►
From YouTube: March 2023 OpenZFS Leadership Meeting
Description
Agenda: merging OSX support; i/o rate limit design
full notes: https://docs.google.com/document/d/1w2jv2XVYFmBVvG1EGf-9A5HBVsjAYoLIFZAnWHhV-BM/edit#
B
Close
did
I
just
get
volunteered
by
someone
cool,
okay,
sure
we
could
talk
about
that
I
guess
we
should
discuss
whether
or
not
you
know
we
want
the
macro
support
in
the
repository.
Is
it
a
net
positive
for
the
collective
goodness
there
were,
and
then,
after
that,
how
do
we
move
forward
like
either
way
right
because
it's
obviously
non-zero
effort
to
keep
the
pr
updated
right?
So
it's
a.
A
I
mean
it
sounds
good
to
me.
I
know,
you've
been
making
a
lot
of
you
know
little
improvements
and
you
making
the
code
more
abstract
over
the
past
few
years.
To
kind
of
prepare
for
this,
that's
all
seemed
good,
like
I,
think
having
you
and
the
rest
of
the
OS
X
team,
you
know
contributing
directly
to
the
main
opens
of
History
pool
will
be
great.
B
A
B
A
B
A
And
in
terms
of
running
it
to
test
it
is
that
something
that
you're
doing
manually
now
or
like?
What's
the
expectation
of
other
developers
like
let's
say,
I'm,
developing
something
and
I
make
a
change
and
say:
oh
yeah,
I
need
to
make
the
same
same
kind
of
change
on
Linux,
vbsd
and
OS
X,
because
it's
in
like
the
zpl
or
whatever
and
the
code,
all
kind
of
looks
the
same
I
type
in
this.
You
know
apply
kind
of
sort
of
the
same
diff
all
through
them.
A
B
Honestly,
yeah,
that
is
good
enough
right
and
then
I'll
have
to
come
in
and
fix
it.
They
are
steps
we
could
take.
We
could
set
up
our
own
Runner,
so
we
disable
the
Sip
and
and
then
you
can
actually
do
the
test
run
and
so
on,
and
that
is
part
of
the
plan
or
the
idea.
I,
don't
know
that
would
be
part.
You
know
you
have
to
work
with
Brian
to
set
that
up
for
the
actual
repository
yeah.
B
B
B
A
Yeah,
so
we
I
mean,
obviously
we
want
to
get
Brian's
feedback
on
kind
of
the
idea
of
like
the
code.
Maintenance,
I,
don't
see
him
here
today
and
then
you
know
how
how
we
could
integrate
it
with
the
runners,
which
would
you
know
it
sounds
like
that
would
be
a
nice
to
have,
but
not
a
core
requirement
for
integration.
A
If
we
kind
of
treat
it
as
like,
you
know,
maybe
we
call
it
like
tier
one
versus
tier
two.
You
know
OS
X
is
like
tier
two.
You
can't
break
the
build,
but
you
know
because
we
don't
yet
have
CI
testing
for
running
it.
You
know
it
might
not.
You
know,
tip
of
Maine
might
not
actually
work
until
somebody
tests
it
out
on.
B
A
Like
at
the
end
of
a
release,
you
know
we
do
have
some
we'd
have
a
release.
We'd
be
like
the
same
release
number
for
all
three
platforms,
and
you
know
we
there
might
be
some
I
think,
there's
already
some
manual
steps
for
Linux
and
whatnot.
So
then
there
would
be
some
additional
manual
steps
for
Mac
OS.
B
Yeah
and
if
you
talk
about
personal
affairs,
obviously
there
will
be
a
period
initially
where
you
know
we're
going
to
sort
some
things
out
and
I'm
I'm
ready
to
help
with
that.
But
one
concern
is
for
me:
is
you
do
all
this
work
to
add
Mac,
OS
and
then
sometimes
like
two
a
week,
a
few
weeks
or
a
few
months
or
whatever
Apple
decides
to
remove
kick
support?
C
A
I
mean
I
feel
like
it's.
Not
we've
done,
we've
done
a
pretty
good
job
of
like
isolating
the
different
platforms
code.
So
you
know
if
we
integrate
it,
you
know
I'm
I'm
guessing
but
like
I'm
guessing
that
of
these,
you
know
hundred
thousand
lines
of
code.
The
vast
majority
of
it
is
in
New
files
and
not
modifications
to
existing
files
right.
A
Yeah
I
mean
I'm
looking
at
like
there's
some
header
files,
and
you
know
you've
added
some
stuff.
I
mean
I
feel
like
it's,
not
that
significant
and
there's
there's
still
vestiges
of
lumos
support
in
the
code
base,
which
you
know
it
doesn't
even
compile
on.
So
you
know
worst
case
scenario.
If,
like
what
you're
saying
Apple
just
says,
this
is
just
not
technically
possible
anymore.
C
B
A
A
Like
you
know,
there
are
enough
people
that
care
enough
about
OS
X
to
go
fix.
If
it's
like
some
big
thing,
that's
like
hard
to
figure
out
like
I,
don't
know
encryption
or
like
one
of
these
other
like
really
massive
projects,
and
you
know
somebody
integrates
it
and
it
thinks
that
it
works.
But
then
you
know
it
turns
out
that
actually
there's
a
bunch
more
work,
that's
needed
by
people
that
are
experts
in
OS,
X
and
maybe
also
in
this
some
big
new
feature.
A
C
C
B
So
like,
how
do
we
proceed?
If
you
want
to
proceed
right,
we
used
to
do
small
PR's
right,
and
that
was
easy,
but
we
kind
of
ran
out
of
those
isolated
code
changes
and
now
I
made
it
one
big
thing,
because
you
know
we
can
still
make
small
PRS.
If
there
is
some
area
we
find
that
it
makes
sense,
but
they're
now
yeah
it
would
be
hard
to
pull
out
the
small
change
yeah.
A
B
Yeah
right
I
mean
it,
but
it
is
exactly
what
the
latest
installer
runs
so
that
people
are
running
there
are
a
couple
of
small
bugs
that
you
know
should
be
fixed
and
there's
a
new
version
that
will
probably
push
on
the
next
week
or
two
that
fix.
You
know
some
zatter
problems
or
whatever,
but
that's
just
it
like
it's
continuous
right.
A
B
A
B
B
E
One
way
to
approach
this
like
not
enough
maintainers
for
specific
Port,
is
that
we
could
declare
some
parts
like
a
tier
two
and
basically
they
will
obey
different
rules.
So,
for
example,
I
if
there
is
no
response
from
the
maintainer
I
I'm
able
to
like
we
can,
we
can
merge
the
change
and
we
don't
mind
if
it's
maybe
broken
for
a
short
period
of
time
or
something
like
this,
which
for
freebies
in
Linux,
is
probably
not
acceptable.
B
A
So
we
kind
of
decide
on
a
case-by-case
basis.
If
some
change
is
like
well
yeah,
it
breaks
Mac
OS
or
we
change
the
macquest
code
into
compiles,
but
we
don't
really
know
if
it
works,
but
we'll
just
let
it
be
for
now
until
somebody
comes
along
and
checks
it,
but
hopefully
that
won't
be
the
case.
You
know
I
think
you
know.
Jurgen
and
Tino
are
Super
Active
on
the
stuff.
So
hopefully
we
won't
run
into
that
situation
at
all.
F
F
B
C
C
E
Still
work
yeah,
so
I
was
hoping
to
to
give
a
short
demo,
but
I
had
this
brilliant
idea
yesterday
to
integrate
co-pilot
into
Vim,
so
it
turned
out.
I
had
to
upgrade
veeman
to
upgrade
V
my
head
upgrade
FreeBSD
and
now
I'm
not
able
to
present,
because
my
environment
is
messed
up
so
I'm
trying
to
to
get
this
running,
but
probably
I
won't
make
it.
But
I
can
show
at
least
the
some
of
the
design
choices.
E
E
E
So,
first
of
all,
we
have
this
one
rate
limit
property
which
basically
defines
all
the
rate
limiting
all
types
of
rate
limiting.
Initially
we
wanted
to
have
separate
properties
for
each
type
of
of
limit,
but
the
problem
is
that
we
have
to
trade
those
rate
limiting
those
limits
as
an
integral
set.
We
don't,
we
cannot
treat
them
separately
so
so
you
cannot
defined
one
limit.
Let's
say:
total
bandwidth
on
one
data
set
and
reduce
the
read
bandwidth
on
some
child
data
set.
E
So
if
I
set
limits
on,
let's
say
tank,
those
filaments
will
be
inherited
to
all
the
children
until
we
find
another
rate
limit
property
set
on
one
of
the
children
and
this
property
on
of
the
child
is
not
a
subset.
It's
not
a
subset
of
the
of
the
parents
limit.
It's
totally
separate
set
of
limits,
so
you
can
also
extend
the
limits
as
well.
D
Bit
of
that
was
based
on
the
discussion
with
Alexander
Moten,
about
avoiding
the
kind
of
recursion
that
we
have
with
like
quotas,
where
even
once,
we're
satisfied
that
you're
under
your
quota
for
the
data
set,
we
also
have
to
check
the
parents
quota
and
the
parents
quota
all
the
way
to
the
root,
and
that
is
kind
of
slow
and
sub-optimal.
And
this
we
just
needed
it
to
be
a
bit
simpler
and
like
Papa,
was
saying
the
trying
to
mix
and
match
these
six
quotas
at
different
layers
or
levels
of
net
hierarchy
was
gonna.
E
Complicated,
yes,
especially
because
one
operation
can
spawn,
can
overlap
multiple
limits.
So,
for
example,
if
you
do
a
data
right,
you
want
to
check
it
against
right.
Bandwidth,
total
bandwidth,
ride,
Ops
and
total
Ops,
so
trying
to
figure
out
where
this
threat
should
wait
on
which
Q
at
which
level
and
just
walk
the
entire
character
key
and
try
to
figure
out
how
to
do.
That
would
be
extremely
complex.
E
E
So
that's
the
idea
and
as
for
performance
as
long
as
you
don't
exceed
the
limits,
of
course,
there
is
no
performance
degradation
at
all.
So
if
you
have
very
fast
storage-
and
you
define
really
high
limits,
you
won't
see
any
performance
degradation
if
the
limits
are
configured
or
not
so
the
way
it's
implemented,
it
shouldn't
impact
performance
at
all.
E
So
that
was
like
one
of
the
goals
as
well
and
implementing
this
as
a
single
property
makes
it
more
intuitive
that
those
are
not
separate.
Properties
that
are
cannot
be
defined
independently.
You
have
to
Define
all
of
them
or
well.
You
can
do
some
like
you
have
to
you,
don't
have
to
Define
all
of
them.
You
can
Define
either
property
as
none
or
like
you
can
Define
the
whole
bandwidth
as
none.
E
There
are
some
examples
here,
so
I
can
Define
read
and
write
bandwidth,
but
no
total
bandwidth
and
I
can
Define
read
operations
limit
and
total
operations
limit,
but
no
right
operations
leave
it
or
I
can
or
I
may
not
Define
operations
limit
at
all.
So
of
course
you
you
can
choose
between
them,
but
those
limits
that
are
not
defined
are
not
inherited
from
above
those
are.
Basically,
it
means
it's
Unlimited,
so
and
and
coming
back
to
discussion
in
one
of
the
previous
meetings.
E
We
limit
operations
at
the
file
system
level
of
the
VFS
level.
We
don't
try
to
go
somewhere
deeper
and
try
to
figure
out
how
much
actual
disk
I
o
this
operation
will
take
for,
writes
it's
already
too
late,
because
we
are
in
the
middle
of
of
of
transaction
group
syncing.
So
it's
it's
too
late
to
do
any
limiting
because
it
will
will
just
stall
the
the
thinking
process
for
reads
it
could
be
possible,
but
then
it
would
be.
Inconsistent
so
reads
would
be
treated
differently
than
rights
and
at
the
VFS
level.
E
Also
it's
a
we
want
to
enforce
the
limit
as
soon
as
possible.
So
before
we
hold
too
much
locks,
some
locks
are
fine.
Like
range
locks,
probably
are
okay
because
we
are
will
be
holding.
We
will
be
slowing
down
the
entire
data
set.
So
all
the
operations
that
go
to
the
given
data
set,
it's
fine
if
we
slow
them
down,
but
but
we
don't
want
to
held,
we
don't
want
to
go
into
dmu
or
somewhere
deeper
and
then
decide
that
we
have
to
sleep.
E
E
I
can
use
that
to
to
set
up
like
some
saying
limits
and
then
I
will
be
able
to
easily
verify
that
they
are
being
enforced
and
they
are
properly
enforced,
because
I
can
just
make
sure
the
I
can
do
a
read
system.
Call
at
this
bandwidth
limit
that
I
defined
and
for
operations.
We
were
also
thinking
about
splitting,
let's
say
data
operations.
How
many
reads
I
do
from
metadata
operations,
let's
say
how
many
stats
I
do
or
how
many
link
and
links
or
five
files
creation
or
deletion
I
do.
G
Yeah
I
think
it's
Joe
Hesse
from
UCSF
I
could
see
not
being
able
to
differentiate
metadata
limits
from
data
limits.
As
being
you
know,
a
real
place
where
the
power
of
this
is
going
to
be
potentially
limited
right,
but
I
I,
guess
I
would
ask
the
question
in
in
practice
and
what
you're
seeing
are
there
I
mean
I,
guess
I'm,
just
imagining
there
are
scenarios
where
I
really
have
I
really
have
folks
who
are
very
metadata
heavy
in
their
workloads
versus
data.
G
Heavy
and
I
want
to
kind
of
compartmentalize
these
folks
off
for
each
other
and
make
them
good
neighbors
and
want
to
want
to
try
and
think
about
using
this
quota
system
for
that.
But
if,
if,
if
I'm,
if
I'm
not
really
correct-
and
thinking
about
that,
you
know
because
generally
I
try
to
manage
things
so
I'm
tuning
the
system.
So
a
lot
of
the
midday
metadata
is
coming
out
of
cash.
But
if
we're
treating
these
iops-
as
not
being
you
know,
like
they're
they're,
not
being
we're.
G
E
So
just
so
you
know
just
so
you
know
the
the
separation
between
like
data
operations
and
metadata
operations
are
purely
UI
think
so
we
can
easily
differentiate
those.
The
changes
would
be
pretty
basic,
like
pretty
trivial
to
to
like
separate
metadata
limits
from
operation
data
limits.
It
will
just
make
the
the
property
ugly
yeah.
D
G
D
E
G
How
about
just
that's
just
based
on
a
supposition
on
my
part
that
you
know
somebody
can
really
Hammer
my
system
with
with
actual
data
rights,
but
somebody
can
also
come
along
and
really
hammer
it
with
metadata,
but
those
those
numbers
are
going
to
be
very
different
right.
The
metadata
quantities
to
really
bog
down
the
system,
because
so
much
is
in
cash,
are
going
to
be
very
different.
So.
E
G
Okay,
great
I
I
didn't
quite
understand
that
from
the
presentation,
but
that
makes
sense
that
I
would
treat
those
those
conflicting
neighbors
by
having
higher
iops
limits
and
for
for
the
metadata
heavy
users
which
wouldn't
affect
you
know,
which
really
don't
really.
That's,
not
really.
How
I'm
trying
to
handle
the
data,
bandwidth,
heavy
users
and
then
I
use
that.
So
that
makes
sense
that
that
may
be
sufficient.
Thanks
for
explaining
that.
H
D
H
A
This
seems
cool
like
I
think
that
having
to
be
one
property,
even
though
the
inputting
is
a
little
unwieldy
like
it
makes
sense
as
far
as
simplifying
it
I.
My
question
is
about
how
the
inheritance
and
stuff
works
like
you're,
saying
if
you
said,
if
you
can
set
it
on
a
parent,
and
it
applies
to
all
the
operations
of
the
children.
A
A
D
I
E
A
A
Would
it
be,
would
it
satisfy
your
use
cases
if
we
were
to
say
like
you
cannot
like,
you
can
only
set
it
at
one
level,
so,
in
other
words,
like
once
I
have
set
this
everything
below
it.
Yeah
cannot
have
a
setting
like
it
uses
my
setting
and
so
like
you're,
forcing
the
property
settings
to
be
like
totally
disjoint.
D
E
D
H
D
A
A
Yeah
but
I
mean
a
that
is
complicated
and
people's
understanding
of
that
is
imperfect
and
be
like
with
encryption.
For
example,
if
I
say
encryption
on
something,
I
cannot
not
have,
I
cannot
say
this,
and
everything
is
under
is
encrypted.
Oh,
unless
somebody
comes
along
and
says,
don't
encrypt
this
child
right,
because.
C
A
C
C
D
C
A
H
E
E
A
E
E
A
E
A
A
D
Please
yeah,
like
we
also
thought
about
you
know,
or
one
idea
that
was
suggested
in
a
previous
call,
was
having
something
that's
more.
Like
a
reservation
saying
you
know,
this
data
set
gets
200,
iops
and
other
data
sets
that
you
know
the
data
sets
that
are
exceeding
their
quota
can
still
do
stuff
as
long
as
every
data
set
that
wants
to
do
stuff
under
its
quota
has
done
it
first,
but
that's
much
more
complicated
and
at
a
scope
for
what
we
were
trying
to
build
here.
D
So
I
think
like
to
pavel's
point
the
the
problem
with
having
it
apply
kind
of
recursively
is
we
have
to
hang
this
aisle
off
somebody
and
have
it
wait
and
if
three
different
rate
limits
technically
apply
to
this,
I
o,
which,
which
cue
does
it
go
in
and
to
to
know
when
you
know,
is
this
child
has
got
enough
right
bandwidth
now,
but
the
parent
doesn't.
Does
it
end
up
sleeping
in
the
wrong
place
or
whatever.
G
So
I'm
wondering
whether,
when
we
represent
the
properties
that
are
inherited
on
children,
if,
if
it
was
displayed
as
something
like,
you
know,
rate
limit
route
and
then
the
data
set,
that
is
the
roof.
That
is
controlling
that,
as
opposed
to
showing
the
rate
limit.
That's
inherited,
then,
as
I'm
looking
and
I'm,
not
I'm.
G
G
C
G
C
D
And
even
with
that,
we
wouldn't
necessarily
even
have
to
put
the
make
a
rate
limit,
root,
property
or
anything
it
would
just
still
say
inherited
from,
but
it
wouldn't
reprint
the
number
like
it
would
currently.
So
each
child
doesn't
look
like
it
maybe
reads
as
having
a
rate
limit
of
the
whole
rate
limit
on
every
single
child.
Instead,
it
just
says
this
comes
from
the
parent
and
you
have
to
look
there
to
see
what
the
limits
are.
The.
D
A
A
H
D
J
I
might
add
a
couple
of
points
and
then
I'll
be
able
to
grasp
all
of
the
technical
details
behind
why
this
suggestion
module
might
not
work
but
I
think
the
concept
of
the
rate
limiting
could
have
been
very
beneficial
in
a
multi-tenant
environment
where,
for
example,
as
an
administrator
of
some
of
some
infrastructure,
I'd
like
to
delegate
access
to
this
ZFS
data
set
to
some
other
other
entity
with
the
current
design.
I
think
this
would
not
be
able
to
work
with
because
it
the
intuitive
way,
I
thought
about
it.
J
I
I
think
some
some
would
think
about
it
as
a
delegates,
for
example,
this
amount
of
redials
or
write-ups.
So
this
other
entity
or
just
other
administrator,
and
then
it
will
just
be
hands
off
and
make
sure
this
would
give
the
overall
administrator
the
ease
of
mind
that
this
client
or
this
or
this
tenant
won't
ever
be
able
to
add
more
to
consume.
More
of
the
resources
than
I
had
originally
planned
for.
D
When
you
delegate
a
data
set
to
a
container,
either
a
jail
on
FreeBSD
or
like
a
an
lxd
container
on
Linux,
if
you're,
not
in
the
global
Zone,
to
use
the
Solaris
terminology
that
the
macro
is
named
after
then,
you're
not
allowed
to
set
the
rate
limit
property.
The
same
way
you're
not
allowed
to
change
your
quota.
So.