fs.ufs2
Minimal configlet:
[fs#1]
type = ufs2
dev = /dev/disk/by-id/nvme-eui.002538ba11b75ec8
mnt = /srv/{fqdn}
Minimal setup command:
om test/svc/foo set \
--kw="type=ufs2" \
--kw="dev=/dev/disk/by-id/nvme-eui.002538ba11b75ec8" \
--kw="mnt=/srv/{fqdn}"
blocking_post_provision
required: false
scopable: true
A command or script to execute after the resource provision action.
Errors interrupt the action.
blocking_post_start
required: false
scopable: true
A command or script to execute after the resource start action.
Errors interrupt the action.
blocking_post_stop
required: false
scopable: true
A command or script to execute after the resource stop action.
Errors interrupt the action.
blocking_post_unprovision
required: false
scopable: true
A command or script to execute after the resource unprovision action.
Errors interrupt the action.
blocking_pre_provision
required: false
scopable: true
A command or script to execute before the resource provision action.
Errors interrupt the action.
blocking_pre_start
required: false
scopable: true
A command or script to execute before the resource start action.
Errors interrupt the action.
blocking_pre_stop
required: false
scopable: true
A command or script to execute before the resource stop action.
Errors interrupt the action.
blocking_pre_unprovision
required: false
scopable: true
A command or script to execute before the resource unprovision action.
Errors interrupt the action.
check_read
required: false
scopable: true
convert: bool
Activate file system read check during status evaluation when the file system is mounted but file system write check is disabled.
This can help detection of nfs stale file systems. It is ignored when mnt_opt contains 'nointr'. The file system read check is: 'timeout {stat_timeout} stat -f {mnt}' The file system write check is disabled when fs_type is a network file system or when mnt_opt contains 'ro'.
comment
required: false
scopable: false
Comments help the users understand the role of the object and its resources.
dev
required: true
scopable: true
Example:
dev = /dev/disk/by-id/nvme-eui.002538ba11b75ec8
The block device file or filesystem image file hosting the filesystem to mount.
A different device can be set up on different nodes using the dev@<nodename>
scoping syntax.
disable
required: false
scopable: true
convert: bool
A disabled resource will be ignored on start, stop, provision and
unprovision actions.
A disabled resource status is n/a.
If set in the DEFAULT section of an object, the object is disabled and
ignores start, stop, shutdown, provision and unprovision actions.
These actions immediately return success.
om <path> disable sets DEFAULT.disable=true.
om <path> enable sets DEFAULT.disable=false.
Note: The
enableanddisableactions preserve the individual resourcedisablestate.
encap
required: false
scopable: false
convert: bool
Set to true to ignore this resource in the nodes context and consider it in the encapnodes context. The resource is thus handled by agents deployed in the service containers.
group
required: false
scopable: true
convert: group
Example:
group = sys
The group that should be owner of the mnt directory.
Either in numeric or symbolic form.
mkfs_opt
required: false
scopable: true
convert: shlex
Options to pass to the mkfs command called by the provision action.
mnt
required: true
scopable: true
Example:
mnt = /srv/{fqdn}
The mount point where to mount the filesystem.
mnt_opt
required: false
scopable: true
The mount options, as they would be defined in the fstab.
monitor
required: false
scopable: true
convert: bool
A resource with monitor=true will trigger the monitor_action
(crash or reboot the node, freezestop or switch the service) if:
-
The resource is
down. -
The instance has
local_expect=startedin its daemon monitor data, which means the daemon considers this instance is and should remain started. -
All restart tentatives failed.
no_preempt_abort
required: false
scopable: true
convert: bool
If true, the agent will preempt the scsi3 persistent reservation with a preempt
command instead of a preempt and and abort.
Some scsi target implementations do not support preempt and and abort (esx).
optional
required: false
scopable: true
convert: bool
Action errors on optional resources are logged but do not interrupt the action sequence.
The status of optional resources is not included in the instance availability status but is considered in the overall status.
The status of task and sync resources is always included in the overall status, regardless of whether they are marked as optional.
Resources tagged as noaction are considered optional by default.
Dump filesystems are a typical use case for optional=true.
perm
required: false
scopable: true
convert: file-mode
Example:
perm = 1777
The group that should be owner of the mnt directory.
Either in numeric or symbolic form.
pg_blkio_weight
required: false
scopable: true
Example:
pg_blkio_weight = 50
Block IO relative weight. Value: between 10 and 1000.
The kernel default is 1000.
pg_cpu_quota
required: false
scopable: true
Example:
pg_cpu_quota = 50%@all
The kernel default value is used, which usually is 1024 shares.
In a cpu-bound situation, this setting ensures the service does not use more than its share of cpu resource. The actual percentile depends on shares allowed to other services.
pg_cpu_shares
required: false
scopable: true
convert: size
Example:
pg_cpu_shares = 512
The kernel default value is used, which usually is 1024 shares.
In a cpu-bound situation, this setting ensures the service does not use more than its share of cpu resource. The actual percentile depends on shares allowed to other services.
pg_cpus
required: false
scopable: true
depends: create_pg=true
Example:
pg_cpus = 0-2
Allow service process to bind only the specified cpus.
Cpus are specified as list or range : 0,1,2 or 0-2.
pg_mem_limit
required: false
scopable: true
convert: size
Example:
pg_mem_limit = 512m
Ensures the service does not use more than specified memory (in bytes).
The Out-Of-Memory killer is triggered in case of tresspassing.
pg_mem_oom_control
required: false
scopable: true
Example:
pg_mem_oom_control = 1
A flag (0 or 1) that enables or disables the Out of Memory killer for the processes of the group.
- If enabled (0), tasks that attempt to consume more memory than they are allowed are immediately killed by the OOM killer.
- If disabled (1), tasks are allowed to continue to try allocating memory, stressing the system.
The OOM killer is enabled by default in every cgroup using the memory controller.
pg_mem_swappiness
required: false
scopable: true
Example:
pg_mem_swappiness = 40
Set a swappiness percentile value for the process group.
pg_mems
required: false
scopable: true
Example:
pg_mems = 0-2
Allow service process to bind only the specified memory nodes.
Memory nodes are specified as list or range : 0,1,2 or 0-2.
pg_vmem_limit
required: false
scopable: true
convert: size
Example:
pg_vmem_limit = 1g
Ensures the service does not use more than specified memory+swap (in bytes).
The Out-Of-Memory killer is triggered in case of tresspassing.
The specified value must be greater than pg_mem_limit.
post_provision
required: false
scopable: true
A command or script to execute after the resource provision action.
Errors do not interrupt the action.
post_start
required: false
scopable: true
A command or script to execute after the resource provision action.
Errors do not interrupt the action.
post_stop
required: false
scopable: true
A command or script to execute after the resource provision action.
Errors do not interrupt the action.
post_unprovision
required: false
scopable: true
A command or script to execute after the resource provision action.
Errors do not interrupt the action.
pre_provision
required: false
scopable: true
A command or script to execute after the resource provision action.
Errors do not interrupt the action.
pre_start
required: false
scopable: true
A command or script to execute after the resource provision action.
Errors do not interrupt the action.
pre_stop
required: false
scopable: true
A command or script to execute after the resource provision action.
Errors do not interrupt the action.
pre_unprovision
required: false
scopable: true
A command or script to execute after the resource provision action.
Errors do not interrupt the action.
prkey
required: false
scopable: true
A specific scsi3 persistent reservation key for the resource.
It overrides the object-level prkey and the node-level prkey.
promote_rw
required: false
scopable: false
convert: bool
If true, OpenSVC will try to promote the base devices to read-write on
start actions.
provision
required: false
scopable: false
default: true
convert: bool
Set to false to ignore the provision and unprovision actions on the
resource.
Warning:
provisionandunprovisionuse data-destructive operations like formatting.
It is recommended to set provision=false on long-lived critical objects,
to force administrators to remove this setting when they really want to
destroy data.
provision_requires
required: false
scopable: false
Example:
provision_requires = ip#0 fs#0(down,stdby down)
A whitespace-separated list of conditions to meet to accept a 'provision' action.
A condition is expressed as <rid>(<state>,...).
If states are omitted, up,stdby up is used as the default expected states.
provision_timeout
required: false
scopable: true
convert: duration
Example:
provision_timeout = 1m30s
Wait for <duration> before declaring the action a failure.
Takes precedence over timeout.
restart
required: false
scopable: true
default: 0
convert: int
The daemon will try to restart a resource if:
-
The resource is
down,stdby downorwarn. -
The instance has
local_expect=startedin its daemon monitor data, which means the daemon considers this instance is and should remain started. -
The node is not frozen
-
The instance is not frozen
In this case, the daemon try restart=<n> times before falling back to the
monitor action.
The restart_delay keyword sets the interval after a failed restart before
the next tentative.
Resources with standby=true have restart forced to a minimum of 2, to
increase chances of a restart success.
restart_delay
required: false
scopable: true
default: 500ms
convert: duration
A command or script to execute after the resource provision action.
Errors do not interrupt the action.
scsireserv
required: false
scopable: false
convert: bool
If true, try to acquire a type-5 (write exclusive, registrant only) scsi3
persistent reservation on every path to every disk used by this resource.
Existing reservations are preempted to not block service failover.
If the start was not legitimate the data are still protected from being
written concurrently from all nodes.
shared
required: false
scopable: true
convert: bool
If true, the resource will be considered shared during provision and
unprovision actions.
A shared resource driver can implement a different behaviour depending on weither it is run from the leader instance, or not:
-
When
--leaderis set, the driver creates and configures the system objects. For example the disk.disk driver allocates a SAN disk and discover its block devices. -
When
--leaderis not set, the driver does not redo the actions already done by the leader, but may do some. For example, the disk.disk driver skips the SAN disk allocation, but discovers the block devices.
The daemon takes care of setting the --leader flags on the commands
it submits during deploy, purge, provision and unprovision
orchestrations.
Warning: If admins want to submit
--localprovision or unprovision commands themselves, they have to set the--leaderflag correctly.
Flex objects usually don't use shared resources. But if they do, only
the flex primary gets --leader commands.
Warning: All resources depending on a shared resource must also be flagged as shared.
standby
required: false
scopable: true
convert: bool
If true, always start the resource, even on non-started instances.
The daemon is responsible for starting standby resources.
A resource can be set standby on a subset of nodes using keyword scoping.
A typical use-case is a synchronized filesystem on non-shared disks. The remote filesystem must be mounted to not overflow the underlying filesystem.
Warning: In most situation, don't set shared resources standby, a non-clustered fs on shared disks for example.
start_requires
required: false
scopable: false
Example:
start_requires = ip#0 fs#0(down,stdby down)
A whitespace-separated list of conditions to meet to accept a 'start' action.
A condition is expressed as <rid>(<state>,...).
If states are omitted, up,stdby up is used as the default expected states.
start_timeout
required: false
scopable: true
convert: duration
Example:
start_timeout = 1m30s
Wait for <duration> before declaring the action a failure.
Takes precedence over timeout.
stat_timeout
required: false
scopable: true
default: 5s
convert: duration
The fs resources status evaluation includes a stat syscall test. This keyword defines the maximum wait time for those stat calls to respond.
When expired, the resource status is degraded is to warn, which can trigger a monitor action (reboot or crash the node) if the resource is monitored.
status_timeout
required: false
scopable: true
default: 1m
convert: duration
Example:
status_timeout = 10s
The maximum duration of the instance status evaluation.
For example, the total start action duration is constrained by different timeouts:
-
the
start_timeoutLimiting the start action duration. -
the
stop_timeoutLimiting the start rollback duration triggered by start errors. -
the
status_timeoutLimiting the post-start instance status evaluation duration.
stop_requires
required: false
scopable: false
Example:
stop_requires = ip#0 fs#0(down,stdby down)
A whitespace-separated list of conditions to meet to accept a 'stop' action.
A condition is expressed as <rid>(<state>,...).
If states are omitted, up,stdby up is used as the default expected states.
stop_timeout
required: false
scopable: true
convert: duration
Example:
stop_timeout = 1m30s
Wait for <duration> before declaring the action a failure.
Takes precedence over timeout.
subset
required: false
scopable: true
A command or script to execute after the resource provision action.
Errors do not interrupt the action.
sync_timeout
required: false
scopable: true
convert: duration
Example:
sync_timeout = 1m30s
Wait for <duration> before declaring the action a failure.
Takes precedence over timeout.
tags
required: false
scopable: true
convert: set
A whitespace-separated list of tags.
Tags can be used for resource selection by tag.
Some tags can influence the driver behaviour:
-
noactionSkip any state changing action on the resource and imply
optional=true. -
nostatusForce the status
n/a.
timeout
required: false
scopable: true
default: 1h
convert: duration
Example:
timeout = 2h
Wait for <duration> before declaring a state-changing action a failure.
A per-action <action>_timeout can override this value.
type
required: false
scopable: false
The resource driver name.
unprovision
required: false
scopable: false
default: true
convert: bool
Set to false to ignore the unprovision action on the resource.
Warning:
unprovisionuse data-destructive operations like formatting.
It is recommended to set provision=false on long-lived critical objects,
to force administrators to remove this setting when they really want to
destroy data.
unprovision_requires
required: false
scopable: false
Example:
unprovision_requires = ip#0 fs#0(down,stdby down)
A whitespace-separated list of conditions to meet to accept a 'unprovision' action.
A condition is expressed as <rid>(<state>,...).
If states are omitted, up,stdby up is used as the default expected states.
unprovision_timeout
required: false
scopable: true
convert: duration
Example:
unprovision_timeout = 1m30s
Wait for <duration> before declaring the action a failure.
Takes precedence over timeout.
user
required: false
scopable: true
convert: user
Example:
user = root
The user that should be owner of the mnt directory.
Either in numeric or symbolic form.
zone
required: false
scopable: true
The zone name the fs refers to.
If set, the fs mount point is reparented into the zonepath rootfs.