Document update

[ct-quota-pq.git] / quota.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
               "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
lang="en" xml:lang="en">
<head>
<title>quota</title>
<meta http-equiv="Content-Type" content="text/html;charset=iso-8859-1"/>
<meta name="generator" content="Org-mode"/>
<meta name="generated" content="2009-11-19 18:21:17 MSK"/>
<meta name="author" content="Monahov Dmitry"/>
<style type="text/css">
 <!--/*--><![CDATA[/*><!--*/
  html { font-family: Times, serif; font-size: 12pt; }
  .title  { text-align: center; }
  .todo   { color: red; }
  .done   { color: green; }
  .tag    { background-color:lightblue; font-weight:normal }
  .target { }
  .timestamp { color: grey }
  .timestamp-kwd { color: CadetBlue }
  p.verse { margin-left: 3% }
  pre {
        border: 1pt solid #AEBDCC;
        background-color: #F3F5F7;
        padding: 5pt;
        font-family: courier, monospace;
        font-size: 90%;
        overflow:auto;
  }
  table { border-collapse: collapse; }
  td, th { vertical-align: top; }
  dt { font-weight: bold; }
  div.figure { padding: 0.5em; }
  div.figure p { text-align: center; }
  .linenr { font-size:smaller }
  .code-highlighted {background-color:#ffff00;}
  .org-info-js_info-navigation { border-style:none; }
  #org-info-js_console-label { font-size:10px; font-weight:bold;
                               white-space:nowrap; }
  .org-info-js_search-highlight {background-color:#ffff00; color:#000000;
                                 font-weight:bold; }
  /*]]>*/-->
</style>
<script type="text/javascript">
<!--/*--><![CDATA[/*><!--*/
 function CodeHighlightOn(elem, id)
 {
   var target = document.getElementById(id);
   if(null != target) {
     elem.cacheClassElem = elem.className;
     elem.cacheClassTarget = target.className;
     target.className = "code-highlighted";
     elem.className   = "code-highlighted";
   }
 }
 function CodeHighlightOff(elem, id)
 {
   var target = document.getElementById(id);
   if(elem.cacheClassElem)
     elem.className = elem.cacheClassElem;
   if(elem.cacheClassTarget)
     target.className = elem.cacheClassTarget;
 }
/*]]>*/-->
</script>
</head><body>
<h1 class="title">quota</h1>


<div id="table-of-contents">
<h2>Table of Contents</h2>
<div id="text-table-of-contents">
<ul>
<li><a href="#sec-1">1 directory tree quota design and implementation </a>
<ul>
<li><a href="#sec-1.1">1.1 STATUS </a></li>
<li><a href="#sec-1.2">1.2 Introduction </a></li>
<li><a href="#sec-1.3">1.3 Containers fs root requirement </a></li>
<li><a href="#sec-1.4">1.4 Containers directory tree-id  assumptions </a>
<ul>
<li><a href="#sec-1.4.1">1.4.1 -&gt;rename() restriction </a></li>
<li><a href="#sec-1.4.2">1.4.2 -&gt;link restriction </a></li>
</ul>
</li>
<li><a href="#sec-1.5">1.5 Patch queue </a></li>
<li><a href="#sec-1.6">1.6 How-to </a>
<ul>
<li><a href="#sec-1.6.1">1.6.1 Enabling tree quota an Easy way </a></li>
<li><a href="#sec-1.6.2">1.6.2 Enabling tree quota from very beginning </a></li>
<li><a href="#sec-1.6.3">1.6.3 Creating containers tree </a></li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
</div>

<div id="outline-container-1" class="outline-2">
<h2 id="sec-1">1 directory tree quota design and implementation </h2>
<div id="text-1">


</div>

<div id="outline-container-1.1" class="outline-3">
<h3 id="sec-1.1">1.1 STATUS </h3>
<div id="text-1.1">

<p>V0.07 :: I've succeed in testing journalled tree-quota. At least it survived
in fsstress and other manual tests.
</p>
</div>

</div>

<div id="outline-container-1.2" class="outline-3">
<h3 id="sec-1.2">1.2 Introduction </h3>
<div id="text-1.2">

<p>This document contains basic introduction to directory tree
quota for dedicated trees. Currently Linux support many 
virtualization extensions. One of approaches is containers.
Containers is OS level paravirtualization like jail in BSD.
In two words container is a set of process isolated from
other system. Each process has it's own name-spaces for
network,fs,ipc,etc. You may think of container as secure chroot.
</p>
</div>

</div>

<div id="outline-container-1.3" class="outline-3">
<h3 id="sec-1.3">1.3 Containers fs root requirement </h3>
<div id="text-1.3">

<p>Container's root are independent tree or several trees.
usually they organized like follows <b>/ct-root/CT${ID\}/${tree-content}</b>
There are many reasons to keep this trees separate one from another
</p><dl>
<dt>inode attr</dt><dd>

<p>
If inode has links in A and B trees. And A-user call chown() for
this inode, then B's owner will be surprised.
The only way to overcome this is to virtualize inode attributes
(for each tree) which is madness IMHO.
</p></dd>
<dt>checkpoint/restore/online-backup</dt><dd>

<p>
This is like suspend resume for VM, but in this case only
container's process are stopped(freezed) for some time. After CT's
process are stopped we may create backup CT's tree without freezing
FS as a whole.
</p>
</dd>
</dl>

<p>As I already say there are many way to isolate per-container fs-tree. 
But everyone has strong disadvantages:
</p><dl>
<dt>Virtual block devices(qemu-like)</dt><dd>
problems with consistency and performance
</dd>
<dt>ext3/4 + stack-fs(unionfs)</dt><dd>
Bad failure resistance. It is impossible to support jorunalling quota file on stack-fs level.
</dd>
<dt>XFS with proj quota</dt><dd>
Lack of quota file journalling.

</dd>
</dl>

<p>So the only way to implement journalled quota for containers is to
implement it on native fs level.
</p>
</div>

</div>

<div id="outline-container-1.4" class="outline-3">
<h3 id="sec-1.4">1.4 Containers directory tree-id  assumptions </h3>
<div id="text-1.4">

<ol>
<li>
Tree id is embedded inside inode
</li>
<li>
Tree id is inherent from parent dir
</li>
<li>
Inode can not belongs to different directory trees

</li>
</ol>

<p>Default directory tree (with id == 0) has special meaning.
directory which belongs to default tree may contains roots of
other trees. Default tree is used for subtree manipulation.
</p>
</div>

<div id="outline-container-1.4.1" class="outline-4">
<h4 id="sec-1.4.1">1.4.1 -&gt;rename() restriction </h4>
<div id="text-1.4.1">




<pre class="example">
  if (S_ISDIR(old_inode-&gt;i_mode)) {
      if ((new_dir-&gt;i_tree_id == 0) || /* move to default tree */
               (new_dir-&gt;i_tree_id == old_inode-&gt;i_tree_id)) /*same tree */
             goto good;
      return -EXDEV;
  } else {
      /* If entry have more than one link then it is bad idea to allow
         rename it to different (even if it's default tree) tree,
         because this result in rule (3) violation.
       */
      if (old_inode-&gt;i_nlink &gt; 1) &amp;&amp; 
                    (new_dir-&gt;i_tree_id != old_inode-&gt;i_tree_id)
            return -EXDEV;
 }
</pre>




</div>

</div>

<div id="outline-container-1.4.2" class="outline-4">
<h4 id="sec-1.4.2">1.4.2 -&gt;link restriction </h4>
<div id="text-1.4.2">




<pre class="example">
   /* Links may  belongs to only one tree */
   if(new_dir-&gt;i_tree_id != old_inode-&gt;i_tree_id)
            return -EXDEV;
</pre>



</div>
</div>

</div>

<div id="outline-container-1.5" class="outline-3">
<h3 id="sec-1.5">1.5 Patch queue </h3>
<div id="text-1.5">

<p>I've prepare proof of concept patch queue.
<a href="http://www.2ka.mipt.ru/~mov/tree-quota.tgz">patch-queue</a>
</p></div>

</div>

<div id="outline-container-1.6" class="outline-3">
<h3 id="sec-1.6">1.6 How-to </h3>
<div id="text-1.6">

<p>This part contain some tips of tree-quota usage. Assume you have kernel
with tree-quota patch applied.
</p>
</div>

<div id="outline-container-1.6.1" class="outline-4">
<h4 id="sec-1.6.1">1.6.1 Enabling tree quota an Easy way </h4>
<div id="text-1.6.1">

<p>You may download small file-system image with tree-quota enabled.
<a href="http://www.2ka.mipt.ru/~mov/fs-trquota.img.gz">fs-trquota.img.gz(3Mb)</a>
mount /test/fs.img /mnt -oloop,quota,grpquota,treeid,trquota
<b>NOTE in order to use journalling quota use following mount options</b>
</p>


<pre class="example">
   jqfmt=vfsv0,treeid,trjquota=aquota.tree
</pre>




<pre class="example">
    Currently quota-tools has no tree-quota support. So you have to manually
    create aquota.tree file. Just copy quota-tree/tool/aquota.tree to the root
    of your fs
    mount /test/fs.img /mnt -oloop,quota,grpquota,treeid,trquota
    cp quota-tree/tool/aquota.tree  /mnt/
    # enable all quotas
    quota-tree/tool/quotactl --on --all --path /mnt --dev /dev/loop0
    # show quotas type ==0 -&gt; usrquota, type == 2 -&gt; trqota
    quota-tree/tool/quotactl --get --all --type 2 --dev /dev/loop0
</pre>



</div>

</div>

<div id="outline-container-1.6.2" class="outline-4">
<h4 id="sec-1.6.2">1.6.2 Enabling tree quota from very beginning </h4>
<div id="text-1.6.2">




<pre class="example">
    Currently quota-tools has no tree-quota support. So you have to manually
    create aquota.tree file. Just copy quota-tree/tool/aquota.tree to the root
    of your fs
    mount /test/fs.img /mnt -oloop,quota,grpquota,treeid,trquota
    cp quota-tree/tool/aquota.tree  /mnt/
    # enable all quotas
    quota-tree/tool/quotactl --on --all --path /mnt --dev /dev/loop0
    # show quotas type ==0 -&gt; usrquota, type == 2 -&gt; trqota
    quota-tree/tool/quotactl --get --all --type 2 --dev /dev/loop0
</pre>



</div>

</div>

<div id="outline-container-1.6.3" class="outline-4">
<h4 id="sec-1.6.3">1.6.3 Creating containers tree </h4>
<div id="text-1.6.3">




<pre class="example">
    # create root dir for directory-tree 
    mkdir /mnt/ct-root-1
    # Assign id for the root
    ./chattr -Q 1 /mnt/ct-root-1
    # set quota limits for tree
    quota-tree/tool/quotactl --set --type 2 --id 1 --bsoft 100000 --bhard 110000 --dev /dev/loop0
    # show quotas
    quota-tree/tool/quotactl --get --all --type 2 --dev /dev/loop0
    # Populate root with content, it will be accounted in to
    # tree-quota with id "1"
    tar zxf root.tar -C /mnt/ct-root-1
    # show quotas
    quota-tree/tool/quotactl --get --all --type 2 --dev /dev/loop0
</pre>



</div>
</div>
</div>
</div>
<div id="postamble"><p class="author"> Author: Monahov Dmitry
<a href="mailto:mov@jazz.campus">&lt;mov@jazz.campus&gt;</a>
</p>
<p class="date"> Date: 2009-11-19 18:21:17 MSK</p>
<p>HTML generated by org-mode 6.21b in emacs 23</p>
</div></body>
</html>