* Fix volume snapshot of encrypted NFS/StorPool volume * remove comments * removed invoking the real qemu convert command * fix UnsatisfiedLink error in unit tests * addressed comments extracted method
StorPool CloudStack Integration
CloudStack Overview
Primary and Secondary storage
Primary storage is associated with a cluster or zone, and it stores the virtual disks for all the VMs running on hosts in that cluster/zone.
Secondary storage stores the following:
- Templates — OS images that can be used to boot VMs and can include additional configuration information, such as installed applications
- ISO images — disc images containing data or bootable media for operating systems
- Disk volume snapshots — saved copies of VM data which can be used for data recovery or to create new templates
ROOT and DATA volumes
ROOT volumes correspond to the boot disk of a VM. They are created automatically by CloudStack during VM creation. ROOT volumes are created based on a system disk offering, corresponding to the service offering the user VM is based on. We may change the ROOT volume disk offering but only to another system created disk offering.
DATA volumes correspond to additional disks. These can be created by users and then attached/detached to VMs. DATA volumes are created based on a user-defined disk offering.
Plugin Organization
The StorPool plugin consists of two parts:
KVM hypervisor plugin patch
Source directory: ./apache-cloudstack-4.17-src/plugins/hypervisors/kvm
StorPool primary storage plugin
Source directory: ./apache-cloudstack-4.17.0-src/plugins/storage/volume
There is one plugin for both the CloudStack management and agents, in the hope that having all the source in one place will ease development and maintenance. The plugin itself though is separated into two mainly independent parts:
- ./src/com/... directory tree: agent related classes and commands send from management to agent
- ./src/org/... directory tree: management related classes
The plugin is intended to be self contained and non-intrusive, thus ideally deploying it would consist of only dropping the jar file into the appropriate places. This is the reason why all StorPool related communication (ex. data copying, volume resize) is done with StorPool specific commands even when there is a CloudStack command that does pretty much the same.
Note that for the present the StorPool plugin may only be used for a single primary storage cluster; support for multiple clusters is planned.
Build, Install, Setup
Build
Go to the source directory and run:
mvn -Pdeveloper -DskipTests install
The resulting jar file is located in the target/ subdirectory.
Note: checkstyle errors: before compilation a code style check is performed; if this fails compilation is aborted. In short: no trailing whitespace, indent using 4 spaces, not tabs, comment-out or remove unused imports.
Note: Need to build both the KVM plugin and the StorPool plugin proper.
Install
StorPool primary storage plugin
For each CloudStack management host:
scp ./target/cloud-plugin-storage-volume-storpool-{version}.jar {MGMT_HOST}:/usr/share/cloudstack-management/lib/
For each CloudStack agent host:
scp ./target/cloud-plugin-storage-volume-storpool-{version}.jar {AGENT_HOST}:/usr/share/cloudstack-agent/plugins/
Note: CloudStack managements/agents services must be restarted after adding the plugin to the respective directories
Note: Agents should have access to the StorPool management API, since attach and detach operations happens on the agent. This is a CloudStack design issue, can't do much about it.
Setup
Setting up StorPool
Perform the StorPool installation following the StorPool Installation Guide.
Create a template to be used by CloudStack. Must set placeHead, placeAll, placeTail and replication. No need to set default volume size because it is determined by the CloudStack disks and services offering.
Setting up a StorPool PRIMARY storage pool in CloudStack
From the WEB UI, go to Infrastructure -> Primary Storage -> Add Primary Storage
Scope: select Zone-Wide Hypervisor: select KVM Zone: pick appropriate zone. Name: user specified name
Protocol: select SharedMountPoint Path: enter /dev/storpool (required argument, actually not needed in practice).
Provider: select StorPool Managed: leave unchecked (currently ignored) Capacity Bytes: used for accounting purposes only. May be more or less than the actual StorPool template capacity. Capacity IOPS: currently not used (may use for max IOPS limitations on volumes from this pool). URL: enter SP_API_HTTP=address:port;SP_AUTH_TOKEN=token;SP_TEMPLATE=template_name. At present one template can be used for at most one Storage Pool.
SP_API_HTTP - address of StorPool Api SP_AUTH_TOKEN - StorPool's token SP_TEMPLATE - name of StorPool's template
NOTE: You can use the alternative format option for the URL - storpool://{SP_AUTH_TOKEN}@{SP_API_HTTP}:{SP_API_HTTP_PORT}/{SP_TEMPLATE}
Storage Tags: If left blank, the StorPool storage plugin will use the pool name to create a corresponding storage tag. This storage tag may be used later, when defining service or disk offerings.
Plugin Functionality
| Plugin Action | CloudStack Action | management/agent | impl. details | 
|---|---|---|---|
| Create ROOT volume from ISO | create VM from ISO | management | createVolumeAsync | 
| Create ROOT volume from Template | create VM from Template | management + agent | copyAsync (T => T, T => V) | 
| Create DATA volume | create Volume | management | createVolumeAsync | 
| Attach ROOT/DATA volume | start VM (+attach/detach Volume) | agent | connectPhysicalDisk | 
| Detach ROOT/DATA volume | stop VM | agent | disconnectPhysicalDiskByPath | 
| Migrate VM | agent | attach + detach | |
| Delete ROOT volume | destroy VM (expunge) | management | deleteAsync | 
| Delete DATA volume | delete Volume (detached) | management | deleteAsync | 
| Create ROOT/DATA volume snapshot | snapshot volume | management + agent | takeSnapshot + copyAsync (S => S) | 
| Create volume from snapshoot | create volume from snapshot | management + agent(?) | copyAsync (S => V) | 
| Create TEMPLATE from ROOT volume | create template from volume | management + agent | copyAsync (V => T) | 
| Create TEMPLATE from snapshot | create template from snapshot | SECONDARY STORAGE | |
| Download volume | download volume | management + agent | copyAsync (V => V) | 
| Revert ROOT/DATA volume to snapshot | revert to snapshot | management | revertSnapshot | 
| (Live) resize ROOT/DATA volume | resize volume | management + agent | resize + StorpoolResizeCmd | 
| Delete SNAPSHOT (ROOT/DATA) | delete snapshot | management | StorpoolSnapshotStrategy | 
| Delete TEMPLATE | delete template | agent | deletePhysicalDisk | 
| migrate VM/volume | migrate VM/volume to another storage | management/management + agent | copyAsync (V => V) | 
| VM snapshot | group snapshot of VM's disks | management | StorpoolVMSnapshotStrategy takeVMSnapshot | 
| revert VM snapshot | revert group snapshot of VM's disks | management | StorpoolVMSnapshotStrategy revertVMSnapshot | 
| delete VM snapshot | delete group snapshot of VM's disks | management | StorpoolVMSnapshotStrategy deleteVMSnapshot | 
| VM vc_policy tag | vc_policy tag for all disks attached to VM | management | StorPoolCreateTagsCmd | 
| delete VM vc_policy tag | remove vc_policy tag for all disks attached to VM | management | StorPoolDeleteTagsCmd | 
NOTE: When using multicluster for each CloudStack cluster in its settings set the value of StorPool's SP_CLUSTER_ID in "sp.cluster.id".
NOTE: Secondary storage could be bypassed with Configuration setting "sp.bypass.secondary.storage" set to true.
In this case only snapshots won't be downloaded to secondary storage.
Creating template from snapshot
If bypass option is enabled
The snapshot exists only on PRIMARY (StorPool) storage. From this snapshot it will be created a template on SECONADRY.
If bypass option is disabled
TODO: Maybe we should not use CloudStack functionality, and to use that one when bypass option is enabled
This is independent of StorPool as snapshots exist on secondary.
Creating ROOT volume from templates
When creating the first volume based on the given template, if snapshot of the template does not exists on StorPool it will be first downloaded (cached) to PRIMARY storage. This is mapped to a StorPool snapshot so, creating succecutive volumes from the same template does not incur additional copying of data to PRIMARY storage.
This cached snapshot is garbage collected when the original template is deleted from CloudStack. This cleanup is done by a background task in CloudStack.
Creating a ROOT volume from an ISO image
We just need to create the volume. The ISO installation is handled by CloudStack.
Creating a DATA volume
DATA volumes are created by CloudStack the first time it is attached to a VM.
Creating volume from snapshot
We use the fact that the snapshot already exists on PRIMARY, so no data is copied. We will copy snapshots from SECONDARY to StorPool PRIMARY, when there is no corresponding StorPool snapshot.
Resizing volumes
We need to send a resize cmd to agent, where the VM the volume is attached to is running, so that the resize is visible by the VM.
Creating snapshots
The snapshot is first created on the PRIMARY storage (i.e. StorPool), then backed-up on SECONDARY storage (tested with NFS secondary) if bypass option is not enabled. The original StorPool snapshot is kept, so that creating volumes from the snapshot does not need to copy the data again to PRIMARY. When the snapshot is deleted from CloudStack so is the corresponding StorPool snapshot.
Currently snapshots are taken in RAW format.
Reverting volume to snapshot
It's handled by StorPool
Migrating volumes to other Storage pools
Tested with storage pools on NFS only.
Virtual Machine Snapshot/Group Snapshot
StorPool supports consistent snapshots of volumes attached to a virtual machine.
BW/IOPS limitations
Max IOPS are kept in StorPool's volumes with the help of custom service offerings, by adding IOPS limits to the corresponding system disk offering.
CloudStack has no way to specify max BW. Do they want to be able to specify max BW only is sufficient.
Supported operations for Volume encryption
Supported Virtual machine operations - live migration of VM to another host, virtual machine snapshots (group snapshot without memory), revert VM snapshot, delete VM snapshot
Supported Volume operations - attach/detach volume, live migrate volume between two StorPool primary storages, volume snapshot, delete snapshot, revert snapshot
Note: volume snapshot are allowed only when sp.bypass.secondary.storage is set to true. This means that the snapshots are not backed up to secondary storage