[Libguestfs] [PATCH INCOMPLETE] daemon: Reimplement LVM filters using lvmdevices command

Richard W.M. Jones rjones at redhat.com
Wed Jun 2 08:10:48 UTC 2021 

On Wed, Jun 02, 2021 at 01:53:29AM +0300, Nir Soffer wrote:
> On Wed, Jun 2, 2021 at 12:23 AM Nir Soffer <nsoffer at redhat.com> wrote:
> >
> > On Tue, Jun 1, 2021 at 4:38 PM Richard W.M. Jones <rjones at redhat.com> wrote:
> > >
> > > LVM2 managed to break device filters.  This patch attempts a fix.
> > >
> > > https://bugzilla.redhat.com/show_bug.cgi?id=1965941
> > >
> > > However it is not working, because the new "lvmdevices" command which
> > > is supposed to be used to set the new filters does not work for
> > > partitioned whole devices.  As far as I can tell there is no way to
> > > emulate the old behaviour of filtering such a device.  (Adding filters
> > > for each partition in the device is one possible workaround, but the
> > > filters will be out of date as soon as a new partition is created on
> > > the device.)
> >
> > The best way to use lvm filter is to use a filter that includes only
> > the devices you want lvm to use, and reject everything else:
> >
> >     "a|^/dev/sda1$|", "r|.*|"
> >
> > With this there are never any surprises when someone adds a new
> > device or partition. You need to add the new device to the filter to
> > use it.
> >
> > This is how ovirt configures lvm filter on hosts so they use only the
> > devices needed by the host and cannot access the devices used by
> > guests, managed by ovirt.
> >
> > ovirt lvm commands override the host filter using:
> >
> >     --config "device { filter = ["a|^/dev/sdb$|", "r|.*|"] }"
> >
> > So it can manage vgs used by ovirt to provide guest disks.
> >
> > With --config you don't need to modify the guest when you make changes.
> 
> The modern way of this with new lvm is simply:
> 
>    --devices /dev/sdb,/dev/sde
> 
> Right in the lvm command, so you don't need to manage the guest state unless
> the purpose of the command is to change the state in the guest.

Unfortunately this doesn't work if /dev/sdb is partitioned.  You have
to list all the partitions explicitly.

This is a change (regression, really) over the existing behaviour
where it was possible to specify a regexp such as a|^/dev/sdb$|,
a|^/dev/sdb[0-9]| to mean either /dev/sdb or any current or future
partition of /dev/sdb.

This is what we baked into the libguestfs API and I'm trying to make
work again.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-builder quickly builds VMs from scratch
http://libguestfs.org/virt-builder.1.html

More information about the Libguestfs mailing list