On 10/17/22 17:17, Stefan Berger wrote:
On 10/17/22 09:48, Daniel P. Berrangé wrote:
> On Mon, Oct 17, 2022 at 09:39:52AM -0400, Stefan Berger wrote:
>>
>>
>
> The key is in qemuMigrationSrcIsSafe(), and how it determines if a
> migration is safe.
>
> * Disk on local storage, no flags => unsafe, migration error
> * Disk on local storage, VIR_MIGRATE_NON_SHARED_DISK => ok, copies
> disk storage
> * Disk on shared storage, no flags => safe
> * Disk on shared storage, VIR_MIGRATE_NON_SHARED_DISK => ok, but
> needlessly copies disk storage
>
> The key helper methods are virFileIsSharedFS and virFileIsClusterFS
> which check the filesystem type for the path against a known list
> of shared/cluster FS.
>
>> So we won't do it this way for TPM state migration. Instead we can
>> try to write on the source migration side
>>
>> a) a simple file and detect whether the file is at the destination
>> b) a file with either a name or content that only the source and
>> destination libvirts would know at this point
>>
>> b) is to prevent stale files from becoming indicators for shared
>> storage.
>
> No, please use the virFileIsSharedFS/ClusterFS helpers.
>
I tried to use virFileIsSharedFS on the source and destination side of
my NFS setup to see how they work. The issue here is that the NFS server
side, that exports /var/lib/libvirt/swtpm and is also the migration
source at some point, says this:
/var/lib/libvirt/swtpm/ecc221c4-6bb9-423f-ac31-72244fdbb1a1/tpm2 is
shared: 0
the NFS client side then says this:
/var/lib/libvirt/swtpm/ecc221c4-6bb9-423f-ac31-72244fdbb1a1/tpm2 is
shared: 1
Are both sides mounted as NFS or just one of them? I think it's safe to
assume that either both sides are on a shared FS or none. Otherwise I'm
quite sure file locking won't work anyways. We can go even further and
test whether shared_fs(source) == shared_fs(dst); and throw an error if
it doesn't.
And since I've misguided you on the way with flag I am willing to help
you write patches. Please let me know if you need any help.
Michal