From: Walid Nouri <walid.nouri@gmail.com>
To: Stefan Hajnoczi <stefanha@gmail.com>
Cc: kwolf@redhat.com, eddie.dong@intel.com,
"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
"Michael R. Hines" <mrhines@linux.vnet.ibm.com>,
qemu-devel@nongnu.org, Stefan Hajnoczi <stefanha@redhat.com>,
Paolo Bonzini <pbonzini@redhat.com>,
yanghy@cn.fujitsu.com
Subject: Re: [Qemu-devel] Microcheckpointing: Memory-VCPU / Disk State consistency
Date: Thu, 25 Sep 2014 18:06:31 +0200 [thread overview]
Message-ID: <54243D87.4030909@gmail.com> (raw)
In-Reply-To: <20140924084732.GB21137@stefanha-thinkpad.redhat.com>
Am 24.09.2014 10:47, schrieb Stefan Hajnoczi:
> I think the assumption with drive-mirror is that you throw away the
> destination image if something fails. That's the exact opposite of MC
> where we want to fail over to the destination :).
This was not obivous for me...
> Here is one example of a mechanism like this:
>
> QEMU has a block job called drive-backup which copies sectors that are
> about to be overwritten to an external file. Once the data has been
> copied into the external file, the sectors in the original image file
> can be overwritten safely.
>
> The Secondary runs drive-backup so that writes coming from the Primary
> stash rollback data into an external qcow2 file. When the Primary
> wishes to commit we drop the qcow2 rollback file since we no longer need
> the ability to roll back - this is cheap and not a lot of I/O needs to
> be performed for the commit operation.
>
> If the Secondary needs to take over it can use the rollback qcow2 file
> as its disk image and the guest will see the state of the disk at the
> last commit point. The sectors that were modified since commit in the
> original image file are covered by the data in the rollback qcow2 file.
>
> There are a bunch of details on making this efficient but in principle
> this approach makes both commit and rollback fairly lightweight.
>
Until yesterday I’ve seen backup as mechanism that makes a point in time
snapshot of a block device and saves the contents of that snapshot to an
other block device. Your proposal is a new interpretation of backup :-)
I must admit that I had to think twice to get an idea what your point is.
I don’t know if I have understood all aspects of your proposal as my
mental model of a possible architecture is not quite clear yet.
I will try to summarize in “MC-words” what I have understood:
The general Idea is to use drive-backup to get a consistent snapshot of
a mirrored block device on the secondary for a given period of time I
will call it epoch(n) and snapshot(n).
As a starting point we need to block-devices with exact the same state
on primary and secondary. In other word there must be an exact copy of
the primary image on the secondary.
In epoche(n) the primary mirror its writes to the image file of
secondary. This leads to a continuous stream of updated blocks to the
image of the secondary.
In parallel the secondary use drive-backup to get a rollback-snapshot(n)
its own image file for each running epoche.
At the beginning of epoche(n+1) we start a (new) rollback-snapshot(n+1)
and keep rollback-snapshot(n).
When in normal operation we drop rollback-snapshot(n) when epoche(n+1)
is successfully completed.
In case of a failure in epoche(n+1) we make a fail over and use
rollback-snapshot(n) to get back the consistent block device state of
epoche(n)
Is this your idea?
Does this procedure guaranty the block-device semantics of the primary?
Walid
next prev parent reply other threads:[~2014-09-25 16:06 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <53D8FF52.9000104@gmail.com>
[not found] ` <1406820870.2680.3.camel@usa>
[not found] ` <53DBE726.4050102@gmail.com>
[not found] ` <1406947532.2680.11.camel@usa>
[not found] ` <53E0AA60.9030404@gmail.com>
[not found] ` <1407376929.21497.2.camel@usa>
[not found] ` <53E60F34.1070607@gmail.com>
[not found] ` <1407587152.24027.5.camel@usa>
2014-08-11 17:22 ` [Qemu-devel] Microcheckpointing: Memory-VCPU / Disk State consistency Walid Nouri
2014-08-11 20:15 ` Michael R. Hines
2014-08-17 9:52 ` Paolo Bonzini
2014-08-19 8:58 ` Walid Nouri
2014-09-10 15:43 ` Walid Nouri
2014-09-11 1:50 ` Michael R. Hines
2014-09-12 1:34 ` Hongyang Yang
2014-09-11 7:27 ` Paolo Bonzini
2014-09-11 17:44 ` Dr. David Alan Gilbert
2014-09-11 22:08 ` Walid Nouri
2014-09-12 1:24 ` Hongyang Yang
2014-09-12 11:07 ` Stefan Hajnoczi
2014-09-17 20:53 ` Walid Nouri
2014-09-18 13:56 ` Stefan Hajnoczi
2014-09-23 16:36 ` Walid Nouri
2014-09-24 8:47 ` Stefan Hajnoczi
2014-09-25 16:06 ` Walid Nouri [this message]
2014-08-11 20:15 ` Michael R. Hines
2014-08-13 14:03 ` Walid Nouri
2014-08-13 22:28 ` Michael R. Hines
2014-08-14 10:58 ` Dr. David Alan Gilbert
2014-08-14 17:23 ` Michael R. Hines
2014-08-19 8:33 ` Walid Nouri
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54243D87.4030909@gmail.com \
--to=walid.nouri@gmail.com \
--cc=dgilbert@redhat.com \
--cc=eddie.dong@intel.com \
--cc=kwolf@redhat.com \
--cc=mrhines@linux.vnet.ibm.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@gmail.com \
--cc=stefanha@redhat.com \
--cc=yanghy@cn.fujitsu.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).