Quoting Anthony Verevkin (anth...@verevkin.ca): > My thoughts on the subject are that even though checksums do allow to > find which replica is corrupt without having to figure which 2 out of > 3 copies are the same, this is not the only reason min_size=2 was > required. Even if you are running all SSD which are more reliable than > HDD and are keeping the disk size small so you could backfill quickly > in case of a single disk failure, you would still occasionally have > longer periods of degraded operation. To name a couple - a full node > going down; or operator deliberately wiping an OSD to rebuild it. > min_size=1 in this case would leave you running with no redundancy at > all. DR scenario with pool-to-pool mirroring probably means that you > can not just replace the lost or incomplete PGs in your main site from > your DR, cause DR is likely to have a different PG layout, so full > resync from DR would be required in case of one disk lost during such > unprotected times.
... "min_size=1 in this case would leave you running with no redundancy at all.". Exactly. And that would be the reason not to do it. DR is asynchronous. What if the PG that gets lost has ACK'ed a WRITE but has not been synchronised? Doing a "full resync" would bring you back in time. The DR site is not for free either, so I doubt that you actually really win a lot here. I would opt for three datacenters: size=3, min_size=2 > > What are your thoughts, would you run 2x replication factor in > Production and in what scenarios? Not for me. Gr. Stefan -- | BIT BV http://www.bit.nl/ Kamer van Koophandel 09090351 | GPG: 0xD14839C6 +31 318 648 688 / i...@bit.nl _______________________________________________ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
