Le 20/02/2017 09:41, Jay Pipes a écrit :
On 02/18/2017 01:46 PM, Matt Riedemann wrote:
I haven't fully dug into testing this, but I got wondering about this
question from reviewing a change  which would make the unshelve
operation start to check the volume AZ compared to the instance AZ when
the compute manager calls prepblock_device.
That change is attempting to remove the check_attach() method in
nova.volume.cinder.API since it's mostly redundant with state checks
that Cinder does when reserving the volume. The only other thing that
Nova does in there right now is compare the AZs.
What I'm wondering is, with that change, will things break because of a
scenario like this:
- Create volume in AZ 1.
- Create server in AZ 1.
- Attach volume to server (or boot server from volume in step 2).
- Shelve (offload) server.
- Unshelve server - nova-scheduler puts it into AZ 2.
- prepblock_device compares instance AZ 2 to volume AZ 1 and unshelve
fails with InvalidVolume.
If unshelving a server in AZ 1 can't move it outside of AZ 1, then we're
fine and the AZ check when unshelving is redundant but harmless.
When an instance is unshelved, the unshelveinstance() RPC API method is
passed a RequestSpec object as the requestspec parameter:
This request spec object is passed to schedule_instances():
(you will note that the code directly above there "resets force_hosts"
parameters, ostensibly to prevent any forced destination host from being
passed to the scheduler)
The question is: does the above request spec contain availability zone
information for the original instance? If it does, we're good. If it
doesn't, we can get into the problem described above.
From what I can tell (and Sylvain might be the best person to answer
this, thus his cc'ing), the availability zone is always stored in the
request spec for an instance:
Which means that upon unshelving after a shelve_offload, we will always
pass the scheduler the original AZ.
Sylvain, do you concur?
tl;dr: Exactly this, it's not possible since Mitaka to unshelve on a
different AZ if you have the AZFilter enabled.
Exactly this. If the instance was booted using a specific AZ flag, then :
#1 the instance.az field is set to something different from a conf opt
and #2 the attached RequestSpec is getting the AZ field set
Both are persisted later in the conductor.
Now, say this instance is shelved/unshelved, then we get the original
RequestSpec at the API level
That's how the above conductor method you provided is getting the Spec
passed as argument.
Later, when the call is made to the scheduler, if the AZFilter is
enabled, it goes verifying that spec_obj.az field against the compute AZ
and refuses to accept the host if the AZ is different.
One side note tho, if the instance is not specified with a AZ, then of
course it can be unshelved on a compute not in the same AZ, since the
user didn't explicitly asked to stick with an AZ.