[7/n] [reconfigurator] combine inventory and omicron zones #6739
Conversation
Created using spr 1.3.6-beta.1 [skip ci]
Created using spr 1.3.6-beta.1
|
(will tackle this separately) |
Created using spr 1.3.6-beta.1 [skip ci]
Created using spr 1.3.6-beta.1
Created using spr 1.3.6-beta.1
| // TODO: mutating example.system doesn't automatically update | ||
| // example.collection -- this should be addressed via API improvements. |
There was a problem hiding this comment.
This is unfortunate -- users must remember to do this themselves. This is what drove me to investigate how to make feedback from tests to SystemDescription work.
Created using spr 1.3.6-beta.1 [skip ci]
sunshowers
requested review from
andrewjstone,
smklein,
jgallagher and
davepacheco
sunshowers
changed the title
| usable_physical_ram: s.usable_physical_ram.into(), | ||
| reservoir_size: s.reservoir_size.into(), | ||
| omicron_zones, | ||
| // TODO: the unwrap_or_defaults here look incorrect -- all the |
There was a problem hiding this comment.
Do you want to fix this in this PR? If not, mind opening an issue?
There was a problem hiding this comment.
I can see two possibilities here:
- If disks, zpools, datasets are like Omicron zones, where there's a "parent" record for the list itself (the inv_sled_omicron_zones), then I expect that this TODO is probably right and instead of
unwrap_or_default()we probably wantok_or_else(|| Error::internal_error(&format!("sled {}: missing physical disks that we expected to see", sled_id))?. - If disks, zpools, and datasets don't have a separate record like this, then
unwrap_or_default()seems correct? We would have only populated the maps for the rows that we found, but if a sled just had 0 disks, zpools, or datasets, then we wouldn't have found any rows, it wouldn't have shown up in the map, and then the empty Vec is correct here, right?
All of it makes me wonder if we have test coverage for serializing and deserializing a collection containing a sled with no disks, zpools, or datasets.
There was a problem hiding this comment.
Ah yeah, it does look like the latter -- so yes, the unwrap_or_default is correct. Thanks.
There was a problem hiding this comment.
Added this in a comment.
There was a problem hiding this comment.
Cool!
Reviewing this prompted me to remember one reason I think I had separated these initially, which is that in the sled agent, the Omicron zones information was protected by a lock, and that lock gets held for the entire duration of the zone reconfiguration that happens when you PUT /omicron-zones. That could be a while. I was worried this would prevent us from getting any information about the sled while zone reconfiguration was happening. I'm not sure if the locking still works that way, but either way, it doesn't seem to have been a meaningful problem. (If it were, presumably we'd have a lot of partially failed inventory collections. I don't think we've noticed that.) If it is or becomes a problem, we can always fix the locking. All that's to say: this looks good.
| usable_physical_ram: s.usable_physical_ram.into(), | ||
| reservoir_size: s.reservoir_size.into(), | ||
| omicron_zones, | ||
| // TODO: the unwrap_or_defaults here look incorrect -- all the |
There was a problem hiding this comment.
I can see two possibilities here:
- If disks, zpools, datasets are like Omicron zones, where there's a "parent" record for the list itself (the inv_sled_omicron_zones), then I expect that this TODO is probably right and instead of
unwrap_or_default()we probably wantok_or_else(|| Error::internal_error(&format!("sled {}: missing physical disks that we expected to see", sled_id))?. - If disks, zpools, and datasets don't have a separate record like this, then
unwrap_or_default()seems correct? We would have only populated the maps for the rows that we found, but if a sled just had 0 disks, zpools, or datasets, then we wouldn't have found any rows, it wouldn't have shown up in the map, and then the empty Vec is correct here, right?
All of it makes me wonder if we have test coverage for serializing and deserializing a collection containing a sled with no disks, zpools, or datasets.
| /// # Notes | ||
| /// | ||
| /// While bootstrapping an example system, the order is: | ||
| /// | ||
| /// 1. Create a collection with sleds with no zones. | ||
| /// 2. From the collection, generate a blueprint with zones. | ||
| /// 3. Seed the system with zones from the blueprint. | ||
| /// | ||
| /// This method is used in step 3. |
There was a problem hiding this comment.
I was a little confused by this comment. What's the purpose of having it here? I feel like maybe you're trying to say that there's some assumptions it makes that are only true in this situation, and so it wouldn't be valid if you were calling it for some other reason? Or maybe that it wasn't suitable for other situations?
I do feel like it could use a comment explaining what it means to set the zones for a particular sled. I assume it means "these zones will be reported in the inventory for this sled" and that the caller is allowed to change this however it wants (e.g., even going backwards or transitions in other illegal ways, even though that shouldn't happen in a real system) -- nothing internal to SystemDescription will break. (An alternative reading would be: make these the zones that the sled should be running, though it might not yet be, which probably doesn't make sense in the context of SystemDescription.)
(My confusion is probably not relevant but in case it's useful: when I first read it, I thought it was going to describe the three-step process this function itself was going to carry out. Then I got to the end and realized it wasn't that. Then I thought "method" meant "approach". It took me a few readings to parse this as as "context about how this function is used".)
There was a problem hiding this comment.
Sorry about not being clear here! Yes, it means "when Self::to_collection_builder is called next, it will contain these Omicron zones for the sled".
I agree that describing the bootstrap process isn't very useful (you can discover this by looking for the callers of sled_set_omicron_zones), so I've dropped it.
| sim.system.to_collection_builder().context("generating inventory")?; | ||
| // For an inventory we just generated from thin air, pretend like each sled |
There was a problem hiding this comment.
Does this change the behavior here?
There was a problem hiding this comment.
It does -- and I think what I was intending to do here was to try and figure out what this really means. I'll work on reconfigurator-cli in another PR that this depends on.
There was a problem hiding this comment.
Put up a few more PRs in the series, and established this behavior change via new tests. I think it makes sense -- the system now carries around zone information so it's weird for the inventory to ignore it.
Created using spr 1.3.6-beta.1 [skip ci]
Created using spr 1.3.6-beta.1
sunshowers
changed the title
sunshowers
changed the base branch from
sunshowers/spr/main.reconfigurator-combine-inventory-and-omicron-zones
to
main
Created using spr 1.3.6-beta.1
sunshowers
deleted the
sunshowers/spr/reconfigurator-combine-inventory-and-omicron-zones
branch
Currently, when the collection process makes two separate queries to sled-agent: one to obtain basic inventory, and the other to obtain Omicron zones. With this approach, it is possible for one of the two queries to fail -- in that case, the
sled_agentsandomicron_zonesmaps will not have the same set of keys.In general, consumers of collections must be able to handle these kinds of failing cases, because collections contain information from a variety of sources, not all of which are guaranteed to work all the time. But this specific case (sled-agent inventory vs Omicron zones) is not intrinsic to the system -- it is an artifact of our APIs.
Change the API so that the
/inventoryendpoint also returns Omicron zones. The format remains the same, so thatPUT /omicron-zonesmirrorsGET /inventory | jq .omicron_zones.I had to make a few changes to our tests, since we now have a unified notion of Omicron zones and sled agents. But this exposed what feels to me like a modeling deficiency in the way our tests work. I hope to fix that up at some point soon.
There is also one behavior change to the reconfigurator CLI -- now,
inventory-generatepreserves zone information passed into it from the system. This matches the behavior of inventory generation within tests themselves.Depends on: