10.04.2012 16:16, Jeff Layton пишет:
On Tue, 10 Apr 2012 15:44:42 +0400
(sorry about the earlier truncated reply, my MUA has a mind of its own
this morning)
OK then. Previous letter confused me a bit.
TBH, I haven't considered that in depth. That is a valid situation, but
one that's discouraged. It's very difficult (and expensive) to
sequester off portions of a filesystem for serving.
A filehandle is somewhat analogous to a device/inode combination. When
the server gets a filehandle, it has to determine "is this within a
path that's exported to this host"? That process is called subtree
checking. It's expensive and difficult to handle. It's always better to
export along filesystem boundaries.
My suggestion would be to simply not deal with those cases in this
patch. Possibly we could force no_subtree_check when we export an fs
with a locks_in_grace option defined.
Sorry, but without dealing with those cases your patch looks a bit... Useless.
I.e. it changes nothing, it there will be no support from file systems, going to
be exported.
But how are you going to push developers to implement these calls? Or, even if
you'll try to implement them by yourself, how they will looks like?
Simple check only for superblock looks bad to me, because any other start of
NFSd will lead to grace period for all other containers (which uses the same
filesystem).
Also, don't we need to prevent of exporting the same file system parts but
different servers always, but not only for grace period?
I'm not sure I understand what you're asking here. Were you referring
to my suggestion earlier of not allowing the export of the same
filesystem from more than one container? If so, then yes that would
apply before and after the grace period ends.
I was talking about preventing of exporting intersecting directories by
different server.
IOW, exporting of the same file system by different NFS server is allowed, but
only if their exporting directories doesn't intersect.
This check is expensive (as you mentioned), but have to be done only once on NFS
server start.
With this solution, grace period can simple, and no support from exporting file
system is required.
But the main problem here is that such intersections can be checked only in
initial file system environment (containers with it's own roots, gained via
chroot, can't handle this situation).
So, it means, that there have to be some daemon (kernel or user space), which
will handle such requests from different NFS server instances... Which in turn
means, that some way of communication between this daemon and NFS servers is
required. And unix (any of them) sockets doesn't suits here, which makes this
problem more difficult.
--
Best regards,
Stanislav Kinsbursky
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
