HAST + ZFS + NFS + CARP
Borja Marcos
borjam at sarenet.es
Thu Aug 11 11:22:10 UTC 2016
> On 11 Aug 2016, at 13:02, Julien Cigar <julien at perdition.city> wrote:
>
> On Thu, Aug 11, 2016 at 12:15:39PM +0200, Julien Cigar wrote:
>> On Thu, Aug 11, 2016 at 11:24:40AM +0200, Borja Marcos wrote:
>>>
>>>> On 11 Aug 2016, at 11:10, Julien Cigar <julien at perdition.city> wrote:
>>>>
>>>> As I said in a previous post I tested the zfs send/receive approach (with
>>>> zrep) and it works (more or less) perfectly.. so I concur in all what you
>>>> said, especially about off-site replicate and synchronous replication.
>>>>
>>>> Out of curiosity I'm also testing a ZFS + iSCSI + CARP at the moment,
>>>> I'm in the early tests, haven't done any heavy writes yet, but ATM it
>>>> works as expected, I havent' managed to corrupt the zpool.
>>>
>>> I must be too old school, but I don’t quite like the idea of using an essentially unreliable transport
>>> (Ethernet) for low-level filesystem operations.
>>>
>>> In case something went wrong, that approach could risk corrupting a pool. Although, frankly,
>
> Now I'm thinking of the following scenario:
> - filer1 is the MASTER, filer2 the BACKUP
> - on filer1 a zpool data mirror over loc1, loc2, rem1, rem2 (where rem1
> and rem2 are iSCSI disks)
> - the pool is mounted on MASTER
>
> Now imagine that the replication interface corrupts packets silently,
> but data are still written on rem1 and rem2. Does ZFS will detect
> immediately that written blocks on rem1 and rem2 are corrupted?
As far as I know ZFS does not read after write. It can detect silent corruption when reading a file
or a metadata block, but that will happen only when requested (file), when needed (metadata)
or in a scrub. It doesn’t do preemptive read-after-write, I think. Or I don’t recall having read it.
Silent corruption can be overcome by ZFS as long as it isn’t too much. In my case with the
evil HBA it was like a block operation error in an hour of intensive I/O. In normal operation it could
be a block error in a week or so. With that error rate, the chance of a random I/O error corrupting the
same block in three different devices (it’s a raidz2 vdev) are really remote.
But, again, and I won’t push more at the risk of annoying you to death. Just, think that your I/O
throughput will be bound by your network and iSCSI performance, anyway ;)
Borja.
P.D: I forgot to reply to this before:
>> Yeah.. although you could have silent data corruption with any broken
>> hardware too. Some years ago I suffered a silent data corruption due to
>> a broken RAID card, and had to restore from backups..
Ethernet hardware is designed with the assumption that the loss of a packet is not such a big deal.
Shit happens on SAS and other specialized storage networks of course, but you should expect it to be
at least a bit less. ;)
More information about the freebsd-fs
mailing list