Re: [PATCH] bonding: Prevent deletion of a bond, or the last slave from a bond, with active usage.

From: Jiri Pirko
Date: Fri Sep 09 2016 - 02:38:12 EST


Thu, Sep 08, 2016 at 06:32:02PM CEST, jasminder.kaur@xxxxxxx wrote:
>> The issue of interfaces being arbitrarily changed or deleted is not specific to bonding, and could affect any networking device (physical or virtual). Thus, if a facility such as this is to be provided, it should be generic, not specific to bonding.
>
>>
>
>>
>
>>
>
>> Separately, I'm not sure I see the value of such an option.
>
>>
>
>>Other than administrator error, I'm not sure when bonds (or other
>
>>
>
>>interfaces) would be randomly deleted. Are you seeing that happening?
>
>>
>
>>
>
>>
>
>> Also, this patch does not prevent other errors or malicious change, e.g., "ip link set bondX down" or "ip addr del 1.2.3.4/24" would still cause the service disruption you're trying to avoid.
>
>>
>
>>
>
>>
>
>> And, lastly, what Jiri said: use netlink for new bonding functionality, not sysfs.
>
>>
>
>
>
>Re-sending my response as per Jiri's input to avoid top-posting.. Hope this is fine.
>
>
>
>Hi Jay, Hi Jiri,
>
>
>
>Thank you for your inputs.
>
>
>
>Some of the requests we got for such preventive checks are from Admins working on large scale up systems with multiple NICs, FlexNICs and IP addresses.
>
>Â One use case for these checks is to give an alert, in case of any accidental removals owing to operator errors on large configurations.
>
>Â Another use case is during online maintenance activities such as dynamic patching or a driver load/unload operation. Admin's would
>
>shut down applications and delete affected interfaces before unload of a driver. They would prefer to get an alert during delete operation
>
>in case some usages linger around.


If admin is stupid and shoots himself in a foot, it's his problem.
Kernel's work is not to babysit him.

Stop wasting the time.


>
>Such alerts are more useful in Cluster configurations, Network Attached Storage( NAS) configurations, VM configurations with Guests, etc.
>
>
>
>So these were mainly the situations that prompted us to add such checks in delete paths.
>
>True these checks are not comprehensive for all use cases, we would like to extend this if it can cover more scenarios.
>
>
>
>sysfs based use cases were the ones we noticed for bond/slave configurations. Do you suggest other CLI's such as âip linkâ is more commonly used ?
>
>Possibly if these checks are rearranged a bit in code, multiple such CLI interfaces can be covered ? Please let us know.
>
>
>
>Thanks & Regards,
>
>Jasminder
>
>
>
>
>
>
>
>