Pick a non-expunged clone source #7283
Conversation
When performing region snapshot replacement, the associated start saga chose the request's region snapshot as the clone source, but if that region snapshot was backed by an expunged dataset then it may be gone. This commit adds logic to choose another clone source, either another region snapshot from the same snapshot, or one of the read-only regions for that snapshot. Basic sanity tests were added for ensuring that region replacements and region snapshot replacements resulting from expungement can occur. It was an oversight not to originally include these! Rn order to support these new sanity tests, the simulated pantry has to fake activating volumes in the background. This commit also refactors the simulated Pantry to have one Mutex around an "inner" struct instead of many Mutexes. Fixes oxidecomputer#7209
| dataset_id: params.request.old_dataset_id.into(), | ||
| region_id: params.request.old_region_id, | ||
| } | ||
| } else { |
There was a problem hiding this comment.
So, if I'm following correclty, we land here with an expected source (request.old_dataset_id, request.old_region_id`) But we need to verify that it's not expunged yet, right?
There was a problem hiding this comment.
Yep, though this function changed a bit as a result of our call :)
| ); | ||
|
|
||
| // Select another region snapshot that's part of this snapshot - they | ||
| // will all have identical contents. |
There was a problem hiding this comment.
Do I understand where we are correctly here:
We have a snapshot with a failed downstairs we want to replace.
We have chosen another downstairs target to clone from, but we then discovered that source was on an expunged disk?
So now we are going to try and get that third (final) downstairs as a source?
request: if it's flaky, it shouldn't be used as a clone source!
| let osagactx = sagactx.user_data(); | ||
| let log = osagactx.log(); | ||
|
|
||
| // If the downstairs we're cloning from is on an expunged dataset, the clone |
There was a problem hiding this comment.
just update this comment to what we discussed over chat
When performing region snapshot replacement, the associated start saga chose the request's region snapshot as the clone source, but if that region snapshot was backed by an expunged dataset then it may be gone.
This commit adds logic to choose another clone source, either another region snapshot from the same snapshot, or one of the read-only regions for that snapshot.
Basic sanity tests were added for ensuring that region replacements and region snapshot replacements resulting from expungement can occur. It was an oversight not to originally include these! Rn order to support these new sanity tests, the simulated pantry has to fake activating volumes in the background. This commit also refactors the simulated Pantry to have one Mutex around an "inner" struct instead of many Mutexes.
Fixes #7209