Hi,
On Wed, Jun 28, 2000 at 06:35:51PM +0200, Benno Senoner wrote:
> > As far as I know the issue has been fixed in 2.4.* kernel series.
> > ReiserFS and software RAID5 is NOT safe in 2.2.*
>
> but Stephen Tweedie (some time ago) pointed out that ,
> the only way to make a software raid system that survives (without data corruption)
> a power failure
> while in degraded mode ( this case is rare but it COULD happen),
> is to make a big RAID5 partition where you store the data and a small RAID1
> parition where
> you keep the journal of the RAID5 partition.
The real situation is a little more complex than that. In degraded
mode, or if you lose a disk during a crash, ALL raid5 systems ---
hardware and software --- risk data loss unless they have some
transactional mechanism to allow them to write entire stripes
atomically with respect to power failure.
In practice, this is usually achieved (for hardware raid) by logging
the stripe updates to non-volatile memory. (This is usually the same
memory that is used for the write-back cache, so it gives a natural
performance boost as well.) Using a separate raid1 journal is
possible, but would be an odd way to deal with the problem given that
we're talking at the level of individual raid devices here.
For journaling *filesystems*, having the journal on an external raid1
disk is a great way to boost performance, but that doesn't fix the
raid5 problem above.
> He said ext3fs can be adapted for this, what is the current status ?
No I didn't! I said that ext3 can in principle use off-disk journals,
but that is an entirely separate problem from the raid5 consistency
issue. Making raid5 totally safe while in degraded mode *must*
require the cooperation of the raid layer itself --- it simply cannot
be done in the filesystem unless the filesystem guarantees 100% that
it only ever writes complete stripes at a time.
There are a number of ways this could be done --- in particular, there
have been a few projects recently (SWARM, Lustre) which would lend
themselves to this sort of operation, by layering the filesystem
on top of a log-based storage abstraction which could have the above
protection built in.
> last questions: are the current ext3 and reiserfs raid-reconstruction safe ?
On 2.4, they should be --- the new raid code performs reconstruction
in a way which is invisible to the buffer cache layers. Testers
welcome. :-)
Cheers,
Stephen
