admin-guide/device-mapper/thin-provisioning.rst

0001 =================
0002 Thin provisioning
0003 =================
0004
0005 Introduction
0006 ============
0007
0008 This document describes a collection of device-mapper targets that
0009 between them implement thin-provisioning and snapshots.
0010
0011 The main highlight of this implementation, compared to the previous
0012 implementation of snapshots, is that it allows many virtual devices to
0013 be stored on the same data volume.  This simplifies administration and
0014 allows the sharing of data between volumes, thus reducing disk usage.
0015
0016 Another significant feature is support for an arbitrary depth of
0017 recursive snapshots (snapshots of snapshots of snapshots ...).  The
0018 previous implementation of snapshots did this by chaining together
0019 lookup tables, and so performance was O(depth).  This new
0020 implementation uses a single data structure to avoid this degradation
0021 with depth.  Fragmentation may still be an issue, however, in some
0022 scenarios.
0023
0024 Metadata is stored on a separate device from data, giving the
0025 administrator some freedom, for example to:
0026
0027 - Improve metadata resilience by storing metadata on a mirrored volume
0028   but data on a non-mirrored one.
0029
0030 - Improve performance by storing the metadata on SSD.
0031
0032 Status
0033 ======
0034
0035 These targets are considered safe for production use.  But different use
0036 cases will have different performance characteristics, for example due
0037 to fragmentation of the data volume.
0038
0039 If you find this software is not performing as expected please mail
0040 dm-devel@redhat.com with details and we'll try our best to improve
0041 things for you.
0042
0043 Userspace tools for checking and repairing the metadata have been fully
0044 developed and are available as 'thin_check' and 'thin_repair'.  The name
0045 of the package that provides these utilities varies by distribution (on
0046 a Red Hat distribution it is named 'device-mapper-persistent-data').
0047
0048 Cookbook
0049 ========
0050
0051 This section describes some quick recipes for using thin provisioning.
0052 They use the dmsetup program to control the device-mapper driver
0053 directly.  End users will be advised to use a higher-level volume
0054 manager such as LVM2 once support has been added.
0055
0056 Pool device
0057 -----------
0058
0059 The pool device ties together the metadata volume and the data volume.
0060 It maps I/O linearly to the data volume and updates the metadata via
0061 two mechanisms:
0062
0063 - Function calls from the thin targets
0064
0065 - Device-mapper 'messages' from userspace which control the creation of new
0066   virtual devices amongst other things.
0067
0068 Setting up a fresh pool device
0069 ------------------------------
0070
0071 Setting up a pool device requires a valid metadata device, and a
0072 data device.  If you do not have an existing metadata device you can
0073 make one by zeroing the first 4k to indicate empty metadata.
0074
0075     dd if=/dev/zero of=$metadata_dev bs=4096 count=1
0076
0077 The amount of metadata you need will vary according to how many blocks
0078 are shared between thin devices (i.e. through snapshots).  If you have
0079 less sharing than average you'll need a larger-than-average metadata device.
0080
0081 As a guide, we suggest you calculate the number of bytes to use in the
0082 metadata device as 48 * $data_dev_size / $data_block_size but round it up
0083 to 2MB if the answer is smaller.  If you're creating large numbers of
0084 snapshots which are recording large amounts of change, you may find you
0085 need to increase this.
0086
0087 The largest size supported is 16GB: If the device is larger,
0088 a warning will be issued and the excess space will not be used.
0089
0090 Reloading a pool table
0091 ----------------------
0092
0093 You may reload a pool's table, indeed this is how the pool is resized
0094 if it runs out of space.  (N.B. While specifying a different metadata
0095 device when reloading is not forbidden at the moment, things will go
0096 wrong if it does not route I/O to exactly the same on-disk location as
0097 previously.)
0098
0099 Using an existing pool device
0100 -----------------------------
0101
0102 ::
0103
0104     dmsetup create pool \
0105         --table "0 20971520 thin-pool $metadata_dev $data_dev \
0106                  $data_block_size $low_water_mark"
0107
0108 $data_block_size gives the smallest unit of disk space that can be
0109 allocated at a time expressed in units of 512-byte sectors.
0110 $data_block_size must be between 128 (64KB) and 2097152 (1GB) and a
0111 multiple of 128 (64KB).  $data_block_size cannot be changed after the
0112 thin-pool is created.  People primarily interested in thin provisioning
0113 may want to use a value such as 1024 (512KB).  People doing lots of
0114 snapshotting may want a smaller value such as 128 (64KB).  If you are
0115 not zeroing newly-allocated data, a larger $data_block_size in the
0116 region of 256000 (128MB) is suggested.
0117
0118 $low_water_mark is expressed in blocks of size $data_block_size.  If
0119 free space on the data device drops below this level then a dm event
0120 will be triggered which a userspace daemon should catch allowing it to
0121 extend the pool device.  Only one such event will be sent.
0122
0123 No special event is triggered if a just resumed device's free space is below
0124 the low water mark. However, resuming a device always triggers an
0125 event; a userspace daemon should verify that free space exceeds the low
0126 water mark when handling this event.
0127
0128 A low water mark for the metadata device is maintained in the kernel and
0129 will trigger a dm event if free space on the metadata device drops below
0130 it.
0131
0132 Updating on-disk metadata
0133 -------------------------
0134
0135 On-disk metadata is committed every time a FLUSH or FUA bio is written.
0136 If no such requests are made then commits will occur every second.  This
0137 means the thin-provisioning target behaves like a physical disk that has
0138 a volatile write cache.  If power is lost you may lose some recent
0139 writes.  The metadata should always be consistent in spite of any crash.
0140
0141 If data space is exhausted the pool will either error or queue IO
0142 according to the configuration (see: error_if_no_space).  If metadata
0143 space is exhausted or a metadata operation fails: the pool will error IO
0144 until the pool is taken offline and repair is performed to 1) fix any
0145 potential inconsistencies and 2) clear the flag that imposes repair.
0146 Once the pool's metadata device is repaired it may be resized, which
0147 will allow the pool to return to normal operation.  Note that if a pool
0148 is flagged as needing repair, the pool's data and metadata devices
0149 cannot be resized until repair is performed.  It should also be noted
0150 that when the pool's metadata space is exhausted the current metadata
0151 transaction is aborted.  Given that the pool will cache IO whose
0152 completion may have already been acknowledged to upper IO layers
0153 (e.g. filesystem) it is strongly suggested that consistency checks
0154 (e.g. fsck) be performed on those layers when repair of the pool is
0155 required.
0156
0157 Thin provisioning
0158 -----------------
0159
0160 i) Creating a new thinly-provisioned volume.
0161
0162   To create a new thinly- provisioned volume you must send a message to an
0163   active pool device, /dev/mapper/pool in this example::
0164
0165     dmsetup message /dev/mapper/pool 0 "create_thin 0"
0166
0167   Here '0' is an identifier for the volume, a 24-bit number.  It's up
0168   to the caller to allocate and manage these identifiers.  If the
0169   identifier is already in use, the message will fail with -EEXIST.
0170
0171 ii) Using a thinly-provisioned volume.
0172
0173   Thinly-provisioned volumes are activated using the 'thin' target::
0174
0175     dmsetup create thin --table "0 2097152 thin /dev/mapper/pool 0"
0176
0177   The last parameter is the identifier for the thinp device.
0178
0179 Internal snapshots
0180 ------------------
0181
0182 i) Creating an internal snapshot.
0183
0184   Snapshots are created with another message to the pool.
0185
0186   N.B.  If the origin device that you wish to snapshot is active, you
0187   must suspend it before creating the snapshot to avoid corruption.
0188   This is NOT enforced at the moment, so please be careful!
0189
0190   ::
0191
0192     dmsetup suspend /dev/mapper/thin
0193     dmsetup message /dev/mapper/pool 0 "create_snap 1 0"
0194     dmsetup resume /dev/mapper/thin
0195
0196   Here '1' is the identifier for the volume, a 24-bit number.  '0' is the
0197   identifier for the origin device.
0198
0199 ii) Using an internal snapshot.
0200
0201   Once created, the user doesn't have to worry about any connection
0202   between the origin and the snapshot.  Indeed the snapshot is no
0203   different from any other thinly-provisioned device and can be
0204   snapshotted itself via the same method.  It's perfectly legal to
0205   have only one of them active, and there's no ordering requirement on
0206   activating or removing them both.  (This differs from conventional
0207   device-mapper snapshots.)
0208
0209   Activate it exactly the same way as any other thinly-provisioned volume::
0210
0211     dmsetup create snap --table "0 2097152 thin /dev/mapper/pool 1"
0212
0213 External snapshots
0214 ------------------
0215
0216 You can use an external **read only** device as an origin for a
0217 thinly-provisioned volume.  Any read to an unprovisioned area of the
0218 thin device will be passed through to the origin.  Writes trigger
0219 the allocation of new blocks as usual.
0220
0221 One use case for this is VM hosts that want to run guests on
0222 thinly-provisioned volumes but have the base image on another device
0223 (possibly shared between many VMs).
0224
0225 You must not write to the origin device if you use this technique!
0226 Of course, you may write to the thin device and take internal snapshots
0227 of the thin volume.
0228
0229 i) Creating a snapshot of an external device
0230
0231   This is the same as creating a thin device.
0232   You don't mention the origin at this stage.
0233
0234   ::
0235
0236     dmsetup message /dev/mapper/pool 0 "create_thin 0"
0237
0238 ii) Using a snapshot of an external device.
0239
0240   Append an extra parameter to the thin target specifying the origin::
0241
0242     dmsetup create snap --table "0 2097152 thin /dev/mapper/pool 0 /dev/image"
0243
0244   N.B. All descendants (internal snapshots) of this snapshot require the
0245   same extra origin parameter.
0246
0247 Deactivation
0248 ------------
0249
0250 All devices using a pool must be deactivated before the pool itself
0251 can be.
0252
0253 ::
0254
0255     dmsetup remove thin
0256     dmsetup remove snap
0257     dmsetup remove pool
0258
0259 Reference
0260 =========
0261
0262 'thin-pool' target
0263 ------------------
0264
0265 i) Constructor
0266
0267     ::
0268
0269       thin-pool <metadata dev> <data dev> <data block size (sectors)> \
0270                 <low water mark (blocks)> [<number of feature args> [<arg>]*]
0271
0272     Optional feature arguments:
0273
0274       skip_block_zeroing:
0275         Skip the zeroing of newly-provisioned blocks.
0276
0277       ignore_discard:
0278         Disable discard support.
0279
0280       no_discard_passdown:
0281         Don't pass discards down to the underlying
0282         data device, but just remove the mapping.
0283
0284       read_only:
0285                  Don't allow any changes to be made to the pool
0286                  metadata.  This mode is only available after the
0287                  thin-pool has been created and first used in full
0288                  read/write mode.  It cannot be specified on initial
0289                  thin-pool creation.
0290
0291       error_if_no_space:
0292         Error IOs, instead of queueing, if no space.
0293
0294     Data block size must be between 64KB (128 sectors) and 1GB
0295     (2097152 sectors) inclusive.
0296
0297
0298 ii) Status
0299
0300     ::
0301
0302       <transaction id> <used metadata blocks>/<total metadata blocks>
0303       <used data blocks>/<total data blocks> <held metadata root>
0304       ro|rw|out_of_data_space [no_]discard_passdown [error|queue]_if_no_space
0305       needs_check|- metadata_low_watermark
0306
0307     transaction id:
0308         A 64-bit number used by userspace to help synchronise with metadata
0309         from volume managers.
0310
0311     used data blocks / total data blocks
0312         If the number of free blocks drops below the pool's low water mark a
0313         dm event will be sent to userspace.  This event is edge-triggered and
0314         it will occur only once after each resume so volume manager writers
0315         should register for the event and then check the target's status.
0316
0317     held metadata root:
0318         The location, in blocks, of the metadata root that has been
0319         'held' for userspace read access.  '-' indicates there is no
0320         held root.
0321
0322     discard_passdown|no_discard_passdown
0323         Whether or not discards are actually being passed down to the
0324         underlying device.  When this is enabled when loading the table,
0325         it can get disabled if the underlying device doesn't support it.
0326
0327     ro|rw|out_of_data_space
0328         If the pool encounters certain types of device failures it will
0329         drop into a read-only metadata mode in which no changes to
0330         the pool metadata (like allocating new blocks) are permitted.
0331
0332         In serious cases where even a read-only mode is deemed unsafe
0333         no further I/O will be permitted and the status will just
0334         contain the string 'Fail'.  The userspace recovery tools
0335         should then be used.
0336
0337     error_if_no_space|queue_if_no_space
0338         If the pool runs out of data or metadata space, the pool will
0339         either queue or error the IO destined to the data device.  The
0340         default is to queue the IO until more space is added or the
0341         'no_space_timeout' expires.  The 'no_space_timeout' dm-thin-pool
0342         module parameter can be used to change this timeout -- it
0343         defaults to 60 seconds but may be disabled using a value of 0.
0344
0345     needs_check
0346         A metadata operation has failed, resulting in the needs_check
0347         flag being set in the metadata's superblock.  The metadata
0348         device must be deactivated and checked/repaired before the
0349         thin-pool can be made fully operational again.  '-' indicates
0350         needs_check is not set.
0351
0352     metadata_low_watermark:
0353         Value of metadata low watermark in blocks.  The kernel sets this
0354         value internally but userspace needs to know this value to
0355         determine if an event was caused by crossing this threshold.
0356
0357 iii) Messages
0358
0359     create_thin <dev id>
0360         Create a new thinly-provisioned device.
0361         <dev id> is an arbitrary unique 24-bit identifier chosen by
0362         the caller.
0363
0364     create_snap <dev id> <origin id>
0365         Create a new snapshot of another thinly-provisioned device.
0366         <dev id> is an arbitrary unique 24-bit identifier chosen by
0367         the caller.
0368         <origin id> is the identifier of the thinly-provisioned device
0369         of which the new device will be a snapshot.
0370
0371     delete <dev id>
0372         Deletes a thin device.  Irreversible.
0373
0374     set_transaction_id <current id> <new id>
0375         Userland volume managers, such as LVM, need a way to
0376         synchronise their external metadata with the internal metadata of the
0377         pool target.  The thin-pool target offers to store an
0378         arbitrary 64-bit transaction id and return it on the target's
0379         status line.  To avoid races you must provide what you think
0380         the current transaction id is when you change it with this
0381         compare-and-swap message.
0382
0383     reserve_metadata_snap
0384         Reserve a copy of the data mapping btree for use by userland.
0385         This allows userland to inspect the mappings as they were when
0386         this message was executed.  Use the pool's status command to
0387         get the root block associated with the metadata snapshot.
0388
0389     release_metadata_snap
0390         Release a previously reserved copy of the data mapping btree.
0391
0392 'thin' target
0393 -------------
0394
0395 i) Constructor
0396
0397     ::
0398
0399         thin <pool dev> <dev id> [<external origin dev>]
0400
0401     pool dev:
0402         the thin-pool device, e.g. /dev/mapper/my_pool or 253:0
0403
0404     dev id:
0405         the internal device identifier of the device to be
0406         activated.
0407
0408     external origin dev:
0409         an optional block device outside the pool to be treated as a
0410         read-only snapshot origin: reads to unprovisioned areas of the
0411         thin target will be mapped to this device.
0412
0413 The pool doesn't store any size against the thin devices.  If you
0414 load a thin target that is smaller than you've been using previously,
0415 then you'll have no access to blocks mapped beyond the end.  If you
0416 load a target that is bigger than before, then extra blocks will be
0417 provisioned as and when needed.
0418
0419 ii) Status
0420
0421     <nr mapped sectors> <highest mapped sector>
0422         If the pool has encountered device errors and failed, the status
0423         will just contain the string 'Fail'.  The userspace recovery
0424         tools should then be used.
0425
0426     In the case where <nr mapped sectors> is 0, there is no highest
0427     mapped sector and the value of <highest mapped sector> is unspecified.