>This is getting pretty picky. You're saying that ZFS will detect any
>errors introduced after ZFS has gotten the data. However, as stated
>in a previous post, that doesn't guarantee that the data given to ZFS
>wasn't already corrupted.
But there's a big difference between the time ZFS gets the data
and the time your typical storage system gets it.
And your typical storage system does not store any information which
allows it to detect all but the most simple errors.
Storage systems are complicated and have many failure modes at many
different levels.
- disks not writing data or writing data in incorrect location
- disks not reporting failures when they occur
- bit errors in disk write buffers causing data corruption
- storage array software with bugs
- storage array with undetected hardware errors
- data corruption in the path (such as switches with mangle
packets but keep the TCP checksum working
>If you don't trust your storage subsystem, you're going to encounter
>issues regardless of the software use to store data. We'll have to
>see if ZFS can 'save' customers in this situation. I've found that
>regardless of the storage solution in question you can't anticipate
>all issues and when a brownout or other ugly loss-of-service occurs,
>you may or may not be intact, ZFS or no.
>
>I've never seen a product that can deal with all possible situations.
ZFS attempts to deal with more problems than any of the current
existing solutions by giving end-to-end verification of the data.
One of the reasons why ZFS was created was a particular large customer
who had datacorruption which occured two years (!) before it was
detected. The bad data had migrated and corrupted; the good data
was no longer available on backups (which weren't very relevant
anyway after such a long time)
ZFS tries to give one important guarantee: if the data is bad, we will
not return it.
One case in point is the person in MPK with a SATA controller which
corrupts memory; he didn't discover this using UFS (except for perhaps
a few strange events he noticed). After switch to ZFS he started to
find corruption so now he uses a self-healing ZFS mirror (or RAIDZ).
ZFS helps at the low end as much as it does at the highend.
I'll bet that ZFS will generate more calls about broken hardware
and fingers will be pointed at ZFS at first because it's the new
kid; it will be some time before people realize that the data was
rotting all along.
Casper
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
