Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
KubeVirt / SIG - Storage / 19 Jun 2023
KubeVirt / SIG - Storage / 19 Jun 2023
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: SIG - Storage 2023-06-19

Description

Meeting Notes:
https://docs.google.com/document/d/1mqJMjzT1biCpImEvi76DCMZxv-DwxGYLiPRLcR6CWpE/edit#

A

Right, I guess uh we won't have a huge Forum today, but.

A

uh Let's start: does anyone have any special topics to raise before we go for the issue here, something some PRS that need extra attention that we can just open and discuss now.

A

Cool then I'll just start with issues and feel free to interrupt. If you have anything more interesting.

A

So CSI clone doesn't appear to work.

A

Somebody is setting an override.

A

hmm

A

Okay, so this is like an old override we had and apparently it only supports, um host, assisted clones or snapshot clones, so that needs to be fixed.

A

um

A

And when you set up your storage profile to do CSI clones, it still doesn't work and opts for a copy. The host assistant clone.

A

And doing this manually works, but doing this automatically via CDI is broken.

A

And a reproducer but I think that's fine. For now. Let's see if we have any interesting. Oh have a bunch of comments.

A

I think I've seen that before I think this is where somebody was um surprised by the fact that we inflate PVC sizes. So if you create a 10 gig data volume, you get like 10 and something to compensate for file system, overhead and I. Guess that's what happens here.

A

um And because there was a mismatch in sizes and this user's storage class wouldn't do expansion, we had to fall back to host assisted clone.

A

But I see I pointed the this user towards that documentation.

A

And.

A

Okay, so the user managed to get it working, but we still have like a bit of a surprising Factor that we could be more clear about or even prevent.

A

um Yes, I guess this issue is now about having.

A

Not having to fall back, try find a way to go ahead with CSI clones because there really shouldn't be like there's no strong case for falling back from CSI clone.

A

If the, if expansion doesn't work, we could just proceed with the mismatch and have the have the storage provisioner do whatever it says, fit, either reject or just expand.

B

Using.

A

Its own logics.

A

So I guess I'll just write that down.

A

I think that is a good description of the issue and there are no objections. Let's just post, that wait for uh confirmation.

A

Okay, cool.

A

And do we have any more issues.

A

That need attention.

A

I guess we have um this one here.

A

But I should I start with this one. It's the newest, I think we go. We try to trickle back so which one was that.

A

Let's try starting with this one, because I'm pretty sure we have the higher availability and all of these under control, so I'll just open this one.

A

Right so this is about somebody trying to use generate name for the data volume, but that is at least with clones. That's uh impossible to secure with our current approach, where we provide tokens for uh for cloning from a certain PVC.

A

So generate name basically doesn't work and I'm pretty sure. We already stated that.

A

Okay, so error is happening because yeah.

A

So, for now we definitely don't support, generate name, I guess what we could discuss now is if we can support, generate name, um I'm, pretty sure it's it has them. Anyway, we try to go with this. We'll have a security implication.

A

It will leave some kind of uh vulnerability or forget the exact wording for for these.

A

So I am not sure what we can do about this card. Maybe we could just close it.

C

I, don't know like I see that you opened uh a PR and I mentioned this issue in that PR uh and I propose to add a test case to test this. So I honestly think that that's the best uh thing we can do right now just to have a test to cover this.

A

Mm-Hmm, and should we just let the issue sit there for now.

C

Yeah I would say so. Maybe let Michael um add something here, since he knows more about uh the security implications of this.

A

Right.

A

Cool then we have this one which I opened I believe that's tracked, Downstream yeah with priority. Basically we never want to uh with these large images. I guess we never want to ever get to a state where we actually import them. As you can see here, we go ahead and just import that image.

A

um So yeah the tests may have to change because they're not they're, not signaling, anything bad they're, just working, but as far as I can tell these tests were in place uh so that we so that we make sure the import never happens.

A

I mean the image, get gets rejected in one of the starting phases and just never never writes anything so I guess we have to change a couple of tests, and this is also prioritized Downstream.

A

Oh and there's one more thing here, um a couple of meetings ago Michael was saying that we started using the read ahead filter that may be a little uh dangerous, specifically in this case since it'll end up providing um to scratch container memory or something like that, and that that is. That may be why we get the disk pressure condition. I.

D

Don't think that's necessarily true or it does depend on which version of MVD, because you're using but the new the newer versions, won't won't do that.

A

um

D

I.

A

Will have a.

D

Look at this bug anyway and then add a comment there.

A

Awesome so yeah the disk pressure might not be related. We would just we're just suspecting the reader head filter because back at that time it just merged so that that's not necessarily the issue, but anyway, I think I have nothing to add here and I'll. Just move on to the next one.

A

um

A

I feel, like I, saw a PR to fix this, but I'm not sure.

D

So yeah I'm, actually uh we did fix it.

D

In MBD kit, but there's no there's no um bugs so we can't I mean we need a. We need a bug file before we can backboard it to rail. If you, if you want the fixing rail.

A

Okay, let.

D

Me let me just find the the commit again.

A

I I see, and then, if we want this and the downstream builds, we have to yeah. Okay, that makes sense, but for Upstream I think we kind of follow latest I want to say that we follow latest I'll check double check that yeah.

D

It's not in any um just copy the cover the link. First of all, so that's the Upstream commit, so it is up. The fix is Upstream, um but I believe that that's like only in the development version at the moment, if that it might not even be in that Okay. So that means it will get into rail, oh, like 9.4, or something if we're lucky.

D

um But if we have a bug filed against Rel, then we can add it to whichever version you want even round 9.2, if you like, but yeah, we we always need a bug file to get fixes into rail.

A

Yeah um I'm a little hesitant to just uh start pulling it into released versions. That's because it was only an S3 problem and I think we don't advertise the S3 source um Downstream. We just kind of had a Community member contribute this, but I can't remember exactly why, but we don't advertise this too much I mean it's documented, Upstream yeah.

D

So S3 servers that should have traditionally been a bit weird and they they used not to be able to support range requests, which meant that basically, they just wouldn't work at all, but actually Amazon have added support for range requests fairly recently, so, um but nevertheless I mean you're right. If you just do nothing, then it will eventually go upstream and it'll. You know it'll be in the Upstream version and you'll get it that way. It's just. If you want to fix it in Rel that um don't worry about it.

A

Yeah I'll just some sum everything up here and I can post this.

B

Link.

A

Here as well.

A

By the way, Upstream we do um the Centos stream nine. Would that also get this commit in.

D

Well again, I mean it'll, be just whenever we do the next stable version. Yeah.

A

I mean just whenever.

D

Yeah so you'd probably get it 9.4 I think because I don't this won't be included in 9.3.

D

It's just yeah, if you want it earlier than that, have a bug, if you don't care, do nothing and it'll eventually get into um Center Samwell.

A

um I quickly, uh a reference to bumping um RPMs just so we have this documented here.

A

And let's uh give the this person here a chance to reply before we start complicating this with the bugs and backboards.

A

Right so that was this one, and now we have this one which I think is, has been merged for a long time, I'm going to quickly scroll down.

A

um Or somebody saying they see this in the latest CDI.

A

um

A

Maybe we didn't backboard it or maybe we didn't make a release containing this fix. Is there PR linked, there's no PR linked, it's plugging just been fixed.

A

I think we need to release um 56 said so. This nice person here can get the fix so I'll just ask for that.

A

Should fix it for this person and the original opener will be fine with 54 too. So, let's keep this open for this nice person.

A

I think that would be enough.

A

uh Support rewrite one spot, I think I just reopened it and never did anything.

A

I think it's a good time to start looking at this, since the future is becoming stable.

A

Or become already I'm, not sure.

A

Basically, you read write: one spot is uh means that you can mount a volume. A volume can only be mounted by one pod as opposed to read. Write ones, which is a port, could be a PVC could be mounted by the same node multiple times, but now they came up with this. Stricter version, which is PVC, can be mounted by a single pod. It may may work good with.

A

I think Imports, but I I won't bring this up because I'm I can't remember the idea, the exact idea why? But it was mentioned before that we could switch over import ports to regret one spot for some benefit, which I can't remember or think of right. Now.

A

Yeah I guess just nothing should be getting in the way for the Importer pod and the PVC is mounting.

A

And then I guess we can get rid of all the checks that we that we kind of make. We have all these kind of checks that just make sure Source isn't indeed and use and stuff like that. But if we use read write one spot we we could just delegate it.

A

To kubernetes scheduler.

B

Think as far as I remember, it was not supported in kubernetes 125, maybe later, but even if you try to just create a PVC with this uh access mode, the kubernetes will reject it. 125, maybe later yeah.

A

We have 27 now yeah.

B

So maybe 26 or 27 to accept it.

A

Anyway, I signed it so I'll.

D

Have.

A

A look at it and.

A

Clone progress metric doesn't mean meet the metrics naming conventions.

A

And it's not stale.

A

Okay, so this is about following uh the write, a framework, observability practices, Prometheus practices and renaming this metric, which I, don't think, is being used or advertised. It's just like an internal thing.

A

um But yeah, if somebody wants to use it, I think we use it to just report, progress for host assisted clones and that's about it. Nobody should know about it. Otherwise, but yeah. That's what this issue is about and it's well groomed, there's a jira card, so I don't think. There's anything to do here.

A

And we have retained PV, that's been around for ages,.

A

um I think Michael has uh you know you could also use populated for but I think Michael has implemented a feature for this.

A

And he's being tagged here so I'm not going to bug him I'm, pretty sure he he introduced fix for this by uh doing the static provisioning thingy for uh uh for backup and restore vendors.

B

So created the way to use this PV. Oh it's for uh it's not for clones, for airport, right or.

A

Anything I think just.

B

uh Yeah existing yeah, because um I I added the option of just adding random that we want the storage class name to the PV and just put it on the data volume it won't and you'll get it.

B

That can be used here, but uh anymore.

A

I think this is more. The question here is, the rfe is more specific. They want.

B

Like.

A

A PV name: okay, to attach Ed but I I'm, pretty sure this will work.

A

Oh I! Guess they don't want to create the PVC. They want. The CDI benefits, so CDI creates the PVC and I. Don't know, maybe infers some defaults and stuff like that, but they also want to use their retained PV.

A

So I guess we don't have an update. We don't have that functionality today.

A

um Yeah I don't know, but Michael's tagged here.

B

As I said with my it's my best, they can use it. You know they don't need to manually, create the PVC.

A

But what if they have several PVS with that storage class? No.

B

No, it's not a real storage class. You.

D

Can add the.

B

Storage with the name of the PV itself, okay, you can use whatever you want, just a random storage class just for tagging it so the real storage class- okay, put it tested. We have a.

B

Functional District as well I, don't remember the PR, but we maybe we should get the link.

A

Yeah I can find it.

A

ah Let's see some storage class, something.

A

That's it right.

A

Yeah, that's that's the one right.

A

Just post that and if it's wrong I'll edit it later.

B

Not.

A

One time but unique I.

B

Think.

B

On both the DV and the TV.

A

Yeah that'll work.

B

Regarding the food functionality, we are not extending him currently I. Think.

A

All right, it was.

B

I'm not really extending data volume. These days, yeah.

A

Thank you.

A

Yeah, let's see if the, uh if this is working for them, if not and keep going.

A

And this will bug me so that's it.

A

And this one: what's this about? Oh I, opened this before the meeting. This is about uploading.

A

And let's see yeah we had Michael asked if uh nginx had request, buffering, enabled.

A

So I guess we'll I guess we have enough attention on this. For now.

A

And we talked about this I believe or did did we Michael stack? This guy is basically asking for um making one of the search. That's not configurable, not rotatable uh they're, asking it to be rotatable, so I guess we can weigh that suggestion. I think they have the right direction, but I will hold off and let Michael bless them with a green light.

A

And the first one we already discussed and updated.

A

So I guess for for the issues we're done, but if you have any PR that you want to open now we still have a little more time. We can do that any topics last minute topics. We can also do that. So.

A

Otherwise, we can also end a bit early, give people some time back.

A

It's also fine.

A

Right then I guess we will end here and uh thanks for helping groom the issues and see you in two weeks.

C

Thank you, Alex see you thank.

D

You have a good week.