Implement VM snapshots (#379)

* Problem: Instances loose data between nodes, so we need a way to handle and share this data.

Feature: Implement VM snapshots that will be managed independently.

* Fix: Added some refactor for snapshots and handled some errors.

* Fix: Split snapshot class in two.

* Fix: Make it work well with threads and asyncio.

* Fix: Added code improvements with threading and fixed PR comments.

* Fix: Fixed check_disk method error.

* Fix: Fixed more snapshot errors with multithreading

* Fix: CI for Ubuntu was failing too often because of apt/dpkg locks (#380)

Problem: the CI is looking for only one lock file, but apt/dpkg use several. Furthermore, `lslocks --json` seems to cut its output to a specific width, and configuration options (`--notruncate`) do not appear to have an impact.

Solution: repeat calls to apt-get update until we get the lock. This is not perfect but increases the rate of success.

* Create Ubuntu rootfs (#370)

Updated creation script to create a BTRFS image of Ubuntu filesystem.

* Fix: Use SDK version 0.7.0 (#371)

* Support BTRFS filesystem for instances (#373)

Added support for BTRFS to execute a VM instance.

* Feature: Delete old snapshots after do a new one.

* add dependency to python3-schedule

* Fix latest_snapshot attribute error

* default snapshot frequency 1 hour

---------

Co-authored-by: Olivier Desenfans <[email protected]>
Co-authored-by: Hugo Herter <[email protected]>
Co-authored-by: Andres D. Molins <[email protected]>

Author: 4 people

packaging/aleph-vm/DEBIAN/control

@@ -3,6 +3,6 @@ Version: 0.1.8
 Architecture: all
 Maintainer: Aleph.im
 Description: Aleph.im VM execution engine
-Depends: python3,python3-pip,python3-aiohttp,python3-msgpack,python3-aiodns,python3-alembic,python3-sqlalchemy,python3-setproctitle,redis,python3-aioredis,python3-psutil,sudo,acl,curl,systemd-container,squashfs-tools,debootstrap,python3-packaging,python3-cpuinfo,python3-nftables,python3-jsonschema,cloud-image-utils,ndppd,python3-yaml,python3-dotenv
+Depends: python3,python3-pip,python3-aiohttp,python3-msgpack,python3-aiodns,python3-alembic,python3-sqlalchemy,python3-setproctitle,redis,python3-aioredis,python3-psutil,sudo,acl,curl,systemd-container,squashfs-tools,debootstrap,python3-packaging,python3-cpuinfo,python3-nftables,python3-jsonschema,cloud-image-utils,ndppd,python3-yaml,python3-dotenv,python3-schedule
 Section: aleph-im
 Priority: Extra

vm_supervisor/conf.py

@@ -28,6 +28,10 @@ class IPv6AllocationPolicy(str, Enum):
     dynamic = "dynamic"  # Assign an available IP address.
 
 
+class SnapshotCompressionAlgorithm(str, Enum):
+    gz = "gzip"
+
+
 def etc_resolv_conf_dns_servers():
     with open("/etc/resolv.conf", "r") as resolv_file:
         for line in resolv_file.readlines():
@@ -146,6 +150,16 @@ class Settings(BaseSettings):
     MAX_PROGRAM_ARCHIVE_SIZE = 10_000_000  # 10 MB
     MAX_DATA_ARCHIVE_SIZE = 10_000_000  # 10 MB
 
+    SNAPSHOT_FREQUENCY: int = Field(
+        default=60,
+        description="Snapshot frequency interval in minutes. It will create a VM snapshot every X minutes.",
+    )
+
+    SNAPSHOT_COMPRESSION_ALGORITHM: SnapshotCompressionAlgorithm = Field(
+        default=SnapshotCompressionAlgorithm.gz,
+        description="Snapshot compression algorithm.",
+    )
+
     # hashlib.sha256(b"secret-token").hexdigest()
     ALLOCATION_TOKEN_HASH = (
         "151ba92f2eb90bce67e912af2f7a5c17d8654b3d29895b042107ea312a7eebda"

vm_supervisor/pool.py

@@ -8,6 +8,7 @@
 
 from .conf import settings
 from .models import ExecutableContent, VmExecution
+from .snapshot_manager import SnapshotManager
 from .vm.vm_type import VmType
 
 logger = logging.getLogger(__name__)
@@ -26,6 +27,7 @@ class VmPool:
     executions: Dict[ItemHash, VmExecution]
     message_cache: Dict[str, ExecutableMessage] = {}
     network: Optional[Network]
+    snapshot_manager: SnapshotManager
 
     def __init__(self):
         self.counter = settings.START_ID_INDEX
@@ -47,6 +49,9 @@ def __init__(self):
             if settings.ALLOW_VM_NETWORKING
             else None
         )
+        self.snapshot_manager = SnapshotManager()
+        logger.debug("Initializing SnapshotManager ...")
+        self.snapshot_manager.run_snapshots()
 
     async def create_a_vm(
         self, vm_hash: ItemHash, message: ExecutableContent, original: ExecutableContent
@@ -64,6 +69,10 @@ async def create_a_vm(
             tap_interface = None
 
         await execution.create(vm_id=vm_id, tap_interface=tap_interface)
+
+        # Start VM snapshots automatically
+        await self.snapshot_manager.start_for(execution=execution)
+
         return execution
 
     def get_unique_vm_id(self) -> int:
@@ -125,6 +134,8 @@ async def stop(self):
             *(execution.stop() for vm_hash, execution in self.executions.items())
         )
 
+        await self.snapshot_manager.stop_all()
+
     def get_persistent_executions(self) -> Iterable[VmExecution]:
         for vm_hash, execution in self.executions.items():
             if execution.persistent and execution.is_running:

vm_supervisor/snapshot_manager.py

@@ -0,0 +1,130 @@
+import asyncio
+import logging
+import threading
+from time import sleep
+from typing import Dict, Optional
+
+from aleph_message.models import ItemHash
+from schedule import Job, Scheduler
+
+from .conf import settings
+from .models import VmExecution
+from .snapshots import CompressedDiskVolumeSnapshot
+
+logger = logging.getLogger(__name__)
+
+
+def wrap_async_snapshot(execution):
+    asyncio.run(do_execution_snapshot(execution))
+
+
+def run_threaded_snapshot(execution):
+    job_thread = threading.Thread(target=wrap_async_snapshot, args=(execution,))
+    job_thread.start()
+
+
+async def do_execution_snapshot(execution: VmExecution) -> CompressedDiskVolumeSnapshot:
+    try:
+        logger.debug(f"Starting new snapshot for VM {execution.vm_hash}")
+        assert execution.vm, "VM execution not set"
+
+        snapshot = await execution.vm.create_snapshot()
+        await snapshot.upload()
+
+        logger.debug(
+            f"New snapshots for VM {execution.vm_hash} created in {snapshot.path}"
+        )
+        return snapshot
+    except ValueError:
+        raise ValueError("Something failed taking an snapshot")
+
+
+def infinite_run_scheduler_jobs(scheduler: Scheduler) -> None:
+    while True:
+        scheduler.run_pending()
+        sleep(1)
+
+
+class SnapshotExecution:
+    vm_hash: ItemHash
+    execution: VmExecution
+    frequency: int
+    _scheduler: Scheduler
+    _job: Job
+
+    def __init__(
+        self,
+        scheduler: Scheduler,
+        vm_hash: ItemHash,
+        execution: VmExecution,
+        frequency: int,
+    ):
+        self.vm_hash = vm_hash
+        self.execution = execution
+        self.frequency = frequency
+        self._scheduler = scheduler
+
+    async def start(self) -> None:
+        logger.debug(
+            f"Starting snapshots for VM {self.vm_hash} every {self.frequency} minutes"
+        )
+        job = self._scheduler.every(self.frequency).minutes.do(
+            run_threaded_snapshot, self.execution
+        )
+        self._job = job
+
+    async def stop(self) -> None:
+        logger.debug(f"Stopping snapshots for VM {self.vm_hash}")
+        self._scheduler.cancel_job(self._job)
+
+
+class SnapshotManager:
+    """
+    Manage VM snapshots.
+    """
+
+    executions: Dict[ItemHash, SnapshotExecution]
+    _scheduler: Scheduler
+
+    def __init__(self):
+        self.executions = {}
+        self._scheduler = Scheduler()
+
+    def run_snapshots(self) -> None:
+        job_thread = threading.Thread(
+            target=infinite_run_scheduler_jobs,
+            args=[self._scheduler],
+            daemon=True,
+            name="SnapshotManager",
+        )
+        job_thread.start()
+
+    async def start_for(
+        self, execution: VmExecution, frequency: Optional[int] = None
+    ) -> None:
+        if not execution.is_instance:
+            raise TypeError("VM execution should be an Instance only")
+
+        if not frequency:
+            frequency = settings.SNAPSHOT_FREQUENCY
+
+        vm_hash = execution.vm_hash
+        snapshot_execution = SnapshotExecution(
+            scheduler=self._scheduler,
+            vm_hash=vm_hash,
+            execution=execution,
+            frequency=frequency,
+        )
+        self.executions[vm_hash] = snapshot_execution
+        await snapshot_execution.start()
+
+    async def stop_for(self, vm_hash: ItemHash) -> None:
+        if not self.executions[vm_hash]:
+            raise ValueError(f"Snapshot execution not running for VM {vm_hash}")
+
+        await self.executions[vm_hash].stop()
+
+    async def stop_all(self) -> None:
+        await asyncio.gather(
+            *(self.stop_for(vm_hash) for vm_hash, execution in self.executions)
+        )

vm_supervisor/snapshots.py

@@ -0,0 +1,60 @@
+import logging
+from pathlib import Path
+from typing import Optional
+
+from aleph_message.models import ItemHash
+
+from .conf import SnapshotCompressionAlgorithm
+from .storage import compress_volume_snapshot, create_volume_snapshot
+
+logger = logging.getLogger(__name__)
+
+
+class DiskVolumeFile:
+    path: Path
+    size: int
+
+    def __init__(self, path: Path):
+        self.path = path
+        self.size = path.stat().st_size
+
+
+class CompressedDiskVolumeSnapshot(DiskVolumeFile):
+    algorithm: SnapshotCompressionAlgorithm
+
+    def __init__(self, path: Path, algorithm: SnapshotCompressionAlgorithm):
+        super().__init__(path=path)
+        self.algorithm = algorithm
+
+    def delete(self) -> None:
+        self.path.unlink(missing_ok=True)
+
+    async def upload(self) -> ItemHash:
+        # TODO: Upload snapshots to Aleph Network
+        pass
+
+
+class DiskVolumeSnapshot(DiskVolumeFile):
+    compressed: Optional[CompressedDiskVolumeSnapshot]
+
+    def delete(self) -> None:
+        if self.compressed:
+            self.compressed.delete()
+
+        self.path.unlink(missing_ok=True)
+
+    async def compress(
+        self, algorithm: SnapshotCompressionAlgorithm
+    ) -> CompressedDiskVolumeSnapshot:
+        compressed_snapshot = await compress_volume_snapshot(self.path, algorithm)
+        compressed = CompressedDiskVolumeSnapshot(
+            path=compressed_snapshot, algorithm=algorithm
+        )
+        self.compressed = compressed
+        return compressed
+
+
+class DiskVolume(DiskVolumeFile):
+    async def take_snapshot(self) -> DiskVolumeSnapshot:
+        snapshot = await create_volume_snapshot(self.path)
+        return DiskVolumeSnapshot(snapshot)

vm_supervisor/storage.py

@@ -8,8 +8,10 @@
 import logging
 import re
 import sys
+from datetime import datetime
+from enum import Enum
 from pathlib import Path
-from shutil import make_archive
+from shutil import copy2, disk_usage, make_archive
 from typing import Union
 
 import aiohttp
@@ -28,14 +30,18 @@
     VolumePersistence,
 )
 
-from .conf import settings
+from .conf import SnapshotCompressionAlgorithm, settings
 from .utils import fix_message_validation, run_in_subprocess
 
 logger = logging.getLogger(__name__)
 
 DEVICE_MAPPER_DIRECTORY = "/dev/mapper"
 
 
+class NotEnoughDiskSpace(Exception):
+    pass
+
+
 async def chown_to_jailman(path: Path) -> None:
     """Changes ownership of the target when running firecracker inside jailer isolation."""
     if not path.exists():
@@ -315,3 +321,33 @@ async def get_volume_path(volume: MachineVolume, namespace: str) -> Path:
             return volume_path
     else:
         raise NotImplementedError("Only immutable volumes are supported")
+
+
+async def create_volume_snapshot(path: Path) -> Path:
+    new_path = Path(f"{path}.{datetime.today().strftime('%d%m%Y-%H%M%S')}.bak")
+    copy2(path, new_path)
+    return new_path
+
+
+async def compress_volume_snapshot(
+    path: Path,
+    algorithm: SnapshotCompressionAlgorithm = SnapshotCompressionAlgorithm.gz,
+) -> Path:
+    if algorithm != SnapshotCompressionAlgorithm.gz:
+        raise NotImplementedError
+
+    new_path = Path(f"{path}.gz")
+
+    await run_in_subprocess(
+        [
+            "gzip",
+            str(path),
+        ]
+    )
+
+    return new_path
+
+
+def check_disk_space(bytes_to_use: int) -> bool:
+    host_disk_usage = disk_usage("/")
+    return host_disk_usage.free >= bytes_to_use

vm_supervisor/vm/firecracker/executable.py

@@ -28,6 +28,7 @@
 from vm_supervisor.models import ExecutableContent
 from vm_supervisor.network.firewall import teardown_nftables_for_vm
 from vm_supervisor.network.interfaces import TapInterface
+from vm_supervisor.snapshots import CompressedDiskVolumeSnapshot
 from vm_supervisor.storage import get_volume_path
 
 logger = logging.getLogger(__name__)
@@ -287,3 +288,6 @@ async def teardown(self):
             teardown_nftables_for_vm(self.vm_id)
             await self.tap_interface.delete()
         await self.stop_guest_api()
+
+    async def create_snapshot(self) -> CompressedDiskVolumeSnapshot:
+        raise NotImplementedError()