Bug Reference

Branch

master, 4.6

Introduction

CloudStack administrator may want to disable a storage pool from being used for provisioning of volumes. Virtual machines with volumes on a disabled storage pool  will continue to run. However, no new volumes will get placed on the disabled storage pool. This may be needed for variety of reasons; for example to guarantee certain iops for volumes on a storage.

Purpose

This document describes the specification and design of the feature

References

NA

Document History

AuthorCommentsDate
DevdeepInitial Draft16th March 2015

Glossary

  •  Storage Pool - primary storage on which volumes; whether root or data are placed.

Feature Specification

CloudStack administrator can disable a storage pool from being used for provisioning of new volumes. Currently if you put a primary storage pool in maintenance mode, the user vms on it are stopped and system and router vms are stopped and restarted with the volumes on another storage pool. If a administrator wants to keep the virtual machines with volumes on storage pool running an make sure no new volumes are provisioned on it, it is currently not possible. This feature will allow the administrator to do that.

The behavior of a disabled storage pool will be as follows.

  • Any virtual machine with volumes on the disabled storage pool will continue to run.
  • A new volumes; root or data; will not be provisioned on a disabled storage pool.
  • A virtual machine is in stopped state and its volume is on a disabled storage pool. When the virtual machine is started, it's volumes will not be moved/migrated to another pool.
  • A disabled storage pool will not be picked up as a possible destination for a migrating a volume.
  • A volume on a disabled storage pool can be migrated to another up/enabled storage pool.
  • A volume cannot be live storage migrated (XenServer storage motion/VmWare vMotion) to another disabled storage pool.
  • During HA, only the vm is started on another host. The volume stays on the storage pool. When a virtual machine is HA'ed, if the volume of the VM is on a disabled storage pool, the VM will be started on another host but the volume will continue to reside on the disabled storage pool.
  • All kind of storage pools can be disabled, that local, cluster or zone wide storage pool.
Unsupported scenarios

NA

Open Items

Their are currently no open items/issues. Another approach was considered for disabling a storage pool. A cloudstack administrator could add a tag 'disabled' to the storage pool. The storage pool allocators would not pick up a pool with the 'disabled' tag for provisioning of volume. However, this approach was dropped as cloudstack would still report the pool to be up/enabled and administrator would have to look up the tags to make sure whether the pool was actually enabled or not. Instead, it was decided to take implement 'Disabled' as a separate state of the storage pool.

Test Guidelines 
  • From UI and api disable a storage pool and verify that the state of the storage pool is reflected correctly. Enable it back and it should be in 'Up' state.
  • When a storage pool is disabled, the instances, system and router vm should continue to run on it.
  • No new volumes should be provisioned on a disabled storage pool. If a enabled storage pool isn't available then volume provisioning should fail.
  • While listing pools available for migrating a volume, a disabled storage pool should not be listed.
  • Migrating a volume to a disabled storage pool should fail.
  • Migrating a virtual machine with its volume to another host and storage pool, should not place the volumes on a disabled storage pool.
Supportability 
  • When a storage pool is disabled or enabled, the information will be logged in the logs as an INFO message. The pool id will also get logged.
  • A event will be raised whenever a pool is disabled/enabled.
  • A error message is logged whenever disabling or enabling the storage pool fails.
  • A storage pool in disabled state will have the entry 'Disabled' in the database in the storage_pool table > status field. A enabled/up storage pool have the status field value set to 'Up' in the storage_pool table.
Impact on upgrades

Their is no impact on upgrades. The state of the storage pool will be maintained on upgrades from prior version of cloudstack to this one.

Interoperability and compatability

The decision whether a primary storage pool should be picked for provisioning a volume are made at the orchestration layer. The feature is independent of the hypervisor and the changes made for this will be available to all hypervisor types and all types of storage pools.

Logging

If a storage pool is disabled and it isn't considered volume allocation, a INFO message will be logged that clearly states the pool was skipped as it was disabled.

User communities

Only a CloudStack root administrator can disable or enable a storage pool for provisioning.

Architecture and Design description

Alternate design considered

An alternate design was considered where a cloudstack administrator could add a reserve tag 'disabled' to the storage pool. The storage pool allocators would not pick up a pool with the 'disabled' tag for provisioning of volume. However, this approach was dropped as 

  • Cloudstack would still report the pool to be up.
  • The allocators would have to ignore pools based on a string/tag instead of the state.
  • This looked more like a hack.
  • Adding a new 'disabled' state to the storage pool state machine clearly reflects the purpose of the storage pool.
Storage pool state machine updates 
  • A new state 'Disabled' is being introduced for the primary storage pool.
  • Following new state transition are possible for a primary storage pool
    • Up - > Disabled
    • Disabled -> Up
  • A storage pool will still have be put in Maintenance mode before being removed.
Impact on virtual machine operations 
  • Volume allocation A new volume will never be allocated to a disabled storage pool. Only a Up/enabled storage pool will be picked for allocating a new volume. If a enabled pool isn't available, volume allocation/creation and/or instance deployment will fail
  • Resize Disk Resize of volumes is allowed for volumes which are already on storage pool. 
  • Restore Instance For a restored vm, if the storage pool is disabled, a new pool will be picked for allocating the volume.
  • Recover Instance Root volume of a destroyed VM will be recovered and placed on the same pool after it has been recovered. This holds true even for a disabled pool.
  • Instance HA During HA, only the vm is started on another host. The volume stays on the storage pool. When a virtual machine is HA'ed, if the volume of the VM is on a disabled storage pool, the VM will be started on another host but the volume will continue to reside on the disabled storage pool.
  • Snapshots Volume and virtual machine snapshots are allowed for volumes on a disabled pool
  • Migration of volumes
    • A volume cannot be migrated to a disabled pool
    • A volume on a disabled pool can be migrated out of it.
  • Deleting volumes and snapshots A volume on a disabled pool can be deleted and expunged. The capacity calculations will handle this.
Components affected 
  • The state machine of the primary storage pool is updated to include a new state 'Disabled'. A primary storage pool can be moved to this and out of it with the apis explained below.
  • The storage pool allocators have been updated to ignore the storage pool for provisioning if it is in disabled state.
  • The list storage pool for migration apis will not list disabled storage pools as destinations for volume migration.
Database changes

There are no database changes for this feature. A new state, 'Disabled',  for the primary storage pool has been introduced. The status field in the storage_pool table in the database will hold the state information for the primary storage pool.

Web Services APIs

  1. updateStoragePool - This is an existing api which is used to update the tags on a storage pool. This api will be updated with an optional parameter 'enabled' to enable or disable a storage pool. Following are the details of the new optional parameter.

    Parameter
    Type
    Optional/Required
    Comment
    enabledBooleanOptionalOptional parameter to enable or disable a storage pool. If the parameter isn't given, no action is taken and the pool continues to be whatever state it is in.

UI Flow

If a CloudStack administrator wants to disable a primary storage pool for provisioning of new volumes, she can follow the workflow as follows

  • From the administrative UI, select Infrastructure > Primary Storage > [Select the primary storage pool to be disabled]
  • Use the disable storage pool for provisioning button to disable it.
  • The storage pool can be enabled back by following the same workflow and using the enable storage pool button to enable it.

Note: UI screenshots will be updated here once it is available.

IP Clearance

Their are no dependencies on external libraries for this feature. IP Clearance isn't required.

Usage Impact

No new entities are being created for which usage will have to be calculated. Behavior of an existing entity; primary storage pool; is being updated to disable it for provisioning of new volumes. The usage of it will get reported as before and this feature will not have any usage impact.


  • No labels