Hi, On Mon, May 22, 2017 at 04:25:37PM +0200, Gionatan Danti wrote: > Hi all, > I have a question regarding how to automatically shutdown (or put in > read-only mode) an XFS filesystem which reside on a full thin pool. > If you want that XFS shut down when it hits an error, you can configure it through sysfs in: /sys/fs/xfs/<dev>/error/ directory. You can find detailed info in Documentation/filesystems/xfs.txt (from linux source). Although, I should say this is a bad idea. A full thin pool will return an ENOSPC error to the filesystem, and, the filesystem should act accordingly. Would you want the filesystem to shut down because it hit an ENOSPC, or report to the user and let him/her to take the appropriate action, like freeing space or increasing the dm-thin pool size? > Background info: when a thin pool become full, it will deny any new > unallocated writes, but will continue to allow writes to already-allocated > storage chunks. So, it behave as a badly damaged disk, where some places can > be written, but others throw an error. > The behavior really depends on several configurations, including how dm-thin will deal with ENOSPC situations, dm-thin can be configured to queue new incoming IOs, fail the IO, etc, but, even in a full disk situation, you can still rewrite data, so this behavior doesn't change much from what would happen if you fill up a regular block device, XFS will try to allocate a new block, the block device returns an ENOSPC and XFS acts accordingly. > Playing with dmsetup table it is possible to deny *all* I/O to the volume, > but it require careful monitor and a sensible script to do the right thing > (tm). > > From my testing, it happear that XFS will shutdown itself when a metadata > write fails, however, failed *data* update will continue without triggering > any filesystem response. Is this by design? Can I do something about that? > What exactly do you mean by failed data update? As long as you don't need to allocate any new block either for data of metadata, you should be able to rewrite data normally if the device is full. How dm-thin and XFS will work together, really depends on how you configure both of them. XFS has a configuration system that you can use to set how it will behave in some error situations according to your preferences, it can be set to retry the writes for a specific amount of time, or simply fail immediately and shut down the filesystem. Worth to mention though, there is a bug that might be triggered when you overcommit the space (creates a virtual device larger than the real physical space), it's not too easy to trigger it though, and the fix is already WIP. Cheers. -- Carlos -- To unsubscribe from this list: send the line "unsubscribe linux-xfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
