Fixes #348 resizes private volume sizes of sd-app sd-log #405
Conversation
There was a problem hiding this comment.
Thanks @kushaldas the resize for sd-svs is working as expecting!
However, I experienced some issues with testing sd-log (it appears the test for checking the size is not run, see inline, but is also testing the template VM and not the AppVM, which is strange)
I think we should make the size configurable via the config.json. The diff should be quite small, and it will have significant benefits for the pilot:
- Every org (or developer) will have different requirements for storage space (10GiB is ~20 max size submissions, developers use their Qubes workstations for many other things)
- Having this hardcoded in .sls is problematic should a user want to make local changes: these changes will be squashed when the .sls is updated.
- Per the above, should the .sls file have a size smaller than the current volume, an error will be thrown during provisioning [1]
I think, prior to merge we should:
- ensure sd-log (appvm) tests are run as expected
- make the value configurable via config.json
[1]
----------
ID: sd-svs-private-volume-size
Function: cmd.run
Name: qvm-volume resize sd-svs:private 9GiB
Result: False
Comment: Command "qvm-volume resize sd-svs:private 9GiB
" run
Started: 10:36:13.881554
Duration: 118.459 ms
Changes:
----------
pid:
19991
retcode:
1
stderr:
For your own safety, shrinking of private is disabled (9663676416 < 10737418240). If you really know what you are doing, resize filesystem manually first, then use `-f` option.
stdout:
----------
tests/test_vms_exist.py
Outdated
| # Should be 5GB | ||
| # >>> 1024 * 1024 * 5 * 1024 | ||
| vol = vm.volumes["private"] | ||
| self.assertEqual(vol.size, 5368709120) |
There was a problem hiding this comment.
Here, you are testing the template vm, not the AppVM (sd-log). Strangely though, this test is not failing. Perhaps it is not running?
dom0/sd-svs.sls
Outdated
| sd-svs-private-volume-size: | ||
| cmd.run: | ||
| - name: > | ||
| qvm-volume resize sd-svs:private 10GiB |
There was a problem hiding this comment.
✔️ It seems like qvm.volume is not implemented in salt, so we must use cmd.run here
kushaldas
force-pushed
the
we_want_more_space_give_us_space_moar_space
branch
from
fd4656f to
701e90e
Compare
|
Due to changes introduced in #407, this will also need a rebase on latest master: sd-svs -> sd-app Could you also please populate the contents of the |
kushaldas
force-pushed
the
we_want_more_space_give_us_space_moar_space
branch
from
701e90e to
4574ab0
Compare
There was a problem hiding this comment.
Thanks for the changes @kushaldas . I have taken another pass, and was not able to apply these changes on my local workstation: I had to replace sd-svs by sd-app in validate-config locally to get the config validation to pass. I have added some more comments inline.
scripts/validate-config
Outdated
| assert "sd_log" in self.config["vmsizes"] | ||
|
|
||
| app = Qubes() | ||
| if "sd-svs" in app.domains: |
There was a problem hiding this comment.
This domain should no longer exist due to the vm rename introduced in #407
scripts/validate-config
Outdated
| ), "sd-svs private volume is already bigger than configuration." | ||
|
|
||
| if "sd-log" in app.domains: | ||
| vm = app.domains["sd-svs"] |
There was a problem hiding this comment.
Here, the vol variable represents the private volume of the sd-svs vm. Is this what was intended?
| @@ -61,6 +61,7 @@ clean-salt: assert-dom0 ## Purges SD Salt configuration from dom0 | |||
|
|
|||
| prep-salt: assert-dom0 ## Configures Salt layout for SD workstation VMs | |||
| @./scripts/prep-salt | |||
| @./scripts/validate-config | |||
There was a problem hiding this comment.
there's a validate makefile target that could be used here. We should validate the config before running prep-salt here, since prep-salt is not strictly required if the config fails to validate
scripts/validate-config
Outdated
|
|
||
| app = Qubes() | ||
| if "sd-svs" in app.domains: | ||
| vm = app.domains["sd-svs"] |
There was a problem hiding this comment.
ah, I will have to update this.
scripts/validate-config
Outdated
| """This method checks for existing private volume size and new | ||
| values in the config.json""" | ||
| assert "vmsizes" in self.config | ||
| assert "sd_svs" in self.config["vmsizes"] |
scripts/validate-config
Outdated
| vm = app.domains["sd-svs"] | ||
| vol = vm.volumes["private"] | ||
| assert ( | ||
| vol.size <= self.config["vmsizes"]["sd_svs"] * 1024 * 1024 * 1024 |
kushaldas
force-pushed
the
we_want_more_space_give_us_space_moar_space
branch
from
4574ab0 to
5303833
Compare
emkll
changed the title
emkll
changed the title
emkll
force-pushed
the
we_want_more_space_give_us_space_moar_space
branch
from
5303833 to
8e48b14
Compare
|
rebased on latest |
There was a problem hiding this comment.
Thanks @kushaldas for your patience and the changes, they look great! Went through functional testing and everything works as expected. One final request and this should be good to merge:
qvm-volume resize only appears to accept integers, adding a non integer (e.g: 6.5) returns a failure [1]. We should either validate (or round) the value in the config, or document this constraint. Since we cannot add comments in the json file, so it may be best if we addressed this in the validator. What do you think?
[1]
----------
ID: sd-log-private-volume-size
Function: cmd.run
Name: qvm-volume resize sd-log:private 6.5GiB
Result: False
Comment: Command "qvm-volume resize sd-log:private 6.5GiB
" run
Started: 10:33:17.419232
Duration: 116.458 ms
Changes:
----------
pid:
5780
retcode:
1
stderr:
Traceback (most recent call last):
File "/bin/qvm-volume", line 5, in <module>
sys.exit(main())
File "/usr/lib/python3.5/site-packages/qubesadmin/tools/qvm_volume.py", line 354, in main
args.func(args)
File "/usr/lib/python3.5/site-packages/qubesadmin/tools/qvm_volume.py", line 233, in extend_volumes
size = qubesadmin.utils.parse_size(args.size)
File "/usr/lib/python3.5/site-packages/qubesadmin/utils.py", line 49, in parse_size
return int(size) * multiplier
ValueError: invalid literal for int() with base 10: '6.5'
stdout:
Summary for local
-------------
Succeeded: 38 (changed=6)
Failed: 1
-------------
Total states run: 39
Total run time: 9.235 s
|
@emkll thank you for the comment, i will update it tomorrow in my time. |
scripts/validate-config
Outdated
| vol = vm.volumes["private"] | ||
| assert ( | ||
| vol.size <= self.config["vmsizes"]["sd_app"] * 1024 * 1024 * 1024 | ||
| ), "sd-svs private volume is already bigger than configuration." |
eloquence
changed the title
The config.json now must have sizes defined for sd-svs and sd-log
private volumes.
"vmsizes": {
"sd_svs": 10,
"sd_log": 5
},
The values must be an integer.
The Makefile prep-salt target will also run the validate-config check
to make sure that size checks are done in case of:
make sd-app
make sd-log
The validate-config will fail in case the given size is smaller than
the current size of the private volumes in the existsing VMs.
kushaldas
force-pushed
the
we_want_more_space_give_us_space_moar_space
branch
from
8e48b14 to
3e39647
Compare
I have added a validation check for integer values of the private volume sizes. |
sd-app:private is now 10GB
sd-log:private is now 5GB
How to test?
dom0and get the config.json and sd-journalist.sec file for your installationmake sd-appmake sd-logmake testsd-appto 11GB `qvm-volume resize sd-app:private 11GiBmake sd-appagain, this should fail with a proper failure message.All of these commands should execute properly.
If you can check the private volume size of the
sd-appandsd-logvm in the GUI too.