[PATCH] qemu-nbd: Document benefit of --pid-file

Eric Blake posted 1 patch 2 weeks ago
Test FreeBSD passed
Test docker-mingw@fedora passed
Test asan passed
Test docker-quick@centos7 passed
Test checkpatch passed
Test docker-clang@ubuntu passed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20191007194840.29518-1-eblake@redhat.com
Maintainers: Eric Blake <eblake@redhat.com>
qemu-nbd.texi | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

[PATCH] qemu-nbd: Document benefit of --pid-file

Posted by Eric Blake 2 weeks ago
One benefit of --pid-file is that it is easier to probe the file
system to see if a pid file has been created than it is to probe if a
socket is available for connection. Document that this is an
intentional feature.

Signed-off-by: Eric Blake <eblake@redhat.com>
---
 qemu-nbd.texi | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/qemu-nbd.texi b/qemu-nbd.texi
index 7f55657722bd..d495bbe8a0ed 100644
--- a/qemu-nbd.texi
+++ b/qemu-nbd.texi
@@ -118,7 +118,8 @@ in list mode.
 @item --fork
 Fork off the server process and exit the parent once the server is running.
 @item --pid-file=PATH
-Store the server's process ID in the given file.
+Store the server's process ID in the given file.  The pid file is not
+created until after the server socket is open.
 @item --tls-authz=ID
 Specify the ID of a qauthz object previously created with the
 --object option. This will be used to authorize connecting users
-- 
2.21.0


Re: [PATCH] qemu-nbd: Document benefit of --pid-file

Posted by Daniel P. Berrangé 1 week ago
On Mon, Oct 07, 2019 at 02:48:40PM -0500, Eric Blake wrote:
> One benefit of --pid-file is that it is easier to probe the file
> system to see if a pid file has been created than it is to probe if a
> socket is available for connection. Document that this is an
> intentional feature.

I'm not seeing how checking the pid file is better than checking
the socket directly ? I think it is probably actually worse.

The main problem with the socket is that while we unlink on clean
shutdown, it may still exist in disk if the process has exitted
abnormally.

With the pidfile though we don't ever unlink it, even on clean
shutdown, as we don't use the pid files existance as a mutual
exclusion check. We instead acquire fcntl locks on it.

IOW the pidfile could exist already when qemu-nbd starts up and
will still exist when it quits.

> Signed-off-by: Eric Blake <eblake@redhat.com>
> ---
>  qemu-nbd.texi | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/qemu-nbd.texi b/qemu-nbd.texi
> index 7f55657722bd..d495bbe8a0ed 100644
> --- a/qemu-nbd.texi
> +++ b/qemu-nbd.texi
> @@ -118,7 +118,8 @@ in list mode.
>  @item --fork
>  Fork off the server process and exit the parent once the server is running.
>  @item --pid-file=PATH
> -Store the server's process ID in the given file.
> +Store the server's process ID in the given file.  The pid file is not
> +created until after the server socket is open.
>  @item --tls-authz=ID
>  Specify the ID of a qauthz object previously created with the
>  --object option. This will be used to authorize connecting users
> -- 
> 2.21.0
> 
> 

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [PATCH] qemu-nbd: Document benefit of --pid-file

Posted by Vladimir Sementsov-Ogievskiy 1 week ago
08.10.2019 12:24, Daniel P. Berrangé wrote:
> On Mon, Oct 07, 2019 at 02:48:40PM -0500, Eric Blake wrote:
>> One benefit of --pid-file is that it is easier to probe the file
>> system to see if a pid file has been created than it is to probe if a
>> socket is available for connection. Document that this is an
>> intentional feature.
> 
> I'm not seeing how checking the pid file is better than checking
> the socket directly ? I think it is probably actually worse.
> 
> The main problem with the socket is that while we unlink on clean
> shutdown, it may still exist in disk if the process has exitted
> abnormally.
> 
> With the pidfile though we don't ever unlink it, even on clean
> shutdown, as we don't use the pid files existance as a mutual
> exclusion check. We instead acquire fcntl locks on it.
> 
> IOW the pidfile could exist already when qemu-nbd starts up and
> will still exist when it quits.

Good point.

I was just a bit confused, because pid file is something unrelated to
socket, and why use one thing to check the existence of another, if we
can directly try to connect.

> 
>> Signed-off-by: Eric Blake <eblake@redhat.com>
>> ---
>>   qemu-nbd.texi | 3 ++-
>>   1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/qemu-nbd.texi b/qemu-nbd.texi
>> index 7f55657722bd..d495bbe8a0ed 100644
>> --- a/qemu-nbd.texi
>> +++ b/qemu-nbd.texi
>> @@ -118,7 +118,8 @@ in list mode.
>>   @item --fork
>>   Fork off the server process and exit the parent once the server is running.
>>   @item --pid-file=PATH
>> -Store the server's process ID in the given file.
>> +Store the server's process ID in the given file.  The pid file is not
>> +created until after the server socket is open.
>>   @item --tls-authz=ID
>>   Specify the ID of a qauthz object previously created with the
>>   --object option. This will be used to authorize connecting users
>> -- 
>> 2.21.0
>>
>>
> 
> Regards,
> Daniel
> 


-- 
Best regards,
Vladimir

Re: [PATCH] qemu-nbd: Document benefit of --pid-file

Posted by Eric Blake 1 week ago
On 10/8/19 4:40 AM, Vladimir Sementsov-Ogievskiy wrote:
> 08.10.2019 12:24, Daniel P. Berrangé wrote:
>> On Mon, Oct 07, 2019 at 02:48:40PM -0500, Eric Blake wrote:
>>> One benefit of --pid-file is that it is easier to probe the file
>>> system to see if a pid file has been created than it is to probe if a
>>> socket is available for connection. Document that this is an
>>> intentional feature.
>>
>> I'm not seeing how checking the pid file is better than checking
>> the socket directly ? I think it is probably actually worse.
>>
>> The main problem with the socket is that while we unlink on clean
>> shutdown, it may still exist in disk if the process has exitted
>> abnormally.
>>
>> With the pidfile though we don't ever unlink it, even on clean
>> shutdown, as we don't use the pid files existance as a mutual
>> exclusion check. We instead acquire fcntl locks on it.
>>
>> IOW the pidfile could exist already when qemu-nbd starts up and
>> will still exist when it quits.
> 
> Good point.
> 
> I was just a bit confused, because pid file is something unrelated to
> socket, and why use one thing to check the existence of another, if we
> can directly try to connect.

Consider the case of writing a testsuite that involves an nbd client, 
where you want to fire up qemu-nbd as the server.  Checking for a pid 
file in shell is easy, and can be done prior to the point of spawning a 
client.  Checking for a successful connect is harder - the shell is not 
the point that would actually connect, so checking if connect works 
involves the shell actually spawning off the child process that attempts 
the connect.  If the client itself has a retry builtin, then you don't 
need to do anything in shell - just spawn the client with retry (at 
which point, the client retrying on the connection is smarter than the 
client retrying on the pid file).  But pid files are immensely useful 
when you have a client that does not have builtin retry, and when 
writing a testing framework where you use shell to learn whether it is 
safe to spawn the client: rather than having to modify the client or 
write a shell loop that respawns child attempts, you merely need a shell 
loop probing for the pid file to exist.

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

Re: [PATCH] qemu-nbd: Document benefit of --pid-file

Posted by Daniel P. Berrangé 1 week ago
On Tue, Oct 08, 2019 at 08:28:16AM -0500, Eric Blake wrote:
> On 10/8/19 4:40 AM, Vladimir Sementsov-Ogievskiy wrote:
> > 08.10.2019 12:24, Daniel P. Berrangé wrote:
> > > On Mon, Oct 07, 2019 at 02:48:40PM -0500, Eric Blake wrote:
> > > > One benefit of --pid-file is that it is easier to probe the file
> > > > system to see if a pid file has been created than it is to probe if a
> > > > socket is available for connection. Document that this is an
> > > > intentional feature.
> > > 
> > > I'm not seeing how checking the pid file is better than checking
> > > the socket directly ? I think it is probably actually worse.
> > > 
> > > The main problem with the socket is that while we unlink on clean
> > > shutdown, it may still exist in disk if the process has exitted
> > > abnormally.
> > > 
> > > With the pidfile though we don't ever unlink it, even on clean
> > > shutdown, as we don't use the pid files existance as a mutual
> > > exclusion check. We instead acquire fcntl locks on it.
> > > 
> > > IOW the pidfile could exist already when qemu-nbd starts up and
> > > will still exist when it quits.
> > 
> > Good point.
> > 
> > I was just a bit confused, because pid file is something unrelated to
> > socket, and why use one thing to check the existence of another, if we
> > can directly try to connect.
> 
> Consider the case of writing a testsuite that involves an nbd client, where
> you want to fire up qemu-nbd as the server.  Checking for a pid file in
> shell is easy, and can be done prior to the point of spawning a client.
> Checking for a successful connect is harder - the shell is not the point
> that would actually connect, so checking if connect works involves the shell
> actually spawning off the child process that attempts the connect.  If the
> client itself has a retry builtin, then you don't need to do anything in
> shell - just spawn the client with retry (at which point, the client
> retrying on the connection is smarter than the client retrying on the pid
> file).  But pid files are immensely useful when you have a client that does
> not have builtin retry, and when writing a testing framework where you use
> shell to learn whether it is safe to spawn the client: rather than having to
> modify the client or write a shell loop that respawns child attempts, you
> merely need a shell loop probing for the pid file to exist.

We shouldn't need todo any of those tricks IIUC.  The --fork argument is
supposed to only let the parent process exit once the server is running.

IOW, if you run qemu-nbd --fork, in the foreground, then when execution
continues the sockets should be present & accepting connections. No need
to check for existance of any files or check connecting, etc.


Except that AFAICT, --fork isn't actually implemented with this semantics
in qemu-nbd. It looks like we only listen on the sockets after the parent
has already exited :-( Can we fix that to synchronize wrt socket listeners ?

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [PATCH] qemu-nbd: Document benefit of --pid-file

Posted by Vladimir Sementsov-Ogievskiy 1 week ago
08.10.2019 16:38, Daniel P. Berrangé wrote:
> On Tue, Oct 08, 2019 at 08:28:16AM -0500, Eric Blake wrote:
>> On 10/8/19 4:40 AM, Vladimir Sementsov-Ogievskiy wrote:
>>> 08.10.2019 12:24, Daniel P. Berrangé wrote:
>>>> On Mon, Oct 07, 2019 at 02:48:40PM -0500, Eric Blake wrote:
>>>>> One benefit of --pid-file is that it is easier to probe the file
>>>>> system to see if a pid file has been created than it is to probe if a
>>>>> socket is available for connection. Document that this is an
>>>>> intentional feature.
>>>>
>>>> I'm not seeing how checking the pid file is better than checking
>>>> the socket directly ? I think it is probably actually worse.
>>>>
>>>> The main problem with the socket is that while we unlink on clean
>>>> shutdown, it may still exist in disk if the process has exitted
>>>> abnormally.
>>>>
>>>> With the pidfile though we don't ever unlink it, even on clean
>>>> shutdown, as we don't use the pid files existance as a mutual
>>>> exclusion check. We instead acquire fcntl locks on it.
>>>>
>>>> IOW the pidfile could exist already when qemu-nbd starts up and
>>>> will still exist when it quits.
>>>
>>> Good point.
>>>
>>> I was just a bit confused, because pid file is something unrelated to
>>> socket, and why use one thing to check the existence of another, if we
>>> can directly try to connect.
>>
>> Consider the case of writing a testsuite that involves an nbd client, where
>> you want to fire up qemu-nbd as the server.  Checking for a pid file in
>> shell is easy, and can be done prior to the point of spawning a client.
>> Checking for a successful connect is harder - the shell is not the point
>> that would actually connect, so checking if connect works involves the shell
>> actually spawning off the child process that attempts the connect.  If the
>> client itself has a retry builtin, then you don't need to do anything in
>> shell - just spawn the client with retry (at which point, the client
>> retrying on the connection is smarter than the client retrying on the pid
>> file).  But pid files are immensely useful when you have a client that does
>> not have builtin retry, and when writing a testing framework where you use
>> shell to learn whether it is safe to spawn the client: rather than having to
>> modify the client or write a shell loop that respawns child attempts, you
>> merely need a shell loop probing for the pid file to exist.

I've already implemented loop of attempting to connect in my series (patch 4/3).
It's a bit more difficult to implement, but it's done. And it's a bit better,
as it test exactly what we want to test. Can we proceed with it?

> 
> We shouldn't need todo any of those tricks IIUC.  The --fork argument is
> supposed to only let the parent process exit once the server is running.
> 
> IOW, if you run qemu-nbd --fork, in the foreground, then when execution
> continues the sockets should be present & accepting connections. No need
> to check for existance of any files or check connecting, etc.
> 
> 
> Except that AFAICT, --fork isn't actually implemented with this semantics
> in qemu-nbd. It looks like we only listen on the sockets after the parent
> has already exited :-( Can we fix that to synchronize wrt socket listeners ?
> 
> Regards,
> Daniel
> 


-- 
Best regards,
Vladimir

Re: [PATCH] qemu-nbd: Document benefit of --pid-file

Posted by Eric Blake 1 week ago
On 10/8/19 8:53 AM, Vladimir Sementsov-Ogievskiy wrote:

> 
> I've already implemented loop of attempting to connect in my series (patch 4/3).
> It's a bit more difficult to implement, but it's done. And it's a bit better,
> as it test exactly what we want to test. Can we proceed with it?
> 

For test purposes, yes, that's fine (a test doesn't have to be clean, 
just work).

>>
>> We shouldn't need todo any of those tricks IIUC.  The --fork argument is
>> supposed to only let the parent process exit once the server is running.
>>
>> IOW, if you run qemu-nbd --fork, in the foreground, then when execution
>> continues the sockets should be present & accepting connections. No need
>> to check for existance of any files or check connecting, etc.
>>
>>
>> Except that AFAICT, --fork isn't actually implemented with this semantics
>> in qemu-nbd. It looks like we only listen on the sockets after the parent
>> has already exited :-( Can we fix that to synchronize wrt socket listeners ?

Yes, sounds like something good to have.  I'll take a look at doing that.

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

Re: [PATCH] qemu-nbd: Document benefit of --pid-file

Posted by Max Reitz 1 week ago
On 07.10.19 21:48, Eric Blake wrote:
> One benefit of --pid-file is that it is easier to probe the file
> system to see if a pid file has been created than it is to probe if a
> socket is available for connection. Document that this is an
> intentional feature.
> 
> Signed-off-by: Eric Blake <eblake@redhat.com>
> ---
>  qemu-nbd.texi | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/qemu-nbd.texi b/qemu-nbd.texi
> index 7f55657722bd..d495bbe8a0ed 100644
> --- a/qemu-nbd.texi
> +++ b/qemu-nbd.texi
> @@ -118,7 +118,8 @@ in list mode.
>  @item --fork
>  Fork off the server process and exit the parent once the server is running.
>  @item --pid-file=PATH
> -Store the server's process ID in the given file.
> +Store the server's process ID in the given file.  The pid file is not
> +created until after the server socket is open.
>  @item --tls-authz=ID
>  Specify the ID of a qauthz object previously created with the
>  --object option. This will be used to authorize connecting users

Well, not wrong, but at least most iotests do this by --fork and seeing
when the parent exits.  But I suppose:

Reviewed-by: Max Reitz <mreitz@redhat.com>