fix(vdsnapshot): resolve fsfreeze race condition #1668
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
hardcoretime
force-pushed
the
fix/vdsnapshot/freeze-request-race-condition
branch
12 times, most recently
from
6918581 to
04b73ba
Compare
added 16 commits
November 14, 2025 15:52
Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
Use kvvmi status instead of vm. Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
hardcoretime
force-pushed
the
fix/vdsnapshot/freeze-request-race-condition
branch
from
dffed0c to
9065409
Compare
hardcoretime
requested review from
Isteb4k,
fl64 and
yaroslavborbat
as code owners
Isteb4k
requested changes
Nov 14, 2025
images/virtualization-artifact/pkg/controller/service/snapshot_service.go
Show resolved
Hide resolved
|
|
||
| filesystemFrozen, _ := conditions.GetCondition(vmcondition.TypeFilesystemFrozen, vm.Status.Conditions) | ||
| if _, ok := kvvmi.Annotations[annotations.AnnVMFilesystemFrozenRequest]; ok { | ||
| return false, fmt.Errorf("failed to check %s/%s fsFreezeStatus: %w", kvvmi.Namespace, kvvmi.Name, ErrUntrustedFilesystemFrozenCondition) |
Contributor
There was a problem hiding this comment.
Let’s add to the error which exact value was found in the annotation
images/virtualization-artifact/pkg/controller/service/snapshot_service.go
Show resolved
Hide resolved
images/virtualization-artifact/pkg/controller/service/snapshot_service.go
Show resolved
Hide resolved
| if vm != nil && vm.Status.Phase != v1alpha2.MachineStopped && !isFSFrozen { | ||
| canFreeze, err := h.snapshotter.CanFreeze(ctx, kvvmi) | ||
| if err != nil { | ||
| if errors.Is(err, service.ErrUntrustedFilesystemFrozenCondition) { |
Contributor
There was a problem hiding this comment.
If the kvvmi is fetched from the cache once for all functions (in GetKubeVirtVirtualMachineInstance), then there’s no point in checking for Untrusted every time. You already checked that at the very beginning in SyncFSFreezeRequest on line 173.
At this stage of the handler’s processing, such an error should no longer occur. This means it’s an unexpected case that should be handled as an internal error (return reconcile.Result{}, err)
| } else { | ||
| switch { | ||
| case vm == nil, vm.Status.Phase == v1alpha2.MachineStopped: | ||
| if vdSnapshot.Status.Consistent == nil || !*vdSnapshot.Status.Consistent { |
Contributor
There was a problem hiding this comment.
Just if vdSnapshot.Status.Consistent == nil {. No need to overwrite *vdSnapshot.Status.Consistent if it has already been set.
| case vm == nil, vm.Status.Phase == v1alpha2.MachineStopped: | ||
| if vdSnapshot.Status.Consistent == nil || !*vdSnapshot.Status.Consistent { | ||
| vdSnapshot.Status.Consistent = ptr.To(true) | ||
| return reconcile.Result{RequeueAfter: 2 * time.Second}, nil |
Contributor
There was a problem hiding this comment.
Let’s add a comment explaining why reconciliation is needed here and what problem it helps prevent
| Message(service.CapitalizeFirstLetter(err.Error() + ".")) | ||
| } | ||
|
|
||
| func (h LifeCycleHandler) unfreezeFilesystemIfFailed(ctx context.Context, vdSnapshot *v1alpha2.VirtualDiskSnapshot) error { |
Contributor
There was a problem hiding this comment.
The function should be removed. Instead of it, we should use unfreezeFilesystem.
| } | ||
| return reconcile.Result{}, err | ||
| } | ||
| } else { |
Contributor
There was a problem hiding this comment.
Terrible cyclomatic complexity
Contributor
There was a problem hiding this comment.
This way is much simpler:
if vdSnapshot.Status.Consistent == nil {
if vm == nil || vm.Status.Phase == v1alpha2.MachineStopped || isFSFrozen {
vdSnapshot.Status.Consistent = ptr.To(true)
return reconcile.Result{RequeueAfter: 2 * time.Second}, nil
}
if vdSnapshot.Spec.RequiredConsistency {
err = fmt.Errorf("virtual disk snapshot is not consistent because the virtual machine %s has not been stopped or its filesystem has not been frozen", vm.Name)
setPhaseConditionToFailed(cb, &vdSnapshot.Status.Phase, err)
return reconcile.Result{}, err
}
}
err = h.unfreezeFilesystem(ctx, vdSnapshot.Name, vm, kvvmi)
if err != nil {
if k8serrors.IsConflict(err) {
return reconcile.Result{RequeueAfter: 5 * time.Second}, nil
}
return reconcile.Result{}, err
}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Why do we need it, and what problem does it solve?
Sometimes, when the virtual disk snapshot controller creates a batch of snapshots with required consistency, a race condition in the freeze or unfreeze filesystem operation can cause an inconsistent snapshot. To prevent this, the KubeVirt virtual machine instance is now annotated with a "freeze" or "unfreeze" request, and the service checks that the type of this request matches the
fsFreezeStatus. ThefsFreezeStatusis considered trusted only if it matches the request type.What is the expected result?
Snapshots with required consistency now execute without race conditions in the filesystem freeze process.
Checklist
Changelog entries