1
0
mirror of git://sourceware.org/git/lvm2.git synced 2024-12-30 17:18:21 +03:00
lvm2/tools/vgcfgrestore.c

160 lines
4.2 KiB
C
Raw Normal View History

2002-01-15 21:17:57 +03:00
/*
2008-01-30 17:00:02 +03:00
* Copyright (C) 2001-2004 Sistina Software, Inc. All rights reserved.
* Copyright (C) 2004-2018 Red Hat, Inc. All rights reserved.
2002-01-15 21:17:57 +03:00
*
2004-03-30 23:35:44 +04:00
* This file is part of LVM2.
*
* This copyrighted material is made available to anyone wishing to use,
* modify, copy, or redistribute it subject to the terms and conditions
* of the GNU Lesser General Public License v.2.1.
2004-03-30 23:35:44 +04:00
*
* You should have received a copy of the GNU Lesser General Public License
2004-03-30 23:35:44 +04:00
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
2002-01-15 21:17:57 +03:00
*/
#include "tools.h"
#include "device_mapper/all.h"
#include "device_mapper/misc/dm-ioctl.h"
/*
* Check if there are any active volumes from restored vg_name.
* We can prompt user, as such operation may make some serious
* troubles later, when user will try to continue such devices.
*/
static int _check_all_dm_devices(const char *vg_name, unsigned *found)
{
struct dm_task *dmt;
struct dm_names *names;
char vgname_buf[DM_NAME_LEN * 2];
char *vgname, *lvname, *lvlayer;
unsigned next = 0;
int r = 1;
if (!(dmt = dm_task_create(DM_DEVICE_LIST)))
return_0;
if (!dm_task_run(dmt)) {
r = 0;
goto_out;
}
if (!(names = dm_task_get_names(dmt))) {
r = 0;
goto_out;
}
if (!names->dev) {
log_verbose("No devices found.");
goto out;
}
do {
/* TODO: Do we want to validate UUID LVM- prefix as well ? */
names = (struct dm_names *)((char *) names + next);
if (!_dm_strncpy(vgname_buf, names->name, sizeof(vgname_buf))) {
r = 0;
goto_out;
}
vgname = vgname_buf;
if (!dm_split_lvm_name(NULL, NULL, &vgname, &lvname, &lvlayer)) {
r = 0;
goto_out;
}
if (strcmp(vgname, vg_name) == 0) {
log_print("Volume group %s has active volume: %s.", vgname, lvname);
(*found)++;
}
next = names->next;
} while (next);
out:
dm_task_destroy(dmt);
return r;
}
2002-01-15 21:17:57 +03:00
int vgcfgrestore(struct cmd_context *cmd, int argc, char **argv)
2002-01-15 21:17:57 +03:00
{
const char *vg_name = NULL;
unsigned found = 0;
int ret;
if (argc == 1) {
vg_name = skip_dev_dir(cmd, argv[0], NULL);
if (!validate_name(vg_name)) {
2018-06-05 19:47:03 +03:00
log_error("Volume group name \"%s\" is invalid.", vg_name);
return EINVALID_CMD_LINE;
}
} else if (!(arg_is_set(cmd, list_ARG) && arg_is_set(cmd, file_ARG))) {
log_error("Please specify a *single* volume group to restore.");
return EINVALID_CMD_LINE;
2002-01-15 21:17:57 +03:00
}
/*
* FIXME: overloading the -l arg for now to display a
* list of archive files for a particular vg
*/
if (arg_is_set(cmd, list_ARG)) {
if (!(arg_is_set(cmd,file_ARG) ?
archive_display_file(cmd,
arg_str_value(cmd, file_ARG, "")) :
archive_display(cmd, vg_name)))
return_ECMD_FAILED;
2003-10-22 02:06:07 +04:00
return ECMD_PROCESSED;
}
if (!vg_name) {
log_error(INTERNAL_ERROR "VG name is not set.");
return ECMD_FAILED;
} else if (!_check_all_dm_devices(vg_name, &found)) {
log_warn("WARNING: Failed to check for active volumes in volume group \"%s\".", vg_name);
} else if (found) {
log_warn("WARNING: Found %u active volume(s) in volume group \"%s\".",
found, vg_name);
log_print("Restoring VG with active LVs, may cause mismatch with its metadata.");
if (!arg_is_set(cmd, yes_ARG) &&
yes_no_prompt("Do you really want to proceed with restore of volume group \"%s\", "
"while %u volume(s) are active? [y/n]: ",
vg_name, found) == 'n') {
log_error("Restore aborted.");
return ECMD_FAILED;
}
}
locking: unify global lock for flock and lockd There have been two file locks used to protect lvm "global state": "ORPHANS" and "GLOBAL". Commands that used the ORPHAN flock in exclusive mode: pvcreate, pvremove, vgcreate, vgextend, vgremove, vgcfgrestore Commands that used the ORPHAN flock in shared mode: vgimportclone, pvs, pvscan, pvresize, pvmove, pvdisplay, pvchange, fullreport Commands that used the GLOBAL flock in exclusive mode: pvchange, pvscan, vgimportclone, vgscan Commands that used the GLOBAL flock in shared mode: pvscan --cache, pvs The ORPHAN lock covers the important cases of serializing the use of orphan PVs. It also partially covers the reporting of orphan PVs (although not correctly as explained below.) The GLOBAL lock doesn't seem to have a clear purpose (it may have eroded over time.) Neither lock correctly protects the VG namespace, or orphan PV properties. To simplify and correct these issues, the two separate flocks are combined into the one GLOBAL flock, and this flock is used from the locking sites that are in place for the lvmlockd global lock. The logic behind the lvmlockd (distributed) global lock is that any command that changes "global state" needs to take the global lock in ex mode. Global state in lvm is: the list of VG names, the set of orphan PVs, and any properties of orphan PVs. Reading this global state can use the global lock in sh mode to ensure it doesn't change while being reported. The locking of global state now looks like: lockd_global() previously named lockd_gl(), acquires the distributed global lock through lvmlockd. This is unchanged. It serializes distributed lvm commands that are changing global state. This is a no-op when lvmlockd is not in use. lockf_global() acquires an flock on a local file. It serializes local lvm commands that are changing global state. lock_global() first calls lockf_global() to acquire the local flock for global state, and if this succeeds, it calls lockd_global() to acquire the distributed lock for global state. Replace instances of lockd_gl() with lock_global(), so that the existing sites for lvmlockd global state locking are now also used for local file locking of global state. Remove the previous file locking calls lock_vol(GLOBAL) and lock_vol(ORPHAN). The following commands which change global state are now serialized with the exclusive global flock: pvchange (of orphan), pvresize (of orphan), pvcreate, pvremove, vgcreate, vgextend, vgremove, vgreduce, vgrename, vgcfgrestore, vgimportclone, vgmerge, vgsplit Commands that use a shared flock to read global state (and will be serialized against the prior list) are those that use process_each functions that are based on processing a list of all VG names, or all PVs. The list of all VGs or all PVs is global state and the shared lock prevents those lists from changing while the command is processing them. The ORPHAN lock previously attempted to produce an accurate listing of orphan PVs, but it was only acquired at the end of the command during the fake vg_read of the fake orphan vg. This is not when orphan PVs were determined; they were determined by elimination beforehand by processing all real VGs, and subtracting the PVs in the real VGs from the list of all PVs that had been identified during the initial scan. This is fixed by holding the single global lock in shared mode while processing all VGs to determine the list of orphan PVs.
2019-04-18 23:01:19 +03:00
if (!lock_global(cmd, "ex"))
2002-11-18 17:04:08 +03:00
return ECMD_FAILED;
if (!lock_vol(cmd, vg_name, LCK_VG_WRITE, NULL)) {
log_error("Unable to lock volume group %s.", vg_name);
return ECMD_FAILED;
}
clear_hint_file(cmd);
if (!lvmcache_label_scan(cmd)) {
unlock_vg(cmd, NULL, vg_name);
return_ECMD_FAILED;
}
scan: do scanning at the start of a command Move the location of scans to make it clearer and avoid unnecessary repeated scanning. There should be one scan at the start of a command which is then used through the rest of command processing. Previously, the initial label scan was called as a side effect from various utility functions. This would lead to it being called unnecessarily. It is an expensive operation, and should only be called when necessary. Also, this is a primary step in the function of the command, and as such it should be called prominently at the top level of command processing, not as a hidden side effect of a utility function. lvm knows exactly where and when the label scan needs to be done. Because of this, move the label scan calls from the internal functions to the top level of processing. Other specific instances of lvmcache_label_scan() are still called unnecessarily or unclearly by specific commands that do not use the common process_each functions. These will be improved in future commits. During the processing phase, rescanning labels for devices in a VG needs to be done after the VG lock is acquired in case things have changed since the initial label scan. This was being done by way of rescanning devices that had the INVALID flag set in lvmcache. This usually approximated the right set of devices, but it was not exact, and obfuscated the real requirement. Correct this by using a new function that rescans the devices in the VG: lvmcache_label_rescan_vg(). Apart from being inexact, the rescanning was extremely well hidden. _vg_read() would call ->create_instance(), _text_create_text_instance(), _create_vg_text_instance() which would call lvmcache_label_scan() which would call _scan_invalid() which repeats the label scan on devices flagged INVALID. lvmcache_label_rescan_vg() is now called prominently by _vg_read() directly.
2018-02-07 22:26:37 +03:00
cmd->handles_unknown_segments = 1;
if (!(arg_is_set(cmd, file_ARG) ?
backup_restore_from_file(cmd, vg_name,
arg_str_value(cmd, file_ARG, ""),
arg_count(cmd, force_long_ARG)) :
backup_restore(cmd, vg_name, arg_count(cmd, force_long_ARG)))) {
lvmetad: two phase vg_update Previously, a command sent lvmetad new VG metadata in vg_commit(). In vg_commit(), devices are suspended, so any memory allocation done by the command while sending to lvmetad, or by lvmetad while updating its cache could deadlock if memory reclaim was triggered. Now lvmetad is updated in unlock_vg(), after devices are resumed. The new method for updating VG metadata in lvmetad is in two phases: 1. In vg_write(), before devices are suspended, the command sends lvmetad a short message ("set_vg_info") telling it what the new VG seqno will be. lvmetad sees that the seqno is newer than the seqno of its cached VG, so it sets the INVALID flag for the cached VG. If sending the message to lvmetad fails, the command fails before the metadata is committed and the change is not made. If sending the message succeeds, vg_commit() is called. 2. In unlock_vg(), after devices are resumed, the command sends lvmetad the standard vg_update message with the new metadata. lvmetad sees that the seqno in the new metadata matches the seqno it saved from set_vg_info, and knows it has the latest copy, so it clears the INVALID flag for the cached VG. If a command fails between 1 and 2 (after committing the VG on disk, but before sending lvmetad the new metadata), the cached VG retains the INVALID flag in lvmetad. A subsequent command will read the cached VG from lvmetad, see the INVALID flag, ignore the cached copy, read the VG from disk instead, update the lvmetad copy with the latest copy from disk, (this clears the INVALID flag in lvmetad), and use the correct VG metadata for the command. (This INVALID mechanism already existed for use by lvmlockd.)
2016-06-08 22:42:03 +03:00
unlock_vg(cmd, NULL, vg_name);
log_error("Restore failed.");
ret = ECMD_FAILED;
goto out;
2002-01-15 21:17:57 +03:00
}
ret = ECMD_PROCESSED;
2018-06-05 19:47:03 +03:00
log_print_unless_silent("Restored volume group %s.", vg_name);
lvmetad: two phase vg_update Previously, a command sent lvmetad new VG metadata in vg_commit(). In vg_commit(), devices are suspended, so any memory allocation done by the command while sending to lvmetad, or by lvmetad while updating its cache could deadlock if memory reclaim was triggered. Now lvmetad is updated in unlock_vg(), after devices are resumed. The new method for updating VG metadata in lvmetad is in two phases: 1. In vg_write(), before devices are suspended, the command sends lvmetad a short message ("set_vg_info") telling it what the new VG seqno will be. lvmetad sees that the seqno is newer than the seqno of its cached VG, so it sets the INVALID flag for the cached VG. If sending the message to lvmetad fails, the command fails before the metadata is committed and the change is not made. If sending the message succeeds, vg_commit() is called. 2. In unlock_vg(), after devices are resumed, the command sends lvmetad the standard vg_update message with the new metadata. lvmetad sees that the seqno in the new metadata matches the seqno it saved from set_vg_info, and knows it has the latest copy, so it clears the INVALID flag for the cached VG. If a command fails between 1 and 2 (after committing the VG on disk, but before sending lvmetad the new metadata), the cached VG retains the INVALID flag in lvmetad. A subsequent command will read the cached VG from lvmetad, see the INVALID flag, ignore the cached copy, read the VG from disk instead, update the lvmetad copy with the latest copy from disk, (this clears the INVALID flag in lvmetad), and use the correct VG metadata for the command. (This INVALID mechanism already existed for use by lvmlockd.)
2016-06-08 22:42:03 +03:00
unlock_vg(cmd, NULL, vg_name);
out:
return ret;
2002-01-15 21:17:57 +03:00
}