Bug#989462: About bumping Vagrant box disk image to 1TB

To: Emmanuel Kasper <manu@debian.org>, 989462@bugs.debian.org, Jochen Sprickerhof <jochen@sprickerhof.de>, Michael Pöhn <michael.poehn@fsfe.org>
Subject: Bug#989462: About bumping Vagrant box disk image to 1TB
From: Hans-Christoph Steiner <hans@eds.org>
Date: Fri, 21 Jan 2022 12:03:12 +0100
Message-id: <[🔎] aad8558a-d1b6-0cdd-d2be-bbfc53561d40@eds.org>
Reply-to: Hans-Christoph Steiner <hans@eds.org>, 989462@bugs.debian.org
In-reply-to: <[🔎] 2a772525-262d-65b4-e66c-a3de30354091@debian.org>
References: <[🔎] 2a772525-262d-65b4-e66c-a3de30354091@debian.org> <a4046474-9004-fc5e-2cc8-6d264d8ca678@eds.org>


Emmanuel Kasper:

I did some testing around
https://salsa.debian.org/cloud-team/debian-vagrant-images/-/tree/1TBv2
(not merged in master yet) and I am still reluctant to merge the branch.
I am OK to bump the default disk size to something like 40GB but not to 1TB.

The problem with the disk size of 1TB is as such: when you do a lot of
write / erase cycles, the deletion of blocks is not propagated to the
qcow2 backing disk image, so even though the OS in the VM reports only
2GB of block usage, the disk image could grow to 1TB, without the user
knowing it.

Yeah, I also thought about that. Would it be possible to ship the images with adisk/partition size of 1TB but keep a filesystem size of 20GB? It is easy toexpand the filesystem as needed. The hard part is expanding the disk/partitionsize.

I could reproduce this behavior running `fio` in the guest in a loop.
I find this behavior dangerous.

At that point I see three possibilities:
- you add to your pull request a change of the virtualized disk
controller from virtio-blk to virtio-scsi and to the default libvirt
vagrantfile the "unmap" option so that deletion of blocks in the guest
are propagated om host storage

This sounds like the ideal solution. I have no idea how much work it would be.Do you?

- you're fine with a disk image size of 40, or let's say 80GB

Chromium builds can take more than 100GB, so either of those would mean we stillneed to make our own basebox.

- you use a shared folder for the builds. I just noticed vagrant-libvirt
has also support for virtio-fs which according to its author has native
host performance. If they are security concerns, let's discuss that in
details and involve upstream if needed. virtio-fs is mature enough that
it's use in production for Kata Containers in Kubernetes and OpenShift
Sandboxed containers in the Red Hat Kubernetes offering.

We like the security isolation of throwing away all things that the buildprocess has written to, so this option is less appealing, though perhapsworkable. It there was a host-controlled method of resetting the virtio-fs to aprevious snapshot, then it could work.

.hc

Reply to:

References:
- Bug#989462: About bumping Vagrant box disk image to 1TB
  - From: Emmanuel Kasper <manu@debian.org>

Prev by Date: Bug#989462: About bumping Vagrant box disk image to 1TB
Next by Date: Cloud team plans for cloud-hosted mirrors
Previous by thread: Bug#989462: About bumping Vagrant box disk image to 1TB
Next by thread: Cloud team plans for cloud-hosted mirrors
Index(es):
- Date
- Thread