| 1 |
Ed W <lists@××××××××××.com> wrote on 2012/01/25 14:21:25: |
| 2 |
|
| 3 |
> |
| 4 |
> On 24/01/2012 14:06, Todd Goodman wrote: |
| 5 |
> > * Joakim Tjernlund<joakim.tjernlund@×××××××××.se> [120124 02:18]: |
| 6 |
> >> Ed W<lists@××××××××××.com> wrote on 2012/01/23 19:43:49: |
| 7 |
> > [ .. ] |
| 8 |
> >>> I'm doing something like this using aufs. The performance seems "not |
| 9 |
> >>> bad", but you get a couple MB or so memory hit. (I'm using squashfs as |
| 10 |
> >>> well, so unsure which causes the main memory increase). |
| 11 |
> >> hmm, not sure how aufs would work out. One would like to permanently delete the |
| 12 |
> > aufs is A Union FileSystem. You can have a RO "branch" (say SquashFS) |
| 13 |
> > and a r/w "branch" (say JFFS2 or UBIFS.) When you write it will write |
| 14 |
> > to the r/w branch and when you read it will read from the r/w branch if |
| 15 |
> > it exists, else the r/o. |
| 16 |
> > |
| 17 |
> > So, if you want to permanently delete the old software. Write it to the |
| 18 |
> > filesystem r/w filesystem (initially or after you have the aufs mounts |
| 19 |
> > mounted.) Then you can delete from the r/w filesystem and it's gone for |
| 20 |
> > good. |
| 21 |
> |
| 22 |
> Agreed. Just to augment that explanation: |
| 23 |
|
| 24 |
Sorry for the late reply, got sidetracked with high prio stuff. |
| 25 |
|
| 26 |
> |
| 27 |
> - The RO branch would be at the bottom (can be multiple of these) |
| 28 |
> - The RW branch goes over the top (*can* be multiple of these, but one |
| 29 |
> is more normal) |
| 30 |
> - You can effectively delete stuff from the RO branches because Aufs has |
| 31 |
> the concept of "white out" files. So for all intents and purposes the |
| 32 |
> top RW layer can create any end result you like, including that of |
| 33 |
> completely masking out some lower layer |
| 34 |
> - With some knowledge of how the whiteout files work you can also "undo" |
| 35 |
> changes to the RO files. Eg directly mounting the RW layer and erasing |
| 36 |
> all files (from the RW layer) leaves you back with just the stacked RO |
| 37 |
> layers again. I find this helpful for development where I can basically |
| 38 |
> work live on the last released build and then by inspection the RW layer |
| 39 |
> has all the changes needed to apply to the next RO layer release! |
| 40 |
|
| 41 |
When you update the RO layer you will be back to a single copy, the previous |
| 42 |
release which is only in the overlay is gone, right? |
| 43 |
|
| 44 |
It also implies 2 different SW update methods, one for updating the overlay |
| 45 |
copy and one for updating the RO layer. |
| 46 |
|
| 47 |
For development it works well though. |
| 48 |
|
| 49 |
> |
| 50 |
> I believe recent kernels also have a much simpler "Overlay Filesystem" |
| 51 |
> that has fewer features. Also the big alternative to aufs is Unionfs 2 |
| 52 |
> - most distros use aufs, but both seem viable? |
| 53 |
|
| 54 |
Dunno, I haven't tried any overlay FS yet. |
| 55 |
|
| 56 |
> |
| 57 |
> |
| 58 |
> Finally note that you don't need to use aufs for the entire filesystem. |
| 59 |
> A common setup might be to use a bunch of bind mounts where you know you |
| 60 |
> don't need overlay features, eg /usr might be a bunch of overlays, /home |
| 61 |
> might be a bind mount to writeable storage, /var might be a ram drive |
| 62 |
> which is initialised from some fixed template, etc? In my case I have |
| 63 |
> an overlay over most things, but /usr/lib/modules is a bind mount to a |
| 64 |
> RO filesystem (you can't write to it), /home is mounted to my writeable |
| 65 |
> storage (not layered), the main OS dirs are layered and /var is a mess... |
| 66 |
> |
| 67 |
> > You still want to pick a r/w branch with a filesystem that handles power |
| 68 |
> > cuts well. You can continue to use JFFS2. |
| 69 |
> |
| 70 |
> Thought: Is there any evidence that one modern filesystem is better than |
| 71 |
> another with regards to sudden power removal? You probably need to |
| 72 |
> speak to filesystem experts at this point and define the kind of thing |
| 73 |
> you are trying to protect against? Sounds like you have raw flash |
| 74 |
> storage here, so that constrains your choices somewhat? |
| 75 |
|
| 76 |
AFAIK, only FSes which are designed for flash(JFFS2, UBIFS, YAFFS etc. ) |
| 77 |
are safe w.r.t power cuts. |
| 78 |
|
| 79 |
> |
| 80 |
> Just note that with aufs you can use quite a few filesystems for the |
| 81 |
> different layers. So for example you could have a base RW layer which |
| 82 |
> is a DM snapshot, overlaid with a loopback mount to a DVD iso, overlay |
| 83 |
> that with a squashfs, and finally overlay an Ext4 RW mount... (And of |
| 84 |
> course each of the RO layers might be stored on varied filesystems |
| 85 |
> themselves - check distributions such as Slax which allow you to overlay |
| 86 |
> a squashfs that is itself inside some loopback mounted file...) |
| 87 |
|
| 88 |
hmm, DM snapshots might be something. Have to look closer on that. |
| 89 |
|
| 90 |
> http://aufs.sourceforge.net/aufs2/report/sq/ |
| 91 |
> |
| 92 |
> http://aufs.sourceforge.net/ |
| 93 |
> |
| 94 |
> I believe for most cheapo consumer flash storage where the underlying |
| 95 |
> flash filesystem isn't exposed, its quite susceptable to *complete* |
| 96 |
> failure with sudden poweroff? The issue is the invisible, underlying |
| 97 |
> flash filesystem gets corrupted during a partial write and that can be |
| 98 |
> the end of your flash drive - you don't even get to see it again to |
| 99 |
> recover from it... I don't believe partitioning protects you from this, |
| 100 |
> but of course separating read/write concerns to physically separate |
| 101 |
> devices would help? I presume this isn't what you are using though? |
| 102 |
|
| 103 |
We are not using NAND flash yet but our next product will. I do have the |
| 104 |
impression that any block emulating device such as SSD are unreliable |
| 105 |
w.r.t power cuts. I would love to be proven wrong though :) |
| 106 |
|
| 107 |
Jocke |
Archives