On Wed, Mar 08, 2017 at 07:26:08PM +0100, Philipp Hahn wrote:
Hello, Am 08.03.2017 um 17:28 schrieb Martin Kletzander:On Wed, Mar 01, 2017 at 08:44:54PM +0100, Philipp Hahn wrote:The documentation is plain wrong about the default write_error policy, as its only implemented by QEMU (src/vz/vz_utils.c is the only other case, which simply explodes, is anything except other then VIR_DOMAIN_DISK_ERROR_POLICY_DEFAULT is used).Sounds like bashing about some problem. Is there any bug somewhere? It does not add any useful information to the commit message, so I'll strip it off before pushing.My problem is, that the documentation does not match the implementation and from reading that documentation you get a wrong impression: The documentation claims, that the default is "report", while the QEMU internal default is "ENOSPC". This has a sever difference, namely that your VM gets suspended when your host systems file systems get full. This is a good default, as you don't loose any data, but on the other hand your VM disappears from the network until you free some space and resume the VM. I have seen this happen multiple times and I know the behaviour by now, but others have reported this "strange" behaviour to me several times: they keep wondering why their VM suddenly gets paused, while the libvirt documentation tells them that the VM would see all errors (report). So lets please tell those people to look at the QEMU code and not the libvirt code.
That's why we are trying not to promise any hypervisor defaults in the docs (my review for v2). Mostly because the hypervisor default might change. Every time you need something specific you need to specify it in the XML. I'm sorry that disappointed you.
So my question is; is there anything in that driver that needs fixing WRT this patch?The default is okay and the most save regarding data loss, but might not be okay if service availability is more important to you. We can even apply the following change on top, as QEMU is the only driver implementing a configurable error policy:diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index dc44a55..025007f 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -2744,13 +2744,14 @@ The optional <code>error_policy</code> attribute controls how the hypervisor will behave on a disk read or write error, possible values are "stop", "report", "ignore", and - "enospace".<span class="since">Since 0.8.0, "report" since + "enospace".<span class="since">Since 0.8.0 (QEMU and KVM only), "report" since 0.9.7</span> The default is left to the discretion of the hypervisor.<br/> There is also an optional <code>rerror_policy</code> that controls behavior for read errors only. <span class="since">Since - 0.9.7</span>. If no rerror_policy is given, error_policy + 0.9.7 (QEMU and KVM only)</span>. + If no rerror_policy is given, error_policy is used for both read and write errors. If rerror_policy is given, it overrides the <code>error_policy</code> for read errors. Also note that "enospace" is not a valid
Yeah, unfortunately this is something we should handle more efficiently. There's a lot of XML and documentation that's only QEMU-related.
Attachment:
signature.asc
Description: Digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
