ceph: add cephfs mirroring support#7062
Conversation
a5ba3a8 to
d82e932
Compare
| kubectl create -f cluster/examples/kubernetes/ceph/csi/cephfs/storageclass.yaml | ||
| ``` | ||
|
|
||
| ## Mirroring |
There was a problem hiding this comment.
Why do we have both the mirror.enabled flag and the CRD? I don't see why we need both.
There was a problem hiding this comment.
The CRD deploys the cephfs-mirror daemon, the CephFilesystem setting, turns on mirroring on that filesystem.
There was a problem hiding this comment.
will this enable mirroring of complete filesystem by default? do we have an option to enable per subvolume not per filesystem like we do for RBD?
There was a problem hiding this comment.
Yes, but just like rbd-mirroring must be first enabled on the pool and then per-image, we have to enable the mirroring on the fs and then we can do snapshot per-directory using subcommand like: ceph fs snapshot mirror add <fs> <path>.
Documentation/ceph-fs-mirror-crd.md
Outdated
| @@ -0,0 +1,46 @@ | |||
| --- | |||
| title: FilesystemMirror CRD | |||
| weight: 3500 | |||
There was a problem hiding this comment.
This weight should put it after the rbd mirroring doc in the TOC
| weight: 3500 | |
| weight: 3600 |
Documentation/ceph-fs-mirror-crd.md
Outdated
|
|
||
| # Ceph FilesystemMirror CRD | ||
|
|
||
| Rook allows creation and updating fs-mirror daemon through the custom resource definitions (CRDs). |
There was a problem hiding this comment.
| Rook allows creation and updating fs-mirror daemon through the custom resource definitions (CRDs). | |
| Rook allows creation and updating the fs-mirror daemon through the custom resource definitions (CRDs). |
| metadata: | ||
| name: my-fs-mirror | ||
| namespace: rook-ceph | ||
| ``` |
There was a problem hiding this comment.
Are there no settings like the number of mirroring daemons to start? Or is only a single daemon supported?
There was a problem hiding this comment.
I didn't add a count since the doc says: Multiple mirror daemons is currently untested. Only a single mirror daemon is recommended..
We can always add it later.
There was a problem hiding this comment.
do we need to pass some tokens which contain remote information that the mirroring daemon will connect to?
There was a problem hiding this comment.
Yes, but this is coming in another PR, I'm waiting for ceph/ceph#39050 to merge so I can start the implementation.
| # - key: role | ||
| # operator: In | ||
| # values: | ||
| # - rgw-node |
There was a problem hiding this comment.
| # - rgw-node | |
| # - cephfs-mirror |
| } | ||
|
|
||
| // Enable mirroring if needed | ||
| if r.clusterInfo.CephVersion.IsAtLeastPacific() { |
There was a problem hiding this comment.
Shouldn't this be done by the new cephfs mirroring controller? I must be missing why we need the mirroring.enabled setting in the filesystem since we have the separate CRD.
There was a problem hiding this comment.
The CRD deploys the cephfs-mirror daemon, the CephFilesystem setting, turns on mirroring on that filesystem. So let's imagine we have multiple CephFilesystem deployed, we don't want all of them to be mirrored, that's why I'm basing the decision out of the CephFilesystem CRD and the CephFilesystemMirror CRD, which goal is to only deploy the cephfs-mirror at the moment. Later it will add/remove peers once available in Ceph.
There was a problem hiding this comment.
I don't see anything specific to this filesystem being enabled, I only see a merge module being enabled. Is there another setting coming that will be specific to the filesystem?
There was a problem hiding this comment.
Since enabling the module only needs to happen once for the entire cluster, this still seems like it belongs with the singleton mirroring CR instead of being enabled as a property on the filesystem. Why not enable the module with the mirroring CR, and get rid of the filesystem CR setting? With rbd mirroring there is a pool-specific setting so it makes sense to have the boolean on the pool CR. But if there is no filesystem-specific setting for mirroring, I don't see why a bool is needed on the filesystem CR.
There was a problem hiding this comment.
You don't see anything specific to the fs because I'm waiting for ceph/ceph#39050 to merge so I can turn on mirroring for the fs. Now, we just enable the mirroring module. Anyway, we will always need the fs setting to turn on mirroring.
Honestly, I have no preference, I can move this cephclient.MgrEnableModule to the CephFilesysteMirror CRD. Either way, we will have to enable it.
What do you think?
Hope that clarifies.
There was a problem hiding this comment.
Got it, this is basically a placeholder for the per-filesystem setting that will come later.
Whether to enable the merge module sounds fine to keep here, as discussed it could go either here or with the mirroring CR.
| Since Ceph Pacific, CephFS supports asynchronous replication of snapshots to a remote CephFS file system via cephfs-mirror tool. Snapshots are synchronized by mirroring snapshot data followed by creating a snapshot with the same name (for a given directory on the remote file system) as the snapshot being synchronized. | ||
| It is generally useful when planning for Disaster Recovery. | ||
| For clusters that are geographically distributed and stretching is not possible due to high latencies. | ||
|
|
There was a problem hiding this comment.
How do you setup the peer? Still working on that?
| kubectl create -f cluster/examples/kubernetes/ceph/csi/cephfs/storageclass.yaml | ||
| ``` | ||
|
|
||
| ## Mirroring |
There was a problem hiding this comment.
will this enable mirroring of complete filesystem by default? do we have an option to enable per subvolume not per filesystem like we do for RBD?
Documentation/ceph-fs-mirror-crd.md
Outdated
| # Ceph FilesystemMirror CRD | ||
|
|
||
| Rook allows creation and updating fs-mirror daemon through the custom resource definitions (CRDs). | ||
| CephFS images can be asynchronously mirrored between two Ceph clusters. |
There was a problem hiding this comment.
CephFS images or filesystem or even subvolumes?
There was a problem hiding this comment.
I should remove this line, only the following sentences are relevant.
| metadata: | ||
| name: my-fs-mirror | ||
| namespace: rook-ceph | ||
| ``` |
There was a problem hiding this comment.
do we need to pass some tokens which contain remote information that the mirroring daemon will connect to?
|
This pull request has merge conflicts that must be resolved before it can be merged. @leseb please rebase it. https://rook.io/docs/rook/master/development-flow.html#updating-your-fork |
With Ceph Pacific, Rook can now deploy the cephfs-mirror daemon. This initial commit covers the deployment of a single daemon only. Multiple mirror daemons is currently untested. Only a single mirror daemon is recommended. The configuration of peers will come in a later PR since the mgr module is still pending upstream: ceph/ceph#39050 The same goes for integration tests, they will get added later once we start testing on Pacific. Closes: rook#7002 Signed-off-by: Sébastien Han <seb@redhat.com>
| return errors.Wrapf(err, "failed to get controller %q owner reference", filesystemMirror.Name) | ||
| } | ||
|
|
||
| daemonID := k8sutil.IndexToName(0) |
There was a problem hiding this comment.
Only a single mirroring configuration is allowed per rook cluster, right? Do we need to prevent multiple mirroring CRs from being created? (similar to how we only allow a single CephCluster CR in a namespace)
There was a problem hiding this comment.
Only a single mirroring configuration is allowed per rook cluster, right?
No, it's per filesystem.
Do we need to prevent multiple mirroring CRs from being created? (similar to how we only allow a single CephCluster CR in a namespace)
Not really since we support multiple fs.
There was a problem hiding this comment.
Per discussion, agreed that only a single mirroring CR is supported, but no need for extra restrictions since we expect users to follow the docs and examples.
| } | ||
|
|
||
| // Enable mirroring if needed | ||
| if r.clusterInfo.CephVersion.IsAtLeastPacific() { |
There was a problem hiding this comment.
Since enabling the module only needs to happen once for the entire cluster, this still seems like it belongs with the singleton mirroring CR instead of being enabled as a property on the filesystem. Why not enable the module with the mirroring CR, and get rid of the filesystem CR setting? With rbd mirroring there is a pool-specific setting so it makes sense to have the boolean on the pool CR. But if there is no filesystem-specific setting for mirroring, I don't see why a bool is needed on the filesystem CR.
| } | ||
|
|
||
| // Enable mirroring if needed | ||
| if r.clusterInfo.CephVersion.IsAtLeastPacific() { |
There was a problem hiding this comment.
Got it, this is basically a placeholder for the per-filesystem setting that will come later.
Whether to enable the merge module sounds fine to keep here, as discussed it could go either here or with the mirroring CR.
| return errors.Wrapf(err, "failed to get controller %q owner reference", filesystemMirror.Name) | ||
| } | ||
|
|
||
| daemonID := k8sutil.IndexToName(0) |
There was a problem hiding this comment.
Per discussion, agreed that only a single mirroring CR is supported, but no need for extra restrictions since we expect users to follow the docs and examples.
Description of your changes:
With Ceph Pacific, Rook can now deploy the cephfs-mirror daemon.
This initial commit covers the deployment of a single daemon only.
Multiple mirror daemons is currently untested.
Only a single mirror daemon is recommended.
The configuration of peers will come in a later PR since the mgr module
is still pending upstream: ceph/ceph#39050
The same goes for integration tests, they will get added later once we
start testing on Pacific.
Closes: #7002
Signed-off-by: Sébastien Han seb@redhat.com
Which issue is resolved by this Pull Request:
Resolves #
Checklist:
make codegen) has been run to update object specifications, if necessary.