[libvirt] can't start domain with a corrupted disk attatched

[Michal Privoznik]

On 03.11.2011 10:33, lvroyce wrote:
> Hi all,
> 
>    I came across below issue when testing:
> 
>    1.make a volume and attach it to  a domain A
>    2.unplug the vg from the host in order to emulating a volume failure
>    3.start domain A(failed)
> 
>     In step 3 can't start domainA . because can't find disk listed in
> xml when create the Domain.
> 
>     I'm not sure if it is reasonable. In common sense, we can still
> start our system even if we have a corrupt data disk .And also ,if in
> data center we carelessly attatch a corrupt volumn to all the guest, it
> will result in all guests fail to boot .
> 
>     I suggest to  automatically detach a disk if it can't be found and
> just give out a warning.Please let me know your opinion about if it is a
> bug or a feature.Thanks.
> 
> 
> -- 
> libvir-list mailing list
> libvir-list at redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list

I think I should join this discussion as I am the author of
e5a84d74a2789a917bf394f15de9989ec48fded0 aka startupPolicy;

I think it is reasonable to allow users to drop any disk on startup as
one can do this with real host. Although, users should take special care
to not remove root/boot disk. But I don't think that is something
libvirt should try to avoid. This is why we currently support this
feature only on cdrom & floppy.

Modification of libvirt code should be simple:

1) in src/conf/domain_conf.c:2740 change check, so other disks can have
'optional' or 'mandatory' values assigned *only*.

2) change qemuDomainCheckDiskPresence (src/qemu/qemu_domain.c) so it
does not drop disk->src on non-cdrom disk, but whole disk.

Although there might be something more to be done, I have not tried to
code this. Moreover, dropping whole disk may result in changed domain
XML, so be careful.

Michal