Re: [nfsv4] disposition of inflight NFSv4.1 operations when a session or client ID is destroyed
<david.noveck@emc.com> Thu, 14 October 2010 10:41 UTC
Return-Path: <david.noveck@emc.com>
X-Original-To: nfsv4@core3.amsl.com
Delivered-To: nfsv4@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0C1E13A67A7 for <nfsv4@core3.amsl.com>; Thu, 14 Oct 2010 03:41:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.677
X-Spam-Level:
X-Spam-Status: No, score=-6.677 tagged_above=-999 required=5 tests=[AWL=-0.078, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2F35ofZy93-t for <nfsv4@core3.amsl.com>; Thu, 14 Oct 2010 03:41:09 -0700 (PDT)
Received: from mexforward.lss.emc.com (mexforward.lss.emc.com [128.222.32.20]) by core3.amsl.com (Postfix) with ESMTP id 6CDC63A6868 for <nfsv4@ietf.org>; Thu, 14 Oct 2010 03:41:09 -0700 (PDT)
Received: from hop04-l1d11-si02.isus.emc.com (HOP04-L1D11-SI02.isus.emc.com [10.254.111.55]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id o9EAgP7R013546 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 14 Oct 2010 06:42:25 -0400
Received: from mailhub.lss.emc.com (mailhub.lss.emc.com [10.254.222.226]) by hop04-l1d11-si02.isus.emc.com (RSA Interceptor); Thu, 14 Oct 2010 06:42:20 -0400
Received: from corpussmtp3.corp.emc.com (corpussmtp3.corp.emc.com [10.254.169.196]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id o9EAfrEn008997; Thu, 14 Oct 2010 06:41:54 -0400
Received: from CORPUSMX50A.corp.emc.com ([128.221.62.41]) by corpussmtp3.corp.emc.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 14 Oct 2010 06:41:54 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 14 Oct 2010 06:41:52 -0400
Message-ID: <BF3BB6D12298F54B89C8DCC1E4073D80028515CB@CORPUSMX50A.corp.emc.com>
In-Reply-To: <9a0c3fae91b577f987b0209ac1b91753.squirrel@webmail.eisler.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [nfsv4] disposition of inflight NFSv4.1 operations when a session or client ID is destroyed
Thread-Index: ActrJ/QPOEI3LPXdR6Ss6zduYsqnlQAXd15Q
References: <9a0c3fae91b577f987b0209ac1b91753.squirrel@webmail.eisler.com>
From: david.noveck@emc.com
To: mre-ietf@eisler.com, nfsv4@ietf.org
X-OriginalArrivalTime: 14 Oct 2010 10:41:54.0547 (UTC) FILETIME=[6B07FC30:01CB6B8C]
Subject: Re: [nfsv4] disposition of inflight NFSv4.1 operations when a session or client ID is destroyed
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/nfsv4>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Oct 2010 10:41:11 -0000
This issue has been vaguely alluded to before but there is no previous that actually tackles it. Your message is not a dup. I don't see how a client can go on without the assurance that operations started under a previous session or clientid, cannot just start up again and screw up any assumptions you are making. The protocol is designed so that if such messages were stuck in the network, they would be discarded. To me, the fact that this issue is not mentioned for operations in-process on the server is just a plain oversight. I'd fix it via the errata mechanism. This oversight is clearly either your fault or my fault or Spencer's fault. We could have a big finger-pointing session in Beijing :-). Or we could go have a drink and celebrate the fact that instances of this sort of oversight have been pretty small given the size and complexity of the spec. I vote for the latter. If this is judged too big/substantive for the errata mechanism, then I would favor the capability as second best. But the question is what do you say about clients and servers that don't provide this. The following is what I would want to, but couldn't, say: "Those writing clients that do not set this bit or that are allowed to interact with servers that don't set it, should immediately contact a mental health professional." > Another question is, even if you think the server MUST > abort/wait for in-flight requests, does your NFSv4.1 server > do that? I don't know. I intend to find out. The fact that this is not mentioned in RFC5661 does raise the chances that implementations did not address this. While, once you raise the question, the answer should be clear, someone asked to implement the spec might very well not think of this issue. So this gives rise to another reason for the capability bit. It creates the occasion for someone to really look at the implementation and decide to say "we have this Halloween server and if you dig being afraid of weird protocol interactions with dead sessions or server instances, this is for you." or "we've looked at this and you can relax. No need to take anxiolytic drugs.", presumably making whatever fixes are necessary to be able to make the second choice. -----Original Message----- From: nfsv4-bounces@ietf.org [mailto:nfsv4-bounces@ietf.org] On Behalf Of Mike Eisler Sent: Wednesday, October 13, 2010 6:41 PM To: nfsv4@ietf.org Subject: [nfsv4] disposition of inflight NFSv4.1 operations when a session or client ID is destroyed Apologies if this is a dup. What do people think should happen to operations that are in flight when DESTROY_SESSION kills a session or EXCHANGE_ID/CREATE_SESSION causes an existing client ID to be destroyed (thus destroying the sessions of s previous client instance)? - Undefined, or - Server MUST abort or wait for in flight operations to complete The internet-draft Margaret Susairaj and I wrote proposes a new capability to EXCHANGE_ID to ensure that the latter happens. See http://www.ietf.org/id/draft-eisler-nfsv4-enterprise-apps-00.txt . Excerpt from the I-D: A client MAY request the EXCHGID4_FLAG_SUPP_FENCE_OPS capability when it sends an EXCHANGE_ID operation. The server MAY set this capability in the EXCHANGE_ID request whether the client requests it or not. If the client ID is created with this capability then the following will occur: o The server will not reply to DESTROY_SESSION until all operations in progress are completed or aborted. o The server will not reply to subsequent EXCHANGE_ID invoked on the same Client Owner with a new verifier until all operations in progress on the Client ID's session are completed or aborted. o When DESTROY_CLIENTID is invoked, if there are sessions (both idle and non-idle), opens, locks, delegations, layouts, and/or wants (Section 18.49) associated with the client ID are removed. Pending operations will be completed or aborted before the sessions, opens, locks, delegations, layouts, and/or wants are deleted. o The NFS server SHOULD support client ID trunking, and if it does and the EXCHGID4_FLAG_SUPP_FENCE_OPS capability is enabled, then a session ID created on one node of the storage cluster MUST be destroyable via DESTROY_SESSION. In addition, DESTROY_CLIENTID and an EXCHANGE_ID with a new verifier affects all sessions regardless what node the sessions were created on. ======================================================= But it raises the question if this is necessary. Another question is, even if you think the server MUST abort/wait for inflight requests, does your NFSv4.1 server do that? -- Mike Eisler, Senior Technical Director, CR & NFS +1 719 599 9026 - blogs.netapp.com/eislers_nfs_blog/ _______________________________________________ nfsv4 mailing list nfsv4@ietf.org https://www.ietf.org/mailman/listinfo/nfsv4
- [nfsv4] disposition of inflight NFSv4.1 operation… Mike Eisler
- Re: [nfsv4] disposition of inflight NFSv4.1 opera… david.noveck
- Re: [nfsv4] disposition of inflight NFSv4.1 opera… J. Bruce Fields