[Users] ploop mount question

Kir Kolyshkin kir at openvz.org
Wed Mar 30 12:06:40 PDT 2016 

Hi Simon,

First, please use users@ mailing list for further communication. The 
rationale behind this
is pretty simple, let me explain.

In most of the software projects, a number of users is way higher than 
the number of
developers. Similarly, a number of people who can ask questions is way 
higher than
the number of people who can answer (developers plus seasoned users). 
Therefore,
using 1:1 interaction between people in these two groups is not 
scalable; in other words,
the "answer" people could not cover all the questions.

Tools such as mailing lists (and any other way of public communication, 
like wikis,
IRC (with logs), forums, social networks, question/answer sites like 
stackoverflow
and so on, together with search tools like Google) helps to mitigate 
this problem.

That is why I am again ccing users AT openvz.org list and again ask you 
to post
your questions to the list, so other people can benefit from my answers, 
not just you.
It's also a win for you, as other people can contribute answers, not 
just me, or
review and correct my answers.

Anyway, please subscribe to and use users@ mailing list
(https://lists.openvz.org/mailman/listinfo/users), and see my answers below.

On 03/29/2016 11:22 PM, Simon Choucroun wrote:
> Hi Kir,
>
> Thanks for the suggestions! I was able to mount with nosuid,noexec 
> with your instructions.
>
> I am contacting you again today because i think i may have found a 
> small bug with ploop.
>
> My script basically generates a ploop device with the ploop init 
> command. It then keeps the ploop device id and i use that to remount 
> at reboot. However i have noticed that my mounts are not working at 
> reboot due to the fact that everytime i use ploop mount , the ploop 
> device id is randomly generated.

The assumption that the device name is persistent is incorrect. You 
should always obtain
a device name from the output of 'ploop mount' (or use other means to 
discover it).

>
> I tried setting the name manually with ploop mount -d 
> /dev/ploopstaging3 but it fails.

I believe this is no longer supported (and might need to be removed).

>
> Another issue i discovered:
>
> When creating a new ploop device with the ploop init command, it 
> finishes by unmounting /dev/ploopID
> However, it does not seem to actually unmount it.  Also, if i then do 
> a ploop mount command,
> it keeps the same ploop id and does not generate a new random ID

This makes sense to me.

>
> Please see commands below:
>
> *ploop init -s 500g -t ext4 /mounts/staging3/staging3.hdd*
>
> *Results*:
>
> Creating delta /mounts/staging3/staging3.hdd bs=2048 size=1048576000 
> sectors v2
> Adding snapshot {5fbaabe3-6958-40ff-92a7-860e329aab41}
> Storing /mounts/staging3/DiskDescriptor.xml
> Opening delta /mounts/staging3/staging3.hdd
> Adding delta dev=/dev/ploop48321 img=/mounts/staging3/staging3.hdd (rw)
> Running: parted -s /dev/ploop48321 mklabel gpt mkpart primary 1048576b 
> 536869863423b
> Running: mkfs -t ext4 -j -b4096 
> -Eresize=4294967295,lazy_itable_init=1,lazy_journal_init=1 -Jsize=128 
> -i16384 /dev/ploop48321p1
> Running: mkfs -t ext4 -j -b4096 -Eresize=4294967295,lazy_itable_init=1 
> -Jsize=128 -i16384 /dev/ploop48321p1
> mke2fs 1.41.12 (17-May-2010)
> Discarding device blocks: done
> Filesystem label=
> OS type: Linux
> Block size=4096 (log=2)
> Fragment size=4096 (log=2)
> Stride=1 blocks, Stripe width=0 blocks
> 32768000 inodes, 131071488 blocks
> 6553574 blocks (5.00%) reserved for the super user
> First data block=0
> Maximum filesystem blocks=4294967296
> 4000 block groups
> 32768 blocks per group, 32768 fragments per group
> 8192 inodes per group
> Superblock backups stored on blocks:
>     32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 
> 2654208,
>     4096000, 7962624, 11239424, 20480000, 23887872, 71663616, 78675968,
>     102400000
>
> Writing inode tables: done
> Creating journal (32768 blocks): done
> Writing superblocks and filesystem accounting information: done
>
> This filesystem will be automatically checked every 35 mounts or
> 180 days, whichever comes first.  Use tune2fs -c or -i to override.
> Running: /sbin/tune2fs -ouser_xattr,acl -c0 -i0 -eremount-ro 
> /dev/ploop48321p1
> tune2fs 1.41.12 (17-May-2010)
> Setting maximal mount count to -1
> Setting error behavior to 2
> Setting interval between checks to 0 seconds
> Creating balloon file .balloon-c3a5ae3d-ce7f-43c4-a1ea-c61e2b4504e8
> Mounting /dev/ploop48321p1 at /mounts/staging3/staging3.hdd.mnt 
> fstype=ext4 data=''
> Unmounting device /dev/ploop48321
>
> *ls /dev/ploop**
> /dev/ploop48321  /dev/ploop48321p1
>
> *ploop umount -d /dev/ploop48321*
> Unmounting device /dev/ploop48321
>
> *ls /dev/ploop**
> /dev/ploop48321

I don't see any issue with this either. The device is in stopped state, 
and might be reused.

# cat /sys/block/ploop35205/pstate/running
0
# ls /sys/block/ploop35205/pdelta/
(nothing)
#

>
>
> On 2016-03-22 12:52 AM, Kir Kolyshkin wrote:
>> On 03/21/2016 06:58 PM, Simon Choucroun wrote:
>>> Hi Kir,
>>>
>>> Sorry to e-mail you , I know that you must be really busy with VZ 
>>> and CRIU these days but i am looking for a solution and have looked 
>>> everywhere without any concrete answer, maybe you can help.
>>>
>>> I am trying to create a internal product that is using ploop as the 
>>> device image( much better than loop!)
>>>
>>> The issue i am having is that i am trying to mount the ploop image 
>>> with noexec,nosuid for enhanced security. When i pass it to the -o 
>>> parameter, it is erroring out.
>>>
>>> ploop mount -o nosuid,noexec -m /backup/staging 
>>> /mounts/staging/DiskDescriptor.xml
>>>
>>> I also checked the documentation for ploop but unfortunately, there 
>>> is no option explanation or example for the -o flag.
>>
>> Hi Simon,
>>
>> The value of the -o option is passed directly to the mount() syscall, 
>> as the "data"
>> argument, and it might contain some fs-specific options. Here's an 
>> excerpt from
>> mount(2) man page:
>>
>>        The  data argument is interpreted by the different file 
>> systems.  Typi-
>>        cally it is a string of comma-separated options understood by 
>> this file
>>        system.   See  mount(8)  for  details of the options available 
>> for each
>>        filesystem type.
>>
>> Now, options MS_NOEXEC and MS_NOSUID are not fs-specific but generic.
>> Unfortunately, currently there's no way to pass those to ploop command
>> (although it's relatively easy to add).
>>
>> A workaround would be to mount ploop as device only, and then use 
>> usual "mount"
>> command to actually mount the fs. Example:
>>
>> [root at tpad-ovz1 root.hdd]# ploop mount DiskDescriptor.xml
>> Opening delta /vz/private/202/root.hdd/root.hdd
>> Adding delta dev=/dev/ploop32746 
>> img=/vz/private/202/root.hdd/root.hdd (rw)
>>
>> [root at tpad-ovz1 root.hdd]# mount -o noexec,nosuid /dev/ploop32746p1 mnt
>>
>> As you can see, you need to figure out the ploop device (and add p1 
>> to it for a partition).
>> You can figure it out by e.g. parsing the output of "ploop mount" or 
>> "ploop list".
>>
>> Let me know if you have any more questions, and I am Ccing users@ 
>> list as there
>> might be some people who are also interested in that.
>>
>> Kir.
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openvz.org/pipermail/users/attachments/20160330/50a2a7b3/attachment.html>

More information about the Users mailing list