From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from [140.186.70.92] (port=47347 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Ov9FM-0006MB-Bt for qemu-devel@nongnu.org; Mon, 13 Sep 2010 09:39:01 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69) (envelope-from ) id 1Ov9FL-0004Gy-3k for qemu-devel@nongnu.org; Mon, 13 Sep 2010 09:39:00 -0400 Received: from mx1.redhat.com ([209.132.183.28]:28196) by eggs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1Ov9FK-0004Go-TD for qemu-devel@nongnu.org; Mon, 13 Sep 2010 09:38:59 -0400 Message-ID: <4C8E2981.7000304@redhat.com> Date: Mon, 13 Sep 2010 15:39:13 +0200 From: Kevin Wolf MIME-Version: 1.0 References: <1284213896-12705-1-git-send-email-aliguori@us.ibm.com> <1284213896-12705-4-git-send-email-aliguori@us.ibm.com> <4C8DE19B.9090309@redhat.com> <4C8E2747.9090806@linux.vnet.ibm.com> In-Reply-To: <4C8E2747.9090806@linux.vnet.ibm.com> Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: 7bit Subject: [Qemu-devel] Re: [PATCH 3/3] disk: don't read from disk until the guest starts List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Anthony Liguori Cc: Anthony Liguori , Juan Quintela , qemu-devel@nongnu.org, Stefan Hajnoczi Am 13.09.2010 15:29, schrieb Anthony Liguori: > On 09/13/2010 03:32 AM, Kevin Wolf wrote: >> Am 11.09.2010 16:04, schrieb Anthony Liguori: >> >>> This fixes a couple nasty problems relating to live migration. >>> >>> 1) When dealing with shared storage with weak coherence (i.e. NFS), even if >>> we re-read, we may end up with undesired caching. By delaying any reads >>> until we absolutely have to, we decrease the likelihood of any undesirable >>> caching. >>> >>> 2) When dealing with copy-on-read, the local storage acts as a cache. We need >>> to make sure to avoid any reads to avoid polluting the local cache. >>> >>> Signed-off-by: Anthony Liguori >>> >> I think we should also delay even opening the image file at all to the >> latest possible point to avoid that new problems of this kind are >> introduced. Ideally, opening the image would be the very last thing we >> do before telling the migration source that we're set and it should >> close the images. >> > > There's a lot of possible failure scenarios that opening an image file > can introduce. Fortunately, I don't think we have a strict requirement > for it provided that we make a couple of reasonable changes. > >> Even better would be to only open the image when the source has already >> closed it (we could completely avoid the invalidation/reopen then), but >> I think you were afraid that we might lose the image on both ends. >> > > Yeah, one of the key design points of live migration is to minimize the > number of failure scenarios where you lose a VM. If someone typed the > wrong command line or shared storage hasn't been mounted yet and we > delay failure until live migration is in the critical path, that would > be terribly unfortunate. We would catch most of them if we try to open the image when migration starts and immediately close it again until migration is (almost) completed, so that no other code can possibly use it before the source has really closed it. Kevin