
|
|
vdev_remove_child(mrvd, mtvd);
|
|
|
|
|
|
|
|
vdev_add_child(rvd, mtvd);
|
|
|
|
vdev_add_child(mrvd, tvd);
|
|
|
|
|
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
|
|
|
vdev_load(mtvd);
|
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
|
|
|
|
|
|
|
vdev_reopen(rvd);
|
2016-04-11 23:16:57 +03:00
|
|
|
} else {
|
|
|
|
if (mtvd->vdev_islog) {
|
|
|
|
/*
|
|
|
|
* Load the slog device's state from the MOS
|
|
|
|
* config since it's possible that the label
|
|
|
|
* does not contain the most up-to-date
|
|
|
|
* information.
|
|
|
|
*/
|
|
|
|
vdev_load_log_state(tvd, mtvd);
|
|
|
|
vdev_reopen(tvd);
|
|
|
|
}
|
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
/*
|
2016-04-11 23:16:57 +03:00
|
|
|
* Per-vdev ZAP info is stored exclusively in the MOS.
|
2010-08-27 01:24:34 +04:00
|
|
|
*/
|
2016-04-11 23:16:57 +03:00
|
|
|
spa_config_valid_zaps(tvd, mtvd);
|
2010-08-27 01:24:34 +04:00
|
|
|
}
|
2009-07-03 02:44:48 +04:00
|
|
|
}
|
2016-04-11 23:16:57 +03:00
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
vdev_free(mrvd);
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
2010-08-27 01:24:34 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Ensure we were able to validate the config.
|
|
|
|
*/
|
|
|
|
return (rvd->vdev_guid_sum == spa->spa_uberblock.ub_guid_sum);
|
2009-07-03 02:44:48 +04:00
|
|
|
}
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
/*
|
|
|
|
* Check for missing log devices
|
|
|
|
*/
|
2013-09-04 16:00:57 +04:00
|
|
|
static boolean_t
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_check_logs(spa_t *spa)
|
|
|
|
{
|
2013-09-04 16:00:57 +04:00
|
|
|
boolean_t rv = B_FALSE;
|
2015-05-06 19:07:55 +03:00
|
|
|
dsl_pool_t *dp = spa_get_dsl(spa);
|
2013-09-04 16:00:57 +04:00
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
switch (spa->spa_log_state) {
|
2010-08-26 20:52:41 +04:00
|
|
|
default:
|
|
|
|
break;
|
2008-12-03 23:09:06 +03:00
|
|
|
case SPA_LOG_MISSING:
|
|
|
|
/* need to recheck in case slog has been restored */
|
|
|
|
case SPA_LOG_UNKNOWN:
|
2015-05-06 19:07:55 +03:00
|
|
|
rv = (dmu_objset_find_dp(dp, dp->dp_root_dir_obj,
|
|
|
|
zil_check_log_chain, NULL, DS_FIND_CHILDREN) != 0);
|
2013-09-04 16:00:57 +04:00
|
|
|
if (rv)
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_set_log_state(spa, SPA_LOG_MISSING);
|
2008-12-03 23:09:06 +03:00
|
|
|
break;
|
|
|
|
}
|
2013-09-04 16:00:57 +04:00
|
|
|
return (rv);
|
2008-12-03 23:09:06 +03:00
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
static boolean_t
|
|
|
|
spa_passivate_log(spa_t *spa)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2010-05-29 00:45:14 +04:00
|
|
|
vdev_t *rvd = spa->spa_root_vdev;
|
|
|
|
boolean_t slog_found = B_FALSE;
|
2008-12-03 23:09:06 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
ASSERT(spa_config_held(spa, SCL_ALLOC, RW_WRITER));
|
2009-01-16 00:59:39 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
if (!spa_has_slogs(spa))
|
|
|
|
return (B_FALSE);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int c = 0; c < rvd->vdev_children; c++) {
|
2010-05-29 00:45:14 +04:00
|
|
|
vdev_t *tvd = rvd->vdev_child[c];
|
|
|
|
metaslab_group_t *mg = tvd->vdev_mg;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
if (tvd->vdev_islog) {
|
|
|
|
metaslab_group_passivate(mg);
|
|
|
|
slog_found = B_TRUE;
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
return (slog_found);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
static void
|
|
|
|
spa_activate_log(spa_t *spa)
|
|
|
|
{
|
|
|
|
vdev_t *rvd = spa->spa_root_vdev;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
ASSERT(spa_config_held(spa, SCL_ALLOC, RW_WRITER));
|
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int c = 0; c < rvd->vdev_children; c++) {
|
2010-05-29 00:45:14 +04:00
|
|
|
vdev_t *tvd = rvd->vdev_child[c];
|
|
|
|
metaslab_group_t *mg = tvd->vdev_mg;
|
|
|
|
|
|
|
|
if (tvd->vdev_islog)
|
|
|
|
metaslab_group_activate(mg);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
int
|
|
|
|
spa_offline_log(spa_t *spa)
|
|
|
|
{
|
2013-09-04 16:00:57 +04:00
|
|
|
int error;
|
2009-07-03 02:44:48 +04:00
|
|
|
|
2013-09-04 16:00:57 +04:00
|
|
|
error = dmu_objset_find(spa_name(spa), zil_vdev_offline,
|
|
|
|
NULL, DS_FIND_CHILDREN);
|
|
|
|
if (error == 0) {
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
|
|
|
* We successfully offlined the log device, sync out the
|
|
|
|
* current txg so that the "stubby" block can be removed
|
|
|
|
* by zil_sync().
|
|
|
|
*/
|
|
|
|
txg_wait_synced(spa->spa_dsl_pool, 0);
|
|
|
|
}
|
|
|
|
return (error);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
static void
|
|
|
|
spa_aux_check_removed(spa_aux_vdev_t *sav)
|
|
|
|
{
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int i = 0; i < sav->sav_count; i++)
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_check_removed(sav->sav_vdevs[i]);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
void
|
|
|
|
spa_claim_notify(zio_t *zio)
|
|
|
|
{
|
|
|
|
spa_t *spa = zio->io_spa;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
if (zio->io_error)
|
|
|
|
return;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
mutex_enter(&spa->spa_props_lock); /* any mutex will do */
|
|
|
|
if (spa->spa_claim_max_txg < zio->io_bp->blk_birth)
|
|
|
|
spa->spa_claim_max_txg = zio->io_bp->blk_birth;
|
|
|
|
mutex_exit(&spa->spa_props_lock);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
typedef struct spa_load_error {
|
|
|
|
uint64_t sle_meta_count;
|
|
|
|
uint64_t sle_data_count;
|
|
|
|
} spa_load_error_t;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
static void
|
|
|
|
spa_load_verify_done(zio_t *zio)
|
|
|
|
{
|
|
|
|
blkptr_t *bp = zio->io_bp;
|
|
|
|
spa_load_error_t *sle = zio->io_private;
|
|
|
|
dmu_object_type_t type = BP_GET_TYPE(bp);
|
|
|
|
int error = zio->io_error;
|
2014-07-15 22:58:41 +04:00
|
|
|
spa_t *spa = zio->io_spa;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2016-07-22 18:52:49 +03:00
|
|
|
abd_free(zio->io_abd);
|
2010-05-29 00:45:14 +04:00
|
|
|
if (error) {
|
2012-12-14 03:24:15 +04:00
|
|
|
if ((BP_GET_LEVEL(bp) != 0 || DMU_OT_IS_METADATA(type)) &&
|
2010-05-29 00:45:14 +04:00
|
|
|
type != DMU_OT_INTENT_LOG)
|
2016-01-14 03:37:41 +03:00
|
|
|
atomic_inc_64(&sle->sle_meta_count);
|
2010-05-29 00:45:14 +04:00
|
|
|
else
|
2016-01-14 03:37:41 +03:00
|
|
|
atomic_inc_64(&sle->sle_data_count);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
2014-07-15 22:58:41 +04:00
|
|
|
|
|
|
|
mutex_enter(&spa->spa_scrub_lock);
|
2017-11-16 04:27:01 +03:00
|
|
|
spa->spa_load_verify_ios--;
|
2014-07-15 22:58:41 +04:00
|
|
|
cv_broadcast(&spa->spa_scrub_io_cv);
|
|
|
|
mutex_exit(&spa->spa_scrub_lock);
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2014-07-15 22:58:41 +04:00
|
|
|
/*
|
|
|
|
* Maximum number of concurrent scrub i/os to create while verifying
|
|
|
|
* a pool while importing it.
|
|
|
|
*/
|
|
|
|
int spa_load_verify_maxinflight = 10000;
|
|
|
|
int spa_load_verify_metadata = B_TRUE;
|
|
|
|
int spa_load_verify_data = B_TRUE;
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*ARGSUSED*/
|
|
|
|
static int
|
|
|
|
spa_load_verify_cb(spa_t *spa, zilog_t *zilog, const blkptr_t *bp,
|
2014-06-25 22:37:59 +04:00
|
|
|
const zbookmark_phys_t *zb, const dnode_phys_t *dnp, void *arg)
|
2010-05-29 00:45:14 +04:00
|
|
|
{
|
2015-12-22 04:31:57 +03:00
|
|
|
if (bp == NULL || BP_IS_HOLE(bp) || BP_IS_EMBEDDED(bp))
|
2014-07-15 22:58:41 +04:00
|
|
|
return (0);
|
|
|
|
/*
|
|
|
|
* Note: normally this routine will not be called if
|
|
|
|
* spa_load_verify_metadata is not set. However, it may be useful
|
|
|
|
* to manually set the flag after the traversal has begun.
|
|
|
|
*/
|
|
|
|
if (!spa_load_verify_metadata)
|
|
|
|
return (0);
|
2016-07-22 18:52:49 +03:00
|
|
|
if (!BP_IS_METADATA(bp) && !spa_load_verify_data)
|
2014-07-15 22:58:41 +04:00
|
|
|
return (0);
|
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
zio_t *rio = arg;
|
|
|
|
size_t size = BP_GET_PSIZE(bp);
|
2014-07-15 22:58:41 +04:00
|
|
|
|
|
|
|
mutex_enter(&spa->spa_scrub_lock);
|
2017-11-16 04:27:01 +03:00
|
|
|
while (spa->spa_load_verify_ios >= spa_load_verify_maxinflight)
|
2014-07-15 22:58:41 +04:00
|
|
|
cv_wait(&spa->spa_scrub_io_cv, &spa->spa_scrub_lock);
|
2017-11-16 04:27:01 +03:00
|
|
|
spa->spa_load_verify_ios++;
|
2014-07-15 22:58:41 +04:00
|
|
|
mutex_exit(&spa->spa_scrub_lock);
|
|
|
|
|
2016-07-22 18:52:49 +03:00
|
|
|
zio_nowait(zio_read(rio, spa, bp, abd_alloc_for_io(size, B_FALSE), size,
|
2014-07-15 22:58:41 +04:00
|
|
|
spa_load_verify_done, rio->io_private, ZIO_PRIORITY_SCRUB,
|
|
|
|
ZIO_FLAG_SPECULATIVE | ZIO_FLAG_CANFAIL |
|
|
|
|
ZIO_FLAG_SCRUB | ZIO_FLAG_RAW, zb));
|
2010-05-29 00:45:14 +04:00
|
|
|
return (0);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2016-06-16 00:51:27 +03:00
|
|
|
/* ARGSUSED */
|
|
|
|
int
|
|
|
|
verify_dataset_name_len(dsl_pool_t *dp, dsl_dataset_t *ds, void *arg)
|
|
|
|
{
|
|
|
|
if (dsl_dataset_namelen(ds) >= ZFS_MAX_DATASET_NAME_LEN)
|
|
|
|
return (SET_ERROR(ENAMETOOLONG));
|
|
|
|
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
static int
|
|
|
|
spa_load_verify(spa_t *spa)
|
|
|
|
{
|
|
|
|
zio_t *rio;
|
|
|
|
spa_load_error_t sle = { 0 };
|
|
|
|
zpool_rewind_policy_t policy;
|
|
|
|
boolean_t verify_ok = B_FALSE;
|
2014-07-15 22:58:41 +04:00
|
|
|
int error = 0;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
zpool_get_rewind_policy(spa->spa_config, &policy);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
if (policy.zrp_request & ZPOOL_NEVER_REWIND)
|
|
|
|
return (0);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2016-06-16 00:51:27 +03:00
|
|
|
dsl_pool_config_enter(spa->spa_dsl_pool, FTAG);
|
|
|
|
error = dmu_objset_find_dp(spa->spa_dsl_pool,
|
|
|
|
spa->spa_dsl_pool->dp_root_dir_obj, verify_dataset_name_len, NULL,
|
|
|
|
DS_FIND_CHILDREN);
|
|
|
|
dsl_pool_config_exit(spa->spa_dsl_pool, FTAG);
|
|
|
|
if (error != 0)
|
|
|
|
return (error);
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
rio = zio_root(spa, NULL, &sle,
|
|
|
|
ZIO_FLAG_CANFAIL | ZIO_FLAG_SPECULATIVE);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2014-07-15 22:58:41 +04:00
|
|
|
if (spa_load_verify_metadata) {
|
|
|
|
error = traverse_pool(spa, spa->spa_verify_min_txg,
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
TRAVERSE_PRE | TRAVERSE_PREFETCH_METADATA |
|
|
|
|
TRAVERSE_NO_DECRYPT, spa_load_verify_cb, rio);
|
2014-07-15 22:58:41 +04:00
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
(void) zio_wait(rio);
|
|
|
|
|
|
|
|
spa->spa_load_meta_errors = sle.sle_meta_count;
|
|
|
|
spa->spa_load_data_errors = sle.sle_data_count;
|
|
|
|
|
|
|
|
if (!error && sle.sle_meta_count <= policy.zrp_maxmeta &&
|
|
|
|
sle.sle_data_count <= policy.zrp_maxdata) {
|
2010-08-27 01:24:34 +04:00
|
|
|
int64_t loss = 0;
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
verify_ok = B_TRUE;
|
|
|
|
spa->spa_load_txg = spa->spa_uberblock.ub_txg;
|
|
|
|
spa->spa_load_txg_ts = spa->spa_uberblock.ub_timestamp;
|
2010-08-27 01:24:34 +04:00
|
|
|
|
|
|
|
loss = spa->spa_last_ubsync_txg_ts - spa->spa_load_txg_ts;
|
|
|
|
VERIFY(nvlist_add_uint64(spa->spa_load_info,
|
|
|
|
ZPOOL_CONFIG_LOAD_TIME, spa->spa_load_txg_ts) == 0);
|
|
|
|
VERIFY(nvlist_add_int64(spa->spa_load_info,
|
|
|
|
ZPOOL_CONFIG_REWIND_TIME, loss) == 0);
|
|
|
|
VERIFY(nvlist_add_uint64(spa->spa_load_info,
|
|
|
|
ZPOOL_CONFIG_LOAD_DATA_ERRORS, sle.sle_data_count) == 0);
|
2010-05-29 00:45:14 +04:00
|
|
|
} else {
|
|
|
|
spa->spa_load_max_txg = spa->spa_uberblock.ub_txg;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (error) {
|
|
|
|
if (error != ENXIO && error != EIO)
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EIO);
|
2010-05-29 00:45:14 +04:00
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
return (verify_ok ? 0 : EIO);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Find a value in the pool props object.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_prop_find(spa_t *spa, zpool_prop_t prop, uint64_t *val)
|
|
|
|
{
|
|
|
|
(void) zap_lookup(spa->spa_meta_objset, spa->spa_pool_props_object,
|
|
|
|
zpool_prop_to_name(prop), sizeof (uint64_t), 1, val);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Find a value in the pool directory object.
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
spa_dir_prop(spa_t *spa, const char *name, uint64_t *val)
|
|
|
|
{
|
|
|
|
return (zap_lookup(spa->spa_meta_objset, DMU_POOL_DIRECTORY_OBJECT,
|
|
|
|
name, sizeof (uint64_t), 1, val));
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
spa_vdev_err(vdev_t *vdev, vdev_aux_t aux, int err)
|
|
|
|
{
|
|
|
|
vdev_set_state(vdev, B_TRUE, VDEV_STATE_CANT_OPEN, aux);
|
|
|
|
return (err);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Fix up config after a partly-completed split. This is done with the
|
|
|
|
* ZPOOL_CONFIG_SPLIT nvlist. Both the splitting pool and the split-off
|
|
|
|
* pool have that entry in their config, but only the splitting one contains
|
|
|
|
* a list of all the guids of the vdevs that are being split off.
|
|
|
|
*
|
|
|
|
* This function determines what to do with that list: either rejoin
|
|
|
|
* all the disks to the pool, or complete the splitting process. To attempt
|
|
|
|
* the rejoin, each disk that is offlined is marked online again, and
|
|
|
|
* we do a reopen() call. If the vdev label for every disk that was
|
|
|
|
* marked online indicates it was successfully split off (VDEV_AUX_SPLIT_POOL)
|
|
|
|
* then we call vdev_split() on each disk, and complete the split.
|
|
|
|
*
|
|
|
|
* Otherwise we leave the config alone, with all the vdevs in place in
|
|
|
|
* the original pool.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_try_repair(spa_t *spa, nvlist_t *config)
|
|
|
|
{
|
|
|
|
uint_t extracted;
|
|
|
|
uint64_t *glist;
|
|
|
|
uint_t i, gcount;
|
|
|
|
nvlist_t *nvl;
|
|
|
|
vdev_t **vd;
|
|
|
|
boolean_t attempt_reopen;
|
|
|
|
|
|
|
|
if (nvlist_lookup_nvlist(config, ZPOOL_CONFIG_SPLIT, &nvl) != 0)
|
|
|
|
return;
|
|
|
|
|
|
|
|
/* check that the config is complete */
|
|
|
|
if (nvlist_lookup_uint64_array(nvl, ZPOOL_CONFIG_SPLIT_LIST,
|
|
|
|
&glist, &gcount) != 0)
|
|
|
|
return;
|
|
|
|
|
2014-11-21 03:09:39 +03:00
|
|
|
vd = kmem_zalloc(gcount * sizeof (vdev_t *), KM_SLEEP);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
/* attempt to online all the vdevs & validate */
|
|
|
|
attempt_reopen = B_TRUE;
|
|
|
|
for (i = 0; i < gcount; i++) {
|
|
|
|
if (glist[i] == 0) /* vdev is hole */
|
|
|
|
continue;
|
|
|
|
|
|
|
|
vd[i] = spa_lookup_by_guid(spa, glist[i], B_FALSE);
|
|
|
|
if (vd[i] == NULL) {
|
|
|
|
/*
|
|
|
|
* Don't bother attempting to reopen the disks;
|
|
|
|
* just do the split.
|
|
|
|
*/
|
|
|
|
attempt_reopen = B_FALSE;
|
|
|
|
} else {
|
|
|
|
/* attempt to re-online it */
|
|
|
|
vd[i]->vdev_offline = B_FALSE;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (attempt_reopen) {
|
|
|
|
vdev_reopen(spa->spa_root_vdev);
|
|
|
|
|
|
|
|
/* check each device to see what state it's in */
|
|
|
|
for (extracted = 0, i = 0; i < gcount; i++) {
|
|
|
|
if (vd[i] != NULL &&
|
|
|
|
vd[i]->vdev_stat.vs_aux != VDEV_AUX_SPLIT_POOL)
|
|
|
|
break;
|
|
|
|
++extracted;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If every disk has been moved to the new pool, or if we never
|
|
|
|
* even attempted to look at them, then we split them off for
|
|
|
|
* good.
|
|
|
|
*/
|
|
|
|
if (!attempt_reopen || gcount == extracted) {
|
|
|
|
for (i = 0; i < gcount; i++)
|
|
|
|
if (vd[i] != NULL)
|
|
|
|
vdev_split(vd[i]);
|
|
|
|
vdev_reopen(spa->spa_root_vdev);
|
|
|
|
}
|
|
|
|
|
|
|
|
kmem_free(vd, gcount * sizeof (vdev_t *));
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
spa_load(spa_t *spa, spa_load_state_t state, spa_import_type_t type,
|
|
|
|
boolean_t mosconfig)
|
|
|
|
{
|
|
|
|
nvlist_t *config = spa->spa_config;
|
|
|
|
char *ereport = FM_EREPORT_ZFS_POOL;
|
2011-11-15 23:01:27 +04:00
|
|
|
char *comment;
|
2010-05-29 00:45:14 +04:00
|
|
|
int error;
|
|
|
|
uint64_t pool_guid;
|
|
|
|
nvlist_t *nvl;
|
|
|
|
|
|
|
|
if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID, &pool_guid))
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(EINVAL));
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2011-11-15 23:01:27 +04:00
|
|
|
ASSERT(spa->spa_comment == NULL);
|
|
|
|
if (nvlist_lookup_string(config, ZPOOL_CONFIG_COMMENT, &comment) == 0)
|
|
|
|
spa->spa_comment = spa_strdup(comment);
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
|
|
|
* Versioning wasn't explicitly added to the label until later, so if
|
|
|
|
* it's not present treat it as the initial version.
|
|
|
|
*/
|
|
|
|
if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_VERSION,
|
|
|
|
&spa->spa_ubsync.ub_version) != 0)
|
|
|
|
spa->spa_ubsync.ub_version = SPA_VERSION_INITIAL;
|
|
|
|
|
|
|
|
(void) nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_TXG,
|
|
|
|
&spa->spa_config_txg);
|
|
|
|
|
|
|
|
if ((state == SPA_LOAD_IMPORT || state == SPA_LOAD_TRYIMPORT) &&
|
|
|
|
spa_guid_exists(pool_guid, 0)) {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EEXIST);
|
2010-05-29 00:45:14 +04:00
|
|
|
} else {
|
2011-11-12 02:07:54 +04:00
|
|
|
spa->spa_config_guid = pool_guid;
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
if (nvlist_lookup_nvlist(config, ZPOOL_CONFIG_SPLIT,
|
|
|
|
&nvl) == 0) {
|
|
|
|
VERIFY(nvlist_dup(nvl, &spa->spa_config_splitting,
|
2014-11-21 03:09:39 +03:00
|
|
|
KM_SLEEP) == 0);
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
nvlist_free(spa->spa_load_info);
|
|
|
|
spa->spa_load_info = fnvlist_alloc();
|
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
gethrestime(&spa->spa_loaded_ts);
|
2010-05-29 00:45:14 +04:00
|
|
|
error = spa_load_impl(spa, pool_guid, config, state, type,
|
|
|
|
mosconfig, &ereport);
|
|
|
|
}
|
|
|
|
|
2015-04-02 06:44:32 +03:00
|
|
|
/*
|
|
|
|
* Don't count references from objsets that are already closed
|
|
|
|
* and are making their way through the eviction process.
|
|
|
|
*/
|
|
|
|
spa_evicting_os_wait(spa);
|
2010-05-29 00:45:14 +04:00
|
|
|
spa->spa_minref = refcount_count(&spa->spa_refcount);
|
2010-08-27 01:24:34 +04:00
|
|
|
if (error) {
|
|
|
|
if (error != EEXIST) {
|
|
|
|
spa->spa_loaded_ts.tv_sec = 0;
|
|
|
|
spa->spa_loaded_ts.tv_nsec = 0;
|
|
|
|
}
|
|
|
|
if (error != EBADF) {
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
zfs_ereport_post(ereport, spa, NULL, NULL, NULL, 0, 0);
|
2010-08-27 01:24:34 +04:00
|
|
|
}
|
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
spa->spa_load_state = error ? SPA_LOAD_ERROR : SPA_LOAD_NONE;
|
|
|
|
spa->spa_ena = 0;
|
|
|
|
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
2016-05-07 04:14:03 +03:00
|
|
|
#ifdef ZFS_DEBUG
|
2016-04-11 23:16:57 +03:00
|
|
|
/*
|
|
|
|
* Count the number of per-vdev ZAPs associated with all of the vdevs in the
|
|
|
|
* vdev tree rooted in the given vd, and ensure that each ZAP is present in the
|
|
|
|
* spa's per-vdev ZAP list.
|
|
|
|
*/
|
|
|
|
static uint64_t
|
|
|
|
vdev_count_verify_zaps(vdev_t *vd)
|
|
|
|
{
|
|
|
|
spa_t *spa = vd->vdev_spa;
|
|
|
|
uint64_t total = 0;
|
|
|
|
|
|
|
|
if (vd->vdev_top_zap != 0) {
|
|
|
|
total++;
|
|
|
|
ASSERT0(zap_lookup_int(spa->spa_meta_objset,
|
|
|
|
spa->spa_all_vdev_zaps, vd->vdev_top_zap));
|
|
|
|
}
|
|
|
|
if (vd->vdev_leaf_zap != 0) {
|
|
|
|
total++;
|
|
|
|
ASSERT0(zap_lookup_int(spa->spa_meta_objset,
|
|
|
|
spa->spa_all_vdev_zaps, vd->vdev_leaf_zap));
|
|
|
|
}
|
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (uint64_t i = 0; i < vd->vdev_children; i++) {
|
2016-04-11 23:16:57 +03:00
|
|
|
total += vdev_count_verify_zaps(vd->vdev_child[i]);
|
|
|
|
}
|
|
|
|
|
|
|
|
return (total);
|
|
|
|
}
|
2016-05-07 04:14:03 +03:00
|
|
|
#endif
|
2016-04-11 23:16:57 +03:00
|
|
|
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
/*
|
|
|
|
* Determine whether the activity check is required.
|
|
|
|
*/
|
|
|
|
static boolean_t
|
2017-12-18 21:28:27 +03:00
|
|
|
spa_activity_check_required(spa_t *spa, uberblock_t *ub, nvlist_t *label,
|
|
|
|
nvlist_t *config)
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
{
|
|
|
|
uint64_t state = 0;
|
|
|
|
uint64_t hostid = 0;
|
|
|
|
uint64_t tryconfig_txg = 0;
|
|
|
|
uint64_t tryconfig_timestamp = 0;
|
|
|
|
nvlist_t *nvinfo;
|
|
|
|
|
|
|
|
if (nvlist_exists(config, ZPOOL_CONFIG_LOAD_INFO)) {
|
|
|
|
nvinfo = fnvlist_lookup_nvlist(config, ZPOOL_CONFIG_LOAD_INFO);
|
|
|
|
(void) nvlist_lookup_uint64(nvinfo, ZPOOL_CONFIG_MMP_TXG,
|
|
|
|
&tryconfig_txg);
|
|
|
|
(void) nvlist_lookup_uint64(config, ZPOOL_CONFIG_TIMESTAMP,
|
|
|
|
&tryconfig_timestamp);
|
|
|
|
}
|
|
|
|
|
|
|
|
(void) nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_STATE, &state);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Disable the MMP activity check - This is used by zdb which
|
|
|
|
* is intended to be used on potentially active pools.
|
|
|
|
*/
|
|
|
|
if (spa->spa_import_flags & ZFS_IMPORT_SKIP_MMP)
|
|
|
|
return (B_FALSE);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Skip the activity check when the MMP feature is disabled.
|
|
|
|
*/
|
|
|
|
if (ub->ub_mmp_magic == MMP_MAGIC && ub->ub_mmp_delay == 0)
|
|
|
|
return (B_FALSE);
|
|
|
|
/*
|
|
|
|
* If the tryconfig_* values are nonzero, they are the results of an
|
|
|
|
* earlier tryimport. If they match the uberblock we just found, then
|
|
|
|
* the pool has not changed and we return false so we do not test a
|
|
|
|
* second time.
|
|
|
|
*/
|
|
|
|
if (tryconfig_txg && tryconfig_txg == ub->ub_txg &&
|
|
|
|
tryconfig_timestamp && tryconfig_timestamp == ub->ub_timestamp)
|
|
|
|
return (B_FALSE);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Allow the activity check to be skipped when importing the pool
|
2017-12-18 21:28:27 +03:00
|
|
|
* on the same host which last imported it. Since the hostid from
|
|
|
|
* configuration may be stale use the one read from the label.
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
*/
|
2017-12-18 21:28:27 +03:00
|
|
|
if (nvlist_exists(label, ZPOOL_CONFIG_HOSTID))
|
|
|
|
hostid = fnvlist_lookup_uint64(label, ZPOOL_CONFIG_HOSTID);
|
|
|
|
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
if (hostid == spa_get_hostid())
|
|
|
|
return (B_FALSE);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Skip the activity test when the pool was cleanly exported.
|
|
|
|
*/
|
|
|
|
if (state != POOL_STATE_ACTIVE)
|
|
|
|
return (B_FALSE);
|
|
|
|
|
|
|
|
return (B_TRUE);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Perform the import activity check. If the user canceled the import or
|
|
|
|
* we detected activity then fail.
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
spa_activity_check(spa_t *spa, uberblock_t *ub, nvlist_t *config)
|
|
|
|
{
|
|
|
|
uint64_t import_intervals = MAX(zfs_multihost_import_intervals, 1);
|
|
|
|
uint64_t txg = ub->ub_txg;
|
|
|
|
uint64_t timestamp = ub->ub_timestamp;
|
|
|
|
uint64_t import_delay = NANOSEC;
|
|
|
|
hrtime_t import_expire;
|
|
|
|
nvlist_t *mmp_label = NULL;
|
|
|
|
vdev_t *rvd = spa->spa_root_vdev;
|
|
|
|
kcondvar_t cv;
|
|
|
|
kmutex_t mtx;
|
|
|
|
int error = 0;
|
|
|
|
|
|
|
|
cv_init(&cv, NULL, CV_DEFAULT, NULL);
|
|
|
|
mutex_init(&mtx, NULL, MUTEX_DEFAULT, NULL);
|
|
|
|
mutex_enter(&mtx);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If ZPOOL_CONFIG_MMP_TXG is present an activity check was performed
|
|
|
|
* during the earlier tryimport. If the txg recorded there is 0 then
|
|
|
|
* the pool is known to be active on another host.
|
|
|
|
*
|
|
|
|
* Otherwise, the pool might be in use on another node. Check for
|
|
|
|
* changes in the uberblocks on disk if necessary.
|
|
|
|
*/
|
|
|
|
if (nvlist_exists(config, ZPOOL_CONFIG_LOAD_INFO)) {
|
|
|
|
nvlist_t *nvinfo = fnvlist_lookup_nvlist(config,
|
|
|
|
ZPOOL_CONFIG_LOAD_INFO);
|
|
|
|
|
|
|
|
if (nvlist_exists(nvinfo, ZPOOL_CONFIG_MMP_TXG) &&
|
|
|
|
fnvlist_lookup_uint64(nvinfo, ZPOOL_CONFIG_MMP_TXG) == 0) {
|
|
|
|
vdev_uberblock_load(rvd, ub, &mmp_label);
|
|
|
|
error = SET_ERROR(EREMOTEIO);
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Preferentially use the zfs_multihost_interval from the node which
|
|
|
|
* last imported the pool. This value is stored in an MMP uberblock as.
|
|
|
|
*
|
|
|
|
* ub_mmp_delay * vdev_count_leaves() == zfs_multihost_interval
|
|
|
|
*/
|
|
|
|
if (ub->ub_mmp_magic == MMP_MAGIC && ub->ub_mmp_delay)
|
|
|
|
import_delay = MAX(import_delay, import_intervals *
|
2017-07-24 21:16:58 +03:00
|
|
|
ub->ub_mmp_delay * MAX(vdev_count_leaves(spa), 1));
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
|
|
|
|
/* Apply a floor using the local default values. */
|
|
|
|
import_delay = MAX(import_delay, import_intervals *
|
|
|
|
MSEC2NSEC(MAX(zfs_multihost_interval, MMP_MIN_INTERVAL)));
|
|
|
|
|
|
|
|
/* Add a small random factor in case of simultaneous imports (0-25%) */
|
|
|
|
import_expire = gethrtime() + import_delay +
|
|
|
|
(import_delay * spa_get_random(250) / 1000);
|
|
|
|
|
|
|
|
while (gethrtime() < import_expire) {
|
|
|
|
vdev_uberblock_load(rvd, ub, &mmp_label);
|
|
|
|
|
|
|
|
if (txg != ub->ub_txg || timestamp != ub->ub_timestamp) {
|
|
|
|
error = SET_ERROR(EREMOTEIO);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (mmp_label) {
|
|
|
|
nvlist_free(mmp_label);
|
|
|
|
mmp_label = NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
error = cv_timedwait_sig(&cv, &mtx, ddi_get_lbolt() + hz);
|
|
|
|
if (error != -1) {
|
|
|
|
error = SET_ERROR(EINTR);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
error = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
out:
|
|
|
|
mutex_exit(&mtx);
|
|
|
|
mutex_destroy(&mtx);
|
|
|
|
cv_destroy(&cv);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If the pool is determined to be active store the status in the
|
|
|
|
* spa->spa_load_info nvlist. If the remote hostname or hostid are
|
|
|
|
* available from configuration read from disk store them as well.
|
|
|
|
* This allows 'zpool import' to generate a more useful message.
|
|
|
|
*
|
|
|
|
* ZPOOL_CONFIG_MMP_STATE - observed pool status (mandatory)
|
|
|
|
* ZPOOL_CONFIG_MMP_HOSTNAME - hostname from the active pool
|
|
|
|
* ZPOOL_CONFIG_MMP_HOSTID - hostid from the active pool
|
|
|
|
*/
|
|
|
|
if (error == EREMOTEIO) {
|
|
|
|
char *hostname = "<unknown>";
|
|
|
|
uint64_t hostid = 0;
|
|
|
|
|
|
|
|
if (mmp_label) {
|
|
|
|
if (nvlist_exists(mmp_label, ZPOOL_CONFIG_HOSTNAME)) {
|
|
|
|
hostname = fnvlist_lookup_string(mmp_label,
|
|
|
|
ZPOOL_CONFIG_HOSTNAME);
|
|
|
|
fnvlist_add_string(spa->spa_load_info,
|
|
|
|
ZPOOL_CONFIG_MMP_HOSTNAME, hostname);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (nvlist_exists(mmp_label, ZPOOL_CONFIG_HOSTID)) {
|
|
|
|
hostid = fnvlist_lookup_uint64(mmp_label,
|
|
|
|
ZPOOL_CONFIG_HOSTID);
|
|
|
|
fnvlist_add_uint64(spa->spa_load_info,
|
|
|
|
ZPOOL_CONFIG_MMP_HOSTID, hostid);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
fnvlist_add_uint64(spa->spa_load_info,
|
|
|
|
ZPOOL_CONFIG_MMP_STATE, MMP_STATE_ACTIVE);
|
|
|
|
fnvlist_add_uint64(spa->spa_load_info,
|
|
|
|
ZPOOL_CONFIG_MMP_TXG, 0);
|
|
|
|
|
|
|
|
error = spa_vdev_err(rvd, VDEV_AUX_ACTIVE, EREMOTEIO);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (mmp_label)
|
|
|
|
nvlist_free(mmp_label);
|
|
|
|
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
|
|
|
* Load an existing storage pool, using the pool's builtin spa_config as a
|
|
|
|
* source of configuration information.
|
|
|
|
*/
|
2010-08-26 21:58:00 +04:00
|
|
|
__attribute__((always_inline))
|
|
|
|
static inline int
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_load_impl(spa_t *spa, uint64_t pool_guid, nvlist_t *config,
|
|
|
|
spa_load_state_t state, spa_import_type_t type, boolean_t mosconfig,
|
|
|
|
char **ereport)
|
|
|
|
{
|
|
|
|
int error = 0;
|
|
|
|
nvlist_t *nvroot = NULL;
|
2012-12-14 03:24:15 +04:00
|
|
|
nvlist_t *label;
|
2010-05-29 00:45:14 +04:00
|
|
|
vdev_t *rvd;
|
|
|
|
uberblock_t *ub = &spa->spa_uberblock;
|
2010-08-27 01:24:34 +04:00
|
|
|
uint64_t children, config_cache_txg = spa->spa_config_txg;
|
2010-05-29 00:45:14 +04:00
|
|
|
int orig_mode = spa->spa_mode;
|
2017-11-04 23:25:13 +03:00
|
|
|
int parse;
|
2010-05-29 00:45:14 +04:00
|
|
|
uint64_t obj;
|
2012-12-14 03:24:15 +04:00
|
|
|
boolean_t missing_feat_write = B_FALSE;
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
boolean_t activity_check = B_FALSE;
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If this is an untrusted config, access the pool in read-only mode.
|
|
|
|
* This prevents things like resilvering recently removed devices.
|
|
|
|
*/
|
|
|
|
if (!mosconfig)
|
|
|
|
spa->spa_mode = FREAD;
|
|
|
|
|
|
|
|
ASSERT(MUTEX_HELD(&spa_namespace_lock));
|
|
|
|
|
|
|
|
spa->spa_load_state = state;
|
|
|
|
|
|
|
|
if (nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE, &nvroot))
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(EINVAL));
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
parse = (type == SPA_IMPORT_EXISTING ?
|
|
|
|
VDEV_ALLOC_LOAD : VDEV_ALLOC_SPLIT);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Create "The Godfather" zio to hold all async IOs
|
|
|
|
*/
|
2014-09-17 10:59:43 +04:00
|
|
|
spa->spa_async_zio_root = kmem_alloc(max_ncpus * sizeof (void *),
|
|
|
|
KM_SLEEP);
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int i = 0; i < max_ncpus; i++) {
|
2014-09-17 10:59:43 +04:00
|
|
|
spa->spa_async_zio_root[i] = zio_root(spa, NULL, NULL,
|
|
|
|
ZIO_FLAG_CANFAIL | ZIO_FLAG_SPECULATIVE |
|
|
|
|
ZIO_FLAG_GODFATHER);
|
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Parse the configuration into a vdev tree. We explicitly set the
|
|
|
|
* value that will be returned by spa_version() since parsing the
|
|
|
|
* configuration requires knowing the version number.
|
|
|
|
*/
|
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
|
|
|
error = spa_config_parse(spa, &rvd, nvroot, NULL, 0, parse);
|
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
|
|
|
|
|
|
|
if (error != 0)
|
|
|
|
return (error);
|
|
|
|
|
|
|
|
ASSERT(spa->spa_root_vdev == rvd);
|
2015-05-20 07:14:01 +03:00
|
|
|
ASSERT3U(spa->spa_min_ashift, >=, SPA_MINBLOCKSHIFT);
|
|
|
|
ASSERT3U(spa->spa_max_ashift, <=, SPA_MAXBLOCKSHIFT);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
if (type != SPA_IMPORT_ASSEMBLE) {
|
|
|
|
ASSERT(spa_guid(spa) == pool_guid);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Try to open all vdevs, loading each label in the process.
|
|
|
|
*/
|
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
|
|
|
error = vdev_open(rvd);
|
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
|
|
|
if (error != 0)
|
|
|
|
return (error);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We need to validate the vdev labels against the configuration that
|
|
|
|
* we have in hand, which is dependent on the setting of mosconfig. If
|
|
|
|
* mosconfig is true then we're validating the vdev labels based on
|
|
|
|
* that config. Otherwise, we're validating against the cached config
|
|
|
|
* (zpool.cache) that was read when we loaded the zfs module, and then
|
|
|
|
* later we will recursively call spa_load() and validate against
|
|
|
|
* the vdev config.
|
|
|
|
*
|
|
|
|
* If we're assembling a new pool that's been split off from an
|
|
|
|
* existing pool, the labels haven't yet been updated so we skip
|
|
|
|
* validation for now.
|
|
|
|
*/
|
|
|
|
if (type != SPA_IMPORT_ASSEMBLE) {
|
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
2012-07-12 00:02:44 +04:00
|
|
|
error = vdev_validate(rvd, mosconfig);
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
|
|
|
|
|
|
|
if (error != 0)
|
|
|
|
return (error);
|
|
|
|
|
|
|
|
if (rvd->vdev_state <= VDEV_STATE_CANT_OPEN)
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(ENXIO));
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Find the best uberblock.
|
|
|
|
*/
|
2012-12-14 03:24:15 +04:00
|
|
|
vdev_uberblock_load(rvd, ub, &label);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If we weren't able to find a single valid uberblock, return failure.
|
|
|
|
*/
|
2012-12-14 03:24:15 +04:00
|
|
|
if (ub->ub_txg == 0) {
|
|
|
|
nvlist_free(label);
|
2010-05-29 00:45:14 +04:00
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, ENXIO));
|
2012-12-14 03:24:15 +04:00
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
/*
|
|
|
|
* For pools which have the multihost property on determine if the
|
|
|
|
* pool is truly inactive and can be safely imported. Prevent
|
|
|
|
* hosts which don't have a hostid set from importing the pool.
|
|
|
|
*/
|
2017-12-18 21:28:27 +03:00
|
|
|
activity_check = spa_activity_check_required(spa, ub, label, config);
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
if (activity_check) {
|
|
|
|
if (ub->ub_mmp_magic == MMP_MAGIC && ub->ub_mmp_delay &&
|
|
|
|
spa_get_hostid() == 0) {
|
|
|
|
nvlist_free(label);
|
|
|
|
fnvlist_add_uint64(spa->spa_load_info,
|
|
|
|
ZPOOL_CONFIG_MMP_STATE, MMP_STATE_NO_HOSTID);
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_ACTIVE, EREMOTEIO));
|
|
|
|
}
|
|
|
|
|
2017-07-15 04:15:00 +03:00
|
|
|
error = spa_activity_check(spa, ub, config);
|
|
|
|
if (error) {
|
|
|
|
nvlist_free(label);
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
fnvlist_add_uint64(spa->spa_load_info,
|
|
|
|
ZPOOL_CONFIG_MMP_STATE, MMP_STATE_INACTIVE);
|
|
|
|
fnvlist_add_uint64(spa->spa_load_info,
|
|
|
|
ZPOOL_CONFIG_MMP_TXG, ub->ub_txg);
|
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
2012-12-14 03:24:15 +04:00
|
|
|
* If the pool has an unsupported version we can't open it.
|
2010-05-29 00:45:14 +04:00
|
|
|
*/
|
2012-12-14 03:24:15 +04:00
|
|
|
if (!SPA_VERSION_IS_SUPPORTED(ub->ub_version)) {
|
|
|
|
nvlist_free(label);
|
2010-05-29 00:45:14 +04:00
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_VERSION_NEWER, ENOTSUP));
|
2012-12-14 03:24:15 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
if (ub->ub_version >= SPA_VERSION_FEATURES) {
|
|
|
|
nvlist_t *features;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If we weren't able to find what's necessary for reading the
|
|
|
|
* MOS in the label, return failure.
|
|
|
|
*/
|
|
|
|
if (label == NULL || nvlist_lookup_nvlist(label,
|
|
|
|
ZPOOL_CONFIG_FEATURES_FOR_READ, &features) != 0) {
|
|
|
|
nvlist_free(label);
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA,
|
|
|
|
ENXIO));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Update our in-core representation with the definitive values
|
|
|
|
* from the label.
|
|
|
|
*/
|
|
|
|
nvlist_free(spa->spa_label_features);
|
|
|
|
VERIFY(nvlist_dup(features, &spa->spa_label_features, 0) == 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
nvlist_free(label);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Look through entries in the label nvlist's features_for_read. If
|
|
|
|
* there is a feature listed there which we don't understand then we
|
|
|
|
* cannot open a pool.
|
|
|
|
*/
|
|
|
|
if (ub->ub_version >= SPA_VERSION_FEATURES) {
|
|
|
|
nvlist_t *unsup_feat;
|
|
|
|
|
|
|
|
VERIFY(nvlist_alloc(&unsup_feat, NV_UNIQUE_NAME, KM_SLEEP) ==
|
|
|
|
0);
|
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (nvpair_t *nvp = nvlist_next_nvpair(spa->spa_label_features,
|
|
|
|
NULL); nvp != NULL;
|
2012-12-14 03:24:15 +04:00
|
|
|
nvp = nvlist_next_nvpair(spa->spa_label_features, nvp)) {
|
|
|
|
if (!zfeature_is_supported(nvpair_name(nvp))) {
|
|
|
|
VERIFY(nvlist_add_string(unsup_feat,
|
|
|
|
nvpair_name(nvp), "") == 0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!nvlist_empty(unsup_feat)) {
|
|
|
|
VERIFY(nvlist_add_nvlist(spa->spa_load_info,
|
|
|
|
ZPOOL_CONFIG_UNSUP_FEAT, unsup_feat) == 0);
|
|
|
|
nvlist_free(unsup_feat);
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_UNSUP_FEAT,
|
|
|
|
ENOTSUP));
|
|
|
|
}
|
|
|
|
|
|
|
|
nvlist_free(unsup_feat);
|
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If the vdev guid sum doesn't match the uberblock, we have an
|
2010-08-27 01:24:34 +04:00
|
|
|
* incomplete configuration. We first check to see if the pool
|
|
|
|
* is aware of the complete config (i.e ZPOOL_CONFIG_VDEV_CHILDREN).
|
|
|
|
* If it is, defer the vdev_guid_sum check till later so we
|
|
|
|
* can handle missing vdevs.
|
2010-05-29 00:45:14 +04:00
|
|
|
*/
|
2010-08-27 01:24:34 +04:00
|
|
|
if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_VDEV_CHILDREN,
|
|
|
|
&children) != 0 && mosconfig && type != SPA_IMPORT_ASSEMBLE &&
|
2010-05-29 00:45:14 +04:00
|
|
|
rvd->vdev_guid_sum != ub->ub_guid_sum)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_BAD_GUID_SUM, ENXIO));
|
|
|
|
|
|
|
|
if (type != SPA_IMPORT_ASSEMBLE && spa->spa_config_splitting) {
|
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
|
|
|
spa_try_repair(spa, config);
|
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
|
|
|
nvlist_free(spa->spa_config_splitting);
|
|
|
|
spa->spa_config_splitting = NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Initialize internal SPA structures.
|
|
|
|
*/
|
|
|
|
spa->spa_state = POOL_STATE_ACTIVE;
|
|
|
|
spa->spa_ubsync = spa->spa_uberblock;
|
|
|
|
spa->spa_verify_min_txg = spa->spa_extreme_rewind ?
|
|
|
|
TXG_INITIAL - 1 : spa_last_synced_txg(spa) - TXG_DEFER_SIZE - 1;
|
|
|
|
spa->spa_first_txg = spa->spa_last_ubsync_txg ?
|
|
|
|
spa->spa_last_ubsync_txg : spa_last_synced_txg(spa) + 1;
|
|
|
|
spa->spa_claim_max_txg = spa->spa_first_txg;
|
|
|
|
spa->spa_prev_software_version = ub->ub_software_version;
|
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
error = dsl_pool_init(spa, spa->spa_first_txg, &spa->spa_dsl_pool);
|
2010-05-29 00:45:14 +04:00
|
|
|
if (error)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
spa->spa_meta_objset = spa->spa_dsl_pool->dp_meta_objset;
|
|
|
|
|
|
|
|
if (spa_dir_prop(spa, DMU_POOL_CONFIG, &spa->spa_config_object) != 0)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
if (spa_version(spa) >= SPA_VERSION_FEATURES) {
|
|
|
|
boolean_t missing_feat_read = B_FALSE;
|
2012-12-15 03:00:45 +04:00
|
|
|
nvlist_t *unsup_feat, *enabled_feat;
|
2012-12-14 03:24:15 +04:00
|
|
|
|
|
|
|
if (spa_dir_prop(spa, DMU_POOL_FEATURES_FOR_READ,
|
|
|
|
&spa->spa_feat_for_read_obj) != 0) {
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
}
|
|
|
|
|
|
|
|
if (spa_dir_prop(spa, DMU_POOL_FEATURES_FOR_WRITE,
|
|
|
|
&spa->spa_feat_for_write_obj) != 0) {
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
}
|
|
|
|
|
|
|
|
if (spa_dir_prop(spa, DMU_POOL_FEATURE_DESCRIPTIONS,
|
|
|
|
&spa->spa_feat_desc_obj) != 0) {
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
}
|
|
|
|
|
2012-12-15 03:00:45 +04:00
|
|
|
enabled_feat = fnvlist_alloc();
|
|
|
|
unsup_feat = fnvlist_alloc();
|
2012-12-14 03:24:15 +04:00
|
|
|
|
2013-10-08 21:13:05 +04:00
|
|
|
if (!spa_features_check(spa, B_FALSE,
|
2012-12-15 03:00:45 +04:00
|
|
|
unsup_feat, enabled_feat))
|
2012-12-14 03:24:15 +04:00
|
|
|
missing_feat_read = B_TRUE;
|
|
|
|
|
|
|
|
if (spa_writeable(spa) || state == SPA_LOAD_TRYIMPORT) {
|
2013-10-08 21:13:05 +04:00
|
|
|
if (!spa_features_check(spa, B_TRUE,
|
2012-12-15 03:00:45 +04:00
|
|
|
unsup_feat, enabled_feat)) {
|
2012-12-14 03:24:15 +04:00
|
|
|
missing_feat_write = B_TRUE;
|
2012-12-15 03:00:45 +04:00
|
|
|
}
|
2012-12-14 03:24:15 +04:00
|
|
|
}
|
|
|
|
|
2012-12-15 03:00:45 +04:00
|
|
|
fnvlist_add_nvlist(spa->spa_load_info,
|
|
|
|
ZPOOL_CONFIG_ENABLED_FEAT, enabled_feat);
|
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
if (!nvlist_empty(unsup_feat)) {
|
2012-12-15 03:00:45 +04:00
|
|
|
fnvlist_add_nvlist(spa->spa_load_info,
|
|
|
|
ZPOOL_CONFIG_UNSUP_FEAT, unsup_feat);
|
2012-12-14 03:24:15 +04:00
|
|
|
}
|
|
|
|
|
2012-12-15 03:00:45 +04:00
|
|
|
fnvlist_free(enabled_feat);
|
|
|
|
fnvlist_free(unsup_feat);
|
2012-12-14 03:24:15 +04:00
|
|
|
|
|
|
|
if (!missing_feat_read) {
|
|
|
|
fnvlist_add_boolean(spa->spa_load_info,
|
|
|
|
ZPOOL_CONFIG_CAN_RDONLY);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If the state is SPA_LOAD_TRYIMPORT, our objective is
|
|
|
|
* twofold: to determine whether the pool is available for
|
|
|
|
* import in read-write mode and (if it is not) whether the
|
|
|
|
* pool is available for import in read-only mode. If the pool
|
|
|
|
* is available for import in read-write mode, it is displayed
|
|
|
|
* as available in userland; if it is not available for import
|
|
|
|
* in read-only mode, it is displayed as unavailable in
|
|
|
|
* userland. If the pool is available for import in read-only
|
|
|
|
* mode but not read-write mode, it is displayed as unavailable
|
|
|
|
* in userland with a special note that the pool is actually
|
|
|
|
* available for open in read-only mode.
|
|
|
|
*
|
|
|
|
* As a result, if the state is SPA_LOAD_TRYIMPORT and we are
|
|
|
|
* missing a feature for write, we must first determine whether
|
|
|
|
* the pool can be opened read-only before returning to
|
|
|
|
* userland in order to know whether to display the
|
|
|
|
* abovementioned note.
|
|
|
|
*/
|
|
|
|
if (missing_feat_read || (missing_feat_write &&
|
|
|
|
spa_writeable(spa))) {
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_UNSUP_FEAT,
|
|
|
|
ENOTSUP));
|
|
|
|
}
|
2013-12-09 22:37:51 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Load refcounts for ZFS features from disk into an in-memory
|
|
|
|
* cache during SPA initialization.
|
|
|
|
*/
|
2017-11-04 23:25:13 +03:00
|
|
|
for (spa_feature_t i = 0; i < SPA_FEATURES; i++) {
|
2013-12-09 22:37:51 +04:00
|
|
|
uint64_t refcount;
|
|
|
|
|
|
|
|
error = feature_get_refcount_from_disk(spa,
|
|
|
|
&spa_feature_table[i], &refcount);
|
|
|
|
if (error == 0) {
|
|
|
|
spa->spa_feat_refcount_cache[i] = refcount;
|
|
|
|
} else if (error == ENOTSUP) {
|
|
|
|
spa->spa_feat_refcount_cache[i] =
|
|
|
|
SPA_FEATURE_DISABLED;
|
|
|
|
} else {
|
|
|
|
return (spa_vdev_err(rvd,
|
|
|
|
VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (spa_feature_is_active(spa, SPA_FEATURE_ENABLED_TXG)) {
|
|
|
|
if (spa_dir_prop(spa, DMU_POOL_FEATURE_ENABLED_TXG,
|
2014-06-06 01:19:08 +04:00
|
|
|
&spa->spa_feat_enabled_txg_obj) != 0)
|
2013-12-09 22:37:51 +04:00
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
2012-12-14 03:24:15 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
spa->spa_is_initializing = B_TRUE;
|
|
|
|
error = dsl_pool_open(spa->spa_dsl_pool);
|
|
|
|
spa->spa_is_initializing = B_FALSE;
|
|
|
|
if (error != 0)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
if (!mosconfig) {
|
|
|
|
uint64_t hostid;
|
|
|
|
nvlist_t *policy = NULL, *nvconfig;
|
|
|
|
|
|
|
|
if (load_nvlist(spa, spa->spa_config_object, &nvconfig) != 0)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
|
|
|
|
if (!spa_is_root(spa) && nvlist_lookup_uint64(nvconfig,
|
2008-12-03 23:09:06 +03:00
|
|
|
ZPOOL_CONFIG_HOSTID, &hostid) == 0) {
|
2008-11-20 23:01:55 +03:00
|
|
|
char *hostname;
|
|
|
|
unsigned long myhostid = 0;
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
VERIFY(nvlist_lookup_string(nvconfig,
|
2008-11-20 23:01:55 +03:00
|
|
|
ZPOOL_CONFIG_HOSTNAME, &hostname) == 0);
|
|
|
|
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
myhostid = spa_get_hostid();
|
|
|
|
if (hostid && myhostid && hostid != myhostid) {
|
2010-05-29 00:45:14 +04:00
|
|
|
nvlist_free(nvconfig);
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(EBADF));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
if (nvlist_lookup_nvlist(spa->spa_config,
|
|
|
|
ZPOOL_REWIND_POLICY, &policy) == 0)
|
|
|
|
VERIFY(nvlist_add_nvlist(nvconfig,
|
|
|
|
ZPOOL_REWIND_POLICY, policy) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_config_set(spa, nvconfig);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_unload(spa);
|
|
|
|
spa_deactivate(spa);
|
2009-01-16 00:59:39 +03:00
|
|
|
spa_activate(spa, orig_mode);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
return (spa_load(spa, state, SPA_IMPORT_EXISTING, B_TRUE));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2016-06-16 01:47:05 +03:00
|
|
|
/* Grab the checksum salt from the MOS. */
|
|
|
|
error = zap_lookup(spa->spa_meta_objset, DMU_POOL_DIRECTORY_OBJECT,
|
|
|
|
DMU_POOL_CHECKSUM_SALT, 1,
|
|
|
|
sizeof (spa->spa_cksum_salt.zcs_bytes),
|
|
|
|
spa->spa_cksum_salt.zcs_bytes);
|
|
|
|
if (error == ENOENT) {
|
|
|
|
/* Generate a new salt for subsequent use */
|
|
|
|
(void) random_get_pseudo_bytes(spa->spa_cksum_salt.zcs_bytes,
|
|
|
|
sizeof (spa->spa_cksum_salt.zcs_bytes));
|
|
|
|
} else if (error != 0) {
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
if (spa_dir_prop(spa, DMU_POOL_SYNC_BPOBJ, &obj) != 0)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
error = bpobj_open(&spa->spa_deferred_bpobj, spa->spa_meta_objset, obj);
|
|
|
|
if (error != 0)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Load the bit that tells us to use the new accounting function
|
|
|
|
* (raid-z deflation). If we have an older pool, this will not
|
|
|
|
* be present.
|
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
error = spa_dir_prop(spa, DMU_POOL_DEFLATE, &spa->spa_deflate);
|
|
|
|
if (error != 0 && error != ENOENT)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
|
|
|
|
error = spa_dir_prop(spa, DMU_POOL_CREATION_VERSION,
|
|
|
|
&spa->spa_creation_version);
|
|
|
|
if (error != 0 && error != ENOENT)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Load the persistent error log. If we have an older pool, this will
|
|
|
|
* not be present.
|
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
error = spa_dir_prop(spa, DMU_POOL_ERRLOG_LAST, &spa->spa_errlog_last);
|
|
|
|
if (error != 0 && error != ENOENT)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
error = spa_dir_prop(spa, DMU_POOL_ERRLOG_SCRUB,
|
|
|
|
&spa->spa_errlog_scrub);
|
|
|
|
if (error != 0 && error != ENOENT)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Load the history object. If we have an older pool, this
|
|
|
|
* will not be present.
|
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
error = spa_dir_prop(spa, DMU_POOL_HISTORY, &spa->spa_history);
|
|
|
|
if (error != 0 && error != ENOENT)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
|
2016-04-11 23:16:57 +03:00
|
|
|
/*
|
|
|
|
* Load the per-vdev ZAP map. If we have an older pool, this will not
|
|
|
|
* be present; in this case, defer its creation to a later time to
|
|
|
|
* avoid dirtying the MOS this early / out of sync context. See
|
|
|
|
* spa_sync_config_object.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* The sentinel is only available in the MOS config. */
|
2017-11-04 23:25:13 +03:00
|
|
|
nvlist_t *mos_config;
|
2016-04-11 23:16:57 +03:00
|
|
|
if (load_nvlist(spa, spa->spa_config_object, &mos_config) != 0)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
|
|
|
|
error = spa_dir_prop(spa, DMU_POOL_VDEV_ZAP_MAP,
|
|
|
|
&spa->spa_all_vdev_zaps);
|
|
|
|
|
2017-01-14 00:50:22 +03:00
|
|
|
if (error == ENOENT) {
|
|
|
|
VERIFY(!nvlist_exists(mos_config,
|
|
|
|
ZPOOL_CONFIG_HAS_PER_VDEV_ZAPS));
|
|
|
|
spa->spa_avz_action = AVZ_ACTION_INITIALIZE;
|
|
|
|
ASSERT0(vdev_count_verify_zaps(spa->spa_root_vdev));
|
|
|
|
} else if (error != 0) {
|
2016-04-11 23:16:57 +03:00
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
2017-01-14 00:50:22 +03:00
|
|
|
} else if (!nvlist_exists(mos_config, ZPOOL_CONFIG_HAS_PER_VDEV_ZAPS)) {
|
2016-04-11 23:16:57 +03:00
|
|
|
/*
|
|
|
|
* An older version of ZFS overwrote the sentinel value, so
|
|
|
|
* we have orphaned per-vdev ZAPs in the MOS. Defer their
|
|
|
|
* destruction to later; see spa_sync_config_object.
|
|
|
|
*/
|
|
|
|
spa->spa_avz_action = AVZ_ACTION_DESTROY;
|
|
|
|
/*
|
|
|
|
* We're assuming that no vdevs have had their ZAPs created
|
|
|
|
* before this. Better be sure of it.
|
|
|
|
*/
|
|
|
|
ASSERT0(vdev_count_verify_zaps(spa->spa_root_vdev));
|
|
|
|
}
|
|
|
|
nvlist_free(mos_config);
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
|
|
|
* If we're assembling the pool from the split-off vdevs of
|
|
|
|
* an existing pool, we don't want to attach the spares & cache
|
|
|
|
* devices.
|
|
|
|
*/
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Load any hot spares for this pool.
|
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
error = spa_dir_prop(spa, DMU_POOL_SPARES, &spa->spa_spares.sav_object);
|
|
|
|
if (error != 0 && error != ENOENT)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
if (error == 0 && type != SPA_IMPORT_ASSEMBLE) {
|
2008-11-20 23:01:55 +03:00
|
|
|
ASSERT(spa_version(spa) >= SPA_VERSION_SPARES);
|
|
|
|
if (load_nvlist(spa, spa->spa_spares.sav_object,
|
2010-05-29 00:45:14 +04:00
|
|
|
&spa->spa_spares.sav_config) != 0)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_load_spares(spa);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
2010-05-29 00:45:14 +04:00
|
|
|
} else if (error == 0) {
|
|
|
|
spa->spa_spares.sav_sync = B_TRUE;
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Load any level 2 ARC devices for this pool.
|
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
error = spa_dir_prop(spa, DMU_POOL_L2CACHE,
|
2008-11-20 23:01:55 +03:00
|
|
|
&spa->spa_l2cache.sav_object);
|
2010-05-29 00:45:14 +04:00
|
|
|
if (error != 0 && error != ENOENT)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
if (error == 0 && type != SPA_IMPORT_ASSEMBLE) {
|
2008-11-20 23:01:55 +03:00
|
|
|
ASSERT(spa_version(spa) >= SPA_VERSION_L2CACHE);
|
|
|
|
if (load_nvlist(spa, spa->spa_l2cache.sav_object,
|
2010-05-29 00:45:14 +04:00
|
|
|
&spa->spa_l2cache.sav_config) != 0)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_load_l2cache(spa);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
2010-05-29 00:45:14 +04:00
|
|
|
} else if (error == 0) {
|
|
|
|
spa->spa_l2cache.sav_sync = B_TRUE;
|
2008-12-03 23:09:06 +03:00
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_delegation = zpool_prop_default_numeric(ZPOOL_PROP_DELEGATION);
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
error = spa_dir_prop(spa, DMU_POOL_PROPS, &spa->spa_pool_props_object);
|
|
|
|
if (error && error != ENOENT)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
if (error == 0) {
|
2014-04-16 03:50:56 +04:00
|
|
|
uint64_t autoreplace = 0;
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
spa_prop_find(spa, ZPOOL_PROP_BOOTFS, &spa->spa_bootfs);
|
|
|
|
spa_prop_find(spa, ZPOOL_PROP_AUTOREPLACE, &autoreplace);
|
|
|
|
spa_prop_find(spa, ZPOOL_PROP_DELEGATION, &spa->spa_delegation);
|
|
|
|
spa_prop_find(spa, ZPOOL_PROP_FAILUREMODE, &spa->spa_failmode);
|
|
|
|
spa_prop_find(spa, ZPOOL_PROP_AUTOEXPAND, &spa->spa_autoexpand);
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
spa_prop_find(spa, ZPOOL_PROP_MULTIHOST, &spa->spa_multihost);
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_prop_find(spa, ZPOOL_PROP_DEDUPDITTO,
|
|
|
|
&spa->spa_dedup_ditto);
|
|
|
|
|
|
|
|
spa->spa_autoreplace = (autoreplace != 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
/*
|
|
|
|
* If the 'multihost' property is set, then never allow a pool to
|
|
|
|
* be imported when the system hostid is zero. The exception to
|
|
|
|
* this rule is zdb which is always allowed to access pools.
|
|
|
|
*/
|
|
|
|
if (spa_multihost(spa) && spa_get_hostid() == 0 &&
|
|
|
|
(spa->spa_import_flags & ZFS_IMPORT_SKIP_MMP) == 0) {
|
|
|
|
fnvlist_add_uint64(spa->spa_load_info,
|
|
|
|
ZPOOL_CONFIG_MMP_STATE, MMP_STATE_NO_HOSTID);
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_ACTIVE, EREMOTEIO));
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* If the 'autoreplace' property is set, then post a resource notifying
|
|
|
|
* the ZFS DE that it should not issue any faults for unopenable
|
|
|
|
* devices. We also iterate over the vdevs, and post a sysevent for any
|
|
|
|
* unopenable vdevs so that the normal autoreplace handler can take
|
|
|
|
* over.
|
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
if (spa->spa_autoreplace && state != SPA_LOAD_TRYIMPORT) {
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_check_removed(spa->spa_root_vdev);
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
|
|
|
* For the import case, this is done in spa_import(), because
|
|
|
|
* at this point we're using the spare definitions from
|
|
|
|
* the MOS config, not necessarily from the userland config.
|
|
|
|
*/
|
|
|
|
if (state != SPA_LOAD_IMPORT) {
|
|
|
|
spa_aux_check_removed(&spa->spa_spares);
|
|
|
|
spa_aux_check_removed(&spa->spa_l2cache);
|
|
|
|
}
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Load the vdev state for all toplevel vdevs.
|
|
|
|
*/
|
|
|
|
vdev_load(rvd);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Propagate the leaf DTLs we just loaded all the way up the tree.
|
|
|
|
*/
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
2008-11-20 23:01:55 +03:00
|
|
|
vdev_dtl_reassess(rvd, 0, 0, B_FALSE);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
|
|
|
* Load the DDTs (dedup tables).
|
|
|
|
*/
|
|
|
|
error = ddt_load(spa);
|
|
|
|
if (error != 0)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
|
|
|
|
spa_update_dspace(spa);
|
|
|
|
|
|
|
|
/*
|
2010-08-27 01:24:34 +04:00
|
|
|
* Validate the config, using the MOS config to fill in any
|
|
|
|
* information which might be missing. If we fail to validate
|
|
|
|
* the config then declare the pool unfit for use. If we're
|
|
|
|
* assembling a pool from a split, the log is not transferred
|
|
|
|
* over.
|
2010-05-29 00:45:14 +04:00
|
|
|
*/
|
|
|
|
if (type != SPA_IMPORT_ASSEMBLE) {
|
|
|
|
nvlist_t *nvconfig;
|
|
|
|
|
|
|
|
if (load_nvlist(spa, spa->spa_config_object, &nvconfig) != 0)
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA, EIO));
|
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
if (!spa_config_valid(spa, nvconfig)) {
|
|
|
|
nvlist_free(nvconfig);
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_BAD_GUID_SUM,
|
|
|
|
ENXIO));
|
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
nvlist_free(nvconfig);
|
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
/*
|
2012-12-14 03:24:15 +04:00
|
|
|
* Now that we've validated the config, check the state of the
|
2010-08-27 01:24:34 +04:00
|
|
|
* root vdev. If it can't be opened, it indicates one or
|
|
|
|
* more toplevel vdevs are faulted.
|
|
|
|
*/
|
|
|
|
if (rvd->vdev_state <= VDEV_STATE_CANT_OPEN)
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(ENXIO));
|
2010-08-27 01:24:34 +04:00
|
|
|
|
2015-04-27 01:24:34 +03:00
|
|
|
if (spa_writeable(spa) && spa_check_logs(spa)) {
|
2010-05-29 00:45:14 +04:00
|
|
|
*ereport = FM_EREPORT_ZFS_LOG_REPLAY;
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_BAD_LOG, ENXIO));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
if (missing_feat_write) {
|
|
|
|
ASSERT(state == SPA_LOAD_TRYIMPORT);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* At this point, we know that we can open the pool in
|
|
|
|
* read-only mode but not read-write mode. We now have enough
|
|
|
|
* information and can return to userland.
|
|
|
|
*/
|
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_UNSUP_FEAT, ENOTSUP));
|
|
|
|
}
|
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
/*
|
|
|
|
* We've successfully opened the pool, verify that we're ready
|
|
|
|
* to start pushing transactions.
|
|
|
|
*/
|
|
|
|
if (state != SPA_LOAD_TRYIMPORT) {
|
2010-08-26 20:52:42 +04:00
|
|
|
if ((error = spa_load_verify(spa)))
|
2010-08-27 01:24:34 +04:00
|
|
|
return (spa_vdev_err(rvd, VDEV_AUX_CORRUPT_DATA,
|
|
|
|
error));
|
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
if (spa_writeable(spa) && (state == SPA_LOAD_RECOVER ||
|
|
|
|
spa->spa_load_max_txg == UINT64_MAX)) {
|
2008-11-20 23:01:55 +03:00
|
|
|
dmu_tx_t *tx;
|
|
|
|
int need_update = B_FALSE;
|
2015-05-06 19:07:55 +03:00
|
|
|
dsl_pool_t *dp = spa_get_dsl(spa);
|
2009-01-16 00:59:39 +03:00
|
|
|
|
|
|
|
ASSERT(state != SPA_LOAD_TRYIMPORT);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Claim log blocks that haven't been committed yet.
|
|
|
|
* This must all happen in a single txg.
|
2010-05-29 00:45:14 +04:00
|
|
|
* Note: spa_claim_max_txg is updated by spa_claim_notify(),
|
|
|
|
* invoked from zil_claim_log_block()'s i/o done callback.
|
|
|
|
* Price of rollback is that we abandon the log.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
spa->spa_claiming = B_TRUE;
|
|
|
|
|
2015-05-06 19:07:55 +03:00
|
|
|
tx = dmu_tx_create_assigned(dp, spa_first_txg(spa));
|
|
|
|
(void) dmu_objset_find_dp(dp, dp->dp_root_dir_obj,
|
2008-11-20 23:01:55 +03:00
|
|
|
zil_claim, tx, DS_FIND_CHILDREN);
|
|
|
|
dmu_tx_commit(tx);
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
spa->spa_claiming = B_FALSE;
|
|
|
|
|
|
|
|
spa_set_log_state(spa, SPA_LOG_GOOD);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_sync_on = B_TRUE;
|
|
|
|
txg_sync_start(spa->spa_dsl_pool);
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
mmp_thread_start(spa);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
2010-05-29 00:45:14 +04:00
|
|
|
* Wait for all claims to sync. We sync up to the highest
|
|
|
|
* claimed log block birth time so that claimed log blocks
|
|
|
|
* don't appear to be from the future. spa_claim_max_txg
|
|
|
|
* will have been set for us by either zil_check_log_chain()
|
|
|
|
* (invoked from spa_check_logs()) or zil_claim() above.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
txg_wait_synced(spa->spa_dsl_pool, spa->spa_claim_max_txg);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If the config cache is stale, or we have uninitialized
|
|
|
|
* metaslabs (see spa_vdev_add()), then update the config.
|
2009-08-18 22:43:27 +04:00
|
|
|
*
|
2010-08-27 01:24:34 +04:00
|
|
|
* If this is a verbatim import, trust the current
|
2009-08-18 22:43:27 +04:00
|
|
|
* in-core spa_config and update the disk labels.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
|
|
|
if (config_cache_txg != spa->spa_config_txg ||
|
2010-08-27 01:24:34 +04:00
|
|
|
state == SPA_LOAD_IMPORT ||
|
|
|
|
state == SPA_LOAD_RECOVER ||
|
|
|
|
(spa->spa_import_flags & ZFS_IMPORT_VERBATIM))
|
2008-11-20 23:01:55 +03:00
|
|
|
need_update = B_TRUE;
|
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int c = 0; c < rvd->vdev_children; c++)
|
2008-11-20 23:01:55 +03:00
|
|
|
if (rvd->vdev_child[c]->vdev_ms_array == 0)
|
|
|
|
need_update = B_TRUE;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Update the config cache asychronously in case we're the
|
|
|
|
* root pool, in which case the config cache isn't writable yet.
|
|
|
|
*/
|
|
|
|
if (need_update)
|
|
|
|
spa_async_request(spa, SPA_ASYNC_CONFIG_UPDATE);
|
2009-01-16 00:59:39 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Check all DTLs to see if anything needs resilvering.
|
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
if (!dsl_scan_resilvering(spa->spa_dsl_pool) &&
|
|
|
|
vdev_resilver_needed(rvd, NULL, NULL))
|
2009-01-16 00:59:39 +03:00
|
|
|
spa_async_request(spa, SPA_ASYNC_RESILVER);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2013-08-28 15:45:09 +04:00
|
|
|
/*
|
|
|
|
* Log the fact that we booted up (so that we can detect if
|
|
|
|
* we rebooted in the middle of an operation).
|
|
|
|
*/
|
2017-10-23 19:45:59 +03:00
|
|
|
spa_history_log_version(spa, "open", NULL);
|
2013-08-28 15:45:09 +04:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
|
|
|
* Delete any inconsistent datasets.
|
|
|
|
*/
|
|
|
|
(void) dmu_objset_find(spa_name(spa),
|
|
|
|
dsl_destroy_inconsistent, NULL, DS_FIND_CHILDREN);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Clean up any stale temporary dataset userrefs.
|
|
|
|
*/
|
|
|
|
dsl_pool_clean_tmp_userrefs(spa->spa_dsl_pool);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
return (0);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
static int
|
|
|
|
spa_load_retry(spa_t *spa, spa_load_state_t state, int mosconfig)
|
|
|
|
{
|
2010-08-27 01:24:34 +04:00
|
|
|
int mode = spa->spa_mode;
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_unload(spa);
|
|
|
|
spa_deactivate(spa);
|
|
|
|
|
2014-07-15 22:58:41 +04:00
|
|
|
spa->spa_load_max_txg = spa->spa_uberblock.ub_txg - 1;
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
spa_activate(spa, mode);
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_async_suspend(spa);
|
|
|
|
|
|
|
|
return (spa_load(spa, state, SPA_IMPORT_EXISTING, mosconfig));
|
|
|
|
}
|
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
/*
|
|
|
|
* If spa_load() fails this function will try loading prior txg's. If
|
|
|
|
* 'state' is SPA_LOAD_RECOVER and one of these loads succeeds the pool
|
|
|
|
* will be rewound to that txg. If 'state' is not SPA_LOAD_RECOVER this
|
|
|
|
* function will not rewind the pool and will return the same error as
|
|
|
|
* spa_load().
|
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
static int
|
|
|
|
spa_load_best(spa_t *spa, spa_load_state_t state, int mosconfig,
|
|
|
|
uint64_t max_request, int rewind_flags)
|
|
|
|
{
|
2012-12-14 03:24:15 +04:00
|
|
|
nvlist_t *loadinfo = NULL;
|
2010-05-29 00:45:14 +04:00
|
|
|
nvlist_t *config = NULL;
|
|
|
|
int load_error, rewind_error;
|
|
|
|
uint64_t safe_rewind_txg;
|
|
|
|
uint64_t min_txg;
|
|
|
|
|
|
|
|
if (spa->spa_load_txg && state == SPA_LOAD_RECOVER) {
|
|
|
|
spa->spa_load_max_txg = spa->spa_load_txg;
|
|
|
|
spa_set_log_state(spa, SPA_LOG_CLEAR);
|
|
|
|
} else {
|
|
|
|
spa->spa_load_max_txg = max_request;
|
2014-07-15 22:58:41 +04:00
|
|
|
if (max_request != UINT64_MAX)
|
|
|
|
spa->spa_extreme_rewind = B_TRUE;
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
load_error = rewind_error = spa_load(spa, state, SPA_IMPORT_EXISTING,
|
|
|
|
mosconfig);
|
|
|
|
if (load_error == 0)
|
|
|
|
return (0);
|
|
|
|
|
|
|
|
if (spa->spa_root_vdev != NULL)
|
|
|
|
config = spa_config_generate(spa, NULL, -1ULL, B_TRUE);
|
|
|
|
|
|
|
|
spa->spa_last_ubsync_txg = spa->spa_uberblock.ub_txg;
|
|
|
|
spa->spa_last_ubsync_txg_ts = spa->spa_uberblock.ub_timestamp;
|
|
|
|
|
|
|
|
if (rewind_flags & ZPOOL_NEVER_REWIND) {
|
|
|
|
nvlist_free(config);
|
|
|
|
return (load_error);
|
|
|
|
}
|
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
if (state == SPA_LOAD_RECOVER) {
|
|
|
|
/* Price of rolling back is discarding txgs, including log */
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_set_log_state(spa, SPA_LOG_CLEAR);
|
2012-12-14 03:24:15 +04:00
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* If we aren't rolling back save the load info from our first
|
|
|
|
* import attempt so that we can restore it after attempting
|
|
|
|
* to rewind.
|
|
|
|
*/
|
|
|
|
loadinfo = spa->spa_load_info;
|
|
|
|
spa->spa_load_info = fnvlist_alloc();
|
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
spa->spa_load_max_txg = spa->spa_last_ubsync_txg;
|
|
|
|
safe_rewind_txg = spa->spa_last_ubsync_txg - TXG_DEFER_SIZE;
|
|
|
|
min_txg = (rewind_flags & ZPOOL_EXTREME_REWIND) ?
|
|
|
|
TXG_INITIAL : safe_rewind_txg;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Continue as long as we're finding errors, we're still within
|
|
|
|
* the acceptable rewind range, and we're still finding uberblocks
|
|
|
|
*/
|
|
|
|
while (rewind_error && spa->spa_uberblock.ub_txg >= min_txg &&
|
|
|
|
spa->spa_uberblock.ub_txg <= spa->spa_load_max_txg) {
|
|
|
|
if (spa->spa_load_max_txg < safe_rewind_txg)
|
|
|
|
spa->spa_extreme_rewind = B_TRUE;
|
|
|
|
rewind_error = spa_load_retry(spa, state, mosconfig);
|
|
|
|
}
|
|
|
|
|
|
|
|
spa->spa_extreme_rewind = B_FALSE;
|
|
|
|
spa->spa_load_max_txg = UINT64_MAX;
|
|
|
|
|
|
|
|
if (config && (rewind_error || state != SPA_LOAD_RECOVER))
|
|
|
|
spa_config_set(spa, config);
|
2016-08-06 10:08:51 +03:00
|
|
|
else
|
|
|
|
nvlist_free(config);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
if (state == SPA_LOAD_RECOVER) {
|
|
|
|
ASSERT3P(loadinfo, ==, NULL);
|
|
|
|
return (rewind_error);
|
|
|
|
} else {
|
|
|
|
/* Store the rewind info as part of the initial load info */
|
|
|
|
fnvlist_add_nvlist(loadinfo, ZPOOL_CONFIG_REWIND_INFO,
|
|
|
|
spa->spa_load_info);
|
|
|
|
|
|
|
|
/* Restore the initial load info */
|
|
|
|
fnvlist_free(spa->spa_load_info);
|
|
|
|
spa->spa_load_info = loadinfo;
|
|
|
|
|
|
|
|
return (load_error);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Pool Open/Import
|
|
|
|
*
|
|
|
|
* The import case is identical to an open except that the configuration is sent
|
|
|
|
* down from userland, instead of grabbed from the configuration cache. For the
|
|
|
|
* case of an open, the pool configuration will exist in the
|
|
|
|
* POOL_STATE_UNINITIALIZED state.
|
|
|
|
*
|
|
|
|
* The stats information (gen/count/ustats) is used to gather vdev statistics at
|
|
|
|
* the same time open the pool, without having to keep around the spa_t in some
|
|
|
|
* ambiguous state.
|
|
|
|
*/
|
|
|
|
static int
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_open_common(const char *pool, spa_t **spapp, void *tag, nvlist_t *nvpolicy,
|
|
|
|
nvlist_t **config)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
|
|
|
spa_t *spa;
|
2010-08-27 01:24:34 +04:00
|
|
|
spa_load_state_t state = SPA_LOAD_OPEN;
|
2008-11-20 23:01:55 +03:00
|
|
|
int error;
|
|
|
|
int locked = B_FALSE;
|
2013-05-28 15:50:38 +04:00
|
|
|
int firstopen = B_FALSE;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
*spapp = NULL;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* As disgusting as this is, we need to support recursive calls to this
|
|
|
|
* function because dsl_dir_open() is called during spa_load(), and ends
|
|
|
|
* up calling spa_open() again. The real fix is to figure out how to
|
|
|
|
* avoid dsl_dir_open() calling this in the first place.
|
|
|
|
*/
|
Simplify threads, mutexs, cvs and rwlocks
* Simplify threads, mutexs, cvs and rwlocks
* Update the zk_thread_create() function to use the same trick
as Illumos. Specifically, cast the new pthread_t to a void
pointer and return that as the kthread_t *. This avoids the
issues associated with managing a wrapper structure and is
safe as long as the callers never attempt to dereference it.
* Update all function prototypes passed to pthread_create() to
match the expected prototype. We were getting away this with
before since the function were explicitly cast.
* Replaced direct zk_thread_create() calls with thread_create()
for code consistency. All consumers of libzpool now use the
proper wrappers.
* The mutex_held() calls were converted to MUTEX_HELD().
* Removed all mutex_owner() calls and retired the interface.
Instead use MUTEX_HELD() which provides the same information
and allows the implementation details to be hidden. In this
case the use of the pthread_equals() function.
* The kthread_t, kmutex_t, krwlock_t, and krwlock_t types had
any non essential fields removed. In the case of kthread_t
and kcondvar_t they could be directly typedef'd to pthread_t
and pthread_cond_t respectively.
* Removed all extra ASSERTS from the thread, mutex, rwlock, and
cv wrapper functions. In practice, pthreads already provides
the vast majority of checks as long as we check the return
code. Removing this code from our wrappers help readability.
* Added TS_JOINABLE state flag to pass to request a joinable rather
than detached thread. This isn't a standard thread_create() state
but it's the least invasive way to pass this information and is
only used by ztest.
TEST_ZTEST_TIMEOUT=3600
Chunwei Chen <tuxoko@gmail.com>
Reviewed-by: Tom Caputi <tcaputi@datto.com>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #4547
Closes #5503
Closes #5523
Closes #6377
Closes #6495
2017-08-11 18:51:44 +03:00
|
|
|
if (MUTEX_NOT_HELD(&spa_namespace_lock)) {
|
2008-11-20 23:01:55 +03:00
|
|
|
mutex_enter(&spa_namespace_lock);
|
|
|
|
locked = B_TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ((spa = spa_lookup(pool)) == NULL) {
|
|
|
|
if (locked)
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(ENOENT));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
if (spa->spa_state == POOL_STATE_UNINITIALIZED) {
|
2010-05-29 00:45:14 +04:00
|
|
|
zpool_rewind_policy_t policy;
|
|
|
|
|
2013-05-28 15:50:38 +04:00
|
|
|
firstopen = B_TRUE;
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
zpool_get_rewind_policy(nvpolicy ? nvpolicy : spa->spa_config,
|
|
|
|
&policy);
|
|
|
|
if (policy.zrp_request & ZPOOL_DO_REWIND)
|
|
|
|
state = SPA_LOAD_RECOVER;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
spa_activate(spa, spa_mode_global);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
if (state != SPA_LOAD_RECOVER)
|
|
|
|
spa->spa_last_ubsync_txg = spa->spa_load_txg = 0;
|
|
|
|
|
|
|
|
error = spa_load_best(spa, state, B_FALSE, policy.zrp_txg,
|
|
|
|
policy.zrp_request);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
if (error == EBADF) {
|
|
|
|
/*
|
|
|
|
* If vdev_validate() returns failure (indicated by
|
|
|
|
* EBADF), it indicates that one of the vdevs indicates
|
|
|
|
* that the pool has been exported or destroyed. If
|
|
|
|
* this is the case, the config cache is out of sync and
|
|
|
|
* we should remove the pool from the namespace.
|
|
|
|
*/
|
|
|
|
spa_unload(spa);
|
|
|
|
spa_deactivate(spa);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_sync(spa, B_TRUE, B_TRUE);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_remove(spa);
|
|
|
|
if (locked)
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(ENOENT));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
if (error) {
|
|
|
|
/*
|
|
|
|
* We can't open the pool, but we still have useful
|
|
|
|
* information: the state of each vdev after the
|
|
|
|
* attempted vdev_open(). Return this to the user.
|
|
|
|
*/
|
2010-08-27 01:24:34 +04:00
|
|
|
if (config != NULL && spa->spa_config) {
|
2010-05-29 00:45:14 +04:00
|
|
|
VERIFY(nvlist_dup(spa->spa_config, config,
|
2014-11-21 03:09:39 +03:00
|
|
|
KM_SLEEP) == 0);
|
2010-08-27 01:24:34 +04:00
|
|
|
VERIFY(nvlist_add_nvlist(*config,
|
|
|
|
ZPOOL_CONFIG_LOAD_INFO,
|
|
|
|
spa->spa_load_info) == 0);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_unload(spa);
|
|
|
|
spa_deactivate(spa);
|
2010-05-29 00:45:14 +04:00
|
|
|
spa->spa_last_open_failed = error;
|
2008-11-20 23:01:55 +03:00
|
|
|
if (locked)
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
*spapp = NULL;
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
spa_open_ref(spa, tag);
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
if (config != NULL)
|
2008-11-20 23:01:55 +03:00
|
|
|
*config = spa_config_generate(spa, NULL, -1ULL, B_TRUE);
|
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
/*
|
|
|
|
* If we've recovered the pool, pass back any information we
|
|
|
|
* gathered while doing the load.
|
|
|
|
*/
|
|
|
|
if (state == SPA_LOAD_RECOVER) {
|
|
|
|
VERIFY(nvlist_add_nvlist(*config, ZPOOL_CONFIG_LOAD_INFO,
|
|
|
|
spa->spa_load_info) == 0);
|
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
if (locked) {
|
|
|
|
spa->spa_last_open_failed = 0;
|
|
|
|
spa->spa_last_ubsync_txg = 0;
|
|
|
|
spa->spa_load_txg = 0;
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
}
|
|
|
|
|
2013-05-28 15:50:38 +04:00
|
|
|
if (firstopen)
|
2014-03-22 13:07:14 +04:00
|
|
|
zvol_create_minors(spa, spa_name(spa), B_TRUE);
|
2013-05-28 15:50:38 +04:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
*spapp = spa;
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
int
|
|
|
|
spa_open_rewind(const char *name, spa_t **spapp, void *tag, nvlist_t *policy,
|
|
|
|
nvlist_t **config)
|
|
|
|
{
|
|
|
|
return (spa_open_common(name, spapp, tag, policy, config));
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
int
|
|
|
|
spa_open(const char *name, spa_t **spapp, void *tag)
|
|
|
|
{
|
2010-05-29 00:45:14 +04:00
|
|
|
return (spa_open_common(name, spapp, tag, NULL, NULL));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Lookup the given spa_t, incrementing the inject count in the process,
|
|
|
|
* preventing it from being exported or destroyed.
|
|
|
|
*/
|
|
|
|
spa_t *
|
|
|
|
spa_inject_addref(char *name)
|
|
|
|
{
|
|
|
|
spa_t *spa;
|
|
|
|
|
|
|
|
mutex_enter(&spa_namespace_lock);
|
|
|
|
if ((spa = spa_lookup(name)) == NULL) {
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
spa->spa_inject_ref++;
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
|
|
|
|
return (spa);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
spa_inject_delref(spa_t *spa)
|
|
|
|
{
|
|
|
|
mutex_enter(&spa_namespace_lock);
|
|
|
|
spa->spa_inject_ref--;
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Add spares device information to the nvlist.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_add_spares(spa_t *spa, nvlist_t *config)
|
|
|
|
{
|
|
|
|
nvlist_t **spares;
|
|
|
|
uint_t i, nspares;
|
|
|
|
nvlist_t *nvroot;
|
|
|
|
uint64_t guid;
|
|
|
|
vdev_stat_t *vs;
|
|
|
|
uint_t vsc;
|
|
|
|
uint64_t pool;
|
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
ASSERT(spa_config_held(spa, SCL_CONFIG, RW_READER));
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
if (spa->spa_spares.sav_count == 0)
|
|
|
|
return;
|
|
|
|
|
|
|
|
VERIFY(nvlist_lookup_nvlist(config,
|
|
|
|
ZPOOL_CONFIG_VDEV_TREE, &nvroot) == 0);
|
|
|
|
VERIFY(nvlist_lookup_nvlist_array(spa->spa_spares.sav_config,
|
|
|
|
ZPOOL_CONFIG_SPARES, &spares, &nspares) == 0);
|
|
|
|
if (nspares != 0) {
|
|
|
|
VERIFY(nvlist_add_nvlist_array(nvroot,
|
|
|
|
ZPOOL_CONFIG_SPARES, spares, nspares) == 0);
|
|
|
|
VERIFY(nvlist_lookup_nvlist_array(nvroot,
|
|
|
|
ZPOOL_CONFIG_SPARES, &spares, &nspares) == 0);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Go through and find any spares which have since been
|
|
|
|
* repurposed as an active spare. If this is the case, update
|
|
|
|
* their status appropriately.
|
|
|
|
*/
|
|
|
|
for (i = 0; i < nspares; i++) {
|
|
|
|
VERIFY(nvlist_lookup_uint64(spares[i],
|
|
|
|
ZPOOL_CONFIG_GUID, &guid) == 0);
|
2008-12-03 23:09:06 +03:00
|
|
|
if (spa_spare_exists(guid, &pool, NULL) &&
|
|
|
|
pool != 0ULL) {
|
2008-11-20 23:01:55 +03:00
|
|
|
VERIFY(nvlist_lookup_uint64_array(
|
2010-05-29 00:45:14 +04:00
|
|
|
spares[i], ZPOOL_CONFIG_VDEV_STATS,
|
2008-11-20 23:01:55 +03:00
|
|
|
(uint64_t **)&vs, &vsc) == 0);
|
|
|
|
vs->vs_state = VDEV_STATE_CANT_OPEN;
|
|
|
|
vs->vs_aux = VDEV_AUX_SPARED;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Add l2cache device information to the nvlist, including vdev stats.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_add_l2cache(spa_t *spa, nvlist_t *config)
|
|
|
|
{
|
|
|
|
nvlist_t **l2cache;
|
|
|
|
uint_t i, j, nl2cache;
|
|
|
|
nvlist_t *nvroot;
|
|
|
|
uint64_t guid;
|
|
|
|
vdev_t *vd;
|
|
|
|
vdev_stat_t *vs;
|
|
|
|
uint_t vsc;
|
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
ASSERT(spa_config_held(spa, SCL_CONFIG, RW_READER));
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
if (spa->spa_l2cache.sav_count == 0)
|
|
|
|
return;
|
|
|
|
|
|
|
|
VERIFY(nvlist_lookup_nvlist(config,
|
|
|
|
ZPOOL_CONFIG_VDEV_TREE, &nvroot) == 0);
|
|
|
|
VERIFY(nvlist_lookup_nvlist_array(spa->spa_l2cache.sav_config,
|
|
|
|
ZPOOL_CONFIG_L2CACHE, &l2cache, &nl2cache) == 0);
|
|
|
|
if (nl2cache != 0) {
|
|
|
|
VERIFY(nvlist_add_nvlist_array(nvroot,
|
|
|
|
ZPOOL_CONFIG_L2CACHE, l2cache, nl2cache) == 0);
|
|
|
|
VERIFY(nvlist_lookup_nvlist_array(nvroot,
|
|
|
|
ZPOOL_CONFIG_L2CACHE, &l2cache, &nl2cache) == 0);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Update level 2 cache device stats.
|
|
|
|
*/
|
|
|
|
|
|
|
|
for (i = 0; i < nl2cache; i++) {
|
|
|
|
VERIFY(nvlist_lookup_uint64(l2cache[i],
|
|
|
|
ZPOOL_CONFIG_GUID, &guid) == 0);
|
|
|
|
|
|
|
|
vd = NULL;
|
|
|
|
for (j = 0; j < spa->spa_l2cache.sav_count; j++) {
|
|
|
|
if (guid ==
|
|
|
|
spa->spa_l2cache.sav_vdevs[j]->vdev_guid) {
|
|
|
|
vd = spa->spa_l2cache.sav_vdevs[j];
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
ASSERT(vd != NULL);
|
|
|
|
|
|
|
|
VERIFY(nvlist_lookup_uint64_array(l2cache[i],
|
2010-05-29 00:45:14 +04:00
|
|
|
ZPOOL_CONFIG_VDEV_STATS, (uint64_t **)&vs, &vsc)
|
|
|
|
== 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
vdev_get_stats(vd, vs);
|
2016-02-29 21:05:23 +03:00
|
|
|
vdev_config_generate_stats(vd, l2cache[i]);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
static void
|
2015-02-26 23:24:11 +03:00
|
|
|
spa_feature_stats_from_disk(spa_t *spa, nvlist_t *features)
|
2012-12-14 03:24:15 +04:00
|
|
|
{
|
|
|
|
zap_cursor_t zc;
|
|
|
|
zap_attribute_t za;
|
|
|
|
|
|
|
|
if (spa->spa_feat_for_read_obj != 0) {
|
|
|
|
for (zap_cursor_init(&zc, spa->spa_meta_objset,
|
|
|
|
spa->spa_feat_for_read_obj);
|
|
|
|
zap_cursor_retrieve(&zc, &za) == 0;
|
|
|
|
zap_cursor_advance(&zc)) {
|
|
|
|
ASSERT(za.za_integer_length == sizeof (uint64_t) &&
|
|
|
|
za.za_num_integers == 1);
|
2015-02-26 23:24:11 +03:00
|
|
|
VERIFY0(nvlist_add_uint64(features, za.za_name,
|
2012-12-14 03:24:15 +04:00
|
|
|
za.za_first_integer));
|
|
|
|
}
|
|
|
|
zap_cursor_fini(&zc);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (spa->spa_feat_for_write_obj != 0) {
|
|
|
|
for (zap_cursor_init(&zc, spa->spa_meta_objset,
|
|
|
|
spa->spa_feat_for_write_obj);
|
|
|
|
zap_cursor_retrieve(&zc, &za) == 0;
|
|
|
|
zap_cursor_advance(&zc)) {
|
|
|
|
ASSERT(za.za_integer_length == sizeof (uint64_t) &&
|
|
|
|
za.za_num_integers == 1);
|
2015-02-26 23:24:11 +03:00
|
|
|
VERIFY0(nvlist_add_uint64(features, za.za_name,
|
2012-12-14 03:24:15 +04:00
|
|
|
za.za_first_integer));
|
|
|
|
}
|
|
|
|
zap_cursor_fini(&zc);
|
|
|
|
}
|
2015-02-26 23:24:11 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
spa_feature_stats_from_cache(spa_t *spa, nvlist_t *features)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; i < SPA_FEATURES; i++) {
|
|
|
|
zfeature_info_t feature = spa_feature_table[i];
|
|
|
|
uint64_t refcount;
|
|
|
|
|
|
|
|
if (feature_get_refcount(spa, &feature, &refcount) != 0)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
VERIFY0(nvlist_add_uint64(features, feature.fi_guid, refcount));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Store a list of pool features and their reference counts in the
|
|
|
|
* config.
|
|
|
|
*
|
|
|
|
* The first time this is called on a spa, allocate a new nvlist, fetch
|
|
|
|
* the pool features and reference counts from disk, then save the list
|
|
|
|
* in the spa. In subsequent calls on the same spa use the saved nvlist
|
|
|
|
* and refresh its values from the cached reference counts. This
|
|
|
|
* ensures we don't block here on I/O on a suspended pool so 'zpool
|
|
|
|
* clear' can resume the pool.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_add_feature_stats(spa_t *spa, nvlist_t *config)
|
|
|
|
{
|
2015-04-23 22:32:59 +03:00
|
|
|
nvlist_t *features;
|
2015-02-26 23:24:11 +03:00
|
|
|
|
|
|
|
ASSERT(spa_config_held(spa, SCL_CONFIG, RW_READER));
|
|
|
|
|
2015-04-23 22:32:59 +03:00
|
|
|
mutex_enter(&spa->spa_feat_stats_lock);
|
|
|
|
features = spa->spa_feat_stats;
|
|
|
|
|
2015-02-26 23:24:11 +03:00
|
|
|
if (features != NULL) {
|
|
|
|
spa_feature_stats_from_cache(spa, features);
|
|
|
|
} else {
|
|
|
|
VERIFY0(nvlist_alloc(&features, NV_UNIQUE_NAME, KM_SLEEP));
|
|
|
|
spa->spa_feat_stats = features;
|
|
|
|
spa_feature_stats_from_disk(spa, features);
|
|
|
|
}
|
2012-12-14 03:24:15 +04:00
|
|
|
|
2015-02-26 23:24:11 +03:00
|
|
|
VERIFY0(nvlist_add_nvlist(config, ZPOOL_CONFIG_FEATURE_STATS,
|
|
|
|
features));
|
2015-04-23 22:32:59 +03:00
|
|
|
|
|
|
|
mutex_exit(&spa->spa_feat_stats_lock);
|
2012-12-14 03:24:15 +04:00
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
int
|
2012-12-14 03:24:15 +04:00
|
|
|
spa_get_stats(const char *name, nvlist_t **config,
|
|
|
|
char *altroot, size_t buflen)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
|
|
|
int error;
|
|
|
|
spa_t *spa;
|
|
|
|
|
|
|
|
*config = NULL;
|
2010-05-29 00:45:14 +04:00
|
|
|
error = spa_open_common(name, &spa, FTAG, NULL, config);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
if (spa != NULL) {
|
|
|
|
/*
|
|
|
|
* This still leaves a window of inconsistency where the spares
|
|
|
|
* or l2cache devices could change and the config would be
|
|
|
|
* self-inconsistent.
|
|
|
|
*/
|
|
|
|
spa_config_enter(spa, SCL_CONFIG, FTAG, RW_READER);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
if (*config != NULL) {
|
2010-08-27 01:24:34 +04:00
|
|
|
uint64_t loadtimes[2];
|
|
|
|
|
|
|
|
loadtimes[0] = spa->spa_loaded_ts.tv_sec;
|
|
|
|
loadtimes[1] = spa->spa_loaded_ts.tv_nsec;
|
|
|
|
VERIFY(nvlist_add_uint64_array(*config,
|
|
|
|
ZPOOL_CONFIG_LOADED_TIME, loadtimes, 2) == 0);
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
VERIFY(nvlist_add_uint64(*config,
|
2009-07-03 02:44:48 +04:00
|
|
|
ZPOOL_CONFIG_ERRCOUNT,
|
|
|
|
spa_get_errlog_size(spa)) == 0);
|
|
|
|
|
|
|
|
if (spa_suspended(spa))
|
|
|
|
VERIFY(nvlist_add_uint64(*config,
|
|
|
|
ZPOOL_CONFIG_SUSPENDED,
|
|
|
|
spa->spa_failmode) == 0);
|
2008-12-03 23:09:06 +03:00
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
spa_add_spares(spa, *config);
|
|
|
|
spa_add_l2cache(spa, *config);
|
2012-12-14 03:24:15 +04:00
|
|
|
spa_add_feature_stats(spa, *config);
|
2009-07-03 02:44:48 +04:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We want to get the alternate root even for faulted pools, so we cheat
|
|
|
|
* and call spa_lookup() directly.
|
|
|
|
*/
|
|
|
|
if (altroot) {
|
|
|
|
if (spa == NULL) {
|
|
|
|
mutex_enter(&spa_namespace_lock);
|
|
|
|
spa = spa_lookup(name);
|
|
|
|
if (spa)
|
|
|
|
spa_altroot(spa, altroot, buflen);
|
|
|
|
else
|
|
|
|
altroot[0] = '\0';
|
|
|
|
spa = NULL;
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
} else {
|
|
|
|
spa_altroot(spa, altroot, buflen);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
if (spa != NULL) {
|
|
|
|
spa_config_exit(spa, SCL_CONFIG, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_close(spa, FTAG);
|
2009-07-03 02:44:48 +04:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Validate that the auxiliary device array is well formed. We must have an
|
|
|
|
* array of nvlists, each which describes a valid leaf vdev. If this is an
|
|
|
|
* import (mode is VDEV_ALLOC_SPARE), then we allow corrupted spares to be
|
|
|
|
* specified, as long as they are well-formed.
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
spa_validate_aux_devs(spa_t *spa, nvlist_t *nvroot, uint64_t crtxg, int mode,
|
|
|
|
spa_aux_vdev_t *sav, const char *config, uint64_t version,
|
|
|
|
vdev_labeltype_t label)
|
|
|
|
{
|
|
|
|
nvlist_t **dev;
|
|
|
|
uint_t i, ndev;
|
|
|
|
vdev_t *vd;
|
|
|
|
int error;
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
ASSERT(spa_config_held(spa, SCL_ALL, RW_WRITER) == SCL_ALL);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* It's acceptable to have no devs specified.
|
|
|
|
*/
|
|
|
|
if (nvlist_lookup_nvlist_array(nvroot, config, &dev, &ndev) != 0)
|
|
|
|
return (0);
|
|
|
|
|
|
|
|
if (ndev == 0)
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(EINVAL));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Make sure the pool is formatted with a version that supports this
|
|
|
|
* device type.
|
|
|
|
*/
|
|
|
|
if (spa_version(spa) < version)
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(ENOTSUP));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Set the pending device list so we correctly handle device in-use
|
|
|
|
* checking.
|
|
|
|
*/
|
|
|
|
sav->sav_pending = dev;
|
|
|
|
sav->sav_npending = ndev;
|
|
|
|
|
|
|
|
for (i = 0; i < ndev; i++) {
|
|
|
|
if ((error = spa_config_parse(spa, &vd, dev[i], NULL, 0,
|
|
|
|
mode)) != 0)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
if (!vd->vdev_ops->vdev_op_leaf) {
|
|
|
|
vdev_free(vd);
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2008-11-20 23:01:55 +03:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
vd->vdev_top = vd;
|
|
|
|
|
|
|
|
if ((error = vdev_open(vd)) == 0 &&
|
|
|
|
(error = vdev_label_init(vd, crtxg, label)) == 0) {
|
|
|
|
VERIFY(nvlist_add_uint64(dev[i], ZPOOL_CONFIG_GUID,
|
|
|
|
vd->vdev_guid) == 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
vdev_free(vd);
|
|
|
|
|
|
|
|
if (error &&
|
|
|
|
(mode != VDEV_ALLOC_SPARE && mode != VDEV_ALLOC_L2CACHE))
|
|
|
|
goto out;
|
|
|
|
else
|
|
|
|
error = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
out:
|
|
|
|
sav->sav_pending = NULL;
|
|
|
|
sav->sav_npending = 0;
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
spa_validate_aux(spa_t *spa, nvlist_t *nvroot, uint64_t crtxg, int mode)
|
|
|
|
{
|
|
|
|
int error;
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
ASSERT(spa_config_held(spa, SCL_ALL, RW_WRITER) == SCL_ALL);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
if ((error = spa_validate_aux_devs(spa, nvroot, crtxg, mode,
|
|
|
|
&spa->spa_spares, ZPOOL_CONFIG_SPARES, SPA_VERSION_SPARES,
|
|
|
|
VDEV_LABEL_SPARE)) != 0) {
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
return (spa_validate_aux_devs(spa, nvroot, crtxg, mode,
|
|
|
|
&spa->spa_l2cache, ZPOOL_CONFIG_L2CACHE, SPA_VERSION_L2CACHE,
|
|
|
|
VDEV_LABEL_L2CACHE));
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
spa_set_aux_vdevs(spa_aux_vdev_t *sav, nvlist_t **devs, int ndevs,
|
|
|
|
const char *config)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
if (sav->sav_config != NULL) {
|
|
|
|
nvlist_t **olddevs;
|
|
|
|
uint_t oldndevs;
|
|
|
|
nvlist_t **newdevs;
|
|
|
|
|
|
|
|
/*
|
2017-01-03 20:31:18 +03:00
|
|
|
* Generate new dev list by concatenating with the
|
2008-11-20 23:01:55 +03:00
|
|
|
* current dev list.
|
|
|
|
*/
|
|
|
|
VERIFY(nvlist_lookup_nvlist_array(sav->sav_config, config,
|
|
|
|
&olddevs, &oldndevs) == 0);
|
|
|
|
|
|
|
|
newdevs = kmem_alloc(sizeof (void *) *
|
2014-11-21 03:09:39 +03:00
|
|
|
(ndevs + oldndevs), KM_SLEEP);
|
2008-11-20 23:01:55 +03:00
|
|
|
for (i = 0; i < oldndevs; i++)
|
|
|
|
VERIFY(nvlist_dup(olddevs[i], &newdevs[i],
|
2014-11-21 03:09:39 +03:00
|
|
|
KM_SLEEP) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
for (i = 0; i < ndevs; i++)
|
|
|
|
VERIFY(nvlist_dup(devs[i], &newdevs[i + oldndevs],
|
2014-11-21 03:09:39 +03:00
|
|
|
KM_SLEEP) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
VERIFY(nvlist_remove(sav->sav_config, config,
|
|
|
|
DATA_TYPE_NVLIST_ARRAY) == 0);
|
|
|
|
|
|
|
|
VERIFY(nvlist_add_nvlist_array(sav->sav_config,
|
|
|
|
config, newdevs, ndevs + oldndevs) == 0);
|
|
|
|
for (i = 0; i < oldndevs + ndevs; i++)
|
|
|
|
nvlist_free(newdevs[i]);
|
|
|
|
kmem_free(newdevs, (oldndevs + ndevs) * sizeof (void *));
|
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* Generate a new dev list.
|
|
|
|
*/
|
|
|
|
VERIFY(nvlist_alloc(&sav->sav_config, NV_UNIQUE_NAME,
|
2014-11-21 03:09:39 +03:00
|
|
|
KM_SLEEP) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
VERIFY(nvlist_add_nvlist_array(sav->sav_config, config,
|
|
|
|
devs, ndevs) == 0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Stop and drop level 2 ARC devices
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
spa_l2cache_drop(spa_t *spa)
|
|
|
|
{
|
|
|
|
vdev_t *vd;
|
|
|
|
int i;
|
|
|
|
spa_aux_vdev_t *sav = &spa->spa_l2cache;
|
|
|
|
|
|
|
|
for (i = 0; i < sav->sav_count; i++) {
|
|
|
|
uint64_t pool;
|
|
|
|
|
|
|
|
vd = sav->sav_vdevs[i];
|
|
|
|
ASSERT(vd != NULL);
|
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
if (spa_l2cache_exists(vd->vdev_guid, &pool) &&
|
|
|
|
pool != 0ULL && l2arc_vdev_present(vd))
|
2008-11-20 23:01:55 +03:00
|
|
|
l2arc_remove_vdev(vd);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
/*
|
|
|
|
* Verify encryption parameters for spa creation. If we are encrypting, we must
|
|
|
|
* have the encryption feature flag enabled.
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
spa_create_check_encryption_params(dsl_crypto_params_t *dcp,
|
|
|
|
boolean_t has_encryption)
|
|
|
|
{
|
|
|
|
if (dcp->cp_crypt != ZIO_CRYPT_OFF &&
|
|
|
|
dcp->cp_crypt != ZIO_CRYPT_INHERIT &&
|
|
|
|
!has_encryption)
|
|
|
|
return (SET_ERROR(ENOTSUP));
|
|
|
|
|
|
|
|
return (dmu_objset_create_crypt_check(NULL, dcp));
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Pool Creation
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
spa_create(const char *pool, nvlist_t *nvroot, nvlist_t *props,
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
nvlist_t *zplprops, dsl_crypto_params_t *dcp)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
|
|
|
spa_t *spa;
|
|
|
|
char *altroot = NULL;
|
|
|
|
vdev_t *rvd;
|
|
|
|
dsl_pool_t *dp;
|
|
|
|
dmu_tx_t *tx;
|
2009-07-03 02:44:48 +04:00
|
|
|
int error = 0;
|
2008-11-20 23:01:55 +03:00
|
|
|
uint64_t txg = TXG_INITIAL;
|
|
|
|
nvlist_t **spares, **l2cache;
|
|
|
|
uint_t nspares, nl2cache;
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
uint64_t version, obj, root_dsobj = 0;
|
2012-12-14 03:24:15 +04:00
|
|
|
boolean_t has_features;
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
boolean_t has_encryption;
|
|
|
|
spa_feature_t feat;
|
|
|
|
char *feat_name;
|
2014-06-21 03:00:11 +04:00
|
|
|
char *poolname;
|
|
|
|
nvlist_t *nvl;
|
|
|
|
|
|
|
|
if (nvlist_lookup_string(props, "tname", &poolname) != 0)
|
|
|
|
poolname = (char *)pool;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If this pool already exists, return failure.
|
|
|
|
*/
|
|
|
|
mutex_enter(&spa_namespace_lock);
|
2014-06-21 03:00:11 +04:00
|
|
|
if (spa_lookup(poolname) != NULL) {
|
2008-11-20 23:01:55 +03:00
|
|
|
mutex_exit(&spa_namespace_lock);
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(EEXIST));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Allocate a new spa_t structure.
|
|
|
|
*/
|
2014-06-21 03:00:11 +04:00
|
|
|
nvl = fnvlist_alloc();
|
|
|
|
fnvlist_add_string(nvl, ZPOOL_CONFIG_POOL_NAME, pool);
|
2008-11-20 23:01:55 +03:00
|
|
|
(void) nvlist_lookup_string(props,
|
|
|
|
zpool_prop_to_name(ZPOOL_PROP_ALTROOT), &altroot);
|
2014-06-21 03:00:11 +04:00
|
|
|
spa = spa_add(poolname, nvl, altroot);
|
|
|
|
fnvlist_free(nvl);
|
2009-01-16 00:59:39 +03:00
|
|
|
spa_activate(spa, spa_mode_global);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
if (props && (error = spa_prop_validate(spa, props))) {
|
|
|
|
spa_deactivate(spa);
|
|
|
|
spa_remove(spa);
|
2008-12-03 23:09:06 +03:00
|
|
|
mutex_exit(&spa_namespace_lock);
|
2008-11-20 23:01:55 +03:00
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
2014-06-21 03:00:11 +04:00
|
|
|
/*
|
|
|
|
* Temporary pool names should never be written to disk.
|
|
|
|
*/
|
|
|
|
if (poolname != pool)
|
|
|
|
spa->spa_import_flags |= ZFS_IMPORT_TEMP_NAME;
|
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
has_features = B_FALSE;
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
has_encryption = B_FALSE;
|
2017-11-04 23:25:13 +03:00
|
|
|
for (nvpair_t *elem = nvlist_next_nvpair(props, NULL);
|
2012-12-14 03:24:15 +04:00
|
|
|
elem != NULL; elem = nvlist_next_nvpair(props, elem)) {
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
if (zpool_prop_feature(nvpair_name(elem))) {
|
2012-12-14 03:24:15 +04:00
|
|
|
has_features = B_TRUE;
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
|
|
|
|
feat_name = strchr(nvpair_name(elem), '@') + 1;
|
|
|
|
VERIFY0(zfeature_lookup_name(feat_name, &feat));
|
|
|
|
if (feat == SPA_FEATURE_ENCRYPTION)
|
|
|
|
has_encryption = B_TRUE;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* verify encryption params, if they were provided */
|
|
|
|
if (dcp != NULL) {
|
|
|
|
error = spa_create_check_encryption_params(dcp, has_encryption);
|
|
|
|
if (error != 0) {
|
|
|
|
spa_deactivate(spa);
|
|
|
|
spa_remove(spa);
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
return (error);
|
|
|
|
}
|
2012-12-14 03:24:15 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
if (has_features || nvlist_lookup_uint64(props,
|
|
|
|
zpool_prop_to_name(ZPOOL_PROP_VERSION), &version) != 0) {
|
2008-11-20 23:01:55 +03:00
|
|
|
version = SPA_VERSION;
|
2012-12-14 03:24:15 +04:00
|
|
|
}
|
|
|
|
ASSERT(SPA_VERSION_IS_SUPPORTED(version));
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
spa->spa_first_txg = txg;
|
|
|
|
spa->spa_uberblock.ub_txg = txg - 1;
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_uberblock.ub_version = version;
|
|
|
|
spa->spa_ubsync = spa->spa_uberblock;
|
2016-10-14 03:59:18 +03:00
|
|
|
spa->spa_load_state = SPA_LOAD_CREATE;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
/*
|
|
|
|
* Create "The Godfather" zio to hold all async IOs
|
|
|
|
*/
|
2014-09-17 10:59:43 +04:00
|
|
|
spa->spa_async_zio_root = kmem_alloc(max_ncpus * sizeof (void *),
|
|
|
|
KM_SLEEP);
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int i = 0; i < max_ncpus; i++) {
|
2014-09-17 10:59:43 +04:00
|
|
|
spa->spa_async_zio_root[i] = zio_root(spa, NULL, NULL,
|
|
|
|
ZIO_FLAG_CANFAIL | ZIO_FLAG_SPECULATIVE |
|
|
|
|
ZIO_FLAG_GODFATHER);
|
|
|
|
}
|
2009-07-03 02:44:48 +04:00
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Create the root vdev.
|
|
|
|
*/
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
error = spa_config_parse(spa, &rvd, nvroot, NULL, 0, VDEV_ALLOC_ADD);
|
|
|
|
|
|
|
|
ASSERT(error != 0 || rvd != NULL);
|
|
|
|
ASSERT(error != 0 || spa->spa_root_vdev == rvd);
|
|
|
|
|
|
|
|
if (error == 0 && !zfs_allocatable_devs(nvroot))
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
if (error == 0 &&
|
|
|
|
(error = vdev_create(rvd, txg, B_FALSE)) == 0 &&
|
|
|
|
(error = spa_validate_aux(spa, nvroot, txg,
|
|
|
|
VDEV_ALLOC_ADD)) == 0) {
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int c = 0; c < rvd->vdev_children; c++) {
|
2009-07-03 02:44:48 +04:00
|
|
|
vdev_metaslab_set_size(rvd->vdev_child[c]);
|
|
|
|
vdev_expand(rvd->vdev_child[c], txg);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
if (error != 0) {
|
|
|
|
spa_unload(spa);
|
|
|
|
spa_deactivate(spa);
|
|
|
|
spa_remove(spa);
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Get the list of spares, if specified.
|
|
|
|
*/
|
|
|
|
if (nvlist_lookup_nvlist_array(nvroot, ZPOOL_CONFIG_SPARES,
|
|
|
|
&spares, &nspares) == 0) {
|
|
|
|
VERIFY(nvlist_alloc(&spa->spa_spares.sav_config, NV_UNIQUE_NAME,
|
2014-11-21 03:09:39 +03:00
|
|
|
KM_SLEEP) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
VERIFY(nvlist_add_nvlist_array(spa->spa_spares.sav_config,
|
|
|
|
ZPOOL_CONFIG_SPARES, spares, nspares) == 0);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_load_spares(spa);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_spares.sav_sync = B_TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Get the list of level 2 cache devices, if specified.
|
|
|
|
*/
|
|
|
|
if (nvlist_lookup_nvlist_array(nvroot, ZPOOL_CONFIG_L2CACHE,
|
|
|
|
&l2cache, &nl2cache) == 0) {
|
|
|
|
VERIFY(nvlist_alloc(&spa->spa_l2cache.sav_config,
|
2014-11-21 03:09:39 +03:00
|
|
|
NV_UNIQUE_NAME, KM_SLEEP) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
VERIFY(nvlist_add_nvlist_array(spa->spa_l2cache.sav_config,
|
|
|
|
ZPOOL_CONFIG_L2CACHE, l2cache, nl2cache) == 0);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_load_l2cache(spa);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_l2cache.sav_sync = B_TRUE;
|
|
|
|
}
|
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
spa->spa_is_initializing = B_TRUE;
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
spa->spa_dsl_pool = dp = dsl_pool_create(spa, zplprops, dcp, txg);
|
2012-12-14 03:24:15 +04:00
|
|
|
spa->spa_is_initializing = B_FALSE;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
|
|
|
* Create DDTs (dedup tables).
|
|
|
|
*/
|
|
|
|
ddt_create(spa);
|
|
|
|
|
|
|
|
spa_update_dspace(spa);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
tx = dmu_tx_create_assigned(dp, txg);
|
|
|
|
|
2017-10-23 19:45:59 +03:00
|
|
|
/*
|
|
|
|
* Create the pool's history object.
|
|
|
|
*/
|
|
|
|
if (version >= SPA_VERSION_ZPOOL_HISTORY && !spa->spa_history)
|
|
|
|
spa_history_create_obj(spa, tx);
|
|
|
|
|
|
|
|
spa_event_notify(spa, NULL, NULL, ESC_ZFS_POOL_CREATE);
|
|
|
|
spa_history_log_version(spa, "create", tx);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Create the pool config object.
|
|
|
|
*/
|
|
|
|
spa->spa_config_object = dmu_object_alloc(spa->spa_meta_objset,
|
2008-12-03 23:09:06 +03:00
|
|
|
DMU_OT_PACKED_NVLIST, SPA_CONFIG_BLOCKSIZE,
|
2008-11-20 23:01:55 +03:00
|
|
|
DMU_OT_PACKED_NVLIST_SIZE, sizeof (uint64_t), tx);
|
|
|
|
|
|
|
|
if (zap_add(spa->spa_meta_objset,
|
|
|
|
DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_CONFIG,
|
|
|
|
sizeof (uint64_t), 1, &spa->spa_config_object, tx) != 0) {
|
|
|
|
cmn_err(CE_PANIC, "failed to add pool config");
|
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
if (zap_add(spa->spa_meta_objset,
|
|
|
|
DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_CREATION_VERSION,
|
|
|
|
sizeof (uint64_t), 1, &version, tx) != 0) {
|
|
|
|
cmn_err(CE_PANIC, "failed to add pool version");
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/* Newly created pools with the right version are always deflated. */
|
|
|
|
if (version >= SPA_VERSION_RAIDZ_DEFLATE) {
|
|
|
|
spa->spa_deflate = TRUE;
|
|
|
|
if (zap_add(spa->spa_meta_objset,
|
|
|
|
DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_DEFLATE,
|
|
|
|
sizeof (uint64_t), 1, &spa->spa_deflate, tx) != 0) {
|
|
|
|
cmn_err(CE_PANIC, "failed to add deflate");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2010-05-29 00:45:14 +04:00
|
|
|
* Create the deferred-free bpobj. Turn off compression
|
2008-11-20 23:01:55 +03:00
|
|
|
* because sync-to-convergence takes longer if the blocksize
|
|
|
|
* keeps changing.
|
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
obj = bpobj_alloc(spa->spa_meta_objset, 1 << 14, tx);
|
|
|
|
dmu_object_set_compress(spa->spa_meta_objset, obj,
|
2008-11-20 23:01:55 +03:00
|
|
|
ZIO_COMPRESS_OFF, tx);
|
|
|
|
if (zap_add(spa->spa_meta_objset,
|
2010-05-29 00:45:14 +04:00
|
|
|
DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_SYNC_BPOBJ,
|
|
|
|
sizeof (uint64_t), 1, &obj, tx) != 0) {
|
|
|
|
cmn_err(CE_PANIC, "failed to add bpobj");
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
2010-05-29 00:45:14 +04:00
|
|
|
VERIFY3U(0, ==, bpobj_open(&spa->spa_deferred_bpobj,
|
|
|
|
spa->spa_meta_objset, obj));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2016-06-16 01:47:05 +03:00
|
|
|
/*
|
|
|
|
* Generate some random noise for salted checksums to operate on.
|
|
|
|
*/
|
|
|
|
(void) random_get_pseudo_bytes(spa->spa_cksum_salt.zcs_bytes,
|
|
|
|
sizeof (spa->spa_cksum_salt.zcs_bytes));
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Set pool properties.
|
|
|
|
*/
|
|
|
|
spa->spa_bootfs = zpool_prop_default_numeric(ZPOOL_PROP_BOOTFS);
|
|
|
|
spa->spa_delegation = zpool_prop_default_numeric(ZPOOL_PROP_DELEGATION);
|
|
|
|
spa->spa_failmode = zpool_prop_default_numeric(ZPOOL_PROP_FAILUREMODE);
|
2009-07-03 02:44:48 +04:00
|
|
|
spa->spa_autoexpand = zpool_prop_default_numeric(ZPOOL_PROP_AUTOEXPAND);
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
spa->spa_multihost = zpool_prop_default_numeric(ZPOOL_PROP_MULTIHOST);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2009-02-18 23:51:31 +03:00
|
|
|
if (props != NULL) {
|
|
|
|
spa_configfile_set(spa, props, B_FALSE);
|
2013-09-04 16:00:57 +04:00
|
|
|
spa_sync_props(props, tx);
|
2009-02-18 23:51:31 +03:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
dmu_tx_commit(tx);
|
|
|
|
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
/*
|
|
|
|
* If the root dataset is encrypted we will need to create key mappings
|
|
|
|
* for the zio layer before we start to write any data to disk and hold
|
|
|
|
* them until after the first txg has been synced. Waiting for the first
|
|
|
|
* transaction to complete also ensures that our bean counters are
|
|
|
|
* appropriately updated.
|
|
|
|
*/
|
|
|
|
if (dp->dp_root_dir->dd_crypto_obj != 0) {
|
|
|
|
root_dsobj = dsl_dir_phys(dp->dp_root_dir)->dd_head_dataset_obj;
|
|
|
|
VERIFY0(spa_keystore_create_mapping_impl(spa, root_dsobj,
|
|
|
|
dp->dp_root_dir, FTAG));
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_sync_on = B_TRUE;
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
txg_sync_start(dp);
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
mmp_thread_start(spa);
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
txg_wait_synced(dp, txg);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
Native Encryption for ZFS on Linux
This change incorporates three major pieces:
The first change is a keystore that manages wrapping
and encryption keys for encrypted datasets. These
commands mostly involve manipulating the new
DSL Crypto Key ZAP Objects that live in the MOS. Each
encrypted dataset has its own DSL Crypto Key that is
protected with a user's key. This level of indirection
allows users to change their keys without re-encrypting
their entire datasets. The change implements the new
subcommands "zfs load-key", "zfs unload-key" and
"zfs change-key" which allow the user to manage their
encryption keys and settings. In addition, several new
flags and properties have been added to allow dataset
creation and to make mounting and unmounting more
convenient.
The second piece of this patch provides the ability to
encrypt, decyrpt, and authenticate protected datasets.
Each object set maintains a Merkel tree of Message
Authentication Codes that protect the lower layers,
similarly to how checksums are maintained. This part
impacts the zio layer, which handles the actual
encryption and generation of MACs, as well as the ARC
and DMU, which need to be able to handle encrypted
buffers and protected data.
The last addition is the ability to do raw, encrypted
sends and receives. The idea here is to send raw
encrypted and compressed data and receive it exactly
as is on a backup system. This means that the dataset
on the receiving system is protected using the same
user key that is in use on the sending side. By doing
so, datasets can be efficiently backed up to an
untrusted system without fear of data being
compromised.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Jorgen Lundman <lundman@lundman.net>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #494
Closes #5769
2017-08-14 20:36:48 +03:00
|
|
|
if (dp->dp_root_dir->dd_crypto_obj != 0)
|
|
|
|
VERIFY0(spa_keystore_remove_mapping(spa, root_dsobj, FTAG));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_sync(spa, B_FALSE, B_TRUE);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2015-04-02 06:44:32 +03:00
|
|
|
/*
|
|
|
|
* Don't count references from objsets that are already closed
|
|
|
|
* and are making their way through the eviction process.
|
|
|
|
*/
|
|
|
|
spa_evicting_os_wait(spa);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa->spa_minref = refcount_count(&spa->spa_refcount);
|
2016-10-14 03:59:18 +03:00
|
|
|
spa->spa_load_state = SPA_LOAD_NONE;
|
2008-12-03 23:09:06 +03:00
|
|
|
|
2009-02-18 23:51:31 +03:00
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
/*
|
|
|
|
* Import a non-root pool into the system.
|
|
|
|
*/
|
|
|
|
int
|
2013-09-04 16:00:57 +04:00
|
|
|
spa_import(char *pool, nvlist_t *config, nvlist_t *props, uint64_t flags)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
|
|
|
spa_t *spa;
|
|
|
|
char *altroot = NULL;
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_load_state_t state = SPA_LOAD_IMPORT;
|
|
|
|
zpool_rewind_policy_t policy;
|
2010-08-27 01:24:34 +04:00
|
|
|
uint64_t mode = spa_mode_global;
|
|
|
|
uint64_t readonly = B_FALSE;
|
2009-07-03 02:44:48 +04:00
|
|
|
int error;
|
2008-11-20 23:01:55 +03:00
|
|
|
nvlist_t *nvroot;
|
|
|
|
nvlist_t **spares, **l2cache;
|
|
|
|
uint_t nspares, nl2cache;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If a pool with this name exists, return failure.
|
|
|
|
*/
|
|
|
|
mutex_enter(&spa_namespace_lock);
|
2010-05-29 00:45:14 +04:00
|
|
|
if (spa_lookup(pool) != NULL) {
|
2009-07-03 02:44:48 +04:00
|
|
|
mutex_exit(&spa_namespace_lock);
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(EEXIST));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Create and initialize the spa structure.
|
|
|
|
*/
|
|
|
|
(void) nvlist_lookup_string(props,
|
|
|
|
zpool_prop_to_name(ZPOOL_PROP_ALTROOT), &altroot);
|
2010-08-27 01:24:34 +04:00
|
|
|
(void) nvlist_lookup_uint64(props,
|
|
|
|
zpool_prop_to_name(ZPOOL_PROP_READONLY), &readonly);
|
|
|
|
if (readonly)
|
|
|
|
mode = FREAD;
|
2010-05-29 00:45:14 +04:00
|
|
|
spa = spa_add(pool, config, altroot);
|
2010-08-27 01:24:34 +04:00
|
|
|
spa->spa_import_flags = flags;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Verbatim import - Take a pool and insert it into the namespace
|
|
|
|
* as if it had been loaded at boot.
|
|
|
|
*/
|
|
|
|
if (spa->spa_import_flags & ZFS_IMPORT_VERBATIM) {
|
|
|
|
if (props != NULL)
|
|
|
|
spa_configfile_set(spa, props, B_FALSE);
|
|
|
|
|
|
|
|
spa_config_sync(spa, B_FALSE, B_TRUE);
|
2017-05-30 21:39:17 +03:00
|
|
|
spa_event_notify(spa, NULL, NULL, ESC_ZFS_POOL_IMPORT);
|
2010-08-27 01:24:34 +04:00
|
|
|
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
|
|
|
spa_activate(spa, mode);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
/*
|
|
|
|
* Don't start async tasks until we know everything is healthy.
|
|
|
|
*/
|
|
|
|
spa_async_suspend(spa);
|
2008-12-03 23:09:06 +03:00
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
zpool_get_rewind_policy(config, &policy);
|
|
|
|
if (policy.zrp_request & ZPOOL_DO_REWIND)
|
|
|
|
state = SPA_LOAD_RECOVER;
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
2009-07-03 02:44:48 +04:00
|
|
|
* Pass off the heavy lifting to spa_load(). Pass TRUE for mosconfig
|
|
|
|
* because the user-supplied config is actually the one to trust when
|
2008-12-03 23:09:06 +03:00
|
|
|
* doing an import.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
if (state != SPA_LOAD_RECOVER)
|
|
|
|
spa->spa_last_ubsync_txg = spa->spa_load_txg = 0;
|
2010-08-27 01:24:34 +04:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
error = spa_load_best(spa, state, B_TRUE, policy.zrp_txg,
|
|
|
|
policy.zrp_request);
|
|
|
|
|
|
|
|
/*
|
2010-08-27 01:24:34 +04:00
|
|
|
* Propagate anything learned while loading the pool and pass it
|
|
|
|
* back to caller (i.e. rewind info, missing devices, etc).
|
2010-05-29 00:45:14 +04:00
|
|
|
*/
|
2010-08-27 01:24:34 +04:00
|
|
|
VERIFY(nvlist_add_nvlist(config, ZPOOL_CONFIG_LOAD_INFO,
|
|
|
|
spa->spa_load_info) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
2009-07-03 02:44:48 +04:00
|
|
|
* Toss any existing sparelist, as it doesn't have any validity
|
|
|
|
* anymore, and conflicts with spa_has_spare().
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2009-07-03 02:44:48 +04:00
|
|
|
if (spa->spa_spares.sav_config) {
|
2008-11-20 23:01:55 +03:00
|
|
|
nvlist_free(spa->spa_spares.sav_config);
|
|
|
|
spa->spa_spares.sav_config = NULL;
|
|
|
|
spa_load_spares(spa);
|
|
|
|
}
|
2009-07-03 02:44:48 +04:00
|
|
|
if (spa->spa_l2cache.sav_config) {
|
2008-11-20 23:01:55 +03:00
|
|
|
nvlist_free(spa->spa_l2cache.sav_config);
|
|
|
|
spa->spa_l2cache.sav_config = NULL;
|
|
|
|
spa_load_l2cache(spa);
|
|
|
|
}
|
|
|
|
|
|
|
|
VERIFY(nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE,
|
|
|
|
&nvroot) == 0);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2009-02-18 23:51:31 +03:00
|
|
|
if (props != NULL)
|
|
|
|
spa_configfile_set(spa, props, B_FALSE);
|
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
if (error != 0 || (props && spa_writeable(spa) &&
|
|
|
|
(error = spa_prop_set(spa, props)))) {
|
2009-07-03 02:44:48 +04:00
|
|
|
spa_unload(spa);
|
|
|
|
spa_deactivate(spa);
|
|
|
|
spa_remove(spa);
|
2008-11-20 23:01:55 +03:00
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
spa_async_resume(spa);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Override any spares and level 2 cache devices as specified by
|
|
|
|
* the user, as these may have correct device names/devids, etc.
|
|
|
|
*/
|
|
|
|
if (nvlist_lookup_nvlist_array(nvroot, ZPOOL_CONFIG_SPARES,
|
|
|
|
&spares, &nspares) == 0) {
|
|
|
|
if (spa->spa_spares.sav_config)
|
|
|
|
VERIFY(nvlist_remove(spa->spa_spares.sav_config,
|
|
|
|
ZPOOL_CONFIG_SPARES, DATA_TYPE_NVLIST_ARRAY) == 0);
|
|
|
|
else
|
|
|
|
VERIFY(nvlist_alloc(&spa->spa_spares.sav_config,
|
2014-11-21 03:09:39 +03:00
|
|
|
NV_UNIQUE_NAME, KM_SLEEP) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
VERIFY(nvlist_add_nvlist_array(spa->spa_spares.sav_config,
|
|
|
|
ZPOOL_CONFIG_SPARES, spares, nspares) == 0);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_load_spares(spa);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_spares.sav_sync = B_TRUE;
|
|
|
|
}
|
|
|
|
if (nvlist_lookup_nvlist_array(nvroot, ZPOOL_CONFIG_L2CACHE,
|
|
|
|
&l2cache, &nl2cache) == 0) {
|
|
|
|
if (spa->spa_l2cache.sav_config)
|
|
|
|
VERIFY(nvlist_remove(spa->spa_l2cache.sav_config,
|
|
|
|
ZPOOL_CONFIG_L2CACHE, DATA_TYPE_NVLIST_ARRAY) == 0);
|
|
|
|
else
|
|
|
|
VERIFY(nvlist_alloc(&spa->spa_l2cache.sav_config,
|
2014-11-21 03:09:39 +03:00
|
|
|
NV_UNIQUE_NAME, KM_SLEEP) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
VERIFY(nvlist_add_nvlist_array(spa->spa_l2cache.sav_config,
|
|
|
|
ZPOOL_CONFIG_L2CACHE, l2cache, nl2cache) == 0);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_load_l2cache(spa);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_l2cache.sav_sync = B_TRUE;
|
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
|
|
|
* Check for any removed devices.
|
|
|
|
*/
|
|
|
|
if (spa->spa_autoreplace) {
|
|
|
|
spa_aux_check_removed(&spa->spa_spares);
|
|
|
|
spa_aux_check_removed(&spa->spa_l2cache);
|
|
|
|
}
|
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
if (spa_writeable(spa)) {
|
2008-12-03 23:09:06 +03:00
|
|
|
/*
|
|
|
|
* Update the config cache to include the newly-imported pool.
|
|
|
|
*/
|
2009-08-18 22:43:27 +04:00
|
|
|
spa_config_update(spa, SPA_CONFIG_UPDATE_POOL);
|
2008-12-03 23:09:06 +03:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
2009-07-03 02:44:48 +04:00
|
|
|
* It's possible that the pool was expanded while it was exported.
|
|
|
|
* We kick off an async task to handle this for us.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2009-07-03 02:44:48 +04:00
|
|
|
spa_async_request(spa, SPA_ASYNC_AUTOEXPAND);
|
2008-12-03 23:09:06 +03:00
|
|
|
|
2017-10-23 19:45:59 +03:00
|
|
|
spa_history_log_version(spa, "import", NULL);
|
2016-07-28 01:29:15 +03:00
|
|
|
|
2017-05-30 21:39:17 +03:00
|
|
|
spa_event_notify(spa, NULL, NULL, ESC_ZFS_POOL_IMPORT);
|
2016-07-28 01:29:15 +03:00
|
|
|
|
2014-03-22 13:07:14 +04:00
|
|
|
zvol_create_minors(spa, pool, B_TRUE);
|
2013-05-28 15:50:38 +04:00
|
|
|
|
2016-07-28 01:29:15 +03:00
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
nvlist_t *
|
|
|
|
spa_tryimport(nvlist_t *tryconfig)
|
|
|
|
{
|
|
|
|
nvlist_t *config = NULL;
|
|
|
|
char *poolname;
|
|
|
|
spa_t *spa;
|
|
|
|
uint64_t state;
|
2009-02-18 23:51:31 +03:00
|
|
|
int error;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
if (nvlist_lookup_string(tryconfig, ZPOOL_CONFIG_POOL_NAME, &poolname))
|
|
|
|
return (NULL);
|
|
|
|
|
|
|
|
if (nvlist_lookup_uint64(tryconfig, ZPOOL_CONFIG_POOL_STATE, &state))
|
|
|
|
return (NULL);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Create and initialize the spa structure.
|
|
|
|
*/
|
|
|
|
mutex_enter(&spa_namespace_lock);
|
2010-05-29 00:45:14 +04:00
|
|
|
spa = spa_add(TRYIMPORT_NAME, tryconfig, NULL);
|
2009-01-16 00:59:39 +03:00
|
|
|
spa_activate(spa, FREAD);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Pass off the heavy lifting to spa_load().
|
|
|
|
* Pass TRUE for mosconfig because the user-supplied config
|
|
|
|
* is actually the one to trust when doing an import.
|
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
error = spa_load(spa, SPA_LOAD_TRYIMPORT, SPA_IMPORT_EXISTING, B_TRUE);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If 'tryconfig' was at least parsable, return the current config.
|
|
|
|
*/
|
|
|
|
if (spa->spa_root_vdev != NULL) {
|
|
|
|
config = spa_config_generate(spa, NULL, -1ULL, B_TRUE);
|
|
|
|
VERIFY(nvlist_add_string(config, ZPOOL_CONFIG_POOL_NAME,
|
|
|
|
poolname) == 0);
|
|
|
|
VERIFY(nvlist_add_uint64(config, ZPOOL_CONFIG_POOL_STATE,
|
|
|
|
state) == 0);
|
|
|
|
VERIFY(nvlist_add_uint64(config, ZPOOL_CONFIG_TIMESTAMP,
|
|
|
|
spa->spa_uberblock.ub_timestamp) == 0);
|
2012-12-14 03:24:15 +04:00
|
|
|
VERIFY(nvlist_add_nvlist(config, ZPOOL_CONFIG_LOAD_INFO,
|
|
|
|
spa->spa_load_info) == 0);
|
2014-02-21 07:57:17 +04:00
|
|
|
VERIFY(nvlist_add_uint64(config, ZPOOL_CONFIG_ERRATA,
|
|
|
|
spa->spa_errata) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If the bootfs property exists on this pool then we
|
|
|
|
* copy it out so that external consumers can tell which
|
|
|
|
* pools are bootable.
|
|
|
|
*/
|
2009-02-18 23:51:31 +03:00
|
|
|
if ((!error || error == EEXIST) && spa->spa_bootfs) {
|
2014-11-21 03:09:39 +03:00
|
|
|
char *tmpname = kmem_alloc(MAXPATHLEN, KM_SLEEP);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* We have to play games with the name since the
|
|
|
|
* pool was opened as TRYIMPORT_NAME.
|
|
|
|
*/
|
2008-12-03 23:09:06 +03:00
|
|
|
if (dsl_dsobj_to_dsname(spa_name(spa),
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_bootfs, tmpname) == 0) {
|
|
|
|
char *cp;
|
2013-11-01 23:26:11 +04:00
|
|
|
char *dsname;
|
|
|
|
|
2014-11-21 03:09:39 +03:00
|
|
|
dsname = kmem_alloc(MAXPATHLEN, KM_SLEEP);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
cp = strchr(tmpname, '/');
|
|
|
|
if (cp == NULL) {
|
|
|
|
(void) strlcpy(dsname, tmpname,
|
|
|
|
MAXPATHLEN);
|
|
|
|
} else {
|
|
|
|
(void) snprintf(dsname, MAXPATHLEN,
|
|
|
|
"%s/%s", poolname, ++cp);
|
|
|
|
}
|
|
|
|
VERIFY(nvlist_add_string(config,
|
|
|
|
ZPOOL_CONFIG_BOOTFS, dsname) == 0);
|
|
|
|
kmem_free(dsname, MAXPATHLEN);
|
|
|
|
}
|
|
|
|
kmem_free(tmpname, MAXPATHLEN);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Add the list of hot spares and level 2 cache devices.
|
|
|
|
*/
|
2009-07-03 02:44:48 +04:00
|
|
|
spa_config_enter(spa, SCL_CONFIG, FTAG, RW_READER);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_add_spares(spa, config);
|
|
|
|
spa_add_l2cache(spa, config);
|
2009-07-03 02:44:48 +04:00
|
|
|
spa_config_exit(spa, SCL_CONFIG, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
spa_unload(spa);
|
|
|
|
spa_deactivate(spa);
|
|
|
|
spa_remove(spa);
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
|
|
|
|
return (config);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Pool export/destroy
|
|
|
|
*
|
|
|
|
* The act of destroying or exporting a pool is very simple. We make sure there
|
|
|
|
* is no more pending I/O and any references to the pool are gone. Then, we
|
|
|
|
* update the pool state and sync all the labels to disk, removing the
|
2009-01-16 00:59:39 +03:00
|
|
|
* configuration from the cache afterwards. If the 'hardforce' flag is set, then
|
|
|
|
* we don't sync the labels or remove the configuration cache.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
|
|
|
static int
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_export_common(char *pool, int new_state, nvlist_t **oldconfig,
|
2009-01-16 00:59:39 +03:00
|
|
|
boolean_t force, boolean_t hardforce)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
|
|
|
spa_t *spa;
|
|
|
|
|
|
|
|
if (oldconfig)
|
|
|
|
*oldconfig = NULL;
|
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
if (!(spa_mode_global & FWRITE))
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(EROFS));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
mutex_enter(&spa_namespace_lock);
|
|
|
|
if ((spa = spa_lookup(pool)) == NULL) {
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(ENOENT));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Put a hold on the pool, drop the namespace lock, stop async tasks,
|
|
|
|
* reacquire the namespace lock, and see if we can export.
|
|
|
|
*/
|
|
|
|
spa_open_ref(spa, FTAG);
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
spa_async_suspend(spa);
|
2014-03-22 13:07:14 +04:00
|
|
|
if (spa->spa_zvol_taskq) {
|
|
|
|
zvol_remove_minors(spa, spa_name(spa), B_TRUE);
|
|
|
|
taskq_wait(spa->spa_zvol_taskq);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
mutex_enter(&spa_namespace_lock);
|
|
|
|
spa_close(spa, FTAG);
|
|
|
|
|
2015-02-27 08:46:45 +03:00
|
|
|
if (spa->spa_state == POOL_STATE_UNINITIALIZED)
|
|
|
|
goto export_spa;
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
2015-02-27 08:46:45 +03:00
|
|
|
* The pool will be in core if it's openable, in which case we can
|
|
|
|
* modify its state. Objsets may be open only because they're dirty,
|
|
|
|
* so we have to force it to sync before checking spa_refcnt.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2015-04-02 06:44:32 +03:00
|
|
|
if (spa->spa_sync_on) {
|
2008-11-20 23:01:55 +03:00
|
|
|
txg_wait_synced(spa->spa_dsl_pool, 0);
|
2015-04-02 06:44:32 +03:00
|
|
|
spa_evicting_os_wait(spa);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2015-02-27 08:46:45 +03:00
|
|
|
/*
|
|
|
|
* A pool cannot be exported or destroyed if there are active
|
|
|
|
* references. If we are resetting a pool, allow references by
|
|
|
|
* fault injection handlers.
|
|
|
|
*/
|
|
|
|
if (!spa_refcount_zero(spa) ||
|
|
|
|
(spa->spa_inject_ref != 0 &&
|
|
|
|
new_state != POOL_STATE_UNINITIALIZED)) {
|
|
|
|
spa_async_resume(spa);
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
return (SET_ERROR(EBUSY));
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2015-02-27 08:46:45 +03:00
|
|
|
if (spa->spa_sync_on) {
|
2008-12-03 23:09:06 +03:00
|
|
|
/*
|
|
|
|
* A pool cannot be exported if it has an active shared spare.
|
|
|
|
* This is to prevent other pools stealing the active spare
|
|
|
|
* from an exported pool. At user's own will, such pool can
|
|
|
|
* be forcedly exported.
|
|
|
|
*/
|
|
|
|
if (!force && new_state == POOL_STATE_EXPORTED &&
|
|
|
|
spa_has_active_shared_spare(spa)) {
|
|
|
|
spa_async_resume(spa);
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(EXDEV));
|
2008-12-03 23:09:06 +03:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* We want this to be reflected on every label,
|
|
|
|
* so mark them all dirty. spa_unload() will do the
|
|
|
|
* final sync that pushes these changes out.
|
|
|
|
*/
|
2009-01-16 00:59:39 +03:00
|
|
|
if (new_state != POOL_STATE_UNINITIALIZED && !hardforce) {
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_state = new_state;
|
2010-05-29 00:45:14 +04:00
|
|
|
spa->spa_final_txg = spa_last_synced_txg(spa) +
|
|
|
|
TXG_DEFER_SIZE + 1;
|
2008-11-20 23:01:55 +03:00
|
|
|
vdev_config_dirty(spa->spa_root_vdev);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-02-27 08:46:45 +03:00
|
|
|
export_spa:
|
2017-10-23 19:45:59 +03:00
|
|
|
if (new_state == POOL_STATE_DESTROYED)
|
|
|
|
spa_event_notify(spa, NULL, NULL, ESC_ZFS_POOL_DESTROY);
|
|
|
|
else if (new_state == POOL_STATE_EXPORTED)
|
|
|
|
spa_event_notify(spa, NULL, NULL, ESC_ZFS_POOL_EXPORT);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
if (spa->spa_state != POOL_STATE_UNINITIALIZED) {
|
|
|
|
spa_unload(spa);
|
|
|
|
spa_deactivate(spa);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (oldconfig && spa->spa_config)
|
|
|
|
VERIFY(nvlist_dup(spa->spa_config, oldconfig, 0) == 0);
|
|
|
|
|
|
|
|
if (new_state != POOL_STATE_UNINITIALIZED) {
|
2009-01-16 00:59:39 +03:00
|
|
|
if (!hardforce)
|
|
|
|
spa_config_sync(spa, B_TRUE, B_TRUE);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_remove(spa);
|
|
|
|
}
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Destroy a storage pool.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
spa_destroy(char *pool)
|
|
|
|
{
|
2009-01-16 00:59:39 +03:00
|
|
|
return (spa_export_common(pool, POOL_STATE_DESTROYED, NULL,
|
|
|
|
B_FALSE, B_FALSE));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Export a storage pool.
|
|
|
|
*/
|
|
|
|
int
|
2009-01-16 00:59:39 +03:00
|
|
|
spa_export(char *pool, nvlist_t **oldconfig, boolean_t force,
|
|
|
|
boolean_t hardforce)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2009-01-16 00:59:39 +03:00
|
|
|
return (spa_export_common(pool, POOL_STATE_EXPORTED, oldconfig,
|
|
|
|
force, hardforce));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Similar to spa_export(), this unloads the spa_t without actually removing it
|
|
|
|
* from the namespace in any way.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
spa_reset(char *pool)
|
|
|
|
{
|
2008-12-03 23:09:06 +03:00
|
|
|
return (spa_export_common(pool, POOL_STATE_UNINITIALIZED, NULL,
|
2009-01-16 00:59:39 +03:00
|
|
|
B_FALSE, B_FALSE));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* ==========================================================================
|
|
|
|
* Device manipulation
|
|
|
|
* ==========================================================================
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Add a device to a storage pool.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
spa_vdev_add(spa_t *spa, nvlist_t *nvroot)
|
|
|
|
{
|
2010-05-29 00:45:14 +04:00
|
|
|
uint64_t txg, id;
|
2009-01-16 00:59:39 +03:00
|
|
|
int error;
|
2008-11-20 23:01:55 +03:00
|
|
|
vdev_t *rvd = spa->spa_root_vdev;
|
|
|
|
vdev_t *vd, *tvd;
|
|
|
|
nvlist_t **spares, **l2cache;
|
|
|
|
uint_t nspares, nl2cache;
|
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
ASSERT(spa_writeable(spa));
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
txg = spa_vdev_enter(spa);
|
|
|
|
|
|
|
|
if ((error = spa_config_parse(spa, &vd, nvroot, NULL, 0,
|
|
|
|
VDEV_ALLOC_ADD)) != 0)
|
|
|
|
return (spa_vdev_exit(spa, NULL, txg, error));
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
spa->spa_pending_vdev = vd; /* spa_vdev_exit() will clear this */
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
if (nvlist_lookup_nvlist_array(nvroot, ZPOOL_CONFIG_SPARES, &spares,
|
|
|
|
&nspares) != 0)
|
|
|
|
nspares = 0;
|
|
|
|
|
|
|
|
if (nvlist_lookup_nvlist_array(nvroot, ZPOOL_CONFIG_L2CACHE, &l2cache,
|
|
|
|
&nl2cache) != 0)
|
|
|
|
nl2cache = 0;
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
if (vd->vdev_children == 0 && nspares == 0 && nl2cache == 0)
|
2008-11-20 23:01:55 +03:00
|
|
|
return (spa_vdev_exit(spa, vd, txg, EINVAL));
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
if (vd->vdev_children != 0 &&
|
|
|
|
(error = vdev_create(vd, txg, B_FALSE)) != 0)
|
|
|
|
return (spa_vdev_exit(spa, vd, txg, error));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* We must validate the spares and l2cache devices after checking the
|
|
|
|
* children. Otherwise, vdev_inuse() will blindly overwrite the spare.
|
|
|
|
*/
|
2008-12-03 23:09:06 +03:00
|
|
|
if ((error = spa_validate_aux(spa, nvroot, txg, VDEV_ALLOC_ADD)) != 0)
|
2008-11-20 23:01:55 +03:00
|
|
|
return (spa_vdev_exit(spa, vd, txg, error));
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Transfer each new top-level vdev from vd to rvd.
|
|
|
|
*/
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int c = 0; c < vd->vdev_children; c++) {
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Set the vdev id to the first hole, if one exists.
|
|
|
|
*/
|
|
|
|
for (id = 0; id < rvd->vdev_children; id++) {
|
|
|
|
if (rvd->vdev_child[id]->vdev_ishole) {
|
|
|
|
vdev_free(rvd->vdev_child[id]);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
tvd = vd->vdev_child[c];
|
|
|
|
vdev_remove_child(vd, tvd);
|
2010-05-29 00:45:14 +04:00
|
|
|
tvd->vdev_id = id;
|
2008-11-20 23:01:55 +03:00
|
|
|
vdev_add_child(rvd, tvd);
|
|
|
|
vdev_config_dirty(tvd);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (nspares != 0) {
|
|
|
|
spa_set_aux_vdevs(&spa->spa_spares, spares, nspares,
|
|
|
|
ZPOOL_CONFIG_SPARES);
|
|
|
|
spa_load_spares(spa);
|
|
|
|
spa->spa_spares.sav_sync = B_TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (nl2cache != 0) {
|
|
|
|
spa_set_aux_vdevs(&spa->spa_l2cache, l2cache, nl2cache,
|
|
|
|
ZPOOL_CONFIG_L2CACHE);
|
|
|
|
spa_load_l2cache(spa);
|
|
|
|
spa->spa_l2cache.sav_sync = B_TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We have to be careful when adding new vdevs to an existing pool.
|
|
|
|
* If other threads start allocating from these vdevs before we
|
|
|
|
* sync the config cache, and we lose power, then upon reboot we may
|
|
|
|
* fail to open the pool because there are DVAs that the config cache
|
|
|
|
* can't translate. Therefore, we first add the vdevs without
|
|
|
|
* initializing metaslabs; sync the config cache (via spa_vdev_exit());
|
|
|
|
* and then let spa_config_update() initialize the new metaslabs.
|
|
|
|
*
|
|
|
|
* spa_load() checks for added-but-not-initialized vdevs, so that
|
|
|
|
* if we lose power at any point in this sequence, the remaining
|
|
|
|
* steps will be completed the next time we load the pool.
|
|
|
|
*/
|
|
|
|
(void) spa_vdev_exit(spa, vd, txg, 0);
|
|
|
|
|
|
|
|
mutex_enter(&spa_namespace_lock);
|
|
|
|
spa_config_update(spa, SPA_CONFIG_UPDATE_POOL);
|
2017-05-30 21:39:17 +03:00
|
|
|
spa_event_notify(spa, NULL, NULL, ESC_ZFS_VDEV_ADD);
|
2008-11-20 23:01:55 +03:00
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Attach a device to a mirror. The arguments are the path to any device
|
|
|
|
* in the mirror, and the nvroot for the new device. If the path specifies
|
|
|
|
* a device that is not mirrored, we automatically insert the mirror vdev.
|
|
|
|
*
|
|
|
|
* If 'replacing' is specified, the new device is intended to replace the
|
|
|
|
* existing device; in this case the two devices are made into their own
|
|
|
|
* mirror using the 'replacing' vdev, which is functionally identical to
|
|
|
|
* the mirror vdev (it actually reuses all the same ops) but has a few
|
|
|
|
* extra rules: you can't attach to it after it's been created, and upon
|
|
|
|
* completion of resilvering, the first disk (the one being replaced)
|
|
|
|
* is automatically detached.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
spa_vdev_attach(spa_t *spa, uint64_t guid, nvlist_t *nvroot, int replacing)
|
|
|
|
{
|
2010-05-29 00:45:14 +04:00
|
|
|
uint64_t txg, dtl_max_txg;
|
2017-11-04 23:25:13 +03:00
|
|
|
ASSERTV(vdev_t *rvd = spa->spa_root_vdev);
|
2008-11-20 23:01:55 +03:00
|
|
|
vdev_t *oldvd, *newvd, *newrootvd, *pvd, *tvd;
|
|
|
|
vdev_ops_t *pvops;
|
2008-12-03 23:09:06 +03:00
|
|
|
char *oldvdpath, *newvdpath;
|
|
|
|
int newvd_isspare;
|
|
|
|
int error;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
ASSERT(spa_writeable(spa));
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
txg = spa_vdev_enter(spa);
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
oldvd = spa_lookup_by_guid(spa, guid, B_FALSE);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
if (oldvd == NULL)
|
|
|
|
return (spa_vdev_exit(spa, NULL, txg, ENODEV));
|
|
|
|
|
|
|
|
if (!oldvd->vdev_ops->vdev_op_leaf)
|
|
|
|
return (spa_vdev_exit(spa, NULL, txg, ENOTSUP));
|
|
|
|
|
|
|
|
pvd = oldvd->vdev_parent;
|
|
|
|
|
|
|
|
if ((error = spa_config_parse(spa, &newrootvd, nvroot, NULL, 0,
|
2012-04-08 21:23:08 +04:00
|
|
|
VDEV_ALLOC_ATTACH)) != 0)
|
2008-11-20 23:01:55 +03:00
|
|
|
return (spa_vdev_exit(spa, NULL, txg, EINVAL));
|
|
|
|
|
|
|
|
if (newrootvd->vdev_children != 1)
|
|
|
|
return (spa_vdev_exit(spa, newrootvd, txg, EINVAL));
|
|
|
|
|
|
|
|
newvd = newrootvd->vdev_child[0];
|
|
|
|
|
|
|
|
if (!newvd->vdev_ops->vdev_op_leaf)
|
|
|
|
return (spa_vdev_exit(spa, newrootvd, txg, EINVAL));
|
|
|
|
|
|
|
|
if ((error = vdev_create(newrootvd, txg, replacing)) != 0)
|
|
|
|
return (spa_vdev_exit(spa, newrootvd, txg, error));
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Spares can't replace logs
|
|
|
|
*/
|
2008-12-03 23:09:06 +03:00
|
|
|
if (oldvd->vdev_top->vdev_islog && newvd->vdev_isspare)
|
2008-11-20 23:01:55 +03:00
|
|
|
return (spa_vdev_exit(spa, newrootvd, txg, ENOTSUP));
|
|
|
|
|
|
|
|
if (!replacing) {
|
|
|
|
/*
|
|
|
|
* For attach, the only allowable parent is a mirror or the root
|
|
|
|
* vdev.
|
|
|
|
*/
|
|
|
|
if (pvd->vdev_ops != &vdev_mirror_ops &&
|
|
|
|
pvd->vdev_ops != &vdev_root_ops)
|
|
|
|
return (spa_vdev_exit(spa, newrootvd, txg, ENOTSUP));
|
|
|
|
|
|
|
|
pvops = &vdev_mirror_ops;
|
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* Active hot spares can only be replaced by inactive hot
|
|
|
|
* spares.
|
|
|
|
*/
|
|
|
|
if (pvd->vdev_ops == &vdev_spare_ops &&
|
2010-08-27 01:24:34 +04:00
|
|
|
oldvd->vdev_isspare &&
|
2008-11-20 23:01:55 +03:00
|
|
|
!spa_has_spare(spa, newvd->vdev_guid))
|
|
|
|
return (spa_vdev_exit(spa, newrootvd, txg, ENOTSUP));
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If the source is a hot spare, and the parent isn't already a
|
|
|
|
* spare, then we want to create a new hot spare. Otherwise, we
|
|
|
|
* want to create a replacing vdev. The user is not allowed to
|
|
|
|
* attach to a spared vdev child unless the 'isspare' state is
|
|
|
|
* the same (spare replaces spare, non-spare replaces
|
|
|
|
* non-spare).
|
|
|
|
*/
|
2010-08-27 01:24:34 +04:00
|
|
|
if (pvd->vdev_ops == &vdev_replacing_ops &&
|
|
|
|
spa_version(spa) < SPA_VERSION_MULTI_REPLACE) {
|
2008-11-20 23:01:55 +03:00
|
|
|
return (spa_vdev_exit(spa, newrootvd, txg, ENOTSUP));
|
2010-08-27 01:24:34 +04:00
|
|
|
} else if (pvd->vdev_ops == &vdev_spare_ops &&
|
|
|
|
newvd->vdev_isspare != oldvd->vdev_isspare) {
|
2008-11-20 23:01:55 +03:00
|
|
|
return (spa_vdev_exit(spa, newrootvd, txg, ENOTSUP));
|
2010-08-27 01:24:34 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
if (newvd->vdev_isspare)
|
2008-11-20 23:01:55 +03:00
|
|
|
pvops = &vdev_spare_ops;
|
|
|
|
else
|
|
|
|
pvops = &vdev_replacing_ops;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2009-07-03 02:44:48 +04:00
|
|
|
* Make sure the new device is big enough.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2009-07-03 02:44:48 +04:00
|
|
|
if (newvd->vdev_asize < vdev_get_min_asize(oldvd))
|
2008-11-20 23:01:55 +03:00
|
|
|
return (spa_vdev_exit(spa, newrootvd, txg, EOVERFLOW));
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The new device cannot have a higher alignment requirement
|
|
|
|
* than the top-level vdev.
|
|
|
|
*/
|
|
|
|
if (newvd->vdev_ashift > oldvd->vdev_top->vdev_ashift)
|
|
|
|
return (spa_vdev_exit(spa, newrootvd, txg, EDOM));
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If this is an in-place replacement, update oldvd's path and devid
|
|
|
|
* to make it distinguishable from newvd, and unopenable from now on.
|
|
|
|
*/
|
|
|
|
if (strcmp(oldvd->vdev_path, newvd->vdev_path) == 0) {
|
|
|
|
spa_strfree(oldvd->vdev_path);
|
|
|
|
oldvd->vdev_path = kmem_alloc(strlen(newvd->vdev_path) + 5,
|
2014-11-21 03:09:39 +03:00
|
|
|
KM_SLEEP);
|
2008-11-20 23:01:55 +03:00
|
|
|
(void) sprintf(oldvd->vdev_path, "%s/%s",
|
|
|
|
newvd->vdev_path, "old");
|
|
|
|
if (oldvd->vdev_devid != NULL) {
|
|
|
|
spa_strfree(oldvd->vdev_devid);
|
|
|
|
oldvd->vdev_devid = NULL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
/* mark the device being resilvered */
|
2013-08-08 00:16:22 +04:00
|
|
|
newvd->vdev_resilver_txg = txg;
|
2010-08-27 01:24:34 +04:00
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* If the parent is not a mirror, or if we're replacing, insert the new
|
|
|
|
* mirror/replacing/spare vdev above oldvd.
|
|
|
|
*/
|
|
|
|
if (pvd->vdev_ops != pvops)
|
|
|
|
pvd = vdev_add_parent(oldvd, pvops);
|
|
|
|
|
|
|
|
ASSERT(pvd->vdev_top->vdev_parent == rvd);
|
|
|
|
ASSERT(pvd->vdev_ops == pvops);
|
|
|
|
ASSERT(oldvd->vdev_parent == pvd);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Extract the new device from its root and add it to pvd.
|
|
|
|
*/
|
|
|
|
vdev_remove_child(newrootvd, newvd);
|
|
|
|
newvd->vdev_id = pvd->vdev_children;
|
2010-05-29 00:45:14 +04:00
|
|
|
newvd->vdev_crtxg = oldvd->vdev_crtxg;
|
2008-11-20 23:01:55 +03:00
|
|
|
vdev_add_child(pvd, newvd);
|
|
|
|
|
2017-02-23 21:32:15 +03:00
|
|
|
/*
|
|
|
|
* Reevaluate the parent vdev state.
|
|
|
|
*/
|
|
|
|
vdev_propagate_state(pvd);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
tvd = newvd->vdev_top;
|
|
|
|
ASSERT(pvd->vdev_top == tvd);
|
|
|
|
ASSERT(tvd->vdev_parent == rvd);
|
|
|
|
|
|
|
|
vdev_config_dirty(tvd);
|
|
|
|
|
|
|
|
/*
|
2010-05-29 00:45:14 +04:00
|
|
|
* Set newvd's DTL to [TXG_INITIAL, dtl_max_txg) so that we account
|
|
|
|
* for any dmu_sync-ed blocks. It will propagate upward when
|
|
|
|
* spa_vdev_exit() calls vdev_dtl_reassess().
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
dtl_max_txg = txg + TXG_CONCURRENT_STATES;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
vdev_dtl_dirty(newvd, DTL_MISSING, TXG_INITIAL,
|
|
|
|
dtl_max_txg - TXG_INITIAL);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
if (newvd->vdev_isspare) {
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_spare_activate(newvd);
|
2017-05-30 21:39:17 +03:00
|
|
|
spa_event_notify(spa, newvd, NULL, ESC_ZFS_VDEV_SPARE);
|
2009-07-03 02:44:48 +04:00
|
|
|
}
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
oldvdpath = spa_strdup(oldvd->vdev_path);
|
|
|
|
newvdpath = spa_strdup(newvd->vdev_path);
|
|
|
|
newvd_isspare = newvd->vdev_isspare;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Mark newvd's DTL dirty in this txg.
|
|
|
|
*/
|
|
|
|
vdev_dirty(tvd, VDD_DTL, newvd, txg);
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
Illumos #4101, #4102, #4103, #4105, #4106
4101 metaslab_debug should allow for fine-grained control
4102 space_maps should store more information about themselves
4103 space map object blocksize should be increased
4105 removing a mirrored log device results in a leaked object
4106 asynchronously load metaslab
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Sebastien Roy <seb@delphix.com>
Approved by: Garrett D'Amore <garrett@damore.org>
Prior to this patch, space_maps were preferred solely based on the
amount of free space left in each. Unfortunately, this heuristic didn't
contain any information about the make-up of that free space, which
meant we could keep preferring and loading a highly fragmented space map
that wouldn't actually have enough contiguous space to satisfy the
allocation; then unloading that space_map and repeating the process.
This change modifies the space_map's to store additional information
about the contiguous space in the space_map, so that we can use this
information to make a better decision about which space_map to load.
This requires reallocating all space_map objects to increase their
bonus buffer size sizes enough to fit the new metadata.
The above feature can be enabled via a new feature flag introduced by
this change: com.delphix:spacemap_histogram
In addition to the above, this patch allows the space_map block size to
be increase. Currently the block size is set to be 4K in size, which has
certain implications including the following:
* 4K sector devices will not see any compression benefit
* large space_maps require more metadata on-disk
* large space_maps require more time to load (typically random reads)
Now the space_map block size can adjust as needed up to the maximum size
set via the space_map_max_blksz variable.
A bug was fixed which resulted in potentially leaking an object when
removing a mirrored log device. The previous logic for vdev_remove() did
not deal with removing top-level vdevs that are interior vdevs (i.e.
mirror) correctly. The problem would occur when removing a mirrored log
device, and result in the DTL space map object being leaked; because
top-level vdevs don't have DTL space map objects associated with them.
References:
https://www.illumos.org/issues/4101
https://www.illumos.org/issues/4102
https://www.illumos.org/issues/4103
https://www.illumos.org/issues/4105
https://www.illumos.org/issues/4106
https://github.com/illumos/illumos-gate/commit/0713e23
Porting notes:
A handful of kmem_alloc() calls were converted to kmem_zalloc(). Also,
the KM_PUSHPAGE and TQ_PUSHPAGE flags were used as necessary.
Ported-by: Tim Chase <tim@chase2k.com>
Signed-off-by: Prakash Surya <surya1@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #2488
2013-10-02 01:25:53 +04:00
|
|
|
* Schedule the resilver to restart in the future. We do this to
|
|
|
|
* ensure that dmu_sync-ed blocks have been stitched into the
|
|
|
|
* respective datasets.
|
2010-05-29 00:45:14 +04:00
|
|
|
*/
|
|
|
|
dsl_resilver_restart(spa->spa_dsl_pool, dtl_max_txg);
|
|
|
|
|
2016-07-28 01:29:15 +03:00
|
|
|
if (spa->spa_bootfs)
|
2017-05-30 21:39:17 +03:00
|
|
|
spa_event_notify(spa, newvd, NULL, ESC_ZFS_BOOTFS_VDEV_ATTACH);
|
2016-07-28 01:29:15 +03:00
|
|
|
|
2017-05-30 21:39:17 +03:00
|
|
|
spa_event_notify(spa, newvd, NULL, ESC_ZFS_VDEV_ATTACH);
|
2016-07-28 01:29:15 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
|
|
|
* Commit the config
|
|
|
|
*/
|
|
|
|
(void) spa_vdev_exit(spa, newrootvd, dtl_max_txg, 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2013-08-28 15:45:09 +04:00
|
|
|
spa_history_log_internal(spa, "vdev attach", NULL,
|
2010-05-29 00:45:14 +04:00
|
|
|
"%s vdev=%s %s vdev=%s",
|
2009-08-18 22:43:27 +04:00
|
|
|
replacing && newvd_isspare ? "spare in" :
|
|
|
|
replacing ? "replace" : "attach", newvdpath,
|
|
|
|
replacing ? "for" : "to", oldvdpath);
|
2008-12-03 23:09:06 +03:00
|
|
|
|
|
|
|
spa_strfree(oldvdpath);
|
|
|
|
spa_strfree(newvdpath);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Detach a device from a mirror or replacing vdev.
|
2013-06-11 21:12:34 +04:00
|
|
|
*
|
2008-11-20 23:01:55 +03:00
|
|
|
* If 'replace_done' is specified, only detach if the parent
|
|
|
|
* is a replacing vdev.
|
|
|
|
*/
|
|
|
|
int
|
2009-01-16 00:59:39 +03:00
|
|
|
spa_vdev_detach(spa_t *spa, uint64_t guid, uint64_t pguid, int replace_done)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
|
|
|
uint64_t txg;
|
2009-01-16 00:59:39 +03:00
|
|
|
int error;
|
2017-11-04 23:25:13 +03:00
|
|
|
ASSERTV(vdev_t *rvd = spa->spa_root_vdev);
|
2008-11-20 23:01:55 +03:00
|
|
|
vdev_t *vd, *pvd, *cvd, *tvd;
|
|
|
|
boolean_t unspare = B_FALSE;
|
2010-08-26 20:58:04 +04:00
|
|
|
uint64_t unspare_guid = 0;
|
2010-05-29 00:45:14 +04:00
|
|
|
char *vdpath;
|
2017-11-04 23:25:13 +03:00
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
ASSERT(spa_writeable(spa));
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
txg = spa_vdev_enter(spa);
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
vd = spa_lookup_by_guid(spa, guid, B_FALSE);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
if (vd == NULL)
|
|
|
|
return (spa_vdev_exit(spa, NULL, txg, ENODEV));
|
|
|
|
|
|
|
|
if (!vd->vdev_ops->vdev_op_leaf)
|
|
|
|
return (spa_vdev_exit(spa, NULL, txg, ENOTSUP));
|
|
|
|
|
|
|
|
pvd = vd->vdev_parent;
|
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
/*
|
|
|
|
* If the parent/child relationship is not as expected, don't do it.
|
|
|
|
* Consider M(A,R(B,C)) -- that is, a mirror of A with a replacing
|
|
|
|
* vdev that's replacing B with C. The user's intent in replacing
|
|
|
|
* is to go from M(A,B) to M(A,C). If the user decides to cancel
|
|
|
|
* the replace by detaching C, the expected behavior is to end up
|
|
|
|
* M(A,B). But suppose that right after deciding to detach C,
|
|
|
|
* the replacement of B completes. We would have M(A,C), and then
|
|
|
|
* ask to detach C, which would leave us with just A -- not what
|
|
|
|
* the user wanted. To prevent this, we make sure that the
|
|
|
|
* parent/child relationship hasn't changed -- in this example,
|
|
|
|
* that C's parent is still the replacing vdev R.
|
|
|
|
*/
|
|
|
|
if (pvd->vdev_guid != pguid && pguid != 0)
|
|
|
|
return (spa_vdev_exit(spa, NULL, txg, EBUSY));
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
2010-08-27 01:24:34 +04:00
|
|
|
* Only 'replacing' or 'spare' vdevs can be replaced.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2010-08-27 01:24:34 +04:00
|
|
|
if (replace_done && pvd->vdev_ops != &vdev_replacing_ops &&
|
|
|
|
pvd->vdev_ops != &vdev_spare_ops)
|
|
|
|
return (spa_vdev_exit(spa, NULL, txg, ENOTSUP));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
ASSERT(pvd->vdev_ops != &vdev_spare_ops ||
|
|
|
|
spa_version(spa) >= SPA_VERSION_SPARES);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Only mirror, replacing, and spare vdevs support detach.
|
|
|
|
*/
|
|
|
|
if (pvd->vdev_ops != &vdev_replacing_ops &&
|
|
|
|
pvd->vdev_ops != &vdev_mirror_ops &&
|
|
|
|
pvd->vdev_ops != &vdev_spare_ops)
|
|
|
|
return (spa_vdev_exit(spa, NULL, txg, ENOTSUP));
|
|
|
|
|
|
|
|
/*
|
2009-01-16 00:59:39 +03:00
|
|
|
* If this device has the only valid copy of some data,
|
|
|
|
* we cannot safely detach it.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2009-01-16 00:59:39 +03:00
|
|
|
if (vdev_dtl_required(vd))
|
2008-11-20 23:01:55 +03:00
|
|
|
return (spa_vdev_exit(spa, NULL, txg, EBUSY));
|
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
ASSERT(pvd->vdev_children >= 2);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
/*
|
|
|
|
* If we are detaching the second disk from a replacing vdev, then
|
|
|
|
* check to see if we changed the original vdev's path to have "/old"
|
|
|
|
* at the end in spa_vdev_attach(). If so, undo that change now.
|
|
|
|
*/
|
2010-08-27 01:24:34 +04:00
|
|
|
if (pvd->vdev_ops == &vdev_replacing_ops && vd->vdev_id > 0 &&
|
|
|
|
vd->vdev_path != NULL) {
|
|
|
|
size_t len = strlen(vd->vdev_path);
|
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int c = 0; c < pvd->vdev_children; c++) {
|
2010-08-27 01:24:34 +04:00
|
|
|
cvd = pvd->vdev_child[c];
|
|
|
|
|
|
|
|
if (cvd == vd || cvd->vdev_path == NULL)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (strncmp(cvd->vdev_path, vd->vdev_path, len) == 0 &&
|
|
|
|
strcmp(cvd->vdev_path + len, "/old") == 0) {
|
|
|
|
spa_strfree(cvd->vdev_path);
|
|
|
|
cvd->vdev_path = spa_strdup(vd->vdev_path);
|
|
|
|
break;
|
|
|
|
}
|
2008-12-03 23:09:06 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* If we are detaching the original disk from a spare, then it implies
|
|
|
|
* that the spare should become a real disk, and be removed from the
|
|
|
|
* active spare list for the pool.
|
|
|
|
*/
|
|
|
|
if (pvd->vdev_ops == &vdev_spare_ops &&
|
2010-08-27 01:24:34 +04:00
|
|
|
vd->vdev_id == 0 &&
|
|
|
|
pvd->vdev_child[pvd->vdev_children - 1]->vdev_isspare)
|
2008-11-20 23:01:55 +03:00
|
|
|
unspare = B_TRUE;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Erase the disk labels so the disk can be used for other things.
|
|
|
|
* This must be done after all other error cases are handled,
|
|
|
|
* but before we disembowel vd (so we can still do I/O to it).
|
|
|
|
* But if we can't do it, don't treat the error as fatal --
|
|
|
|
* it may be that the unwritability of the disk is the reason
|
|
|
|
* it's being detached!
|
|
|
|
*/
|
|
|
|
error = vdev_label_init(vd, 0, VDEV_LABEL_REMOVE);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Remove vd from its parent and compact the parent's children.
|
|
|
|
*/
|
|
|
|
vdev_remove_child(pvd, vd);
|
|
|
|
vdev_compact_children(pvd);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Remember one of the remaining children so we can get tvd below.
|
|
|
|
*/
|
2010-08-27 01:24:34 +04:00
|
|
|
cvd = pvd->vdev_child[pvd->vdev_children - 1];
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If we need to remove the remaining child from the list of hot spares,
|
2009-01-16 00:59:39 +03:00
|
|
|
* do it now, marking the vdev as no longer a spare in the process.
|
|
|
|
* We must do this before vdev_remove_parent(), because that can
|
|
|
|
* change the GUID if it creates a new toplevel GUID. For a similar
|
|
|
|
* reason, we must remove the spare now, in the same txg as the detach;
|
|
|
|
* otherwise someone could attach a new sibling, change the GUID, and
|
|
|
|
* the subsequent attempt to spa_vdev_remove(unspare_guid) would fail.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
|
|
|
if (unspare) {
|
|
|
|
ASSERT(cvd->vdev_isspare);
|
|
|
|
spa_spare_remove(cvd);
|
|
|
|
unspare_guid = cvd->vdev_guid;
|
2009-01-16 00:59:39 +03:00
|
|
|
(void) spa_vdev_remove(spa, unspare_guid, B_TRUE);
|
2010-08-27 01:24:34 +04:00
|
|
|
cvd->vdev_unspare = B_TRUE;
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
|
|
|
* If the parent mirror/replacing vdev only has one child,
|
|
|
|
* the parent is no longer needed. Remove it from the tree.
|
|
|
|
*/
|
2010-08-27 01:24:34 +04:00
|
|
|
if (pvd->vdev_children == 1) {
|
|
|
|
if (pvd->vdev_ops == &vdev_spare_ops)
|
|
|
|
cvd->vdev_unspare = B_FALSE;
|
2010-05-29 00:45:14 +04:00
|
|
|
vdev_remove_parent(cvd);
|
2010-08-27 01:24:34 +04:00
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* We don't set tvd until now because the parent we just removed
|
|
|
|
* may have been the previous top-level vdev.
|
|
|
|
*/
|
|
|
|
tvd = cvd->vdev_top;
|
|
|
|
ASSERT(tvd->vdev_parent == rvd);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Reevaluate the parent vdev state.
|
|
|
|
*/
|
|
|
|
vdev_propagate_state(cvd);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If the 'autoexpand' property is set on the pool then automatically
|
|
|
|
* try to expand the size of the pool. For example if the device we
|
|
|
|
* just detached was smaller than the others, it may be possible to
|
|
|
|
* add metaslabs (i.e. grow the pool). We need to reopen the vdev
|
|
|
|
* first so that we can obtain the updated sizes of the leaf vdevs.
|
|
|
|
*/
|
|
|
|
if (spa->spa_autoexpand) {
|
|
|
|
vdev_reopen(tvd);
|
|
|
|
vdev_expand(tvd, txg);
|
|
|
|
}
|
|
|
|
|
|
|
|
vdev_config_dirty(tvd);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Mark vd's DTL as dirty in this txg. vdev_dtl_sync() will see that
|
|
|
|
* vd->vdev_detached is set and free vd's DTL object in syncing context.
|
|
|
|
* But first make sure we're not on any *other* txg's DTL list, to
|
|
|
|
* prevent vd from being accessed after it's freed.
|
|
|
|
*/
|
2016-10-14 21:00:47 +03:00
|
|
|
vdpath = spa_strdup(vd->vdev_path ? vd->vdev_path : "none");
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int t = 0; t < TXG_SIZE; t++)
|
2010-05-29 00:45:14 +04:00
|
|
|
(void) txg_list_remove_this(&tvd->vdev_dtl_list, vd, t);
|
|
|
|
vd->vdev_detached = B_TRUE;
|
|
|
|
vdev_dirty(tvd, VDD_DTL, vd, txg);
|
|
|
|
|
2017-05-30 21:39:17 +03:00
|
|
|
spa_event_notify(spa, vd, NULL, ESC_ZFS_VDEV_REMOVE);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
/* hang on to the spa before we release the lock */
|
|
|
|
spa_open_ref(spa, FTAG);
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
error = spa_vdev_exit(spa, vd, txg, 0);
|
|
|
|
|
2013-08-28 15:45:09 +04:00
|
|
|
spa_history_log_internal(spa, "detach", NULL,
|
2010-05-29 00:45:14 +04:00
|
|
|
"vdev=%s", vdpath);
|
|
|
|
spa_strfree(vdpath);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If this was the removal of the original device in a hot spare vdev,
|
|
|
|
* then we want to go through and remove the device from the hot spare
|
|
|
|
* list of every other pool.
|
|
|
|
*/
|
|
|
|
if (unspare) {
|
2010-08-27 01:24:34 +04:00
|
|
|
spa_t *altspa = NULL;
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
mutex_enter(&spa_namespace_lock);
|
2010-08-27 01:24:34 +04:00
|
|
|
while ((altspa = spa_next(altspa)) != NULL) {
|
|
|
|
if (altspa->spa_state != POOL_STATE_ACTIVE ||
|
|
|
|
altspa == spa)
|
2010-05-29 00:45:14 +04:00
|
|
|
continue;
|
2010-08-27 01:24:34 +04:00
|
|
|
|
|
|
|
spa_open_ref(altspa, FTAG);
|
2010-05-29 00:45:14 +04:00
|
|
|
mutex_exit(&spa_namespace_lock);
|
2010-08-27 01:24:34 +04:00
|
|
|
(void) spa_vdev_remove(altspa, unspare_guid, B_TRUE);
|
2010-05-29 00:45:14 +04:00
|
|
|
mutex_enter(&spa_namespace_lock);
|
2010-08-27 01:24:34 +04:00
|
|
|
spa_close(altspa, FTAG);
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
2010-08-27 01:24:34 +04:00
|
|
|
|
|
|
|
/* search the rest of the vdevs for spares to remove */
|
|
|
|
spa_vdev_resilver_done(spa);
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
/* all done with the spa; OK to release */
|
|
|
|
mutex_enter(&spa_namespace_lock);
|
|
|
|
spa_close(spa, FTAG);
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Split a set of devices from their mirrors, and create a new pool from them.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
spa_vdev_split_mirror(spa_t *spa, char *newname, nvlist_t *config,
|
|
|
|
nvlist_t *props, boolean_t exp)
|
|
|
|
{
|
|
|
|
int error = 0;
|
|
|
|
uint64_t txg, *glist;
|
|
|
|
spa_t *newspa;
|
|
|
|
uint_t c, children, lastlog;
|
|
|
|
nvlist_t **child, *nvl, *tmp;
|
|
|
|
dmu_tx_t *tx;
|
|
|
|
char *altroot = NULL;
|
|
|
|
vdev_t *rvd, **vml = NULL; /* vdev modify list */
|
|
|
|
boolean_t activate_slog;
|
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
ASSERT(spa_writeable(spa));
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
txg = spa_vdev_enter(spa);
|
|
|
|
|
|
|
|
/* clear the log and flush everything up to now */
|
|
|
|
activate_slog = spa_passivate_log(spa);
|
|
|
|
(void) spa_vdev_config_exit(spa, NULL, txg, 0, FTAG);
|
|
|
|
error = spa_offline_log(spa);
|
|
|
|
txg = spa_vdev_config_enter(spa);
|
|
|
|
|
|
|
|
if (activate_slog)
|
|
|
|
spa_activate_log(spa);
|
|
|
|
|
|
|
|
if (error != 0)
|
|
|
|
return (spa_vdev_exit(spa, NULL, txg, error));
|
|
|
|
|
|
|
|
/* check new spa name before going any further */
|
|
|
|
if (spa_lookup(newname) != NULL)
|
|
|
|
return (spa_vdev_exit(spa, NULL, txg, EEXIST));
|
|
|
|
|
|
|
|
/*
|
|
|
|
* scan through all the children to ensure they're all mirrors
|
|
|
|
*/
|
|
|
|
if (nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE, &nvl) != 0 ||
|
|
|
|
nvlist_lookup_nvlist_array(nvl, ZPOOL_CONFIG_CHILDREN, &child,
|
|
|
|
&children) != 0)
|
|
|
|
return (spa_vdev_exit(spa, NULL, txg, EINVAL));
|
|
|
|
|
|
|
|
/* first, check to ensure we've got the right child count */
|
|
|
|
rvd = spa->spa_root_vdev;
|
|
|
|
lastlog = 0;
|
|
|
|
for (c = 0; c < rvd->vdev_children; c++) {
|
|
|
|
vdev_t *vd = rvd->vdev_child[c];
|
|
|
|
|
|
|
|
/* don't count the holes & logs as children */
|
|
|
|
if (vd->vdev_islog || vd->vdev_ishole) {
|
|
|
|
if (lastlog == 0)
|
|
|
|
lastlog = c;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
lastlog = 0;
|
|
|
|
}
|
|
|
|
if (children != (lastlog != 0 ? lastlog : rvd->vdev_children))
|
|
|
|
return (spa_vdev_exit(spa, NULL, txg, EINVAL));
|
|
|
|
|
|
|
|
/* next, ensure no spare or cache devices are part of the split */
|
|
|
|
if (nvlist_lookup_nvlist(nvl, ZPOOL_CONFIG_SPARES, &tmp) == 0 ||
|
|
|
|
nvlist_lookup_nvlist(nvl, ZPOOL_CONFIG_L2CACHE, &tmp) == 0)
|
|
|
|
return (spa_vdev_exit(spa, NULL, txg, EINVAL));
|
|
|
|
|
2014-11-21 03:09:39 +03:00
|
|
|
vml = kmem_zalloc(children * sizeof (vdev_t *), KM_SLEEP);
|
|
|
|
glist = kmem_zalloc(children * sizeof (uint64_t), KM_SLEEP);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
/* then, loop over each vdev and validate it */
|
|
|
|
for (c = 0; c < children; c++) {
|
|
|
|
uint64_t is_hole = 0;
|
|
|
|
|
|
|
|
(void) nvlist_lookup_uint64(child[c], ZPOOL_CONFIG_IS_HOLE,
|
|
|
|
&is_hole);
|
|
|
|
|
|
|
|
if (is_hole != 0) {
|
|
|
|
if (spa->spa_root_vdev->vdev_child[c]->vdev_ishole ||
|
|
|
|
spa->spa_root_vdev->vdev_child[c]->vdev_islog) {
|
|
|
|
continue;
|
|
|
|
} else {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2010-05-29 00:45:14 +04:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* which disk is going to be split? */
|
|
|
|
if (nvlist_lookup_uint64(child[c], ZPOOL_CONFIG_GUID,
|
|
|
|
&glist[c]) != 0) {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2010-05-29 00:45:14 +04:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* look it up in the spa */
|
|
|
|
vml[c] = spa_lookup_by_guid(spa, glist[c], B_FALSE);
|
|
|
|
if (vml[c] == NULL) {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(ENODEV);
|
2010-05-29 00:45:14 +04:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* make sure there's nothing stopping the split */
|
|
|
|
if (vml[c]->vdev_parent->vdev_ops != &vdev_mirror_ops ||
|
|
|
|
vml[c]->vdev_islog ||
|
|
|
|
vml[c]->vdev_ishole ||
|
|
|
|
vml[c]->vdev_isspare ||
|
|
|
|
vml[c]->vdev_isl2cache ||
|
|
|
|
!vdev_writeable(vml[c]) ||
|
|
|
|
vml[c]->vdev_children != 0 ||
|
|
|
|
vml[c]->vdev_state != VDEV_STATE_HEALTHY ||
|
|
|
|
c != spa->spa_root_vdev->vdev_child[c]->vdev_id) {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EINVAL);
|
2010-05-29 00:45:14 +04:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (vdev_dtl_required(vml[c])) {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EBUSY);
|
2010-05-29 00:45:14 +04:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* we need certain info from the top level */
|
|
|
|
VERIFY(nvlist_add_uint64(child[c], ZPOOL_CONFIG_METASLAB_ARRAY,
|
|
|
|
vml[c]->vdev_top->vdev_ms_array) == 0);
|
|
|
|
VERIFY(nvlist_add_uint64(child[c], ZPOOL_CONFIG_METASLAB_SHIFT,
|
|
|
|
vml[c]->vdev_top->vdev_ms_shift) == 0);
|
|
|
|
VERIFY(nvlist_add_uint64(child[c], ZPOOL_CONFIG_ASIZE,
|
|
|
|
vml[c]->vdev_top->vdev_asize) == 0);
|
|
|
|
VERIFY(nvlist_add_uint64(child[c], ZPOOL_CONFIG_ASHIFT,
|
|
|
|
vml[c]->vdev_top->vdev_ashift) == 0);
|
2016-04-11 23:16:57 +03:00
|
|
|
|
|
|
|
/* transfer per-vdev ZAPs */
|
|
|
|
ASSERT3U(vml[c]->vdev_leaf_zap, !=, 0);
|
|
|
|
VERIFY0(nvlist_add_uint64(child[c],
|
|
|
|
ZPOOL_CONFIG_VDEV_LEAF_ZAP, vml[c]->vdev_leaf_zap));
|
|
|
|
|
|
|
|
ASSERT3U(vml[c]->vdev_top->vdev_top_zap, !=, 0);
|
|
|
|
VERIFY0(nvlist_add_uint64(child[c],
|
|
|
|
ZPOOL_CONFIG_VDEV_TOP_ZAP,
|
|
|
|
vml[c]->vdev_parent->vdev_top_zap));
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
if (error != 0) {
|
|
|
|
kmem_free(vml, children * sizeof (vdev_t *));
|
|
|
|
kmem_free(glist, children * sizeof (uint64_t));
|
|
|
|
return (spa_vdev_exit(spa, NULL, txg, error));
|
|
|
|
}
|
|
|
|
|
|
|
|
/* stop writers from using the disks */
|
|
|
|
for (c = 0; c < children; c++) {
|
|
|
|
if (vml[c] != NULL)
|
|
|
|
vml[c]->vdev_offline = B_TRUE;
|
|
|
|
}
|
|
|
|
vdev_reopen(spa->spa_root_vdev);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
2010-05-29 00:45:14 +04:00
|
|
|
* Temporarily record the splitting vdevs in the spa config. This
|
|
|
|
* will disappear once the config is regenerated.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2014-11-21 03:09:39 +03:00
|
|
|
VERIFY(nvlist_alloc(&nvl, NV_UNIQUE_NAME, KM_SLEEP) == 0);
|
2010-05-29 00:45:14 +04:00
|
|
|
VERIFY(nvlist_add_uint64_array(nvl, ZPOOL_CONFIG_SPLIT_LIST,
|
|
|
|
glist, children) == 0);
|
|
|
|
kmem_free(glist, children * sizeof (uint64_t));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
mutex_enter(&spa->spa_props_lock);
|
|
|
|
VERIFY(nvlist_add_nvlist(spa->spa_config, ZPOOL_CONFIG_SPLIT,
|
|
|
|
nvl) == 0);
|
|
|
|
mutex_exit(&spa->spa_props_lock);
|
|
|
|
spa->spa_config_splitting = nvl;
|
|
|
|
vdev_config_dirty(spa->spa_root_vdev);
|
|
|
|
|
|
|
|
/* configure and create the new pool */
|
|
|
|
VERIFY(nvlist_add_string(config, ZPOOL_CONFIG_POOL_NAME, newname) == 0);
|
|
|
|
VERIFY(nvlist_add_uint64(config, ZPOOL_CONFIG_POOL_STATE,
|
|
|
|
exp ? POOL_STATE_EXPORTED : POOL_STATE_ACTIVE) == 0);
|
|
|
|
VERIFY(nvlist_add_uint64(config, ZPOOL_CONFIG_VERSION,
|
|
|
|
spa_version(spa)) == 0);
|
|
|
|
VERIFY(nvlist_add_uint64(config, ZPOOL_CONFIG_POOL_TXG,
|
|
|
|
spa->spa_config_txg) == 0);
|
|
|
|
VERIFY(nvlist_add_uint64(config, ZPOOL_CONFIG_POOL_GUID,
|
|
|
|
spa_generate_guid(NULL)) == 0);
|
2016-04-11 23:16:57 +03:00
|
|
|
VERIFY0(nvlist_add_boolean(config, ZPOOL_CONFIG_HAS_PER_VDEV_ZAPS));
|
2010-05-29 00:45:14 +04:00
|
|
|
(void) nvlist_lookup_string(props,
|
|
|
|
zpool_prop_to_name(ZPOOL_PROP_ALTROOT), &altroot);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/* add the new pool to the namespace */
|
|
|
|
newspa = spa_add(newname, config, altroot);
|
2016-04-11 23:16:57 +03:00
|
|
|
newspa->spa_avz_action = AVZ_ACTION_REBUILD;
|
2010-05-29 00:45:14 +04:00
|
|
|
newspa->spa_config_txg = spa->spa_config_txg;
|
|
|
|
spa_set_log_state(newspa, SPA_LOG_CLEAR);
|
|
|
|
|
|
|
|
/* release the spa config lock, retaining the namespace lock */
|
|
|
|
spa_vdev_config_exit(spa, NULL, txg, 0, FTAG);
|
|
|
|
|
|
|
|
if (zio_injection_enabled)
|
|
|
|
zio_handle_panic_injection(spa, FTAG, 1);
|
|
|
|
|
|
|
|
spa_activate(newspa, spa_mode_global);
|
|
|
|
spa_async_suspend(newspa);
|
|
|
|
|
|
|
|
/* create the new pool from the disks of the original pool */
|
|
|
|
error = spa_load(newspa, SPA_LOAD_IMPORT, SPA_IMPORT_ASSEMBLE, B_TRUE);
|
|
|
|
if (error)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
/* if that worked, generate a real config for the new pool */
|
|
|
|
if (newspa->spa_root_vdev != NULL) {
|
|
|
|
VERIFY(nvlist_alloc(&newspa->spa_config_splitting,
|
2014-11-21 03:09:39 +03:00
|
|
|
NV_UNIQUE_NAME, KM_SLEEP) == 0);
|
2010-05-29 00:45:14 +04:00
|
|
|
VERIFY(nvlist_add_uint64(newspa->spa_config_splitting,
|
|
|
|
ZPOOL_CONFIG_SPLIT_GUID, spa_guid(spa)) == 0);
|
|
|
|
spa_config_set(newspa, spa_config_generate(newspa, NULL, -1ULL,
|
|
|
|
B_TRUE));
|
2009-07-03 02:44:48 +04:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/* set the props */
|
|
|
|
if (props != NULL) {
|
|
|
|
spa_configfile_set(newspa, props, B_FALSE);
|
|
|
|
error = spa_prop_set(newspa, props);
|
|
|
|
if (error)
|
|
|
|
goto out;
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/* flush everything */
|
|
|
|
txg = spa_vdev_config_enter(newspa);
|
|
|
|
vdev_config_dirty(newspa->spa_root_vdev);
|
|
|
|
(void) spa_vdev_config_exit(newspa, NULL, txg, 0, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
if (zio_injection_enabled)
|
|
|
|
zio_handle_panic_injection(spa, FTAG, 2);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_async_resume(newspa);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/* finally, update the original pool's config */
|
|
|
|
txg = spa_vdev_config_enter(spa);
|
|
|
|
tx = dmu_tx_create_dd(spa_get_dsl(spa)->dp_mos_dir);
|
|
|
|
error = dmu_tx_assign(tx, TXG_WAIT);
|
|
|
|
if (error != 0)
|
|
|
|
dmu_tx_abort(tx);
|
|
|
|
for (c = 0; c < children; c++) {
|
|
|
|
if (vml[c] != NULL) {
|
|
|
|
vdev_split(vml[c]);
|
|
|
|
if (error == 0)
|
2013-08-28 15:45:09 +04:00
|
|
|
spa_history_log_internal(spa, "detach", tx,
|
|
|
|
"vdev=%s", vml[c]->vdev_path);
|
2016-04-11 23:16:57 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
vdev_free(vml[c]);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
}
|
2016-04-11 23:16:57 +03:00
|
|
|
spa->spa_avz_action = AVZ_ACTION_REBUILD;
|
2010-05-29 00:45:14 +04:00
|
|
|
vdev_config_dirty(spa->spa_root_vdev);
|
|
|
|
spa->spa_config_splitting = NULL;
|
|
|
|
nvlist_free(nvl);
|
|
|
|
if (error == 0)
|
|
|
|
dmu_tx_commit(tx);
|
|
|
|
(void) spa_vdev_exit(spa, NULL, txg, 0);
|
|
|
|
|
|
|
|
if (zio_injection_enabled)
|
|
|
|
zio_handle_panic_injection(spa, FTAG, 3);
|
|
|
|
|
|
|
|
/* split is complete; log a history record */
|
2013-08-28 15:45:09 +04:00
|
|
|
spa_history_log_internal(newspa, "split", NULL,
|
|
|
|
"from pool %s", spa_name(spa));
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
kmem_free(vml, children * sizeof (vdev_t *));
|
|
|
|
|
|
|
|
/* if we're not going to mount the filesystems in userland, export */
|
|
|
|
if (exp)
|
|
|
|
error = spa_export_common(newname, POOL_STATE_EXPORTED, NULL,
|
|
|
|
B_FALSE, B_FALSE);
|
|
|
|
|
|
|
|
return (error);
|
|
|
|
|
|
|
|
out:
|
|
|
|
spa_unload(newspa);
|
|
|
|
spa_deactivate(newspa);
|
|
|
|
spa_remove(newspa);
|
|
|
|
|
|
|
|
txg = spa_vdev_config_enter(spa);
|
|
|
|
|
|
|
|
/* re-online all offlined disks */
|
|
|
|
for (c = 0; c < children; c++) {
|
|
|
|
if (vml[c] != NULL)
|
|
|
|
vml[c]->vdev_offline = B_FALSE;
|
|
|
|
}
|
|
|
|
vdev_reopen(spa->spa_root_vdev);
|
|
|
|
|
|
|
|
nvlist_free(spa->spa_config_splitting);
|
|
|
|
spa->spa_config_splitting = NULL;
|
|
|
|
(void) spa_vdev_exit(spa, NULL, txg, error);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
kmem_free(vml, children * sizeof (vdev_t *));
|
2008-11-20 23:01:55 +03:00
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
static nvlist_t *
|
|
|
|
spa_nvlist_lookup_by_guid(nvlist_t **nvpp, int count, uint64_t target_guid)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int i = 0; i < count; i++) {
|
2008-12-03 23:09:06 +03:00
|
|
|
uint64_t guid;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
VERIFY(nvlist_lookup_uint64(nvpp[i], ZPOOL_CONFIG_GUID,
|
|
|
|
&guid) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
if (guid == target_guid)
|
|
|
|
return (nvpp[i]);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
return (NULL);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
static void
|
|
|
|
spa_vdev_remove_aux(nvlist_t *config, char *name, nvlist_t **dev, int count,
|
2016-10-14 03:59:18 +03:00
|
|
|
nvlist_t *dev_to_remove)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2008-12-03 23:09:06 +03:00
|
|
|
nvlist_t **newdev = NULL;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
if (count > 1)
|
2014-11-21 03:09:39 +03:00
|
|
|
newdev = kmem_alloc((count - 1) * sizeof (void *), KM_SLEEP);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int i = 0, j = 0; i < count; i++) {
|
2008-12-03 23:09:06 +03:00
|
|
|
if (dev[i] == dev_to_remove)
|
|
|
|
continue;
|
2014-11-21 03:09:39 +03:00
|
|
|
VERIFY(nvlist_dup(dev[i], &newdev[j++], KM_SLEEP) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
VERIFY(nvlist_remove(config, name, DATA_TYPE_NVLIST_ARRAY) == 0);
|
|
|
|
VERIFY(nvlist_add_nvlist_array(config, name, newdev, count - 1) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int i = 0; i < count - 1; i++)
|
2008-12-03 23:09:06 +03:00
|
|
|
nvlist_free(newdev[i]);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
if (count > 1)
|
|
|
|
kmem_free(newdev, (count - 1) * sizeof (void *));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
|
|
|
* Evacuate the device.
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
spa_vdev_remove_evacuate(spa_t *spa, vdev_t *vd)
|
|
|
|
{
|
|
|
|
uint64_t txg;
|
|
|
|
int error = 0;
|
|
|
|
|
|
|
|
ASSERT(MUTEX_HELD(&spa_namespace_lock));
|
|
|
|
ASSERT(spa_config_held(spa, SCL_ALL, RW_WRITER) == 0);
|
|
|
|
ASSERT(vd == vd->vdev_top);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Evacuate the device. We don't hold the config lock as writer
|
|
|
|
* since we need to do I/O but we do keep the
|
|
|
|
* spa_namespace_lock held. Once this completes the device
|
|
|
|
* should no longer have any blocks allocated on it.
|
|
|
|
*/
|
|
|
|
if (vd->vdev_islog) {
|
|
|
|
if (vd->vdev_stat.vs_alloc != 0)
|
|
|
|
error = spa_offline_log(spa);
|
|
|
|
} else {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(ENOTSUP);
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The evacuation succeeded. Remove any remaining MOS metadata
|
|
|
|
* associated with this vdev, and wait for these changes to sync.
|
|
|
|
*/
|
2013-05-11 01:17:03 +04:00
|
|
|
ASSERT0(vd->vdev_stat.vs_alloc);
|
2010-05-29 00:45:14 +04:00
|
|
|
txg = spa_vdev_config_enter(spa);
|
|
|
|
vd->vdev_removing = B_TRUE;
|
Illumos #4101, #4102, #4103, #4105, #4106
4101 metaslab_debug should allow for fine-grained control
4102 space_maps should store more information about themselves
4103 space map object blocksize should be increased
4105 removing a mirrored log device results in a leaked object
4106 asynchronously load metaslab
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Sebastien Roy <seb@delphix.com>
Approved by: Garrett D'Amore <garrett@damore.org>
Prior to this patch, space_maps were preferred solely based on the
amount of free space left in each. Unfortunately, this heuristic didn't
contain any information about the make-up of that free space, which
meant we could keep preferring and loading a highly fragmented space map
that wouldn't actually have enough contiguous space to satisfy the
allocation; then unloading that space_map and repeating the process.
This change modifies the space_map's to store additional information
about the contiguous space in the space_map, so that we can use this
information to make a better decision about which space_map to load.
This requires reallocating all space_map objects to increase their
bonus buffer size sizes enough to fit the new metadata.
The above feature can be enabled via a new feature flag introduced by
this change: com.delphix:spacemap_histogram
In addition to the above, this patch allows the space_map block size to
be increase. Currently the block size is set to be 4K in size, which has
certain implications including the following:
* 4K sector devices will not see any compression benefit
* large space_maps require more metadata on-disk
* large space_maps require more time to load (typically random reads)
Now the space_map block size can adjust as needed up to the maximum size
set via the space_map_max_blksz variable.
A bug was fixed which resulted in potentially leaking an object when
removing a mirrored log device. The previous logic for vdev_remove() did
not deal with removing top-level vdevs that are interior vdevs (i.e.
mirror) correctly. The problem would occur when removing a mirrored log
device, and result in the DTL space map object being leaked; because
top-level vdevs don't have DTL space map objects associated with them.
References:
https://www.illumos.org/issues/4101
https://www.illumos.org/issues/4102
https://www.illumos.org/issues/4103
https://www.illumos.org/issues/4105
https://www.illumos.org/issues/4106
https://github.com/illumos/illumos-gate/commit/0713e23
Porting notes:
A handful of kmem_alloc() calls were converted to kmem_zalloc(). Also,
the KM_PUSHPAGE and TQ_PUSHPAGE flags were used as necessary.
Ported-by: Tim Chase <tim@chase2k.com>
Signed-off-by: Prakash Surya <surya1@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #2488
2013-10-02 01:25:53 +04:00
|
|
|
vdev_dirty_leaves(vd, VDD_DTL, txg);
|
2010-05-29 00:45:14 +04:00
|
|
|
vdev_config_dirty(vd);
|
|
|
|
spa_vdev_config_exit(spa, NULL, txg, 0, FTAG);
|
|
|
|
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Complete the removal by cleaning up the namespace.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_vdev_remove_from_namespace(spa_t *spa, vdev_t *vd)
|
|
|
|
{
|
|
|
|
vdev_t *rvd = spa->spa_root_vdev;
|
|
|
|
uint64_t id = vd->vdev_id;
|
|
|
|
boolean_t last_vdev = (id == (rvd->vdev_children - 1));
|
|
|
|
|
|
|
|
ASSERT(MUTEX_HELD(&spa_namespace_lock));
|
|
|
|
ASSERT(spa_config_held(spa, SCL_ALL, RW_WRITER) == SCL_ALL);
|
|
|
|
ASSERT(vd == vd->vdev_top);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Only remove any devices which are empty.
|
|
|
|
*/
|
|
|
|
if (vd->vdev_stat.vs_alloc != 0)
|
|
|
|
return;
|
|
|
|
|
|
|
|
(void) vdev_label_init(vd, 0, VDEV_LABEL_REMOVE);
|
|
|
|
|
|
|
|
if (list_link_active(&vd->vdev_state_dirty_node))
|
|
|
|
vdev_state_clean(vd);
|
|
|
|
if (list_link_active(&vd->vdev_config_dirty_node))
|
|
|
|
vdev_config_clean(vd);
|
|
|
|
|
|
|
|
vdev_free(vd);
|
|
|
|
|
|
|
|
if (last_vdev) {
|
|
|
|
vdev_compact_children(rvd);
|
|
|
|
} else {
|
|
|
|
vd = vdev_alloc_common(spa, id, 0, &vdev_hole_ops);
|
|
|
|
vdev_add_child(rvd, vd);
|
|
|
|
}
|
|
|
|
vdev_config_dirty(rvd);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Reassess the health of our root vdev.
|
|
|
|
*/
|
|
|
|
vdev_reopen(rvd);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Remove a device from the pool -
|
|
|
|
*
|
|
|
|
* Removing a device from the vdev namespace requires several steps
|
|
|
|
* and can take a significant amount of time. As a result we use
|
|
|
|
* the spa_vdev_config_[enter/exit] functions which allow us to
|
|
|
|
* grab and release the spa_config_lock while still holding the namespace
|
|
|
|
* lock. During each step the configuration is synced out.
|
2013-06-11 21:12:34 +04:00
|
|
|
*
|
|
|
|
* Currently, this supports removing only hot spares, slogs, and level 2 ARC
|
|
|
|
* devices.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
|
|
|
int
|
|
|
|
spa_vdev_remove(spa_t *spa, uint64_t guid, boolean_t unspare)
|
|
|
|
{
|
|
|
|
vdev_t *vd;
|
2017-05-30 21:39:17 +03:00
|
|
|
sysevent_t *ev = NULL;
|
2010-05-29 00:45:14 +04:00
|
|
|
metaslab_group_t *mg;
|
2008-12-03 23:09:06 +03:00
|
|
|
nvlist_t **spares, **l2cache, *nv;
|
2009-01-16 00:59:39 +03:00
|
|
|
uint64_t txg = 0;
|
2010-05-29 00:45:14 +04:00
|
|
|
uint_t nspares, nl2cache;
|
2008-11-20 23:01:55 +03:00
|
|
|
int error = 0;
|
2009-01-16 00:59:39 +03:00
|
|
|
boolean_t locked = MUTEX_HELD(&spa_namespace_lock);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
ASSERT(spa_writeable(spa));
|
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
if (!locked)
|
|
|
|
txg = spa_vdev_enter(spa);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
vd = spa_lookup_by_guid(spa, guid, B_FALSE);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
if (spa->spa_spares.sav_vdevs != NULL &&
|
|
|
|
nvlist_lookup_nvlist_array(spa->spa_spares.sav_config,
|
2008-12-03 23:09:06 +03:00
|
|
|
ZPOOL_CONFIG_SPARES, &spares, &nspares) == 0 &&
|
|
|
|
(nv = spa_nvlist_lookup_by_guid(spares, nspares, guid)) != NULL) {
|
|
|
|
/*
|
|
|
|
* Only remove the hot spare if it's not currently in use
|
|
|
|
* in this pool.
|
|
|
|
*/
|
|
|
|
if (vd == NULL || unspare) {
|
2017-01-31 21:19:36 +03:00
|
|
|
if (vd == NULL)
|
|
|
|
vd = spa_lookup_by_guid(spa, guid, B_TRUE);
|
2017-05-30 21:39:17 +03:00
|
|
|
ev = spa_event_create(spa, vd, NULL,
|
|
|
|
ESC_ZFS_VDEV_REMOVE_AUX);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_vdev_remove_aux(spa->spa_spares.sav_config,
|
|
|
|
ZPOOL_CONFIG_SPARES, spares, nspares, nv);
|
|
|
|
spa_load_spares(spa);
|
|
|
|
spa->spa_spares.sav_sync = B_TRUE;
|
|
|
|
} else {
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(EBUSY);
|
2008-12-03 23:09:06 +03:00
|
|
|
}
|
|
|
|
} else if (spa->spa_l2cache.sav_vdevs != NULL &&
|
2008-11-20 23:01:55 +03:00
|
|
|
nvlist_lookup_nvlist_array(spa->spa_l2cache.sav_config,
|
2008-12-03 23:09:06 +03:00
|
|
|
ZPOOL_CONFIG_L2CACHE, &l2cache, &nl2cache) == 0 &&
|
|
|
|
(nv = spa_nvlist_lookup_by_guid(l2cache, nl2cache, guid)) != NULL) {
|
|
|
|
/*
|
|
|
|
* Cache devices can always be removed.
|
|
|
|
*/
|
2017-01-31 21:19:36 +03:00
|
|
|
vd = spa_lookup_by_guid(spa, guid, B_TRUE);
|
2017-05-30 21:39:17 +03:00
|
|
|
ev = spa_event_create(spa, vd, NULL, ESC_ZFS_VDEV_REMOVE_AUX);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_vdev_remove_aux(spa->spa_l2cache.sav_config,
|
|
|
|
ZPOOL_CONFIG_L2CACHE, l2cache, nl2cache, nv);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_load_l2cache(spa);
|
|
|
|
spa->spa_l2cache.sav_sync = B_TRUE;
|
2010-05-29 00:45:14 +04:00
|
|
|
} else if (vd != NULL && vd->vdev_islog) {
|
|
|
|
ASSERT(!locked);
|
|
|
|
ASSERT(vd == vd->vdev_top);
|
|
|
|
|
|
|
|
mg = vd->vdev_mg;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Stop allocating from this vdev.
|
|
|
|
*/
|
|
|
|
metaslab_group_passivate(mg);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Wait for the youngest allocations and frees to sync,
|
|
|
|
* and then wait for the deferral of those frees to finish.
|
|
|
|
*/
|
|
|
|
spa_vdev_config_exit(spa, NULL,
|
|
|
|
txg + TXG_CONCURRENT_STATES + TXG_DEFER_SIZE, 0, FTAG);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Attempt to evacuate the vdev.
|
|
|
|
*/
|
|
|
|
error = spa_vdev_remove_evacuate(spa, vd);
|
|
|
|
|
|
|
|
txg = spa_vdev_config_enter(spa);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If we couldn't evacuate the vdev, unwind.
|
|
|
|
*/
|
|
|
|
if (error) {
|
|
|
|
metaslab_group_activate(mg);
|
|
|
|
return (spa_vdev_exit(spa, NULL, txg, error));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Clean up the vdev namespace.
|
|
|
|
*/
|
2017-05-30 21:39:17 +03:00
|
|
|
ev = spa_event_create(spa, vd, NULL, ESC_ZFS_VDEV_REMOVE_DEV);
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_vdev_remove_from_namespace(spa, vd);
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
} else if (vd != NULL) {
|
|
|
|
/*
|
|
|
|
* Normal vdevs cannot be removed (yet).
|
|
|
|
*/
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(ENOTSUP);
|
2008-12-03 23:09:06 +03:00
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* There is no vdev of any kind with the specified guid.
|
|
|
|
*/
|
2013-03-08 22:41:28 +04:00
|
|
|
error = SET_ERROR(ENOENT);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
if (!locked)
|
2017-01-31 02:33:46 +03:00
|
|
|
error = spa_vdev_exit(spa, NULL, txg, error);
|
2009-01-16 00:59:39 +03:00
|
|
|
|
2017-05-30 21:39:17 +03:00
|
|
|
if (ev)
|
|
|
|
spa_event_post(ev);
|
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
return (error);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Find any device that's done replacing, or a vdev marked 'unspare' that's
|
2013-06-11 21:12:34 +04:00
|
|
|
* currently spared, so we can detach it.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
|
|
|
static vdev_t *
|
|
|
|
spa_vdev_resilver_done_hunt(vdev_t *vd)
|
|
|
|
{
|
|
|
|
vdev_t *newvd, *oldvd;
|
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int c = 0; c < vd->vdev_children; c++) {
|
2008-11-20 23:01:55 +03:00
|
|
|
oldvd = spa_vdev_resilver_done_hunt(vd->vdev_child[c]);
|
|
|
|
if (oldvd != NULL)
|
|
|
|
return (oldvd);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2010-08-27 01:24:34 +04:00
|
|
|
* Check for a completed replacement. We always consider the first
|
|
|
|
* vdev in the list to be the oldest vdev, and the last one to be
|
|
|
|
* the newest (see spa_vdev_attach() for how that works). In
|
|
|
|
* the case where the newest vdev is faulted, we will not automatically
|
|
|
|
* remove it after a resilver completes. This is OK as it will require
|
|
|
|
* user intervention to determine which disk the admin wishes to keep.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2010-08-27 01:24:34 +04:00
|
|
|
if (vd->vdev_ops == &vdev_replacing_ops) {
|
|
|
|
ASSERT(vd->vdev_children > 1);
|
|
|
|
|
|
|
|
newvd = vd->vdev_child[vd->vdev_children - 1];
|
2008-11-20 23:01:55 +03:00
|
|
|
oldvd = vd->vdev_child[0];
|
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
if (vdev_dtl_empty(newvd, DTL_MISSING) &&
|
2010-05-29 00:45:14 +04:00
|
|
|
vdev_dtl_empty(newvd, DTL_OUTAGE) &&
|
2009-01-16 00:59:39 +03:00
|
|
|
!vdev_dtl_required(oldvd))
|
2008-11-20 23:01:55 +03:00
|
|
|
return (oldvd);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Check for a completed resilver with the 'unspare' flag set.
|
|
|
|
*/
|
2010-08-27 01:24:34 +04:00
|
|
|
if (vd->vdev_ops == &vdev_spare_ops) {
|
|
|
|
vdev_t *first = vd->vdev_child[0];
|
|
|
|
vdev_t *last = vd->vdev_child[vd->vdev_children - 1];
|
|
|
|
|
|
|
|
if (last->vdev_unspare) {
|
|
|
|
oldvd = first;
|
|
|
|
newvd = last;
|
|
|
|
} else if (first->vdev_unspare) {
|
|
|
|
oldvd = last;
|
|
|
|
newvd = first;
|
|
|
|
} else {
|
|
|
|
oldvd = NULL;
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
if (oldvd != NULL &&
|
2009-01-16 00:59:39 +03:00
|
|
|
vdev_dtl_empty(newvd, DTL_MISSING) &&
|
2010-05-29 00:45:14 +04:00
|
|
|
vdev_dtl_empty(newvd, DTL_OUTAGE) &&
|
2010-08-27 01:24:34 +04:00
|
|
|
!vdev_dtl_required(oldvd))
|
2008-11-20 23:01:55 +03:00
|
|
|
return (oldvd);
|
2010-08-27 01:24:34 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If there are more than two spares attached to a disk,
|
|
|
|
* and those spares are not required, then we want to
|
|
|
|
* attempt to free them up now so that they can be used
|
|
|
|
* by other pools. Once we're back down to a single
|
|
|
|
* disk+spare, we stop removing them.
|
|
|
|
*/
|
|
|
|
if (vd->vdev_children > 2) {
|
|
|
|
newvd = vd->vdev_child[1];
|
|
|
|
|
|
|
|
if (newvd->vdev_isspare && last->vdev_isspare &&
|
|
|
|
vdev_dtl_empty(last, DTL_MISSING) &&
|
|
|
|
vdev_dtl_empty(last, DTL_OUTAGE) &&
|
|
|
|
!vdev_dtl_required(newvd))
|
|
|
|
return (newvd);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
spa_vdev_resilver_done(spa_t *spa)
|
|
|
|
{
|
2009-01-16 00:59:39 +03:00
|
|
|
vdev_t *vd, *pvd, *ppvd;
|
|
|
|
uint64_t guid, sguid, pguid, ppguid;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
while ((vd = spa_vdev_resilver_done_hunt(spa->spa_root_vdev)) != NULL) {
|
2009-01-16 00:59:39 +03:00
|
|
|
pvd = vd->vdev_parent;
|
|
|
|
ppvd = pvd->vdev_parent;
|
2008-11-20 23:01:55 +03:00
|
|
|
guid = vd->vdev_guid;
|
2009-01-16 00:59:39 +03:00
|
|
|
pguid = pvd->vdev_guid;
|
|
|
|
ppguid = ppvd->vdev_guid;
|
|
|
|
sguid = 0;
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* If we have just finished replacing a hot spared device, then
|
|
|
|
* we need to detach the parent's first child (the original hot
|
|
|
|
* spare) as well.
|
|
|
|
*/
|
2010-08-27 01:24:34 +04:00
|
|
|
if (ppvd->vdev_ops == &vdev_spare_ops && pvd->vdev_id == 0 &&
|
|
|
|
ppvd->vdev_children == 2) {
|
2008-11-20 23:01:55 +03:00
|
|
|
ASSERT(pvd->vdev_ops == &vdev_replacing_ops);
|
2009-01-16 00:59:39 +03:00
|
|
|
sguid = ppvd->vdev_child[1]->vdev_guid;
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
2013-08-08 00:16:22 +04:00
|
|
|
ASSERT(vd->vdev_resilver_txg == 0 || !vdev_dtl_required(vd));
|
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
|
|
|
if (spa_vdev_detach(spa, guid, pguid, B_TRUE) != 0)
|
2008-11-20 23:01:55 +03:00
|
|
|
return;
|
2009-01-16 00:59:39 +03:00
|
|
|
if (sguid && spa_vdev_detach(spa, sguid, ppguid, B_TRUE) != 0)
|
2008-11-20 23:01:55 +03:00
|
|
|
return;
|
2009-01-16 00:59:39 +03:00
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2009-01-16 00:59:39 +03:00
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2010-05-29 00:45:14 +04:00
|
|
|
* Update the stored path or FRU for this vdev.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
|
|
|
int
|
2009-07-03 02:44:48 +04:00
|
|
|
spa_vdev_set_common(spa_t *spa, uint64_t guid, const char *value,
|
|
|
|
boolean_t ispath)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2008-12-03 23:09:06 +03:00
|
|
|
vdev_t *vd;
|
2010-05-29 00:45:14 +04:00
|
|
|
boolean_t sync = B_FALSE;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
ASSERT(spa_writeable(spa));
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_vdev_state_enter(spa, SCL_ALL);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
if ((vd = spa_lookup_by_guid(spa, guid, B_TRUE)) == NULL)
|
2010-05-29 00:45:14 +04:00
|
|
|
return (spa_vdev_state_exit(spa, NULL, ENOENT));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
if (!vd->vdev_ops->vdev_op_leaf)
|
2010-05-29 00:45:14 +04:00
|
|
|
return (spa_vdev_state_exit(spa, NULL, ENOTSUP));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
if (ispath) {
|
2010-05-29 00:45:14 +04:00
|
|
|
if (strcmp(value, vd->vdev_path) != 0) {
|
|
|
|
spa_strfree(vd->vdev_path);
|
|
|
|
vd->vdev_path = spa_strdup(value);
|
|
|
|
sync = B_TRUE;
|
|
|
|
}
|
2009-07-03 02:44:48 +04:00
|
|
|
} else {
|
2010-05-29 00:45:14 +04:00
|
|
|
if (vd->vdev_fru == NULL) {
|
|
|
|
vd->vdev_fru = spa_strdup(value);
|
|
|
|
sync = B_TRUE;
|
|
|
|
} else if (strcmp(value, vd->vdev_fru) != 0) {
|
2009-07-03 02:44:48 +04:00
|
|
|
spa_strfree(vd->vdev_fru);
|
2010-05-29 00:45:14 +04:00
|
|
|
vd->vdev_fru = spa_strdup(value);
|
|
|
|
sync = B_TRUE;
|
|
|
|
}
|
2009-07-03 02:44:48 +04:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
return (spa_vdev_state_exit(spa, sync ? vd : NULL, 0));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
int
|
|
|
|
spa_vdev_setpath(spa_t *spa, uint64_t guid, const char *newpath)
|
|
|
|
{
|
|
|
|
return (spa_vdev_set_common(spa, guid, newpath, B_TRUE));
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
|
|
|
spa_vdev_setfru(spa_t *spa, uint64_t guid, const char *newfru)
|
|
|
|
{
|
|
|
|
return (spa_vdev_set_common(spa, guid, newfru, B_FALSE));
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* ==========================================================================
|
2010-05-29 00:45:14 +04:00
|
|
|
* SPA Scanning
|
2008-11-20 23:01:55 +03:00
|
|
|
* ==========================================================================
|
|
|
|
*/
|
2017-07-07 08:16:13 +03:00
|
|
|
int
|
|
|
|
spa_scrub_pause_resume(spa_t *spa, pool_scrub_cmd_t cmd)
|
|
|
|
{
|
|
|
|
ASSERT(spa_config_held(spa, SCL_ALL, RW_WRITER) == 0);
|
|
|
|
|
|
|
|
if (dsl_scan_resilvering(spa->spa_dsl_pool))
|
|
|
|
return (SET_ERROR(EBUSY));
|
|
|
|
|
|
|
|
return (dsl_scrub_set_pause_resume(spa->spa_dsl_pool, cmd));
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
int
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_scan_stop(spa_t *spa)
|
|
|
|
{
|
|
|
|
ASSERT(spa_config_held(spa, SCL_ALL, RW_WRITER) == 0);
|
|
|
|
if (dsl_scan_resilvering(spa->spa_dsl_pool))
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(EBUSY));
|
2010-05-29 00:45:14 +04:00
|
|
|
return (dsl_scan_cancel(spa->spa_dsl_pool));
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
|
|
|
spa_scan(spa_t *spa, pool_scan_func_t func)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2008-12-03 23:09:06 +03:00
|
|
|
ASSERT(spa_config_held(spa, SCL_ALL, RW_WRITER) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
if (func >= POOL_SCAN_FUNCS || func == POOL_SCAN_NONE)
|
2013-03-08 22:41:28 +04:00
|
|
|
return (SET_ERROR(ENOTSUP));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
2008-12-03 23:09:06 +03:00
|
|
|
* If a resilver was requested, but there is no DTL on a
|
|
|
|
* writeable leaf device, we have nothing to do.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
if (func == POOL_SCAN_RESILVER &&
|
2008-12-03 23:09:06 +03:00
|
|
|
!vdev_resilver_needed(spa->spa_root_vdev, NULL, NULL)) {
|
|
|
|
spa_async_request(spa, SPA_ASYNC_RESILVER_DONE);
|
2008-11-20 23:01:55 +03:00
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
return (dsl_scan(spa->spa_dsl_pool, func));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* ==========================================================================
|
|
|
|
* SPA async task processing
|
|
|
|
* ==========================================================================
|
|
|
|
*/
|
|
|
|
|
|
|
|
static void
|
|
|
|
spa_async_remove(spa_t *spa, vdev_t *vd)
|
|
|
|
{
|
2008-12-03 23:09:06 +03:00
|
|
|
if (vd->vdev_remove_wanted) {
|
2010-05-29 00:45:14 +04:00
|
|
|
vd->vdev_remove_wanted = B_FALSE;
|
|
|
|
vd->vdev_delayed_close = B_FALSE;
|
2008-12-03 23:09:06 +03:00
|
|
|
vdev_set_state(vd, B_FALSE, VDEV_STATE_REMOVED, VDEV_AUX_NONE);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* We want to clear the stats, but we don't want to do a full
|
|
|
|
* vdev_clear() as that will cause us to throw away
|
|
|
|
* degraded/faulted state as well as attempt to reopen the
|
|
|
|
* device, all of which is a waste.
|
|
|
|
*/
|
|
|
|
vd->vdev_stat.vs_read_errors = 0;
|
|
|
|
vd->vdev_stat.vs_write_errors = 0;
|
|
|
|
vd->vdev_stat.vs_checksum_errors = 0;
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
vdev_state_dirty(vd->vdev_top);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int c = 0; c < vd->vdev_children; c++)
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_async_remove(spa, vd->vdev_child[c]);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
spa_async_probe(spa_t *spa, vdev_t *vd)
|
|
|
|
{
|
|
|
|
if (vd->vdev_probe_wanted) {
|
2010-05-29 00:45:14 +04:00
|
|
|
vd->vdev_probe_wanted = B_FALSE;
|
2008-12-03 23:09:06 +03:00
|
|
|
vdev_reopen(vd); /* vdev_open() does the actual probe */
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
2008-12-03 23:09:06 +03:00
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int c = 0; c < vd->vdev_children; c++)
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_async_probe(spa, vd->vdev_child[c]);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
static void
|
|
|
|
spa_async_autoexpand(spa_t *spa, vdev_t *vd)
|
|
|
|
{
|
|
|
|
if (!spa->spa_autoexpand)
|
|
|
|
return;
|
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int c = 0; c < vd->vdev_children; c++) {
|
2009-07-03 02:44:48 +04:00
|
|
|
vdev_t *cvd = vd->vdev_child[c];
|
|
|
|
spa_async_autoexpand(spa, cvd);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!vd->vdev_ops->vdev_op_leaf || vd->vdev_physpath == NULL)
|
|
|
|
return;
|
|
|
|
|
2017-05-30 21:39:17 +03:00
|
|
|
spa_event_notify(vd->vdev_spa, vd, NULL, ESC_ZFS_VDEV_AUTOEXPAND);
|
2009-07-03 02:44:48 +04:00
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
static void
|
Simplify threads, mutexs, cvs and rwlocks
* Simplify threads, mutexs, cvs and rwlocks
* Update the zk_thread_create() function to use the same trick
as Illumos. Specifically, cast the new pthread_t to a void
pointer and return that as the kthread_t *. This avoids the
issues associated with managing a wrapper structure and is
safe as long as the callers never attempt to dereference it.
* Update all function prototypes passed to pthread_create() to
match the expected prototype. We were getting away this with
before since the function were explicitly cast.
* Replaced direct zk_thread_create() calls with thread_create()
for code consistency. All consumers of libzpool now use the
proper wrappers.
* The mutex_held() calls were converted to MUTEX_HELD().
* Removed all mutex_owner() calls and retired the interface.
Instead use MUTEX_HELD() which provides the same information
and allows the implementation details to be hidden. In this
case the use of the pthread_equals() function.
* The kthread_t, kmutex_t, krwlock_t, and krwlock_t types had
any non essential fields removed. In the case of kthread_t
and kcondvar_t they could be directly typedef'd to pthread_t
and pthread_cond_t respectively.
* Removed all extra ASSERTS from the thread, mutex, rwlock, and
cv wrapper functions. In practice, pthreads already provides
the vast majority of checks as long as we check the return
code. Removing this code from our wrappers help readability.
* Added TS_JOINABLE state flag to pass to request a joinable rather
than detached thread. This isn't a standard thread_create() state
but it's the least invasive way to pass this information and is
only used by ztest.
TEST_ZTEST_TIMEOUT=3600
Chunwei Chen <tuxoko@gmail.com>
Reviewed-by: Tom Caputi <tcaputi@datto.com>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #4547
Closes #5503
Closes #5523
Closes #6377
Closes #6495
2017-08-11 18:51:44 +03:00
|
|
|
spa_async_thread(void *arg)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
Simplify threads, mutexs, cvs and rwlocks
* Simplify threads, mutexs, cvs and rwlocks
* Update the zk_thread_create() function to use the same trick
as Illumos. Specifically, cast the new pthread_t to a void
pointer and return that as the kthread_t *. This avoids the
issues associated with managing a wrapper structure and is
safe as long as the callers never attempt to dereference it.
* Update all function prototypes passed to pthread_create() to
match the expected prototype. We were getting away this with
before since the function were explicitly cast.
* Replaced direct zk_thread_create() calls with thread_create()
for code consistency. All consumers of libzpool now use the
proper wrappers.
* The mutex_held() calls were converted to MUTEX_HELD().
* Removed all mutex_owner() calls and retired the interface.
Instead use MUTEX_HELD() which provides the same information
and allows the implementation details to be hidden. In this
case the use of the pthread_equals() function.
* The kthread_t, kmutex_t, krwlock_t, and krwlock_t types had
any non essential fields removed. In the case of kthread_t
and kcondvar_t they could be directly typedef'd to pthread_t
and pthread_cond_t respectively.
* Removed all extra ASSERTS from the thread, mutex, rwlock, and
cv wrapper functions. In practice, pthreads already provides
the vast majority of checks as long as we check the return
code. Removing this code from our wrappers help readability.
* Added TS_JOINABLE state flag to pass to request a joinable rather
than detached thread. This isn't a standard thread_create() state
but it's the least invasive way to pass this information and is
only used by ztest.
TEST_ZTEST_TIMEOUT=3600
Chunwei Chen <tuxoko@gmail.com>
Reviewed-by: Tom Caputi <tcaputi@datto.com>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #4547
Closes #5503
Closes #5523
Closes #6377
Closes #6495
2017-08-11 18:51:44 +03:00
|
|
|
spa_t *spa = (spa_t *)arg;
|
2017-10-27 22:46:35 +03:00
|
|
|
int tasks;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
ASSERT(spa->spa_sync_on);
|
|
|
|
|
|
|
|
mutex_enter(&spa->spa_async_lock);
|
|
|
|
tasks = spa->spa_async_tasks;
|
|
|
|
spa->spa_async_tasks = 0;
|
|
|
|
mutex_exit(&spa->spa_async_lock);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* See if the config needs to be updated.
|
|
|
|
*/
|
|
|
|
if (tasks & SPA_ASYNC_CONFIG_UPDATE) {
|
2010-05-29 00:45:14 +04:00
|
|
|
uint64_t old_space, new_space;
|
2009-07-03 02:44:48 +04:00
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
mutex_enter(&spa_namespace_lock);
|
2010-05-29 00:45:14 +04:00
|
|
|
old_space = metaslab_class_get_space(spa_normal_class(spa));
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_config_update(spa, SPA_CONFIG_UPDATE_POOL);
|
2010-05-29 00:45:14 +04:00
|
|
|
new_space = metaslab_class_get_space(spa_normal_class(spa));
|
2008-11-20 23:01:55 +03:00
|
|
|
mutex_exit(&spa_namespace_lock);
|
2009-07-03 02:44:48 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If the pool grew as a result of the config update,
|
|
|
|
* then log an internal history event.
|
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
if (new_space != old_space) {
|
2013-08-28 15:45:09 +04:00
|
|
|
spa_history_log_internal(spa, "vdev online", NULL,
|
2009-08-18 22:43:27 +04:00
|
|
|
"pool '%s' size: %llu(+%llu)",
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_name(spa), new_space, new_space - old_space);
|
2009-07-03 02:44:48 +04:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* See if any devices need to be marked REMOVED.
|
|
|
|
*/
|
2008-12-03 23:09:06 +03:00
|
|
|
if (tasks & SPA_ASYNC_REMOVE) {
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_vdev_state_enter(spa, SCL_NONE);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa_async_remove(spa, spa->spa_root_vdev);
|
2017-10-27 22:46:35 +03:00
|
|
|
for (int i = 0; i < spa->spa_l2cache.sav_count; i++)
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_async_remove(spa, spa->spa_l2cache.sav_vdevs[i]);
|
2017-10-27 22:46:35 +03:00
|
|
|
for (int i = 0; i < spa->spa_spares.sav_count; i++)
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_async_remove(spa, spa->spa_spares.sav_vdevs[i]);
|
|
|
|
(void) spa_vdev_state_exit(spa, NULL, 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
if ((tasks & SPA_ASYNC_AUTOEXPAND) && !spa_suspended(spa)) {
|
|
|
|
spa_config_enter(spa, SCL_CONFIG, FTAG, RW_READER);
|
|
|
|
spa_async_autoexpand(spa, spa->spa_root_vdev);
|
|
|
|
spa_config_exit(spa, SCL_CONFIG, FTAG);
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
2008-12-03 23:09:06 +03:00
|
|
|
* See if any devices need to be probed.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2008-12-03 23:09:06 +03:00
|
|
|
if (tasks & SPA_ASYNC_PROBE) {
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_vdev_state_enter(spa, SCL_NONE);
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_async_probe(spa, spa->spa_root_vdev);
|
|
|
|
(void) spa_vdev_state_exit(spa, NULL, 0);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
2008-12-03 23:09:06 +03:00
|
|
|
* If any devices are done replacing, detach them.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2008-12-03 23:09:06 +03:00
|
|
|
if (tasks & SPA_ASYNC_RESILVER_DONE)
|
|
|
|
spa_vdev_resilver_done(spa);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Kick off a resilver.
|
|
|
|
*/
|
2008-12-03 23:09:06 +03:00
|
|
|
if (tasks & SPA_ASYNC_RESILVER)
|
2010-05-29 00:45:14 +04:00
|
|
|
dsl_resilver_restart(spa->spa_dsl_pool, 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Let the world know that we're done.
|
|
|
|
*/
|
|
|
|
mutex_enter(&spa->spa_async_lock);
|
|
|
|
spa->spa_async_thread = NULL;
|
|
|
|
cv_broadcast(&spa->spa_async_cv);
|
|
|
|
mutex_exit(&spa->spa_async_lock);
|
|
|
|
thread_exit();
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
spa_async_suspend(spa_t *spa)
|
|
|
|
{
|
|
|
|
mutex_enter(&spa->spa_async_lock);
|
|
|
|
spa->spa_async_suspended++;
|
|
|
|
while (spa->spa_async_thread != NULL)
|
|
|
|
cv_wait(&spa->spa_async_cv, &spa->spa_async_lock);
|
|
|
|
mutex_exit(&spa->spa_async_lock);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
spa_async_resume(spa_t *spa)
|
|
|
|
{
|
|
|
|
mutex_enter(&spa->spa_async_lock);
|
|
|
|
ASSERT(spa->spa_async_suspended != 0);
|
|
|
|
spa->spa_async_suspended--;
|
|
|
|
mutex_exit(&spa->spa_async_lock);
|
|
|
|
}
|
|
|
|
|
2015-12-31 19:38:59 +03:00
|
|
|
static boolean_t
|
|
|
|
spa_async_tasks_pending(spa_t *spa)
|
|
|
|
{
|
|
|
|
uint_t non_config_tasks;
|
|
|
|
uint_t config_task;
|
|
|
|
boolean_t config_task_suspended;
|
|
|
|
|
|
|
|
non_config_tasks = spa->spa_async_tasks & ~SPA_ASYNC_CONFIG_UPDATE;
|
|
|
|
config_task = spa->spa_async_tasks & SPA_ASYNC_CONFIG_UPDATE;
|
|
|
|
if (spa->spa_ccw_fail_time == 0) {
|
|
|
|
config_task_suspended = B_FALSE;
|
|
|
|
} else {
|
|
|
|
config_task_suspended =
|
|
|
|
(gethrtime() - spa->spa_ccw_fail_time) <
|
2016-10-14 00:25:05 +03:00
|
|
|
((hrtime_t)zfs_ccw_retry_interval * NANOSEC);
|
2015-12-31 19:38:59 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
return (non_config_tasks || (config_task && !config_task_suspended));
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
static void
|
|
|
|
spa_async_dispatch(spa_t *spa)
|
|
|
|
{
|
|
|
|
mutex_enter(&spa->spa_async_lock);
|
2015-12-31 19:38:59 +03:00
|
|
|
if (spa_async_tasks_pending(spa) &&
|
|
|
|
!spa->spa_async_suspended &&
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_async_thread == NULL &&
|
2015-12-31 19:38:59 +03:00
|
|
|
rootdir != NULL)
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_async_thread = thread_create(NULL, 0,
|
|
|
|
spa_async_thread, spa, 0, &p0, TS_RUN, maxclsyspri);
|
|
|
|
mutex_exit(&spa->spa_async_lock);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
spa_async_request(spa_t *spa, int task)
|
|
|
|
{
|
2010-05-29 00:45:14 +04:00
|
|
|
zfs_dbgmsg("spa=%s async request task=%u", spa->spa_name, task);
|
2008-11-20 23:01:55 +03:00
|
|
|
mutex_enter(&spa->spa_async_lock);
|
|
|
|
spa->spa_async_tasks |= task;
|
|
|
|
mutex_exit(&spa->spa_async_lock);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* ==========================================================================
|
|
|
|
* SPA syncing routines
|
|
|
|
* ==========================================================================
|
|
|
|
*/
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
static int
|
|
|
|
bpobj_enqueue_cb(void *arg, const blkptr_t *bp, dmu_tx_t *tx)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2010-05-29 00:45:14 +04:00
|
|
|
bpobj_t *bpo = arg;
|
|
|
|
bpobj_enqueue(bpo, bp, tx);
|
|
|
|
return (0);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
static int
|
|
|
|
spa_free_sync_cb(void *arg, const blkptr_t *bp, dmu_tx_t *tx)
|
|
|
|
{
|
|
|
|
zio_t *zio = arg;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
zio_nowait(zio_free_sync(zio, zio->io_spa, dmu_tx_get_txg(tx), bp,
|
|
|
|
zio->io_flags));
|
|
|
|
return (0);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
Illumos #4045 write throttle & i/o scheduler performance work
4045 zfs write throttle & i/o scheduler performance work
1. The ZFS i/o scheduler (vdev_queue.c) now divides i/os into 5 classes: sync
read, sync write, async read, async write, and scrub/resilver. The scheduler
issues a number of concurrent i/os from each class to the device. Once a class
has been selected, an i/o is selected from this class using either an elevator
algorithem (async, scrub classes) or FIFO (sync classes). The number of
concurrent async write i/os is tuned dynamically based on i/o load, to achieve
good sync i/o latency when there is not a high load of writes, and good write
throughput when there is. See the block comment in vdev_queue.c (reproduced
below) for more details.
2. The write throttle (dsl_pool_tempreserve_space() and
txg_constrain_throughput()) is rewritten to produce much more consistent delays
when under constant load. The new write throttle is based on the amount of
dirty data, rather than guesses about future performance of the system. When
there is a lot of dirty data, each transaction (e.g. write() syscall) will be
delayed by the same small amount. This eliminates the "brick wall of wait"
that the old write throttle could hit, causing all transactions to wait several
seconds until the next txg opens. One of the keys to the new write throttle is
decrementing the amount of dirty data as i/o completes, rather than at the end
of spa_sync(). Note that the write throttle is only applied once the i/o
scheduler is issuing the maximum number of outstanding async writes. See the
block comments in dsl_pool.c and above dmu_tx_delay() (reproduced below) for
more details.
This diff has several other effects, including:
* the commonly-tuned global variable zfs_vdev_max_pending has been removed;
use per-class zfs_vdev_*_max_active values or zfs_vdev_max_active instead.
* the size of each txg (meaning the amount of dirty data written, and thus the
time it takes to write out) is now controlled differently. There is no longer
an explicit time goal; the primary determinant is amount of dirty data.
Systems that are under light or medium load will now often see that a txg is
always syncing, but the impact to performance (e.g. read latency) is minimal.
Tune zfs_dirty_data_max and zfs_dirty_data_sync to control this.
* zio_taskq_batch_pct = 75 -- Only use 75% of all CPUs for compression,
checksum, etc. This improves latency by not allowing these CPU-intensive tasks
to consume all CPU (on machines with at least 4 CPU's; the percentage is
rounded up).
--matt
APPENDIX: problems with the current i/o scheduler
The current ZFS i/o scheduler (vdev_queue.c) is deadline based. The problem
with this is that if there are always i/os pending, then certain classes of
i/os can see very long delays.
For example, if there are always synchronous reads outstanding, then no async
writes will be serviced until they become "past due". One symptom of this
situation is that each pass of the txg sync takes at least several seconds
(typically 3 seconds).
If many i/os become "past due" (their deadline is in the past), then we must
service all of these overdue i/os before any new i/os. This happens when we
enqueue a batch of async writes for the txg sync, with deadlines 2.5 seconds in
the future. If we can't complete all the i/os in 2.5 seconds (e.g. because
there were always reads pending), then these i/os will become past due. Now we
must service all the "async" writes (which could be hundreds of megabytes)
before we service any reads, introducing considerable latency to synchronous
i/os (reads or ZIL writes).
Notes on porting to ZFS on Linux:
- zio_t gained new members io_physdone and io_phys_children. Because
object caches in the Linux port call the constructor only once at
allocation time, objects may contain residual data when retrieved
from the cache. Therefore zio_create() was updated to zero out the two
new fields.
- vdev_mirror_pending() relied on the depth of the per-vdev pending queue
(vq->vq_pending_tree) to select the least-busy leaf vdev to read from.
This tree has been replaced by vq->vq_active_tree which is now used
for the same purpose.
- vdev_queue_init() used the value of zfs_vdev_max_pending to determine
the number of vdev I/O buffers to pre-allocate. That global no longer
exists, so we instead use the sum of the *_max_active values for each of
the five I/O classes described above.
- The Illumos implementation of dmu_tx_delay() delays a transaction by
sleeping in condition variable embedded in the thread
(curthread->t_delay_cv). We do not have an equivalent CV to use in
Linux, so this change replaced the delay logic with a wrapper called
zfs_sleep_until(). This wrapper could be adopted upstream and in other
downstream ports to abstract away operating system-specific delay logic.
- These tunables are added as module parameters, and descriptions added
to the zfs-module-parameters.5 man page.
spa_asize_inflation
zfs_deadman_synctime_ms
zfs_vdev_max_active
zfs_vdev_async_write_active_min_dirty_percent
zfs_vdev_async_write_active_max_dirty_percent
zfs_vdev_async_read_max_active
zfs_vdev_async_read_min_active
zfs_vdev_async_write_max_active
zfs_vdev_async_write_min_active
zfs_vdev_scrub_max_active
zfs_vdev_scrub_min_active
zfs_vdev_sync_read_max_active
zfs_vdev_sync_read_min_active
zfs_vdev_sync_write_max_active
zfs_vdev_sync_write_min_active
zfs_dirty_data_max_percent
zfs_delay_min_dirty_percent
zfs_dirty_data_max_max_percent
zfs_dirty_data_max
zfs_dirty_data_max_max
zfs_dirty_data_sync
zfs_delay_scale
The latter four have type unsigned long, whereas they are uint64_t in
Illumos. This accommodates Linux's module_param() supported types, but
means they may overflow on 32-bit architectures.
The values zfs_dirty_data_max and zfs_dirty_data_max_max are the most
likely to overflow on 32-bit systems, since they express physical RAM
sizes in bytes. In fact, Illumos initializes zfs_dirty_data_max_max to
2^32 which does overflow. To resolve that, this port instead initializes
it in arc_init() to 25% of physical RAM, and adds the tunable
zfs_dirty_data_max_max_percent to override that percentage. While this
solution doesn't completely avoid the overflow issue, it should be a
reasonable default for most systems, and the minority of affected
systems can work around the issue by overriding the defaults.
- Fixed reversed logic in comment above zfs_delay_scale declaration.
- Clarified comments in vdev_queue.c regarding when per-queue minimums take
effect.
- Replaced dmu_tx_write_limit in the dmu_tx kstat file
with dmu_tx_dirty_delay and dmu_tx_dirty_over_max. The first counts
how many times a transaction has been delayed because the pool dirty
data has exceeded zfs_delay_min_dirty_percent. The latter counts how
many times the pool dirty data has exceeded zfs_dirty_data_max (which
we expect to never happen).
- The original patch would have regressed the bug fixed in
zfsonlinux/zfs@c418410, which prevented users from setting the
zfs_vdev_aggregation_limit tuning larger than SPA_MAXBLOCKSIZE.
A similar fix is added to vdev_queue_aggregate().
- In vdev_queue_io_to_issue(), dynamically allocate 'zio_t search' on the
heap instead of the stack. In Linux we can't afford such large
structures on the stack.
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Christopher Siden <christopher.siden@delphix.com>
Reviewed by: Ned Bass <bass6@llnl.gov>
Reviewed by: Brendan Gregg <brendan.gregg@joyent.com>
Approved by: Robert Mustacchi <rm@joyent.com>
References:
http://www.illumos.org/issues/4045
illumos/illumos-gate@69962b5647e4a8b9b14998733b765925381b727e
Ported-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #1913
2013-08-29 07:01:20 +04:00
|
|
|
/*
|
|
|
|
* Note: this simple function is not inlined to make it easier to dtrace the
|
|
|
|
* amount of time spent syncing frees.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_sync_frees(spa_t *spa, bplist_t *bpl, dmu_tx_t *tx)
|
|
|
|
{
|
|
|
|
zio_t *zio = zio_root(spa, NULL, NULL, 0);
|
|
|
|
bplist_iterate(bpl, spa_free_sync_cb, zio, tx);
|
|
|
|
VERIFY(zio_wait(zio) == 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Note: this simple function is not inlined to make it easier to dtrace the
|
|
|
|
* amount of time spent syncing deferred frees.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_sync_deferred_frees(spa_t *spa, dmu_tx_t *tx)
|
|
|
|
{
|
|
|
|
zio_t *zio = zio_root(spa, NULL, NULL, 0);
|
|
|
|
VERIFY3U(bpobj_iterate(&spa->spa_deferred_bpobj,
|
|
|
|
spa_free_sync_cb, zio, tx), ==, 0);
|
|
|
|
VERIFY0(zio_wait(zio));
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
static void
|
|
|
|
spa_sync_nvlist(spa_t *spa, uint64_t obj, nvlist_t *nv, dmu_tx_t *tx)
|
|
|
|
{
|
|
|
|
char *packed = NULL;
|
2008-12-03 23:09:06 +03:00
|
|
|
size_t bufsize;
|
2008-11-20 23:01:55 +03:00
|
|
|
size_t nvsize = 0;
|
|
|
|
dmu_buf_t *db;
|
|
|
|
|
|
|
|
VERIFY(nvlist_size(nv, &nvsize, NV_ENCODE_XDR) == 0);
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
/*
|
|
|
|
* Write full (SPA_CONFIG_BLOCKSIZE) blocks of configuration
|
2013-12-09 22:37:51 +04:00
|
|
|
* information. This avoids the dmu_buf_will_dirty() path and
|
2008-12-03 23:09:06 +03:00
|
|
|
* saves us a pre-read to get data we don't actually care about.
|
|
|
|
*/
|
2012-12-14 03:24:15 +04:00
|
|
|
bufsize = P2ROUNDUP((uint64_t)nvsize, SPA_CONFIG_BLOCKSIZE);
|
2014-11-21 03:09:39 +03:00
|
|
|
packed = vmem_alloc(bufsize, KM_SLEEP);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
VERIFY(nvlist_pack(nv, &packed, &nvsize, NV_ENCODE_XDR,
|
2014-11-21 03:09:39 +03:00
|
|
|
KM_SLEEP) == 0);
|
2008-12-03 23:09:06 +03:00
|
|
|
bzero(packed + nvsize, bufsize - nvsize);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
dmu_write(spa->spa_meta_objset, obj, 0, bufsize, packed, tx);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-08-26 22:46:09 +04:00
|
|
|
vmem_free(packed, bufsize);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
VERIFY(0 == dmu_bonus_hold(spa->spa_meta_objset, obj, FTAG, &db));
|
|
|
|
dmu_buf_will_dirty(db, tx);
|
|
|
|
*(uint64_t *)db->db_data = nvsize;
|
|
|
|
dmu_buf_rele(db, FTAG);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
spa_sync_aux_dev(spa_t *spa, spa_aux_vdev_t *sav, dmu_tx_t *tx,
|
|
|
|
const char *config, const char *entry)
|
|
|
|
{
|
|
|
|
nvlist_t *nvroot;
|
|
|
|
nvlist_t **list;
|
|
|
|
int i;
|
|
|
|
|
|
|
|
if (!sav->sav_sync)
|
|
|
|
return;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Update the MOS nvlist describing the list of available devices.
|
|
|
|
* spa_validate_aux() will have already made sure this nvlist is
|
|
|
|
* valid and the vdevs are labeled appropriately.
|
|
|
|
*/
|
|
|
|
if (sav->sav_object == 0) {
|
|
|
|
sav->sav_object = dmu_object_alloc(spa->spa_meta_objset,
|
|
|
|
DMU_OT_PACKED_NVLIST, 1 << 14, DMU_OT_PACKED_NVLIST_SIZE,
|
|
|
|
sizeof (uint64_t), tx);
|
|
|
|
VERIFY(zap_update(spa->spa_meta_objset,
|
|
|
|
DMU_POOL_DIRECTORY_OBJECT, entry, sizeof (uint64_t), 1,
|
|
|
|
&sav->sav_object, tx) == 0);
|
|
|
|
}
|
|
|
|
|
2014-11-21 03:09:39 +03:00
|
|
|
VERIFY(nvlist_alloc(&nvroot, NV_UNIQUE_NAME, KM_SLEEP) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
if (sav->sav_count == 0) {
|
|
|
|
VERIFY(nvlist_add_nvlist_array(nvroot, config, NULL, 0) == 0);
|
|
|
|
} else {
|
2014-11-21 03:09:39 +03:00
|
|
|
list = kmem_alloc(sav->sav_count*sizeof (void *), KM_SLEEP);
|
2008-11-20 23:01:55 +03:00
|
|
|
for (i = 0; i < sav->sav_count; i++)
|
|
|
|
list[i] = vdev_config_generate(spa, sav->sav_vdevs[i],
|
2010-05-29 00:45:14 +04:00
|
|
|
B_FALSE, VDEV_CONFIG_L2CACHE);
|
2008-11-20 23:01:55 +03:00
|
|
|
VERIFY(nvlist_add_nvlist_array(nvroot, config, list,
|
|
|
|
sav->sav_count) == 0);
|
|
|
|
for (i = 0; i < sav->sav_count; i++)
|
|
|
|
nvlist_free(list[i]);
|
|
|
|
kmem_free(list, sav->sav_count * sizeof (void *));
|
|
|
|
}
|
|
|
|
|
|
|
|
spa_sync_nvlist(spa, sav->sav_object, nvroot, tx);
|
|
|
|
nvlist_free(nvroot);
|
|
|
|
|
|
|
|
sav->sav_sync = B_FALSE;
|
|
|
|
}
|
|
|
|
|
2016-04-11 23:16:57 +03:00
|
|
|
/*
|
|
|
|
* Rebuild spa's all-vdev ZAP from the vdev ZAPs indicated in each vdev_t.
|
|
|
|
* The all-vdev ZAP must be empty.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_avz_build(vdev_t *vd, uint64_t avz, dmu_tx_t *tx)
|
|
|
|
{
|
|
|
|
spa_t *spa = vd->vdev_spa;
|
|
|
|
|
|
|
|
if (vd->vdev_top_zap != 0) {
|
|
|
|
VERIFY0(zap_add_int(spa->spa_meta_objset, avz,
|
|
|
|
vd->vdev_top_zap, tx));
|
|
|
|
}
|
|
|
|
if (vd->vdev_leaf_zap != 0) {
|
|
|
|
VERIFY0(zap_add_int(spa->spa_meta_objset, avz,
|
|
|
|
vd->vdev_leaf_zap, tx));
|
|
|
|
}
|
2017-11-04 23:25:13 +03:00
|
|
|
for (uint64_t i = 0; i < vd->vdev_children; i++) {
|
2016-04-11 23:16:57 +03:00
|
|
|
spa_avz_build(vd->vdev_child[i], avz, tx);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
static void
|
|
|
|
spa_sync_config_object(spa_t *spa, dmu_tx_t *tx)
|
|
|
|
{
|
|
|
|
nvlist_t *config;
|
|
|
|
|
2016-04-11 23:16:57 +03:00
|
|
|
/*
|
|
|
|
* If the pool is being imported from a pre-per-vdev-ZAP version of ZFS,
|
|
|
|
* its config may not be dirty but we still need to build per-vdev ZAPs.
|
|
|
|
* Similarly, if the pool is being assembled (e.g. after a split), we
|
|
|
|
* need to rebuild the AVZ although the config may not be dirty.
|
|
|
|
*/
|
|
|
|
if (list_is_empty(&spa->spa_config_dirty_list) &&
|
|
|
|
spa->spa_avz_action == AVZ_ACTION_NONE)
|
2008-11-20 23:01:55 +03:00
|
|
|
return;
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_enter(spa, SCL_STATE, FTAG, RW_READER);
|
|
|
|
|
2016-04-11 23:16:57 +03:00
|
|
|
ASSERT(spa->spa_avz_action == AVZ_ACTION_NONE ||
|
2017-01-14 00:50:22 +03:00
|
|
|
spa->spa_avz_action == AVZ_ACTION_INITIALIZE ||
|
2016-04-11 23:16:57 +03:00
|
|
|
spa->spa_all_vdev_zaps != 0);
|
|
|
|
|
|
|
|
if (spa->spa_avz_action == AVZ_ACTION_REBUILD) {
|
|
|
|
/* Make and build the new AVZ */
|
|
|
|
uint64_t new_avz = zap_create(spa->spa_meta_objset,
|
|
|
|
DMU_OTN_ZAP_METADATA, DMU_OT_NONE, 0, tx);
|
|
|
|
spa_avz_build(spa->spa_root_vdev, new_avz, tx);
|
|
|
|
|
|
|
|
/* Diff old AVZ with new one */
|
2017-11-04 23:25:13 +03:00
|
|
|
zap_cursor_t zc;
|
|
|
|
zap_attribute_t za;
|
|
|
|
|
2016-04-11 23:16:57 +03:00
|
|
|
for (zap_cursor_init(&zc, spa->spa_meta_objset,
|
|
|
|
spa->spa_all_vdev_zaps);
|
|
|
|
zap_cursor_retrieve(&zc, &za) == 0;
|
|
|
|
zap_cursor_advance(&zc)) {
|
|
|
|
uint64_t vdzap = za.za_first_integer;
|
|
|
|
if (zap_lookup_int(spa->spa_meta_objset, new_avz,
|
|
|
|
vdzap) == ENOENT) {
|
|
|
|
/*
|
|
|
|
* ZAP is listed in old AVZ but not in new one;
|
|
|
|
* destroy it
|
|
|
|
*/
|
|
|
|
VERIFY0(zap_destroy(spa->spa_meta_objset, vdzap,
|
|
|
|
tx));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
zap_cursor_fini(&zc);
|
|
|
|
|
|
|
|
/* Destroy the old AVZ */
|
|
|
|
VERIFY0(zap_destroy(spa->spa_meta_objset,
|
|
|
|
spa->spa_all_vdev_zaps, tx));
|
|
|
|
|
|
|
|
/* Replace the old AVZ in the dir obj with the new one */
|
|
|
|
VERIFY0(zap_update(spa->spa_meta_objset,
|
|
|
|
DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_VDEV_ZAP_MAP,
|
|
|
|
sizeof (new_avz), 1, &new_avz, tx));
|
|
|
|
|
|
|
|
spa->spa_all_vdev_zaps = new_avz;
|
|
|
|
} else if (spa->spa_avz_action == AVZ_ACTION_DESTROY) {
|
|
|
|
zap_cursor_t zc;
|
|
|
|
zap_attribute_t za;
|
|
|
|
|
|
|
|
/* Walk through the AVZ and destroy all listed ZAPs */
|
|
|
|
for (zap_cursor_init(&zc, spa->spa_meta_objset,
|
|
|
|
spa->spa_all_vdev_zaps);
|
|
|
|
zap_cursor_retrieve(&zc, &za) == 0;
|
|
|
|
zap_cursor_advance(&zc)) {
|
|
|
|
uint64_t zap = za.za_first_integer;
|
|
|
|
VERIFY0(zap_destroy(spa->spa_meta_objset, zap, tx));
|
|
|
|
}
|
|
|
|
|
|
|
|
zap_cursor_fini(&zc);
|
|
|
|
|
|
|
|
/* Destroy and unlink the AVZ itself */
|
|
|
|
VERIFY0(zap_destroy(spa->spa_meta_objset,
|
|
|
|
spa->spa_all_vdev_zaps, tx));
|
|
|
|
VERIFY0(zap_remove(spa->spa_meta_objset,
|
|
|
|
DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_VDEV_ZAP_MAP, tx));
|
|
|
|
spa->spa_all_vdev_zaps = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (spa->spa_all_vdev_zaps == 0) {
|
|
|
|
spa->spa_all_vdev_zaps = zap_create_link(spa->spa_meta_objset,
|
|
|
|
DMU_OTN_ZAP_METADATA, DMU_POOL_DIRECTORY_OBJECT,
|
|
|
|
DMU_POOL_VDEV_ZAP_MAP, tx);
|
|
|
|
}
|
|
|
|
spa->spa_avz_action = AVZ_ACTION_NONE;
|
|
|
|
|
|
|
|
/* Create ZAPs for vdevs that don't have them. */
|
|
|
|
vdev_construct_zaps(spa->spa_root_vdev, tx);
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
config = spa_config_generate(spa, spa->spa_root_vdev,
|
|
|
|
dmu_tx_get_txg(tx), B_FALSE);
|
|
|
|
|
2012-12-15 04:28:49 +04:00
|
|
|
/*
|
|
|
|
* If we're upgrading the spa version then make sure that
|
|
|
|
* the config object gets updated with the correct version.
|
|
|
|
*/
|
|
|
|
if (spa->spa_ubsync.ub_version < spa->spa_uberblock.ub_version)
|
|
|
|
fnvlist_add_uint64(config, ZPOOL_CONFIG_VERSION,
|
|
|
|
spa->spa_uberblock.ub_version);
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_exit(spa, SCL_STATE, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2016-04-01 06:54:07 +03:00
|
|
|
nvlist_free(spa->spa_config_syncing);
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_config_syncing = config;
|
|
|
|
|
|
|
|
spa_sync_nvlist(spa, spa->spa_config_object, config, tx);
|
|
|
|
}
|
|
|
|
|
2012-12-14 03:24:15 +04:00
|
|
|
static void
|
2013-09-04 16:00:57 +04:00
|
|
|
spa_sync_version(void *arg, dmu_tx_t *tx)
|
2012-12-14 03:24:15 +04:00
|
|
|
{
|
2013-09-04 16:00:57 +04:00
|
|
|
uint64_t *versionp = arg;
|
|
|
|
uint64_t version = *versionp;
|
|
|
|
spa_t *spa = dmu_tx_pool(tx)->dp_spa;
|
2012-12-14 03:24:15 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Setting the version is special cased when first creating the pool.
|
|
|
|
*/
|
|
|
|
ASSERT(tx->tx_txg != TXG_INITIAL);
|
|
|
|
|
2013-02-10 04:25:55 +04:00
|
|
|
ASSERT(SPA_VERSION_IS_SUPPORTED(version));
|
2012-12-14 03:24:15 +04:00
|
|
|
ASSERT(version >= spa_version(spa));
|
|
|
|
|
|
|
|
spa->spa_uberblock.ub_version = version;
|
|
|
|
vdev_config_dirty(spa->spa_root_vdev);
|
2013-08-28 15:45:09 +04:00
|
|
|
spa_history_log_internal(spa, "set", tx, "version=%lld", version);
|
2012-12-14 03:24:15 +04:00
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Set zpool properties.
|
|
|
|
*/
|
|
|
|
static void
|
2013-09-04 16:00:57 +04:00
|
|
|
spa_sync_props(void *arg, dmu_tx_t *tx)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2013-09-04 16:00:57 +04:00
|
|
|
nvlist_t *nvp = arg;
|
|
|
|
spa_t *spa = dmu_tx_pool(tx)->dp_spa;
|
2008-11-20 23:01:55 +03:00
|
|
|
objset_t *mos = spa->spa_meta_objset;
|
2012-12-14 03:24:15 +04:00
|
|
|
nvpair_t *elem = NULL;
|
2008-12-03 23:09:06 +03:00
|
|
|
|
|
|
|
mutex_enter(&spa->spa_props_lock);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
while ((elem = nvlist_next_nvpair(nvp, elem))) {
|
2012-12-14 03:24:15 +04:00
|
|
|
uint64_t intval;
|
|
|
|
char *strval, *fname;
|
|
|
|
zpool_prop_t prop;
|
|
|
|
const char *propname;
|
|
|
|
zprop_type_t proptype;
|
2013-10-08 21:13:05 +04:00
|
|
|
spa_feature_t fid;
|
2012-12-14 03:24:15 +04:00
|
|
|
|
|
|
|
prop = zpool_name_to_prop(nvpair_name(elem));
|
|
|
|
switch ((int)prop) {
|
|
|
|
case ZPROP_INVAL:
|
|
|
|
/*
|
|
|
|
* We checked this earlier in spa_prop_validate().
|
|
|
|
*/
|
|
|
|
ASSERT(zpool_prop_feature(nvpair_name(elem)));
|
|
|
|
|
|
|
|
fname = strchr(nvpair_name(elem), '@') + 1;
|
2013-10-08 21:13:05 +04:00
|
|
|
VERIFY0(zfeature_lookup_name(fname, &fid));
|
2012-12-14 03:24:15 +04:00
|
|
|
|
2013-10-08 21:13:05 +04:00
|
|
|
spa_feature_enable(spa, fid, tx);
|
2013-08-28 15:45:09 +04:00
|
|
|
spa_history_log_internal(spa, "set", tx,
|
|
|
|
"%s=enabled", nvpair_name(elem));
|
2012-12-14 03:24:15 +04:00
|
|
|
break;
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
case ZPOOL_PROP_VERSION:
|
Illumos #4101, #4102, #4103, #4105, #4106
4101 metaslab_debug should allow for fine-grained control
4102 space_maps should store more information about themselves
4103 space map object blocksize should be increased
4105 removing a mirrored log device results in a leaked object
4106 asynchronously load metaslab
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Sebastien Roy <seb@delphix.com>
Approved by: Garrett D'Amore <garrett@damore.org>
Prior to this patch, space_maps were preferred solely based on the
amount of free space left in each. Unfortunately, this heuristic didn't
contain any information about the make-up of that free space, which
meant we could keep preferring and loading a highly fragmented space map
that wouldn't actually have enough contiguous space to satisfy the
allocation; then unloading that space_map and repeating the process.
This change modifies the space_map's to store additional information
about the contiguous space in the space_map, so that we can use this
information to make a better decision about which space_map to load.
This requires reallocating all space_map objects to increase their
bonus buffer size sizes enough to fit the new metadata.
The above feature can be enabled via a new feature flag introduced by
this change: com.delphix:spacemap_histogram
In addition to the above, this patch allows the space_map block size to
be increase. Currently the block size is set to be 4K in size, which has
certain implications including the following:
* 4K sector devices will not see any compression benefit
* large space_maps require more metadata on-disk
* large space_maps require more time to load (typically random reads)
Now the space_map block size can adjust as needed up to the maximum size
set via the space_map_max_blksz variable.
A bug was fixed which resulted in potentially leaking an object when
removing a mirrored log device. The previous logic for vdev_remove() did
not deal with removing top-level vdevs that are interior vdevs (i.e.
mirror) correctly. The problem would occur when removing a mirrored log
device, and result in the DTL space map object being leaked; because
top-level vdevs don't have DTL space map objects associated with them.
References:
https://www.illumos.org/issues/4101
https://www.illumos.org/issues/4102
https://www.illumos.org/issues/4103
https://www.illumos.org/issues/4105
https://www.illumos.org/issues/4106
https://github.com/illumos/illumos-gate/commit/0713e23
Porting notes:
A handful of kmem_alloc() calls were converted to kmem_zalloc(). Also,
the KM_PUSHPAGE and TQ_PUSHPAGE flags were used as necessary.
Ported-by: Tim Chase <tim@chase2k.com>
Signed-off-by: Prakash Surya <surya1@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #2488
2013-10-02 01:25:53 +04:00
|
|
|
intval = fnvpair_value_uint64(elem);
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
2017-01-03 20:31:18 +03:00
|
|
|
* The version is synced separately before other
|
2012-12-14 03:24:15 +04:00
|
|
|
* properties and should be correct by now.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2012-12-14 03:24:15 +04:00
|
|
|
ASSERT3U(spa_version(spa), >=, intval);
|
2008-11-20 23:01:55 +03:00
|
|
|
break;
|
|
|
|
|
|
|
|
case ZPOOL_PROP_ALTROOT:
|
|
|
|
/*
|
|
|
|
* 'altroot' is a non-persistent property. It should
|
|
|
|
* have been set temporarily at creation or import time.
|
|
|
|
*/
|
|
|
|
ASSERT(spa->spa_root != NULL);
|
|
|
|
break;
|
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
case ZPOOL_PROP_READONLY:
|
2008-11-20 23:01:55 +03:00
|
|
|
case ZPOOL_PROP_CACHEFILE:
|
|
|
|
/*
|
2010-08-27 01:24:34 +04:00
|
|
|
* 'readonly' and 'cachefile' are also non-persisitent
|
|
|
|
* properties.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
|
|
|
break;
|
2011-11-15 23:01:27 +04:00
|
|
|
case ZPOOL_PROP_COMMENT:
|
Illumos #4101, #4102, #4103, #4105, #4106
4101 metaslab_debug should allow for fine-grained control
4102 space_maps should store more information about themselves
4103 space map object blocksize should be increased
4105 removing a mirrored log device results in a leaked object
4106 asynchronously load metaslab
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Sebastien Roy <seb@delphix.com>
Approved by: Garrett D'Amore <garrett@damore.org>
Prior to this patch, space_maps were preferred solely based on the
amount of free space left in each. Unfortunately, this heuristic didn't
contain any information about the make-up of that free space, which
meant we could keep preferring and loading a highly fragmented space map
that wouldn't actually have enough contiguous space to satisfy the
allocation; then unloading that space_map and repeating the process.
This change modifies the space_map's to store additional information
about the contiguous space in the space_map, so that we can use this
information to make a better decision about which space_map to load.
This requires reallocating all space_map objects to increase their
bonus buffer size sizes enough to fit the new metadata.
The above feature can be enabled via a new feature flag introduced by
this change: com.delphix:spacemap_histogram
In addition to the above, this patch allows the space_map block size to
be increase. Currently the block size is set to be 4K in size, which has
certain implications including the following:
* 4K sector devices will not see any compression benefit
* large space_maps require more metadata on-disk
* large space_maps require more time to load (typically random reads)
Now the space_map block size can adjust as needed up to the maximum size
set via the space_map_max_blksz variable.
A bug was fixed which resulted in potentially leaking an object when
removing a mirrored log device. The previous logic for vdev_remove() did
not deal with removing top-level vdevs that are interior vdevs (i.e.
mirror) correctly. The problem would occur when removing a mirrored log
device, and result in the DTL space map object being leaked; because
top-level vdevs don't have DTL space map objects associated with them.
References:
https://www.illumos.org/issues/4101
https://www.illumos.org/issues/4102
https://www.illumos.org/issues/4103
https://www.illumos.org/issues/4105
https://www.illumos.org/issues/4106
https://github.com/illumos/illumos-gate/commit/0713e23
Porting notes:
A handful of kmem_alloc() calls were converted to kmem_zalloc(). Also,
the KM_PUSHPAGE and TQ_PUSHPAGE flags were used as necessary.
Ported-by: Tim Chase <tim@chase2k.com>
Signed-off-by: Prakash Surya <surya1@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #2488
2013-10-02 01:25:53 +04:00
|
|
|
strval = fnvpair_value_string(elem);
|
2011-11-15 23:01:27 +04:00
|
|
|
if (spa->spa_comment != NULL)
|
|
|
|
spa_strfree(spa->spa_comment);
|
|
|
|
spa->spa_comment = spa_strdup(strval);
|
|
|
|
/*
|
|
|
|
* We need to dirty the configuration on all the vdevs
|
|
|
|
* so that their labels get updated. It's unnecessary
|
|
|
|
* to do this for pool creation since the vdev's
|
2017-01-03 20:31:18 +03:00
|
|
|
* configuration has already been dirtied.
|
2011-11-15 23:01:27 +04:00
|
|
|
*/
|
|
|
|
if (tx->tx_txg != TXG_INITIAL)
|
|
|
|
vdev_config_dirty(spa->spa_root_vdev);
|
2013-08-28 15:45:09 +04:00
|
|
|
spa_history_log_internal(spa, "set", tx,
|
|
|
|
"%s=%s", nvpair_name(elem), strval);
|
2011-11-15 23:01:27 +04:00
|
|
|
break;
|
2008-11-20 23:01:55 +03:00
|
|
|
default:
|
|
|
|
/*
|
|
|
|
* Set pool property values in the poolprops mos object.
|
|
|
|
*/
|
|
|
|
if (spa->spa_pool_props_object == 0) {
|
2012-12-14 03:24:15 +04:00
|
|
|
spa->spa_pool_props_object =
|
|
|
|
zap_create_link(mos, DMU_OT_POOL_PROPS,
|
2008-11-20 23:01:55 +03:00
|
|
|
DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_PROPS,
|
2012-12-14 03:24:15 +04:00
|
|
|
tx);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/* normalize the property name */
|
|
|
|
propname = zpool_prop_to_name(prop);
|
|
|
|
proptype = zpool_prop_get_type(prop);
|
|
|
|
|
|
|
|
if (nvpair_type(elem) == DATA_TYPE_STRING) {
|
|
|
|
ASSERT(proptype == PROP_TYPE_STRING);
|
Illumos #4101, #4102, #4103, #4105, #4106
4101 metaslab_debug should allow for fine-grained control
4102 space_maps should store more information about themselves
4103 space map object blocksize should be increased
4105 removing a mirrored log device results in a leaked object
4106 asynchronously load metaslab
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Sebastien Roy <seb@delphix.com>
Approved by: Garrett D'Amore <garrett@damore.org>
Prior to this patch, space_maps were preferred solely based on the
amount of free space left in each. Unfortunately, this heuristic didn't
contain any information about the make-up of that free space, which
meant we could keep preferring and loading a highly fragmented space map
that wouldn't actually have enough contiguous space to satisfy the
allocation; then unloading that space_map and repeating the process.
This change modifies the space_map's to store additional information
about the contiguous space in the space_map, so that we can use this
information to make a better decision about which space_map to load.
This requires reallocating all space_map objects to increase their
bonus buffer size sizes enough to fit the new metadata.
The above feature can be enabled via a new feature flag introduced by
this change: com.delphix:spacemap_histogram
In addition to the above, this patch allows the space_map block size to
be increase. Currently the block size is set to be 4K in size, which has
certain implications including the following:
* 4K sector devices will not see any compression benefit
* large space_maps require more metadata on-disk
* large space_maps require more time to load (typically random reads)
Now the space_map block size can adjust as needed up to the maximum size
set via the space_map_max_blksz variable.
A bug was fixed which resulted in potentially leaking an object when
removing a mirrored log device. The previous logic for vdev_remove() did
not deal with removing top-level vdevs that are interior vdevs (i.e.
mirror) correctly. The problem would occur when removing a mirrored log
device, and result in the DTL space map object being leaked; because
top-level vdevs don't have DTL space map objects associated with them.
References:
https://www.illumos.org/issues/4101
https://www.illumos.org/issues/4102
https://www.illumos.org/issues/4103
https://www.illumos.org/issues/4105
https://www.illumos.org/issues/4106
https://github.com/illumos/illumos-gate/commit/0713e23
Porting notes:
A handful of kmem_alloc() calls were converted to kmem_zalloc(). Also,
the KM_PUSHPAGE and TQ_PUSHPAGE flags were used as necessary.
Ported-by: Tim Chase <tim@chase2k.com>
Signed-off-by: Prakash Surya <surya1@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #2488
2013-10-02 01:25:53 +04:00
|
|
|
strval = fnvpair_value_string(elem);
|
|
|
|
VERIFY0(zap_update(mos,
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_pool_props_object, propname,
|
Illumos #4101, #4102, #4103, #4105, #4106
4101 metaslab_debug should allow for fine-grained control
4102 space_maps should store more information about themselves
4103 space map object blocksize should be increased
4105 removing a mirrored log device results in a leaked object
4106 asynchronously load metaslab
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Sebastien Roy <seb@delphix.com>
Approved by: Garrett D'Amore <garrett@damore.org>
Prior to this patch, space_maps were preferred solely based on the
amount of free space left in each. Unfortunately, this heuristic didn't
contain any information about the make-up of that free space, which
meant we could keep preferring and loading a highly fragmented space map
that wouldn't actually have enough contiguous space to satisfy the
allocation; then unloading that space_map and repeating the process.
This change modifies the space_map's to store additional information
about the contiguous space in the space_map, so that we can use this
information to make a better decision about which space_map to load.
This requires reallocating all space_map objects to increase their
bonus buffer size sizes enough to fit the new metadata.
The above feature can be enabled via a new feature flag introduced by
this change: com.delphix:spacemap_histogram
In addition to the above, this patch allows the space_map block size to
be increase. Currently the block size is set to be 4K in size, which has
certain implications including the following:
* 4K sector devices will not see any compression benefit
* large space_maps require more metadata on-disk
* large space_maps require more time to load (typically random reads)
Now the space_map block size can adjust as needed up to the maximum size
set via the space_map_max_blksz variable.
A bug was fixed which resulted in potentially leaking an object when
removing a mirrored log device. The previous logic for vdev_remove() did
not deal with removing top-level vdevs that are interior vdevs (i.e.
mirror) correctly. The problem would occur when removing a mirrored log
device, and result in the DTL space map object being leaked; because
top-level vdevs don't have DTL space map objects associated with them.
References:
https://www.illumos.org/issues/4101
https://www.illumos.org/issues/4102
https://www.illumos.org/issues/4103
https://www.illumos.org/issues/4105
https://www.illumos.org/issues/4106
https://github.com/illumos/illumos-gate/commit/0713e23
Porting notes:
A handful of kmem_alloc() calls were converted to kmem_zalloc(). Also,
the KM_PUSHPAGE and TQ_PUSHPAGE flags were used as necessary.
Ported-by: Tim Chase <tim@chase2k.com>
Signed-off-by: Prakash Surya <surya1@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #2488
2013-10-02 01:25:53 +04:00
|
|
|
1, strlen(strval) + 1, strval, tx));
|
2013-08-28 15:45:09 +04:00
|
|
|
spa_history_log_internal(spa, "set", tx,
|
|
|
|
"%s=%s", nvpair_name(elem), strval);
|
2008-11-20 23:01:55 +03:00
|
|
|
} else if (nvpair_type(elem) == DATA_TYPE_UINT64) {
|
Illumos #4101, #4102, #4103, #4105, #4106
4101 metaslab_debug should allow for fine-grained control
4102 space_maps should store more information about themselves
4103 space map object blocksize should be increased
4105 removing a mirrored log device results in a leaked object
4106 asynchronously load metaslab
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Sebastien Roy <seb@delphix.com>
Approved by: Garrett D'Amore <garrett@damore.org>
Prior to this patch, space_maps were preferred solely based on the
amount of free space left in each. Unfortunately, this heuristic didn't
contain any information about the make-up of that free space, which
meant we could keep preferring and loading a highly fragmented space map
that wouldn't actually have enough contiguous space to satisfy the
allocation; then unloading that space_map and repeating the process.
This change modifies the space_map's to store additional information
about the contiguous space in the space_map, so that we can use this
information to make a better decision about which space_map to load.
This requires reallocating all space_map objects to increase their
bonus buffer size sizes enough to fit the new metadata.
The above feature can be enabled via a new feature flag introduced by
this change: com.delphix:spacemap_histogram
In addition to the above, this patch allows the space_map block size to
be increase. Currently the block size is set to be 4K in size, which has
certain implications including the following:
* 4K sector devices will not see any compression benefit
* large space_maps require more metadata on-disk
* large space_maps require more time to load (typically random reads)
Now the space_map block size can adjust as needed up to the maximum size
set via the space_map_max_blksz variable.
A bug was fixed which resulted in potentially leaking an object when
removing a mirrored log device. The previous logic for vdev_remove() did
not deal with removing top-level vdevs that are interior vdevs (i.e.
mirror) correctly. The problem would occur when removing a mirrored log
device, and result in the DTL space map object being leaked; because
top-level vdevs don't have DTL space map objects associated with them.
References:
https://www.illumos.org/issues/4101
https://www.illumos.org/issues/4102
https://www.illumos.org/issues/4103
https://www.illumos.org/issues/4105
https://www.illumos.org/issues/4106
https://github.com/illumos/illumos-gate/commit/0713e23
Porting notes:
A handful of kmem_alloc() calls were converted to kmem_zalloc(). Also,
the KM_PUSHPAGE and TQ_PUSHPAGE flags were used as necessary.
Ported-by: Tim Chase <tim@chase2k.com>
Signed-off-by: Prakash Surya <surya1@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #2488
2013-10-02 01:25:53 +04:00
|
|
|
intval = fnvpair_value_uint64(elem);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
if (proptype == PROP_TYPE_INDEX) {
|
|
|
|
const char *unused;
|
Illumos #4101, #4102, #4103, #4105, #4106
4101 metaslab_debug should allow for fine-grained control
4102 space_maps should store more information about themselves
4103 space map object blocksize should be increased
4105 removing a mirrored log device results in a leaked object
4106 asynchronously load metaslab
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Sebastien Roy <seb@delphix.com>
Approved by: Garrett D'Amore <garrett@damore.org>
Prior to this patch, space_maps were preferred solely based on the
amount of free space left in each. Unfortunately, this heuristic didn't
contain any information about the make-up of that free space, which
meant we could keep preferring and loading a highly fragmented space map
that wouldn't actually have enough contiguous space to satisfy the
allocation; then unloading that space_map and repeating the process.
This change modifies the space_map's to store additional information
about the contiguous space in the space_map, so that we can use this
information to make a better decision about which space_map to load.
This requires reallocating all space_map objects to increase their
bonus buffer size sizes enough to fit the new metadata.
The above feature can be enabled via a new feature flag introduced by
this change: com.delphix:spacemap_histogram
In addition to the above, this patch allows the space_map block size to
be increase. Currently the block size is set to be 4K in size, which has
certain implications including the following:
* 4K sector devices will not see any compression benefit
* large space_maps require more metadata on-disk
* large space_maps require more time to load (typically random reads)
Now the space_map block size can adjust as needed up to the maximum size
set via the space_map_max_blksz variable.
A bug was fixed which resulted in potentially leaking an object when
removing a mirrored log device. The previous logic for vdev_remove() did
not deal with removing top-level vdevs that are interior vdevs (i.e.
mirror) correctly. The problem would occur when removing a mirrored log
device, and result in the DTL space map object being leaked; because
top-level vdevs don't have DTL space map objects associated with them.
References:
https://www.illumos.org/issues/4101
https://www.illumos.org/issues/4102
https://www.illumos.org/issues/4103
https://www.illumos.org/issues/4105
https://www.illumos.org/issues/4106
https://github.com/illumos/illumos-gate/commit/0713e23
Porting notes:
A handful of kmem_alloc() calls were converted to kmem_zalloc(). Also,
the KM_PUSHPAGE and TQ_PUSHPAGE flags were used as necessary.
Ported-by: Tim Chase <tim@chase2k.com>
Signed-off-by: Prakash Surya <surya1@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #2488
2013-10-02 01:25:53 +04:00
|
|
|
VERIFY0(zpool_prop_index_to_string(
|
|
|
|
prop, intval, &unused));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
Illumos #4101, #4102, #4103, #4105, #4106
4101 metaslab_debug should allow for fine-grained control
4102 space_maps should store more information about themselves
4103 space map object blocksize should be increased
4105 removing a mirrored log device results in a leaked object
4106 asynchronously load metaslab
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Sebastien Roy <seb@delphix.com>
Approved by: Garrett D'Amore <garrett@damore.org>
Prior to this patch, space_maps were preferred solely based on the
amount of free space left in each. Unfortunately, this heuristic didn't
contain any information about the make-up of that free space, which
meant we could keep preferring and loading a highly fragmented space map
that wouldn't actually have enough contiguous space to satisfy the
allocation; then unloading that space_map and repeating the process.
This change modifies the space_map's to store additional information
about the contiguous space in the space_map, so that we can use this
information to make a better decision about which space_map to load.
This requires reallocating all space_map objects to increase their
bonus buffer size sizes enough to fit the new metadata.
The above feature can be enabled via a new feature flag introduced by
this change: com.delphix:spacemap_histogram
In addition to the above, this patch allows the space_map block size to
be increase. Currently the block size is set to be 4K in size, which has
certain implications including the following:
* 4K sector devices will not see any compression benefit
* large space_maps require more metadata on-disk
* large space_maps require more time to load (typically random reads)
Now the space_map block size can adjust as needed up to the maximum size
set via the space_map_max_blksz variable.
A bug was fixed which resulted in potentially leaking an object when
removing a mirrored log device. The previous logic for vdev_remove() did
not deal with removing top-level vdevs that are interior vdevs (i.e.
mirror) correctly. The problem would occur when removing a mirrored log
device, and result in the DTL space map object being leaked; because
top-level vdevs don't have DTL space map objects associated with them.
References:
https://www.illumos.org/issues/4101
https://www.illumos.org/issues/4102
https://www.illumos.org/issues/4103
https://www.illumos.org/issues/4105
https://www.illumos.org/issues/4106
https://github.com/illumos/illumos-gate/commit/0713e23
Porting notes:
A handful of kmem_alloc() calls were converted to kmem_zalloc(). Also,
the KM_PUSHPAGE and TQ_PUSHPAGE flags were used as necessary.
Ported-by: Tim Chase <tim@chase2k.com>
Signed-off-by: Prakash Surya <surya1@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #2488
2013-10-02 01:25:53 +04:00
|
|
|
VERIFY0(zap_update(mos,
|
2008-11-20 23:01:55 +03:00
|
|
|
spa->spa_pool_props_object, propname,
|
Illumos #4101, #4102, #4103, #4105, #4106
4101 metaslab_debug should allow for fine-grained control
4102 space_maps should store more information about themselves
4103 space map object blocksize should be increased
4105 removing a mirrored log device results in a leaked object
4106 asynchronously load metaslab
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Sebastien Roy <seb@delphix.com>
Approved by: Garrett D'Amore <garrett@damore.org>
Prior to this patch, space_maps were preferred solely based on the
amount of free space left in each. Unfortunately, this heuristic didn't
contain any information about the make-up of that free space, which
meant we could keep preferring and loading a highly fragmented space map
that wouldn't actually have enough contiguous space to satisfy the
allocation; then unloading that space_map and repeating the process.
This change modifies the space_map's to store additional information
about the contiguous space in the space_map, so that we can use this
information to make a better decision about which space_map to load.
This requires reallocating all space_map objects to increase their
bonus buffer size sizes enough to fit the new metadata.
The above feature can be enabled via a new feature flag introduced by
this change: com.delphix:spacemap_histogram
In addition to the above, this patch allows the space_map block size to
be increase. Currently the block size is set to be 4K in size, which has
certain implications including the following:
* 4K sector devices will not see any compression benefit
* large space_maps require more metadata on-disk
* large space_maps require more time to load (typically random reads)
Now the space_map block size can adjust as needed up to the maximum size
set via the space_map_max_blksz variable.
A bug was fixed which resulted in potentially leaking an object when
removing a mirrored log device. The previous logic for vdev_remove() did
not deal with removing top-level vdevs that are interior vdevs (i.e.
mirror) correctly. The problem would occur when removing a mirrored log
device, and result in the DTL space map object being leaked; because
top-level vdevs don't have DTL space map objects associated with them.
References:
https://www.illumos.org/issues/4101
https://www.illumos.org/issues/4102
https://www.illumos.org/issues/4103
https://www.illumos.org/issues/4105
https://www.illumos.org/issues/4106
https://github.com/illumos/illumos-gate/commit/0713e23
Porting notes:
A handful of kmem_alloc() calls were converted to kmem_zalloc(). Also,
the KM_PUSHPAGE and TQ_PUSHPAGE flags were used as necessary.
Ported-by: Tim Chase <tim@chase2k.com>
Signed-off-by: Prakash Surya <surya1@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #2488
2013-10-02 01:25:53 +04:00
|
|
|
8, 1, &intval, tx));
|
2013-08-28 15:45:09 +04:00
|
|
|
spa_history_log_internal(spa, "set", tx,
|
|
|
|
"%s=%lld", nvpair_name(elem), intval);
|
2008-11-20 23:01:55 +03:00
|
|
|
} else {
|
|
|
|
ASSERT(0); /* not allowed */
|
|
|
|
}
|
|
|
|
|
|
|
|
switch (prop) {
|
|
|
|
case ZPOOL_PROP_DELEGATION:
|
|
|
|
spa->spa_delegation = intval;
|
|
|
|
break;
|
|
|
|
case ZPOOL_PROP_BOOTFS:
|
|
|
|
spa->spa_bootfs = intval;
|
|
|
|
break;
|
|
|
|
case ZPOOL_PROP_FAILUREMODE:
|
|
|
|
spa->spa_failmode = intval;
|
|
|
|
break;
|
2009-07-03 02:44:48 +04:00
|
|
|
case ZPOOL_PROP_AUTOEXPAND:
|
|
|
|
spa->spa_autoexpand = intval;
|
2010-05-29 00:45:14 +04:00
|
|
|
if (tx->tx_txg != TXG_INITIAL)
|
|
|
|
spa_async_request(spa,
|
|
|
|
SPA_ASYNC_AUTOEXPAND);
|
|
|
|
break;
|
Multi-modifier protection (MMP)
Add multihost=on|off pool property to control MMP. When enabled
a new thread writes uberblocks to the last slot in each label, at a
set frequency, to indicate to other hosts the pool is actively imported.
These uberblocks are the last synced uberblock with an updated
timestamp. Property defaults to off.
During tryimport, find the "best" uberblock (newest txg and timestamp)
repeatedly, checking for change in the found uberblock. Include the
results of the activity test in the config returned by tryimport.
These results are reported to user in "zpool import".
Allow the user to control the period between MMP writes, and the
duration of the activity test on import, via a new module parameter
zfs_multihost_interval. The period is specified in milliseconds. The
activity test duration is calculated from this value, and from the
mmp_delay in the "best" uberblock found initially.
Add a kstat interface to export statistics about Multiple Modifier
Protection (MMP) updates. Include the last synced txg number, the
timestamp, the delay since the last MMP update, the VDEV GUID, the VDEV
label that received the last MMP update, and the VDEV path. Abbreviated
output below.
$ cat /proc/spl/kstat/zfs/mypool/multihost
31 0 0x01 10 880 105092382393521 105144180101111
txg timestamp mmp_delay vdev_guid vdev_label vdev_path
20468 261337 250274925 68396651780 3 /dev/sda
20468 261339 252023374 6267402363293 1 /dev/sdc
20468 261340 252000858 6698080955233 1 /dev/sdx
20468 261341 251980635 783892869810 2 /dev/sdy
20468 261342 253385953 8923255792467 3 /dev/sdd
20468 261344 253336622 042125143176 0 /dev/sdab
20468 261345 253310522 1200778101278 2 /dev/sde
20468 261346 253286429 0950576198362 2 /dev/sdt
20468 261347 253261545 96209817917 3 /dev/sds
20468 261349 253238188 8555725937673 3 /dev/sdb
Add a new tunable zfs_multihost_history to specify the number of MMP
updates to store history for. By default it is set to zero meaning that
no MMP statistics are stored.
When using ztest to generate activity, for automated tests of the MMP
function, some test functions interfere with the test. For example, the
pool is exported to run zdb and then imported again. Add a new ztest
function, "-M", to alter ztest behavior to prevent this.
Add new tests to verify the new functionality. Tests provided by
Giuseppe Di Natale.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Giuseppe Di Natale <dinatale2@llnl.gov>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Olaf Faaland <faaland1@llnl.gov>
Closes #745
Closes #6279
2017-07-08 06:20:35 +03:00
|
|
|
case ZPOOL_PROP_MULTIHOST:
|
|
|
|
spa->spa_multihost = intval;
|
|
|
|
break;
|
2010-05-29 00:45:14 +04:00
|
|
|
case ZPOOL_PROP_DEDUPDITTO:
|
|
|
|
spa->spa_dedup_ditto = intval;
|
2009-07-03 02:44:48 +04:00
|
|
|
break;
|
2008-11-20 23:01:55 +03:00
|
|
|
default:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
2008-12-03 23:09:06 +03:00
|
|
|
|
|
|
|
mutex_exit(&spa->spa_props_lock);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
|
|
|
* Perform one-time upgrade on-disk changes. spa_version() does not
|
|
|
|
* reflect the new version this txg, so there must be no changes this
|
|
|
|
* txg to anything that the upgrade code depends on after it executes.
|
|
|
|
* Therefore this must be called after dsl_pool_sync() does the sync
|
|
|
|
* tasks.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
spa_sync_upgrades(spa_t *spa, dmu_tx_t *tx)
|
|
|
|
{
|
|
|
|
dsl_pool_t *dp = spa->spa_dsl_pool;
|
|
|
|
|
|
|
|
ASSERT(spa->spa_sync_pass == 1);
|
|
|
|
|
2013-09-04 16:00:57 +04:00
|
|
|
rrw_enter(&dp->dp_config_rwlock, RW_WRITER, FTAG);
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
if (spa->spa_ubsync.ub_version < SPA_VERSION_ORIGIN &&
|
|
|
|
spa->spa_uberblock.ub_version >= SPA_VERSION_ORIGIN) {
|
|
|
|
dsl_pool_create_origin(dp, tx);
|
|
|
|
|
|
|
|
/* Keeping the origin open increases spa_minref */
|
|
|
|
spa->spa_minref += 3;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (spa->spa_ubsync.ub_version < SPA_VERSION_NEXT_CLONES &&
|
|
|
|
spa->spa_uberblock.ub_version >= SPA_VERSION_NEXT_CLONES) {
|
|
|
|
dsl_pool_upgrade_clones(dp, tx);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (spa->spa_ubsync.ub_version < SPA_VERSION_DIR_CLONES &&
|
|
|
|
spa->spa_uberblock.ub_version >= SPA_VERSION_DIR_CLONES) {
|
|
|
|
dsl_pool_upgrade_dir_clones(dp, tx);
|
|
|
|
|
|
|
|
/* Keeping the freedir open increases spa_minref */
|
|
|
|
spa->spa_minref += 3;
|
|
|
|
}
|
2012-12-14 03:24:15 +04:00
|
|
|
|
|
|
|
if (spa->spa_ubsync.ub_version < SPA_VERSION_FEATURES &&
|
|
|
|
spa->spa_uberblock.ub_version >= SPA_VERSION_FEATURES) {
|
|
|
|
spa_feature_create_zap_objects(spa, tx);
|
|
|
|
}
|
2014-10-18 19:58:11 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* LZ4_COMPRESS feature's behaviour was changed to activate_on_enable
|
|
|
|
* when possibility to use lz4 compression for metadata was added
|
|
|
|
* Old pools that have this feature enabled must be upgraded to have
|
|
|
|
* this feature active
|
|
|
|
*/
|
|
|
|
if (spa->spa_uberblock.ub_version >= SPA_VERSION_FEATURES) {
|
|
|
|
boolean_t lz4_en = spa_feature_is_enabled(spa,
|
|
|
|
SPA_FEATURE_LZ4_COMPRESS);
|
|
|
|
boolean_t lz4_ac = spa_feature_is_active(spa,
|
|
|
|
SPA_FEATURE_LZ4_COMPRESS);
|
|
|
|
|
|
|
|
if (lz4_en && !lz4_ac)
|
|
|
|
spa_feature_incr(spa, SPA_FEATURE_LZ4_COMPRESS, tx);
|
|
|
|
}
|
2016-06-16 01:47:05 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If we haven't written the salt, do so now. Note that the
|
|
|
|
* feature may not be activated yet, but that's fine since
|
|
|
|
* the presence of this ZAP entry is backwards compatible.
|
|
|
|
*/
|
|
|
|
if (zap_contains(spa->spa_meta_objset, DMU_POOL_DIRECTORY_OBJECT,
|
|
|
|
DMU_POOL_CHECKSUM_SALT) == ENOENT) {
|
|
|
|
VERIFY0(zap_add(spa->spa_meta_objset,
|
|
|
|
DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_CHECKSUM_SALT, 1,
|
|
|
|
sizeof (spa->spa_cksum_salt.zcs_bytes),
|
|
|
|
spa->spa_cksum_salt.zcs_bytes, tx));
|
|
|
|
}
|
|
|
|
|
2013-09-04 16:00:57 +04:00
|
|
|
rrw_exit(&dp->dp_config_rwlock, FTAG);
|
2010-05-29 00:45:14 +04:00
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Sync the specified transaction group. New blocks may be dirtied as
|
|
|
|
* part of the process, so we iterate until it converges.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
spa_sync(spa_t *spa, uint64_t txg)
|
|
|
|
{
|
|
|
|
dsl_pool_t *dp = spa->spa_dsl_pool;
|
|
|
|
objset_t *mos = spa->spa_meta_objset;
|
2010-05-29 00:45:14 +04:00
|
|
|
bplist_t *free_bpl = &spa->spa_free_bplist[txg & TXG_MASK];
|
2008-11-20 23:01:55 +03:00
|
|
|
vdev_t *rvd = spa->spa_root_vdev;
|
|
|
|
vdev_t *vd;
|
|
|
|
dmu_tx_t *tx;
|
2008-12-03 23:09:06 +03:00
|
|
|
int error;
|
2016-10-14 03:59:18 +03:00
|
|
|
uint32_t max_queue_depth = zfs_vdev_async_write_max_active *
|
|
|
|
zfs_vdev_queue_depth_pct / 100;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-08-27 01:24:34 +04:00
|
|
|
VERIFY(spa_writeable(spa));
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Lock out configuration changes.
|
|
|
|
*/
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_enter(spa, SCL_CONFIG, FTAG, RW_READER);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
spa->spa_syncing_txg = txg;
|
|
|
|
spa->spa_sync_pass = 0;
|
|
|
|
|
2016-10-14 03:59:18 +03:00
|
|
|
mutex_enter(&spa->spa_alloc_lock);
|
|
|
|
VERIFY0(avl_numnodes(&spa->spa_alloc_tree));
|
|
|
|
mutex_exit(&spa->spa_alloc_lock);
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
/*
|
|
|
|
* If there are any pending vdev state changes, convert them
|
|
|
|
* into config changes that go out with this transaction group.
|
|
|
|
*/
|
|
|
|
spa_config_enter(spa, SCL_STATE, FTAG, RW_READER);
|
2009-01-16 00:59:39 +03:00
|
|
|
while (list_head(&spa->spa_state_dirty_list) != NULL) {
|
|
|
|
/*
|
|
|
|
* We need the write lock here because, for aux vdevs,
|
|
|
|
* calling vdev_config_dirty() modifies sav_config.
|
|
|
|
* This is ugly and will become unnecessary when we
|
|
|
|
* eliminate the aux vdev wart by integrating all vdevs
|
|
|
|
* into the root vdev tree.
|
|
|
|
*/
|
|
|
|
spa_config_exit(spa, SCL_CONFIG | SCL_STATE, FTAG);
|
|
|
|
spa_config_enter(spa, SCL_CONFIG | SCL_STATE, FTAG, RW_WRITER);
|
|
|
|
while ((vd = list_head(&spa->spa_state_dirty_list)) != NULL) {
|
|
|
|
vdev_state_clean(vd);
|
|
|
|
vdev_config_dirty(vd);
|
|
|
|
}
|
|
|
|
spa_config_exit(spa, SCL_CONFIG | SCL_STATE, FTAG);
|
|
|
|
spa_config_enter(spa, SCL_CONFIG | SCL_STATE, FTAG, RW_READER);
|
2008-12-03 23:09:06 +03:00
|
|
|
}
|
|
|
|
spa_config_exit(spa, SCL_STATE, FTAG);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
tx = dmu_tx_create_assigned(dp, txg);
|
|
|
|
|
2013-04-30 02:49:23 +04:00
|
|
|
spa->spa_sync_starttime = gethrtime();
|
2016-12-01 00:56:50 +03:00
|
|
|
taskq_cancel_id(system_delay_taskq, spa->spa_deadman_tqid);
|
|
|
|
spa->spa_deadman_tqid = taskq_dispatch_delay(system_delay_taskq,
|
2014-11-21 03:09:39 +03:00
|
|
|
spa_deadman, spa, TQ_SLEEP, ddi_get_lbolt() +
|
2013-04-30 02:49:23 +04:00
|
|
|
NSEC_TO_TICK(spa->spa_deadman_synctime));
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* If we are upgrading to SPA_VERSION_RAIDZ_DEFLATE this txg,
|
|
|
|
* set spa_deflate if we have no raid-z vdevs.
|
|
|
|
*/
|
|
|
|
if (spa->spa_ubsync.ub_version < SPA_VERSION_RAIDZ_DEFLATE &&
|
|
|
|
spa->spa_uberblock.ub_version >= SPA_VERSION_RAIDZ_DEFLATE) {
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; i < rvd->vdev_children; i++) {
|
|
|
|
vd = rvd->vdev_child[i];
|
|
|
|
if (vd->vdev_deflate_ratio != SPA_MINBLOCKSIZE)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (i == rvd->vdev_children) {
|
|
|
|
spa->spa_deflate = TRUE;
|
|
|
|
VERIFY(0 == zap_add(spa->spa_meta_objset,
|
|
|
|
DMU_POOL_DIRECTORY_OBJECT, DMU_POOL_DEFLATE,
|
|
|
|
sizeof (uint64_t), 1, &spa->spa_deflate, tx));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-10-14 03:59:18 +03:00
|
|
|
/*
|
|
|
|
* Set the top-level vdev's max queue depth. Evaluate each
|
|
|
|
* top-level's async write queue depth in case it changed.
|
|
|
|
* The max queue depth will not change in the middle of syncing
|
|
|
|
* out this txg.
|
|
|
|
*/
|
2017-11-04 23:25:13 +03:00
|
|
|
uint64_t queue_depth_total = 0;
|
|
|
|
for (int c = 0; c < rvd->vdev_children; c++) {
|
2016-10-14 03:59:18 +03:00
|
|
|
vdev_t *tvd = rvd->vdev_child[c];
|
|
|
|
metaslab_group_t *mg = tvd->vdev_mg;
|
|
|
|
|
|
|
|
if (mg == NULL || mg->mg_class != spa_normal_class(spa) ||
|
|
|
|
!metaslab_group_initialized(mg))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* It is safe to do a lock-free check here because only async
|
|
|
|
* allocations look at mg_max_alloc_queue_depth, and async
|
|
|
|
* allocations all happen from spa_sync().
|
|
|
|
*/
|
|
|
|
ASSERT0(refcount_count(&mg->mg_alloc_queue_depth));
|
|
|
|
mg->mg_max_alloc_queue_depth = max_queue_depth;
|
|
|
|
queue_depth_total += mg->mg_max_alloc_queue_depth;
|
|
|
|
}
|
2017-11-04 23:25:13 +03:00
|
|
|
metaslab_class_t *mc = spa_normal_class(spa);
|
2016-10-14 03:59:18 +03:00
|
|
|
ASSERT0(refcount_count(&mc->mc_alloc_slots));
|
|
|
|
mc->mc_alloc_max_slots = queue_depth_total;
|
|
|
|
mc->mc_alloc_throttle_enabled = zio_dva_throttle_enabled;
|
|
|
|
|
|
|
|
ASSERT3U(mc->mc_alloc_max_slots, <=,
|
|
|
|
max_queue_depth * rvd->vdev_children);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Iterate to convergence.
|
|
|
|
*/
|
|
|
|
do {
|
2010-05-29 00:45:14 +04:00
|
|
|
int pass = ++spa->spa_sync_pass;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
spa_sync_config_object(spa, tx);
|
|
|
|
spa_sync_aux_dev(spa, &spa->spa_spares, tx,
|
|
|
|
ZPOOL_CONFIG_SPARES, DMU_POOL_SPARES);
|
|
|
|
spa_sync_aux_dev(spa, &spa->spa_l2cache, tx,
|
|
|
|
ZPOOL_CONFIG_L2CACHE, DMU_POOL_L2CACHE);
|
|
|
|
spa_errlog_sync(spa, txg);
|
|
|
|
dsl_pool_sync(dp, txg);
|
|
|
|
|
2013-05-06 21:14:52 +04:00
|
|
|
if (pass < zfs_sync_pass_deferred_free) {
|
Illumos #4045 write throttle & i/o scheduler performance work
4045 zfs write throttle & i/o scheduler performance work
1. The ZFS i/o scheduler (vdev_queue.c) now divides i/os into 5 classes: sync
read, sync write, async read, async write, and scrub/resilver. The scheduler
issues a number of concurrent i/os from each class to the device. Once a class
has been selected, an i/o is selected from this class using either an elevator
algorithem (async, scrub classes) or FIFO (sync classes). The number of
concurrent async write i/os is tuned dynamically based on i/o load, to achieve
good sync i/o latency when there is not a high load of writes, and good write
throughput when there is. See the block comment in vdev_queue.c (reproduced
below) for more details.
2. The write throttle (dsl_pool_tempreserve_space() and
txg_constrain_throughput()) is rewritten to produce much more consistent delays
when under constant load. The new write throttle is based on the amount of
dirty data, rather than guesses about future performance of the system. When
there is a lot of dirty data, each transaction (e.g. write() syscall) will be
delayed by the same small amount. This eliminates the "brick wall of wait"
that the old write throttle could hit, causing all transactions to wait several
seconds until the next txg opens. One of the keys to the new write throttle is
decrementing the amount of dirty data as i/o completes, rather than at the end
of spa_sync(). Note that the write throttle is only applied once the i/o
scheduler is issuing the maximum number of outstanding async writes. See the
block comments in dsl_pool.c and above dmu_tx_delay() (reproduced below) for
more details.
This diff has several other effects, including:
* the commonly-tuned global variable zfs_vdev_max_pending has been removed;
use per-class zfs_vdev_*_max_active values or zfs_vdev_max_active instead.
* the size of each txg (meaning the amount of dirty data written, and thus the
time it takes to write out) is now controlled differently. There is no longer
an explicit time goal; the primary determinant is amount of dirty data.
Systems that are under light or medium load will now often see that a txg is
always syncing, but the impact to performance (e.g. read latency) is minimal.
Tune zfs_dirty_data_max and zfs_dirty_data_sync to control this.
* zio_taskq_batch_pct = 75 -- Only use 75% of all CPUs for compression,
checksum, etc. This improves latency by not allowing these CPU-intensive tasks
to consume all CPU (on machines with at least 4 CPU's; the percentage is
rounded up).
--matt
APPENDIX: problems with the current i/o scheduler
The current ZFS i/o scheduler (vdev_queue.c) is deadline based. The problem
with this is that if there are always i/os pending, then certain classes of
i/os can see very long delays.
For example, if there are always synchronous reads outstanding, then no async
writes will be serviced until they become "past due". One symptom of this
situation is that each pass of the txg sync takes at least several seconds
(typically 3 seconds).
If many i/os become "past due" (their deadline is in the past), then we must
service all of these overdue i/os before any new i/os. This happens when we
enqueue a batch of async writes for the txg sync, with deadlines 2.5 seconds in
the future. If we can't complete all the i/os in 2.5 seconds (e.g. because
there were always reads pending), then these i/os will become past due. Now we
must service all the "async" writes (which could be hundreds of megabytes)
before we service any reads, introducing considerable latency to synchronous
i/os (reads or ZIL writes).
Notes on porting to ZFS on Linux:
- zio_t gained new members io_physdone and io_phys_children. Because
object caches in the Linux port call the constructor only once at
allocation time, objects may contain residual data when retrieved
from the cache. Therefore zio_create() was updated to zero out the two
new fields.
- vdev_mirror_pending() relied on the depth of the per-vdev pending queue
(vq->vq_pending_tree) to select the least-busy leaf vdev to read from.
This tree has been replaced by vq->vq_active_tree which is now used
for the same purpose.
- vdev_queue_init() used the value of zfs_vdev_max_pending to determine
the number of vdev I/O buffers to pre-allocate. That global no longer
exists, so we instead use the sum of the *_max_active values for each of
the five I/O classes described above.
- The Illumos implementation of dmu_tx_delay() delays a transaction by
sleeping in condition variable embedded in the thread
(curthread->t_delay_cv). We do not have an equivalent CV to use in
Linux, so this change replaced the delay logic with a wrapper called
zfs_sleep_until(). This wrapper could be adopted upstream and in other
downstream ports to abstract away operating system-specific delay logic.
- These tunables are added as module parameters, and descriptions added
to the zfs-module-parameters.5 man page.
spa_asize_inflation
zfs_deadman_synctime_ms
zfs_vdev_max_active
zfs_vdev_async_write_active_min_dirty_percent
zfs_vdev_async_write_active_max_dirty_percent
zfs_vdev_async_read_max_active
zfs_vdev_async_read_min_active
zfs_vdev_async_write_max_active
zfs_vdev_async_write_min_active
zfs_vdev_scrub_max_active
zfs_vdev_scrub_min_active
zfs_vdev_sync_read_max_active
zfs_vdev_sync_read_min_active
zfs_vdev_sync_write_max_active
zfs_vdev_sync_write_min_active
zfs_dirty_data_max_percent
zfs_delay_min_dirty_percent
zfs_dirty_data_max_max_percent
zfs_dirty_data_max
zfs_dirty_data_max_max
zfs_dirty_data_sync
zfs_delay_scale
The latter four have type unsigned long, whereas they are uint64_t in
Illumos. This accommodates Linux's module_param() supported types, but
means they may overflow on 32-bit architectures.
The values zfs_dirty_data_max and zfs_dirty_data_max_max are the most
likely to overflow on 32-bit systems, since they express physical RAM
sizes in bytes. In fact, Illumos initializes zfs_dirty_data_max_max to
2^32 which does overflow. To resolve that, this port instead initializes
it in arc_init() to 25% of physical RAM, and adds the tunable
zfs_dirty_data_max_max_percent to override that percentage. While this
solution doesn't completely avoid the overflow issue, it should be a
reasonable default for most systems, and the minority of affected
systems can work around the issue by overriding the defaults.
- Fixed reversed logic in comment above zfs_delay_scale declaration.
- Clarified comments in vdev_queue.c regarding when per-queue minimums take
effect.
- Replaced dmu_tx_write_limit in the dmu_tx kstat file
with dmu_tx_dirty_delay and dmu_tx_dirty_over_max. The first counts
how many times a transaction has been delayed because the pool dirty
data has exceeded zfs_delay_min_dirty_percent. The latter counts how
many times the pool dirty data has exceeded zfs_dirty_data_max (which
we expect to never happen).
- The original patch would have regressed the bug fixed in
zfsonlinux/zfs@c418410, which prevented users from setting the
zfs_vdev_aggregation_limit tuning larger than SPA_MAXBLOCKSIZE.
A similar fix is added to vdev_queue_aggregate().
- In vdev_queue_io_to_issue(), dynamically allocate 'zio_t search' on the
heap instead of the stack. In Linux we can't afford such large
structures on the stack.
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Christopher Siden <christopher.siden@delphix.com>
Reviewed by: Ned Bass <bass6@llnl.gov>
Reviewed by: Brendan Gregg <brendan.gregg@joyent.com>
Approved by: Robert Mustacchi <rm@joyent.com>
References:
http://www.illumos.org/issues/4045
illumos/illumos-gate@69962b5647e4a8b9b14998733b765925381b727e
Ported-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #1913
2013-08-29 07:01:20 +04:00
|
|
|
spa_sync_frees(spa, free_bpl, tx);
|
2010-05-29 00:45:14 +04:00
|
|
|
} else {
|
2015-07-11 03:19:41 +03:00
|
|
|
/*
|
|
|
|
* We can not defer frees in pass 1, because
|
|
|
|
* we sync the deferred frees later in pass 1.
|
|
|
|
*/
|
|
|
|
ASSERT3U(pass, >, 1);
|
2010-05-29 00:45:14 +04:00
|
|
|
bplist_iterate(free_bpl, bpobj_enqueue_cb,
|
Illumos #4045 write throttle & i/o scheduler performance work
4045 zfs write throttle & i/o scheduler performance work
1. The ZFS i/o scheduler (vdev_queue.c) now divides i/os into 5 classes: sync
read, sync write, async read, async write, and scrub/resilver. The scheduler
issues a number of concurrent i/os from each class to the device. Once a class
has been selected, an i/o is selected from this class using either an elevator
algorithem (async, scrub classes) or FIFO (sync classes). The number of
concurrent async write i/os is tuned dynamically based on i/o load, to achieve
good sync i/o latency when there is not a high load of writes, and good write
throughput when there is. See the block comment in vdev_queue.c (reproduced
below) for more details.
2. The write throttle (dsl_pool_tempreserve_space() and
txg_constrain_throughput()) is rewritten to produce much more consistent delays
when under constant load. The new write throttle is based on the amount of
dirty data, rather than guesses about future performance of the system. When
there is a lot of dirty data, each transaction (e.g. write() syscall) will be
delayed by the same small amount. This eliminates the "brick wall of wait"
that the old write throttle could hit, causing all transactions to wait several
seconds until the next txg opens. One of the keys to the new write throttle is
decrementing the amount of dirty data as i/o completes, rather than at the end
of spa_sync(). Note that the write throttle is only applied once the i/o
scheduler is issuing the maximum number of outstanding async writes. See the
block comments in dsl_pool.c and above dmu_tx_delay() (reproduced below) for
more details.
This diff has several other effects, including:
* the commonly-tuned global variable zfs_vdev_max_pending has been removed;
use per-class zfs_vdev_*_max_active values or zfs_vdev_max_active instead.
* the size of each txg (meaning the amount of dirty data written, and thus the
time it takes to write out) is now controlled differently. There is no longer
an explicit time goal; the primary determinant is amount of dirty data.
Systems that are under light or medium load will now often see that a txg is
always syncing, but the impact to performance (e.g. read latency) is minimal.
Tune zfs_dirty_data_max and zfs_dirty_data_sync to control this.
* zio_taskq_batch_pct = 75 -- Only use 75% of all CPUs for compression,
checksum, etc. This improves latency by not allowing these CPU-intensive tasks
to consume all CPU (on machines with at least 4 CPU's; the percentage is
rounded up).
--matt
APPENDIX: problems with the current i/o scheduler
The current ZFS i/o scheduler (vdev_queue.c) is deadline based. The problem
with this is that if there are always i/os pending, then certain classes of
i/os can see very long delays.
For example, if there are always synchronous reads outstanding, then no async
writes will be serviced until they become "past due". One symptom of this
situation is that each pass of the txg sync takes at least several seconds
(typically 3 seconds).
If many i/os become "past due" (their deadline is in the past), then we must
service all of these overdue i/os before any new i/os. This happens when we
enqueue a batch of async writes for the txg sync, with deadlines 2.5 seconds in
the future. If we can't complete all the i/os in 2.5 seconds (e.g. because
there were always reads pending), then these i/os will become past due. Now we
must service all the "async" writes (which could be hundreds of megabytes)
before we service any reads, introducing considerable latency to synchronous
i/os (reads or ZIL writes).
Notes on porting to ZFS on Linux:
- zio_t gained new members io_physdone and io_phys_children. Because
object caches in the Linux port call the constructor only once at
allocation time, objects may contain residual data when retrieved
from the cache. Therefore zio_create() was updated to zero out the two
new fields.
- vdev_mirror_pending() relied on the depth of the per-vdev pending queue
(vq->vq_pending_tree) to select the least-busy leaf vdev to read from.
This tree has been replaced by vq->vq_active_tree which is now used
for the same purpose.
- vdev_queue_init() used the value of zfs_vdev_max_pending to determine
the number of vdev I/O buffers to pre-allocate. That global no longer
exists, so we instead use the sum of the *_max_active values for each of
the five I/O classes described above.
- The Illumos implementation of dmu_tx_delay() delays a transaction by
sleeping in condition variable embedded in the thread
(curthread->t_delay_cv). We do not have an equivalent CV to use in
Linux, so this change replaced the delay logic with a wrapper called
zfs_sleep_until(). This wrapper could be adopted upstream and in other
downstream ports to abstract away operating system-specific delay logic.
- These tunables are added as module parameters, and descriptions added
to the zfs-module-parameters.5 man page.
spa_asize_inflation
zfs_deadman_synctime_ms
zfs_vdev_max_active
zfs_vdev_async_write_active_min_dirty_percent
zfs_vdev_async_write_active_max_dirty_percent
zfs_vdev_async_read_max_active
zfs_vdev_async_read_min_active
zfs_vdev_async_write_max_active
zfs_vdev_async_write_min_active
zfs_vdev_scrub_max_active
zfs_vdev_scrub_min_active
zfs_vdev_sync_read_max_active
zfs_vdev_sync_read_min_active
zfs_vdev_sync_write_max_active
zfs_vdev_sync_write_min_active
zfs_dirty_data_max_percent
zfs_delay_min_dirty_percent
zfs_dirty_data_max_max_percent
zfs_dirty_data_max
zfs_dirty_data_max_max
zfs_dirty_data_sync
zfs_delay_scale
The latter four have type unsigned long, whereas they are uint64_t in
Illumos. This accommodates Linux's module_param() supported types, but
means they may overflow on 32-bit architectures.
The values zfs_dirty_data_max and zfs_dirty_data_max_max are the most
likely to overflow on 32-bit systems, since they express physical RAM
sizes in bytes. In fact, Illumos initializes zfs_dirty_data_max_max to
2^32 which does overflow. To resolve that, this port instead initializes
it in arc_init() to 25% of physical RAM, and adds the tunable
zfs_dirty_data_max_max_percent to override that percentage. While this
solution doesn't completely avoid the overflow issue, it should be a
reasonable default for most systems, and the minority of affected
systems can work around the issue by overriding the defaults.
- Fixed reversed logic in comment above zfs_delay_scale declaration.
- Clarified comments in vdev_queue.c regarding when per-queue minimums take
effect.
- Replaced dmu_tx_write_limit in the dmu_tx kstat file
with dmu_tx_dirty_delay and dmu_tx_dirty_over_max. The first counts
how many times a transaction has been delayed because the pool dirty
data has exceeded zfs_delay_min_dirty_percent. The latter counts how
many times the pool dirty data has exceeded zfs_dirty_data_max (which
we expect to never happen).
- The original patch would have regressed the bug fixed in
zfsonlinux/zfs@c418410, which prevented users from setting the
zfs_vdev_aggregation_limit tuning larger than SPA_MAXBLOCKSIZE.
A similar fix is added to vdev_queue_aggregate().
- In vdev_queue_io_to_issue(), dynamically allocate 'zio_t search' on the
heap instead of the stack. In Linux we can't afford such large
structures on the stack.
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Christopher Siden <christopher.siden@delphix.com>
Reviewed by: Ned Bass <bass6@llnl.gov>
Reviewed by: Brendan Gregg <brendan.gregg@joyent.com>
Approved by: Robert Mustacchi <rm@joyent.com>
References:
http://www.illumos.org/issues/4045
illumos/illumos-gate@69962b5647e4a8b9b14998733b765925381b727e
Ported-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #1913
2013-08-29 07:01:20 +04:00
|
|
|
&spa->spa_deferred_bpobj, tx);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
ddt_sync(spa, txg);
|
|
|
|
dsl_scan_sync(dp, tx);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-08-26 20:52:42 +04:00
|
|
|
while ((vd = txg_list_remove(&spa->spa_vdev_txg_list, txg)))
|
2010-05-29 00:45:14 +04:00
|
|
|
vdev_sync(vd, txg);
|
|
|
|
|
2015-07-11 03:19:41 +03:00
|
|
|
if (pass == 1) {
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_sync_upgrades(spa, tx);
|
2015-07-11 03:19:41 +03:00
|
|
|
ASSERT3U(txg, >=,
|
|
|
|
spa->spa_uberblock.ub_rootbp.blk_birth);
|
|
|
|
/*
|
|
|
|
* Note: We need to check if the MOS is dirty
|
|
|
|
* because we could have marked the MOS dirty
|
|
|
|
* without updating the uberblock (e.g. if we
|
|
|
|
* have sync tasks but no dirty user data). We
|
|
|
|
* need to check the uberblock's rootbp because
|
|
|
|
* it is updated if we have synced out dirty
|
|
|
|
* data (though in this case the MOS will most
|
|
|
|
* likely also be dirty due to second order
|
|
|
|
* effects, we don't want to rely on that here).
|
|
|
|
*/
|
|
|
|
if (spa->spa_uberblock.ub_rootbp.blk_birth < txg &&
|
|
|
|
!dmu_objset_is_dirty(mos, txg)) {
|
|
|
|
/*
|
|
|
|
* Nothing changed on the first pass,
|
|
|
|
* therefore this TXG is a no-op. Avoid
|
|
|
|
* syncing deferred frees, so that we
|
|
|
|
* can keep this TXG as a no-op.
|
|
|
|
*/
|
|
|
|
ASSERT(txg_list_empty(&dp->dp_dirty_datasets,
|
|
|
|
txg));
|
|
|
|
ASSERT(txg_list_empty(&dp->dp_dirty_dirs, txg));
|
|
|
|
ASSERT(txg_list_empty(&dp->dp_sync_tasks, txg));
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
spa_sync_deferred_frees(spa, tx);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
} while (dmu_objset_is_dirty(mos, txg));
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2016-05-07 04:14:03 +03:00
|
|
|
#ifdef ZFS_DEBUG
|
2016-04-11 23:16:57 +03:00
|
|
|
if (!list_is_empty(&spa->spa_config_dirty_list)) {
|
|
|
|
/*
|
|
|
|
* Make sure that the number of ZAPs for all the vdevs matches
|
|
|
|
* the number of ZAPs in the per-vdev ZAP list. This only gets
|
|
|
|
* called if the config is dirty; otherwise there may be
|
|
|
|
* outstanding AVZ operations that weren't completed in
|
|
|
|
* spa_sync_config_object.
|
|
|
|
*/
|
|
|
|
uint64_t all_vdev_zap_entry_count;
|
|
|
|
ASSERT0(zap_count(spa->spa_meta_objset,
|
|
|
|
spa->spa_all_vdev_zaps, &all_vdev_zap_entry_count));
|
|
|
|
ASSERT3U(vdev_count_verify_zaps(spa->spa_root_vdev), ==,
|
|
|
|
all_vdev_zap_entry_count);
|
|
|
|
}
|
2016-05-07 04:14:03 +03:00
|
|
|
#endif
|
2016-04-11 23:16:57 +03:00
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Rewrite the vdev configuration (which includes the uberblock)
|
|
|
|
* to commit the transaction group.
|
|
|
|
*
|
|
|
|
* If there are no dirty vdevs, we sync the uberblock to a few
|
|
|
|
* random top-level vdevs that are known to be visible in the
|
2008-12-03 23:09:06 +03:00
|
|
|
* config cache (see spa_vdev_add() for a complete description).
|
|
|
|
* If there *are* dirty vdevs, sync the uberblock to all vdevs.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
2008-12-03 23:09:06 +03:00
|
|
|
for (;;) {
|
|
|
|
/*
|
|
|
|
* We hold SCL_STATE to prevent vdev open/close/etc.
|
|
|
|
* while we're attempting to write the vdev labels.
|
|
|
|
*/
|
|
|
|
spa_config_enter(spa, SCL_STATE, FTAG, RW_READER);
|
|
|
|
|
|
|
|
if (list_is_empty(&spa->spa_config_dirty_list)) {
|
|
|
|
vdev_t *svd[SPA_DVAS_PER_BP];
|
|
|
|
int svdcount = 0;
|
|
|
|
int children = rvd->vdev_children;
|
|
|
|
int c0 = spa_get_random(children);
|
|
|
|
|
2017-11-04 23:25:13 +03:00
|
|
|
for (int c = 0; c < children; c++) {
|
2008-12-03 23:09:06 +03:00
|
|
|
vd = rvd->vdev_child[(c0 + c) % children];
|
|
|
|
if (vd->vdev_ms_array == 0 || vd->vdev_islog)
|
|
|
|
continue;
|
|
|
|
svd[svdcount++] = vd;
|
|
|
|
if (svdcount == SPA_DVAS_PER_BP)
|
|
|
|
break;
|
|
|
|
}
|
2016-01-27 04:27:46 +03:00
|
|
|
error = vdev_config_sync(svd, svdcount, txg);
|
2008-12-03 23:09:06 +03:00
|
|
|
} else {
|
|
|
|
error = vdev_config_sync(rvd->vdev_child,
|
2016-01-27 04:27:46 +03:00
|
|
|
rvd->vdev_children, txg);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2012-12-15 00:38:04 +04:00
|
|
|
if (error == 0)
|
|
|
|
spa->spa_last_synced_guid = rvd->vdev_guid;
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_exit(spa, SCL_STATE, FTAG);
|
|
|
|
|
|
|
|
if (error == 0)
|
|
|
|
break;
|
|
|
|
zio_suspend(spa, NULL);
|
|
|
|
zio_resume_wait(spa);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
dmu_tx_commit(tx);
|
|
|
|
|
2016-12-01 00:56:50 +03:00
|
|
|
taskq_cancel_id(system_delay_taskq, spa->spa_deadman_tqid);
|
2013-04-30 02:49:23 +04:00
|
|
|
spa->spa_deadman_tqid = 0;
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Clear the dirty config list.
|
|
|
|
*/
|
2008-12-03 23:09:06 +03:00
|
|
|
while ((vd = list_head(&spa->spa_config_dirty_list)) != NULL)
|
2008-11-20 23:01:55 +03:00
|
|
|
vdev_config_clean(vd);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Now that the new config has synced transactionally,
|
|
|
|
* let it become visible to the config cache.
|
|
|
|
*/
|
|
|
|
if (spa->spa_config_syncing != NULL) {
|
|
|
|
spa_config_set(spa, spa->spa_config_syncing);
|
|
|
|
spa->spa_config_txg = txg;
|
|
|
|
spa->spa_config_syncing = NULL;
|
|
|
|
}
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
dsl_pool_sync_done(dp, txg);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2016-10-14 03:59:18 +03:00
|
|
|
mutex_enter(&spa->spa_alloc_lock);
|
|
|
|
VERIFY0(avl_numnodes(&spa->spa_alloc_tree));
|
|
|
|
mutex_exit(&spa->spa_alloc_lock);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Update usable space statistics.
|
|
|
|
*/
|
2010-08-26 20:52:42 +04:00
|
|
|
while ((vd = txg_list_remove(&spa->spa_vdev_txg_list, TXG_CLEAN(txg))))
|
2008-11-20 23:01:55 +03:00
|
|
|
vdev_sync_done(vd, txg);
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_update_dspace(spa);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* It had better be the case that we didn't dirty anything
|
|
|
|
* since vdev_config_sync().
|
|
|
|
*/
|
|
|
|
ASSERT(txg_list_empty(&dp->dp_dirty_datasets, txg));
|
|
|
|
ASSERT(txg_list_empty(&dp->dp_dirty_dirs, txg));
|
|
|
|
ASSERT(txg_list_empty(&spa->spa_vdev_txg_list, txg));
|
2010-05-29 00:45:14 +04:00
|
|
|
|
|
|
|
spa->spa_sync_pass = 0;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2016-11-06 06:43:56 +03:00
|
|
|
/*
|
|
|
|
* Update the last synced uberblock here. We want to do this at
|
|
|
|
* the end of spa_sync() so that consumers of spa_last_synced_txg()
|
|
|
|
* will be guaranteed that all the processing associated with
|
|
|
|
* that txg has been completed.
|
|
|
|
*/
|
|
|
|
spa->spa_ubsync = spa->spa_uberblock;
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_exit(spa, SCL_CONFIG, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
spa_handle_ignored_writes(spa);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* If any async tasks have been requested, kick them off.
|
|
|
|
*/
|
|
|
|
spa_async_dispatch(spa);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Sync all pools. We don't want to hold the namespace lock across these
|
|
|
|
* operations, so we take a reference on the spa_t and drop the lock during the
|
|
|
|
* sync.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
spa_sync_allpools(void)
|
|
|
|
{
|
|
|
|
spa_t *spa = NULL;
|
|
|
|
mutex_enter(&spa_namespace_lock);
|
|
|
|
while ((spa = spa_next(spa)) != NULL) {
|
2010-08-27 01:24:34 +04:00
|
|
|
if (spa_state(spa) != POOL_STATE_ACTIVE ||
|
|
|
|
!spa_writeable(spa) || spa_suspended(spa))
|
2008-11-20 23:01:55 +03:00
|
|
|
continue;
|
|
|
|
spa_open_ref(spa, FTAG);
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
txg_wait_synced(spa_get_dsl(spa), 0);
|
|
|
|
mutex_enter(&spa_namespace_lock);
|
|
|
|
spa_close(spa, FTAG);
|
|
|
|
}
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* ==========================================================================
|
|
|
|
* Miscellaneous routines
|
|
|
|
* ==========================================================================
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Remove all pools in the system.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
spa_evict_all(void)
|
|
|
|
{
|
|
|
|
spa_t *spa;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Remove all cached state. All pools should be closed now,
|
|
|
|
* so every spa in the AVL tree should be unreferenced.
|
|
|
|
*/
|
|
|
|
mutex_enter(&spa_namespace_lock);
|
|
|
|
while ((spa = spa_next(NULL)) != NULL) {
|
|
|
|
/*
|
|
|
|
* Stop async tasks. The async thread may need to detach
|
|
|
|
* a device that's been replaced, which requires grabbing
|
|
|
|
* spa_namespace_lock, so we must drop it here.
|
|
|
|
*/
|
|
|
|
spa_open_ref(spa, FTAG);
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
spa_async_suspend(spa);
|
|
|
|
mutex_enter(&spa_namespace_lock);
|
|
|
|
spa_close(spa, FTAG);
|
|
|
|
|
|
|
|
if (spa->spa_state != POOL_STATE_UNINITIALIZED) {
|
|
|
|
spa_unload(spa);
|
|
|
|
spa_deactivate(spa);
|
|
|
|
}
|
|
|
|
spa_remove(spa);
|
|
|
|
}
|
|
|
|
mutex_exit(&spa_namespace_lock);
|
|
|
|
}
|
|
|
|
|
|
|
|
vdev_t *
|
2009-07-03 02:44:48 +04:00
|
|
|
spa_lookup_by_guid(spa_t *spa, uint64_t guid, boolean_t aux)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2008-12-03 23:09:06 +03:00
|
|
|
vdev_t *vd;
|
|
|
|
int i;
|
|
|
|
|
|
|
|
if ((vd = vdev_lookup_by_guid(spa->spa_root_vdev, guid)) != NULL)
|
|
|
|
return (vd);
|
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
if (aux) {
|
2008-12-03 23:09:06 +03:00
|
|
|
for (i = 0; i < spa->spa_l2cache.sav_count; i++) {
|
|
|
|
vd = spa->spa_l2cache.sav_vdevs[i];
|
2009-07-03 02:44:48 +04:00
|
|
|
if (vd->vdev_guid == guid)
|
|
|
|
return (vd);
|
|
|
|
}
|
|
|
|
|
|
|
|
for (i = 0; i < spa->spa_spares.sav_count; i++) {
|
|
|
|
vd = spa->spa_spares.sav_vdevs[i];
|
2008-12-03 23:09:06 +03:00
|
|
|
if (vd->vdev_guid == guid)
|
|
|
|
return (vd);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return (NULL);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
spa_upgrade(spa_t *spa, uint64_t version)
|
|
|
|
{
|
2010-08-27 01:24:34 +04:00
|
|
|
ASSERT(spa_writeable(spa));
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_enter(spa, SCL_ALL, FTAG, RW_WRITER);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* This should only be called for a non-faulted pool, and since a
|
|
|
|
* future version would result in an unopenable pool, this shouldn't be
|
|
|
|
* possible.
|
|
|
|
*/
|
2013-02-10 04:25:55 +04:00
|
|
|
ASSERT(SPA_VERSION_IS_SUPPORTED(spa->spa_uberblock.ub_version));
|
2014-06-06 01:19:08 +04:00
|
|
|
ASSERT3U(version, >=, spa->spa_uberblock.ub_version);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
spa->spa_uberblock.ub_version = version;
|
|
|
|
vdev_config_dirty(spa->spa_root_vdev);
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
spa_config_exit(spa, SCL_ALL, FTAG);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
txg_wait_synced(spa_get_dsl(spa), 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
boolean_t
|
|
|
|
spa_has_spare(spa_t *spa, uint64_t guid)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
uint64_t spareguid;
|
|
|
|
spa_aux_vdev_t *sav = &spa->spa_spares;
|
|
|
|
|
|
|
|
for (i = 0; i < sav->sav_count; i++)
|
|
|
|
if (sav->sav_vdevs[i]->vdev_guid == guid)
|
|
|
|
return (B_TRUE);
|
|
|
|
|
|
|
|
for (i = 0; i < sav->sav_npending; i++) {
|
|
|
|
if (nvlist_lookup_uint64(sav->sav_pending[i], ZPOOL_CONFIG_GUID,
|
|
|
|
&spareguid) == 0 && spareguid == guid)
|
|
|
|
return (B_TRUE);
|
|
|
|
}
|
|
|
|
|
|
|
|
return (B_FALSE);
|
|
|
|
}
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
/*
|
|
|
|
* Check if a pool has an active shared spare device.
|
|
|
|
* Note: reference count of an active spare is 2, as a spare and as a replace
|
|
|
|
*/
|
|
|
|
static boolean_t
|
|
|
|
spa_has_active_shared_spare(spa_t *spa)
|
|
|
|
{
|
|
|
|
int i, refcnt;
|
|
|
|
uint64_t pool;
|
|
|
|
spa_aux_vdev_t *sav = &spa->spa_spares;
|
|
|
|
|
|
|
|
for (i = 0; i < sav->sav_count; i++) {
|
|
|
|
if (spa_spare_exists(sav->sav_vdevs[i]->vdev_guid, &pool,
|
|
|
|
&refcnt) && pool != 0ULL && pool == spa_guid(spa) &&
|
|
|
|
refcnt > 2)
|
|
|
|
return (B_TRUE);
|
|
|
|
}
|
|
|
|
|
|
|
|
return (B_FALSE);
|
|
|
|
}
|
|
|
|
|
2017-05-30 21:39:17 +03:00
|
|
|
static sysevent_t *
|
|
|
|
spa_event_create(spa_t *spa, vdev_t *vd, nvlist_t *hist_nvl, const char *name)
|
|
|
|
{
|
|
|
|
sysevent_t *ev = NULL;
|
|
|
|
#ifdef _KERNEL
|
|
|
|
nvlist_t *resource;
|
|
|
|
|
|
|
|
resource = zfs_event_create(spa, vd, FM_SYSEVENT_CLASS, name, hist_nvl);
|
|
|
|
if (resource) {
|
|
|
|
ev = kmem_alloc(sizeof (sysevent_t), KM_SLEEP);
|
|
|
|
ev->resource = resource;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
return (ev);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
spa_event_post(sysevent_t *ev)
|
|
|
|
{
|
|
|
|
#ifdef _KERNEL
|
|
|
|
if (ev) {
|
|
|
|
zfs_zevent_post(ev->resource, NULL, zfs_zevent_post_cb);
|
|
|
|
kmem_free(ev, sizeof (*ev));
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
2016-07-28 01:29:15 +03:00
|
|
|
* Post a zevent corresponding to the given sysevent. The 'name' must be one
|
|
|
|
* of the event definitions in sys/sysevent/eventdefs.h. The payload will be
|
2008-11-20 23:01:55 +03:00
|
|
|
* filled in from the spa and (optionally) the vdev. This doesn't do anything
|
|
|
|
* in the userland libzpool, as we don't want consumers to misinterpret ztest
|
|
|
|
* or zdb as real changes.
|
|
|
|
*/
|
|
|
|
void
|
2017-05-30 21:39:17 +03:00
|
|
|
spa_event_notify(spa_t *spa, vdev_t *vd, nvlist_t *hist_nvl, const char *name)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2017-05-30 21:39:17 +03:00
|
|
|
spa_event_post(spa_event_create(spa, vd, hist_nvl, name));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
2010-08-26 22:49:16 +04:00
|
|
|
|
|
|
|
#if defined(_KERNEL) && defined(HAVE_SPL)
|
|
|
|
/* state manipulation functions */
|
|
|
|
EXPORT_SYMBOL(spa_open);
|
|
|
|
EXPORT_SYMBOL(spa_open_rewind);
|
|
|
|
EXPORT_SYMBOL(spa_get_stats);
|
|
|
|
EXPORT_SYMBOL(spa_create);
|
|
|
|
EXPORT_SYMBOL(spa_import);
|
|
|
|
EXPORT_SYMBOL(spa_tryimport);
|
|
|
|
EXPORT_SYMBOL(spa_destroy);
|
|
|
|
EXPORT_SYMBOL(spa_export);
|
|
|
|
EXPORT_SYMBOL(spa_reset);
|
|
|
|
EXPORT_SYMBOL(spa_async_request);
|
|
|
|
EXPORT_SYMBOL(spa_async_suspend);
|
|
|
|
EXPORT_SYMBOL(spa_async_resume);
|
|
|
|
EXPORT_SYMBOL(spa_inject_addref);
|
|
|
|
EXPORT_SYMBOL(spa_inject_delref);
|
|
|
|
EXPORT_SYMBOL(spa_scan_stat_init);
|
|
|
|
EXPORT_SYMBOL(spa_scan_get_stats);
|
|
|
|
|
|
|
|
/* device maniion */
|
|
|
|
EXPORT_SYMBOL(spa_vdev_add);
|
|
|
|
EXPORT_SYMBOL(spa_vdev_attach);
|
|
|
|
EXPORT_SYMBOL(spa_vdev_detach);
|
|
|
|
EXPORT_SYMBOL(spa_vdev_remove);
|
|
|
|
EXPORT_SYMBOL(spa_vdev_setpath);
|
|
|
|
EXPORT_SYMBOL(spa_vdev_setfru);
|
|
|
|
EXPORT_SYMBOL(spa_vdev_split_mirror);
|
|
|
|
|
|
|
|
/* spare statech is global across all pools) */
|
|
|
|
EXPORT_SYMBOL(spa_spare_add);
|
|
|
|
EXPORT_SYMBOL(spa_spare_remove);
|
|
|
|
EXPORT_SYMBOL(spa_spare_exists);
|
|
|
|
EXPORT_SYMBOL(spa_spare_activate);
|
|
|
|
|
|
|
|
/* L2ARC statech is global across all pools) */
|
|
|
|
EXPORT_SYMBOL(spa_l2cache_add);
|
|
|
|
EXPORT_SYMBOL(spa_l2cache_remove);
|
|
|
|
EXPORT_SYMBOL(spa_l2cache_exists);
|
|
|
|
EXPORT_SYMBOL(spa_l2cache_activate);
|
|
|
|
EXPORT_SYMBOL(spa_l2cache_drop);
|
|
|
|
|
|
|
|
/* scanning */
|
|
|
|
EXPORT_SYMBOL(spa_scan);
|
|
|
|
EXPORT_SYMBOL(spa_scan_stop);
|
|
|
|
|
|
|
|
/* spa syncing */
|
|
|
|
EXPORT_SYMBOL(spa_sync); /* only for DMU use */
|
|
|
|
EXPORT_SYMBOL(spa_sync_allpools);
|
|
|
|
|
|
|
|
/* properties */
|
|
|
|
EXPORT_SYMBOL(spa_prop_set);
|
|
|
|
EXPORT_SYMBOL(spa_prop_get);
|
|
|
|
EXPORT_SYMBOL(spa_prop_clear_bootfs);
|
|
|
|
|
|
|
|
/* asynchronous event notification */
|
|
|
|
EXPORT_SYMBOL(spa_event_notify);
|
|
|
|
#endif
|
2014-07-15 22:58:41 +04:00
|
|
|
|
|
|
|
#if defined(_KERNEL) && defined(HAVE_SPL)
|
|
|
|
module_param(spa_load_verify_maxinflight, int, 0644);
|
|
|
|
MODULE_PARM_DESC(spa_load_verify_maxinflight,
|
|
|
|
"Max concurrent traversal I/Os while verifying pool during import -X");
|
|
|
|
|
|
|
|
module_param(spa_load_verify_metadata, int, 0644);
|
|
|
|
MODULE_PARM_DESC(spa_load_verify_metadata,
|
|
|
|
"Set to traverse metadata on pool import");
|
|
|
|
|
|
|
|
module_param(spa_load_verify_data, int, 0644);
|
|
|
|
MODULE_PARM_DESC(spa_load_verify_data,
|
|
|
|
"Set to traverse data on pool import");
|
2015-12-16 22:22:32 +03:00
|
|
|
|
2016-12-12 21:46:26 +03:00
|
|
|
/* CSTYLED */
|
2015-12-16 22:22:32 +03:00
|
|
|
module_param(zio_taskq_batch_pct, uint, 0444);
|
|
|
|
MODULE_PARM_DESC(zio_taskq_batch_pct,
|
|
|
|
"Percentage of CPUs to run an IO worker thread");
|
|
|
|
|
2014-07-15 22:58:41 +04:00
|
|
|
#endif
|