add "force" option for vdo modules

[Davidffry]

Summary

I am trying to create VDO volume but the target partition is in xfs. in command line I use the option --force to create the vdo volume

Issue Type

Feature Idea

Component Name

vdo

Additional Information

- name: Create 2 TB VDO volume vdo1 on device /dev/md0
  vdo:
    name: vdo1
    state: present
    device: /dev/md0
    logicalsize: 2T
    force: yes

Code of Conduct

• I agree to follow the Ansible Code of Conduct

[ansibullbot]

Files identified in the description:

• plugins/modules/system/vdo.py

If these files are inaccurate, please update the component name section of the description or use the !component bot command.

click here for bot help

[ansibullbot]

cc @bgurney-rh
click here for bot help

[rhawalsh]

Hi @Davidffry,

It's risky to allow a force to be specified automatically since that has the ability to accidentally wipe out existing signatures of anything you specify. What happens if you have a typo and set device: / dev/md0?

I would certainly be hesitant to make it so easy to wipe things out by accident. What are your thoughts around that?

[Davidffry]

I'm not agree with you, I think (maybe I wrong) it's necessary to keep in mind that module need to follow the enable option in cli. in cli there is the option --force especially since the modules like lvol or filesysteme have the force option. afterall, the users will choose but thanks for the work 😉

…

________________________________ De : Andy Walsh ***@***.***> Envoyé : jeudi 25 mars 2021 14:59 À : ansible-collections/community.general ***@***.***> Cc : AUFFRAY David ***@***.***>; Mention ***@***.***> Objet : Re: [ansible-collections/community.general] add "force" option for vdo modules (#2101) Hi @Davidffry<https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgh.neting.cc%2FDavidffry&data=04%7C01%7Cdavid.auffray%40axians.com%7Cb3eebca342034d0acf9608d8ef962a11%7Ccae7d06108f340dd80c33c0b8889224a%7C0%7C0%7C637522775557037145%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=j0HDxdDC4lHZW498zucWLi%2BP6Xmn7IpAsXS814uyq6w%3D&reserved=0>, It's risky to allow a force to be specified automatically since that has the ability to accidentally wipe out existing signatures of anything you specify. What happens if you have a typo and set device: / dev/md0? I would certainly be hesitant to make it so easy to wipe things out by accident. What are your thoughts around that? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub<https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgh.neting.cc%2Fansible-collections%2Fcommunity.general%2Fissues%2F2101%23issuecomment-806802899&data=04%7C01%7Cdavid.auffray%40axians.com%7Cb3eebca342034d0acf9608d8ef962a11%7Ccae7d06108f340dd80c33c0b8889224a%7C0%7C0%7C637522775557037145%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=a26M3WzQEnCxeu%2BLdEVHOaJD4AIOvGiL0xNFMXTdbJg%3D&reserved=0>, or unsubscribe<https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgh.neting.cc%2Fnotifications%2Funsubscribe-auth%2FAHT3XLMGJ7L672GB7AVOBXTTFM6SZANCNFSM4ZYBSI5A&data=04%7C01%7Cdavid.auffray%40axians.com%7Cb3eebca342034d0acf9608d8ef962a11%7Ccae7d06108f340dd80c33c0b8889224a%7C0%7C0%7C637522775557047095%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=ffT2MD3BuZ%2B6E6hDZBvvvBw2vq6V%2B5tWwlvd4D95wYQ%3D&reserved=0>.

[rhawalsh]

I'm not exactly sure what you mean that it needs to follow the enable option. The arguments provided to the 'vdo' utility are not required to be in a specific order.

My biggest concern with allowing a force operation is that it will end up always being used regardless of whether it is necessary. So when you add the flag into automation, then you lose all of the safety checks and risk damaging your system inadvertently without even noticing it.

I do take your argument that lvol and filesystem modules have it, which is pretty convincing.

[Davidffry]

my bad, my english is not my native language. that module need to follow the enable option in cli. in other terms : I think that all options available in cli needs to be present in the module, so like "force" option. 😉 My biggest concern with allowing a force operation is that it will end up always being used regardless of whether it is necessary. So when you add the flag into automation, then you lose all of the safety checks and risk damaging your system inadvertently without even noticing it. I agree with you, maybe in the documentation need to add like "at your own risk" prevent.

…

________________________________ De : Andy Walsh ***@***.***> Envoyé : jeudi 25 mars 2021 16:53 À : ansible-collections/community.general ***@***.***> Cc : AUFFRAY David ***@***.***>; Mention ***@***.***> Objet : Re: [ansible-collections/community.general] add "force" option for vdo modules (#2101) I'm not exactly sure what you mean that it needs to follow the enable option. The arguments provided to the 'vdo' utility are not required to be in a specific order. My biggest concern with allowing a force operation is that it will end up always being used regardless of whether it is necessary. So when you add the flag into automation, then you lose all of the safety checks and risk damaging your system inadvertently without even noticing it. I do take your argument that lvol and filesystem modules have it, which is pretty convincing. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub<https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgh.neting.cc%2Fansible-collections%2Fcommunity.general%2Fissues%2F2101%23issuecomment-806989112&data=04%7C01%7Cdavid.auffray%40axians.com%7Cb3fb42ee2d1a436108df08d8efa6199e%7Ccae7d06108f340dd80c33c0b8889224a%7C0%7C0%7C637522843963015546%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=0oKWcMMfcFTBQ6TTOZ70XrZ9WlNCLG%2F7ZVvbz83Do9E%3D&reserved=0>, or unsubscribe<https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgh.neting.cc%2Fnotifications%2Funsubscribe-auth%2FAHT3XLL3X3RTZNK73BPAYNLTFNL6RANCNFSM4ZYBSI5A&data=04%7C01%7Cdavid.auffray%40axians.com%7Cb3fb42ee2d1a436108df08d8efa6199e%7Ccae7d06108f340dd80c33c0b8889224a%7C0%7C0%7C637522843963025507%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=YMDzLgTVNdhPVSGT4XfPm%2BgpWFbXS8%2F4hmNadzo3xkI%3D&reserved=0>.

[rhawalsh]

my bad, my english is not my native language.

No worries. I appreciate the attempt! :)

that module need to follow the enable option in cli.
in other terms : I think that all options available in cli needs to be present in the module, so like "force" option.

Ah, ok. Yeah, I can understand that, and that is similarly compelling.

My biggest concern with allowing a force operation is that it will end up always being used regardless of whether it is necessary. So when you add the flag into automation, then you lose all of the safety checks and risk damaging your system inadvertently without even noticing it.

I agree with you, maybe in the documentation need to add like "at your own risk" prevent.

Yes, that would be a good middle ground for this.