Re: [libvirt] [PATCH v3] doc: Correct the default werror policy
Hello,
Am 08.03.2017 um 17:28 schrieb Martin Kletzander:
On Wed, Mar 01, 2017 at 08:44:54PM +0100, Philipp Hahn wrote:
> The documentation is plain wrong about the default write_error policy,
> as its only implemented by QEMU (src/vz/vz_utils.c is the only other
> case, which simply explodes, is anything except other then
> VIR_DOMAIN_DISK_ERROR_POLICY_DEFAULT is used).
>
Sounds like bashing about some problem. Is there any bug somewhere? It
does not add any useful information to the commit message, so I'll strip
it off before pushing.
My problem is, that the documentation does not match the implementation
and from reading that documentation you get a wrong impression:
The documentation claims, that the default is "report", while the QEMU
internal default is "ENOSPC".
This has a sever difference, namely that your VM gets suspended when
your host systems file systems get full. This is a good default, as you
don't loose any data, but on the other hand your VM disappears from the
network until you free some space and resume the VM.
I have seen this happen multiple times and I know the behaviour by now,
but others have reported this "strange" behaviour to me several times:
they keep wondering why their VM suddenly gets paused, while the libvirt
documentation tells them that the VM would see all errors (report).
So lets please tell those people to look at the QEMU code and not the
libvirt code.
So my question is; is there anything in that driver that needs
fixing
WRT this patch?
The default is okay and the most save regarding data loss, but might not
be okay if service availability is more important to you.
We can even apply the following change on top, as QEMU is the only
driver implementing a configurable error policy:
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index dc44a55..025007f 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -2744,13 +2744,14 @@
The optional <code>error_policy</code> attribute controls
how the hypervisor will behave on a disk read or write
error, possible values are "stop", "report",
"ignore", and
- "enospace".<span class="since">Since 0.8.0,
"report" since
+ "enospace".<span class="since">Since 0.8.0 (QEMU
and KVM only), "report" since
0.9.7</span> The default is left to the discretion of the
hypervisor.<br/>
There is also an
optional <code>rerror_policy</code> that controls behavior
for read errors only. <span class="since">Since
- 0.9.7</span>. If no rerror_policy is given, error_policy
+ 0.9.7 (QEMU and KVM only)</span>.
+ If no rerror_policy is given, error_policy
is used for both read and write errors. If rerror_policy
is given, it overrides the <code>error_policy</code> for
read errors. Also note that "enospace" is not a valid
And "report" is the default for QEMU since
release_0_10_0~298 ,which made the policy configurable, but the commit
message claims "report" was even the default before that:
commit 428c570512c1d9298b52dc9fc1a541b542a5c117
Author: aliguori <aliguori@c046a42c-6fe2-441c-8c8c-71466251a162>
Date: Wed Jan 21 18:59:04 2009 +0000
Stop VM on ENOSPC error. (Gleb Natapov)
This version of the patch adds new option "werror" to -drive flag.
Possible values are:
report - report errors to a guest as IO errors
ignore - continue as if nothing happened
stop - stop VM on any error and retry last command on resume
enospc - stop vm on ENOSPC error and retry last command on resume
all other errors are reported to a guest.
Default is "report" to maintain current behaviour.
Signed-off-by: Gleb Natapov <gleb(a)redhat.com>
Signed-off-by: Anthony Liguori <aliguori(a)us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6388
c046a42c-6fe2-441c-8c8c-71466251a162
Philipp