spec icon indicating copy to clipboard operation
spec copied to clipboard

Published 20 hours ago verified publisher icon container-storage-interface

CreateVolume with snapshot volume source races with DeleteSnapshot

Open gman0 opened this issue 3 years ago • 1 comments

DeleteSnapshot may be called while that snapshot is in use as a volume source in a concurrent CreateVolume call, creating a race condition.

COs should be instructed how to deal with various situations when these two calls interact. Specifically, CO must block all CreateVolume calls with a snapshot volume source while that snapshot is being deleted, and vice versa - it must block all DeleteSnapshot calls while that snapshot is being used as a volume source in a CreateVolume call.

Is this something that belongs to the CSI spec? The snapshot controller in Kubernetes already does this, and attempting to delete such snapshots defers their deletion until the CreateVolume call(s) in question finish processing the request. I think it would be best to make this (or similar) behavior official by having it stated explicitly in the spec.

gman0 avatar Oct 08 '21 13:10 gman0

https://github.com/container-storage-interface/spec/blob/master/spec.md#concurrency

.. general guidance above. Could probably be clarified with respect to snapshots.

On Fri, Oct 8, 2021, 9:37 AM Róbert Vašek @.***> wrote:

DeleteSnapshot may be called while that snapshot is in use as a volume source in a concurrent CreateVolume call, creating a race condition.

COs should be instructed how to deal with various situations when these two calls interact. Specifically, CO must block all CreateVolume calls with a snapshot volume source while that snapshot is being deleted, and vice versa - it must block all DeleteSnapshot calls while that snapshot is being used as a volume source in a CreateVolume call.

Is this something that belongs to the CSI spec? The snapshot controller in Kubernetes already does this, and attempting to delete such snapshots defers their deletion until the CreateVolume call(s) in question finish processing the request. I think it would be best to make this (or similar) behavior official by having it stated explicitly in the spec.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/container-storage-interface/spec/issues/493, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAR5KLCFR6Y4REYP44KVTHLUF3XYNANCNFSM5FTUSEGA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

jdef avatar Oct 08 '21 13:10 jdef