Fair points, thanks for the input. Cheers Alex
-----Original Message----- From: Wido den Hollander <w...@widodh.nl.INVALID> Sent: Thursday, June 6, 2024 4:38 PM To: dev@cloudstack.apache.org; Wei ZHOU <ustcweiz...@gmail.com> Cc: Wei Zhou <wei.z...@shapeblue.com>; Abhisar Sinha <abhisar.si...@shapeblue.com>; us...@cloudstack.apache.org Subject: Re: [Proposal] Storage Filesystem as a First Class Feature Op 06/06/2024 om 11:26 schreef Wei ZHOU: >> @Wei Zhou If the network into which the StorageVM runs IPv6 (as per your >> implementation of IPv6) it should automatically get an IPv6 IP, correct? > > yes,it should get Ipv6 addr advertised by cloudstack VR. @Alexblue.com > we need to make sure IPv6 is enabled in the storagefs vm (Ipv6 is > disabled by default in systemvm template as far as I know), and proper > firewall rules are applied. Don't forget that you also need to make sure that your NFS /etc/exports file contains the IPv6 addresses of VMs who want to mount it. Otherwise it still doesn't work. > >> @Wido den Hollander @Wei ZhouHow much effort do you guys thing it would it >> take to add support to VirtioFS? I'm not super aware of it, what would the >> benefits be? (I've quickly looked at Wido's links, but I rather get info >> from you guys directly). > I see the benefits . However I do not know a strong use case of it. > maybe @wido can advise ? I haven't used it before because the support in Qemu + Libvirt is fairly new. The main benefit is that the end-user never has access to the NAS or storage network. The VM doesn't know if it's NFS or CephFS underneath, it simply has a filesystem. This takes away a lot of configuration inside the VM or needed software (CephFS drivers). It adds additional security since the VM doesn't need to be able to talk to the storage device(s), only the hypervisors do this. In the future Virtio-FS maybe gets support for rate limiting or other features. I personally think this is the way forward. I would at least make sure it's understood that it exists and the code already takes this into account without making it a proper implementation from day one. You would need to mount the FS on the hypervisor and then re-export it to the VM. This requires hooks to be executed for example. Wido > > On Thu, Jun 6, 2024 at 11:01 AM Alex Mattioli > <alex.matti...@shapeblue.com> wrote: >> >> >> @Wei Zhou If the network into which the StorageVM runs IPv6 (as per your >> implementation of IPv6) it should automatically get an IPv6 IP, correct? >> >> @Wido den Hollander @Wei ZhouHow much effort do you guys thing it would it >> take to add support to VirtioFS? I'm not super aware of it, what would the >> benefits be? (I've quickly looked at Wido's links, but I rather get info >> from you guys directly). >> >> Cheers >> Alex >> >> >> >> >> -----Original Message----- >> From: Wei ZHOU <ustcweiz...@gmail.com> >> Sent: Thursday, June 6, 2024 10:50 AM >> To: dev@cloudstack.apache.org >> Cc: Abhisar Sinha <abhisar.si...@shapeblue.com> >> Subject: Re: [Proposal] Storage Filesystem as a First Class Feature >> >> Hi Wido, >> >> Thanks for your feedback. >> >> It is a great idea to support virtio-fs. We could add VIRTIOFS as a valid >> value of enum ExportProtocol, and implement it in a separate plugin in the >> future. >> Have you tested virtio-fs before ? Could you share more info if possible? >> - is it supported by libvirt-java ? >> - does it support hot plug or hot unplug ? >> >> I agree with you that we should consider IPv6 (ip and firewall rules) in >> storagefs vm. >> cc abhisar.si...@shapeblue.com >> >> >> Kind regards, >> Wei >> >> On Thu, Jun 6, 2024 at 6:43 AM Wido den Hollander <w...@widodh.nl.invalid> >> wrote: >>> >>> >>> >>> Op 04/06/2024 om 06:04 schreef Abhisar Sinha: >>>> Hi, >>>> >>>> I would like to propose supporting storage filesystem as a first-class >>>> feature in Cloudstack. >>>> The File Share can be associated with one or more guest networks or vpc >>>> tiers and can be used by any VM on the network in a shared manner. It is >>>> designed to be resizable and highly available. This feature can later be >>>> used as integration endpoints with the CSI driver, go-sdk, Terraform, >>>> Ansible and others. >>>> >>>> The draft functional spec is here : >>>> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Storage+File >>>> s >>>> ystem+as+a+First+Class+Feature >>>> >>>> Looking forward to your comments and suggestions. >>>> >>> >>> I think this is great! Especially the Storage VM. Few things to keep >>> in >>> mind: >>> >>> - Have we thought about passthrough of FileSystems coming from the >>> HV and being passed through to the VM [0] >>> - The StorageFsVm, can we make sure it supports IPv6 from the start, >>> best would be if it. Make sure all the code at least supports this >>> for ACLs and such. The VM itself should obtain an IPv6 address when >>> possible and open the proper ports in it's firewall >>> >>> Wido >>> >>> [0]: >>> - https://virtio-fs.gitlab.io/ >>> - https://chrisirwin.ca/posts/sharing-host-files-with-kvm/ >>> >>> >>>> Thanks, >>>> Abhisar >>>> >>>> >>>> >>>>
