Date: Tue, 26 Aug 1997 16:03:37 -0700 (MST) From: Terry Lambert <terry@lambert.org> To: Shimon@i-Connect.Net (Simon Shapiro) Cc: burt@focusplus.com, freebsd-hackers@FreeBSD.ORG Subject: Re: ? power outages and file system corruption Message-ID: <199708262303.QAA04296@phaeton.artisoft.com> In-Reply-To: <XFMail.970825232450.Shimon@i-Connect.Net> from "Simon Shapiro" at Aug 25, 97 11:24:50 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > Is the only way to protect against power-outage-caused file system > > corruption to install a UPS? Someone mentioned to me that Sun > > (yeah, i know it's Solaris, but i just wanted to know if there was > > something analogous in FBSD) has some sort of disk/FS caching to > > protect against this. > > In theory, a journaling filesystem will do that. Veritas is a good name > for these. The problem with most of these is that a $300 UPS is cheaper > and more reliable. Most such filesystems are attached to such an increase > in complexity that the most common cause of curruption is a filesystem code > bug. Even a UPS does not help you then. A journalling filesystem is just another way to protect FS metadata integrity without doing a traditional fsck (an abbreviated fsck using the journalling data occurs as part of mount). A journalling FS does not guarantee against FS corruption. It only guarantees against structure corruption. FS data corrpution can still occur if you have data which is not atomically transacted. One example of this would be data seperated into an index file and a record file in a database. If the index write does not complete before a crash, the data in the index file will be rolled back by a JFS, and the database on the JFS will not be guaranteed to be in a known, valid state. This is an obvious consequence of the fact that the user did not make calls, such as: start user JFS transaction modify data file modify index file end user JFS transaction So that the modifications to both files will either complete, or *neither* will exist after the crash (in event of a crash before the transation end record was written. This type of service is called a "transaction tracking system". Generally, these are both third party, and *very* slow (ie: Tuxedo from AT&T/USL/whoever). Having a JFS does not necessarily buy you a TTS unless the services are exported by the JFS *and* the user application takes advantage of it. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708262303.QAA04296>