From: NeilBrown <neilb@suse.com>
To: "J. Bruce Fields" <bfields@fieldses.org>
Cc: Steve Dickson <SteveD@redhat.com>,
Linux NFS Mailing list <linux-nfs@vger.kernel.org>
Subject: Re: [PATCH 3/8] mountd: remove 'dev_missing' checks
Date: Wed, 20 Jul 2016 08:50:12 +1000 [thread overview]
Message-ID: <878twx9ra3.fsf@notabene.neil.brown.name> (raw)
In-Reply-To: <20160718200121.GC12304@fieldses.org>
[-- Attachment #1: Type: text/plain, Size: 3003 bytes --]
On Tue, Jul 19 2016, J. Bruce Fields wrote:
> On Thu, Jul 14, 2016 at 12:26:43PM +1000, NeilBrown wrote:
>> I now think this was a mistaken idea.
>>
>> If a filesystem is exported with the "mountpoint" or "mp" option, it
>> should only be exported if the directory is a mount point. The
>> intention is that if there is a problem with one filesystem on a
>> server, the others can still be exported, but clients won't
>> incorrectly see the empty directory on the parent when accessing the
>> missing filesystem, they will see clearly that the filesystem is
>> missing.
>>
>> It is easy to handle this correctly for NFSv3 MOUNT requests, but what
>> is the correct behavior if a client already has the filesystem mounted
>> and so has a filehandle? Maybe the server rebooted and came back with
>> one device missing. What should the client see?
>>
>> The "dev_missing" code tries to detect this case and causes the server
>> to respond with silence rather than ESTALE. The idea was that the
>> client would retry and when (or if) the filesystem came back, service
>> would be transparently restored.
>>
>> The problem with this is that arbitrarily long delays are not what
>> people would expect, and can be quite annoying. ESTALE, while
>> unpleasant, it at least easily understood. A device disappearing is a
>> fairly significant event and hiding it doesn't really serve anyone.
>
> It could also be a filesystem disappearing because it failed to mount in
> time on a reboot.
I don't think "in time" is really an issue. Boot sequencing should not
start nfsd until everything in /etc/fstab is mounted, has failed and the
failure has been deemed acceptable.
That is why nfs-server.services has "After= local-fs.target"
>
>> So: remove the code and allow ESTALE.
>
> I'm not completely sure I understand the justification.
"hangs are bad".
When you cannot get a reply from the NFS server there are multiple
possible causes from temporary network glitch to server-is-dead.
You cannot reliably differentiate, so you have to just wait.
There server itself doesn't have the same uncertainty about its exported
filesystems. They are either working or they aren't.
So it is possible, and I think reasonable, to send a more definitive
reply - ESTALE.
This particularly became an issues with NFSv4.
With NFSv3, mounting the filesystem is distinct from accessing it.
So it was easy to fail a mount request but delay an access request.
With NFSv4 we don't have that distinction. If we make accesses wait,
then we make mount attempts wait too, which isn't at all friendly.
>
> I don't like the current behavior either--I'd be happy if we could
> deprecate "mountpoint" entirely--but changing it now would seem to risk
> regressions if anyone depends on it.
True. There isn't really an easy solution there.
"mountpoint" seemed like a good idea when I wrote it. But I never got
any proper peer review.
Thanks,
NeilBrown
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 818 bytes --]
next prev parent reply other threads:[~2016-07-19 22:50 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-14 2:26 [PATCH 0/8] Assorted mount-related nfs-utils patches NeilBrown
2016-07-14 2:26 ` [PATCH 3/8] mountd: remove 'dev_missing' checks NeilBrown
2016-07-18 20:01 ` J. Bruce Fields
2016-07-19 22:50 ` NeilBrown [this message]
2016-07-21 17:24 ` J. Bruce Fields
2016-08-11 2:51 ` NeilBrown
2016-08-16 15:21 ` J. Bruce Fields
2016-08-18 1:32 ` NeilBrown
2016-08-18 2:57 ` Chuck Lever
2016-08-19 1:31 ` NeilBrown
2016-08-18 13:57 ` J. Bruce Fields
2016-08-19 1:28 ` NeilBrown
2016-08-19 17:27 ` J. Bruce Fields
2016-07-14 2:26 ` [PATCH 6/8] mountd: don't add paths to non-mounted export points to pseudo-root NeilBrown
2016-07-18 20:32 ` J. Bruce Fields
2016-07-19 8:00 ` Chuck Lever
2016-07-19 22:59 ` NeilBrown
2016-07-21 17:33 ` J. Bruce Fields
2016-07-25 7:22 ` NeilBrown
2016-07-28 20:54 ` J. Bruce Fields
2016-07-14 2:26 ` [PATCH 4/8] mountd: cause attempts to access unmounted exportpoints to return ESTALE NeilBrown
2016-07-14 2:26 ` [PATCH 2/8] mountd: remove the --exports-file option NeilBrown
2016-07-18 16:19 ` J. Bruce Fields
2016-07-14 2:26 ` [PATCH 1/8] nfs.man: clarify effect of 'retry' option NeilBrown
2016-07-14 2:26 ` [PATCH 5/8] mountd: Don't export unmounted exports to NFSv4 NeilBrown
2016-07-14 2:26 ` [PATCH 7/8] mount: don't treat temporary name resolution failure as permanent NeilBrown
2016-07-19 23:01 ` NeilBrown
2016-07-14 2:26 ` [PATCH 8/8] mount: use a public address for IPv6 callback NeilBrown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=878twx9ra3.fsf@notabene.neil.brown.name \
--to=neilb@suse.com \
--cc=SteveD@redhat.com \
--cc=bfields@fieldses.org \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.