1 |
Am Tue, 30 Aug 2016 17:59:02 -0400 |
2 |
schrieb Rich Freeman <rich0@g.o>: |
3 |
|
4 |
> On Tue, Aug 30, 2016 at 4:58 PM, Volker Armin Hemmann |
5 |
> <volkerarmin@××××××××××.com> wrote: |
6 |
> > |
7 |
> > the journal does not add any data integrity benefits at all. It just |
8 |
> > makes it more likely that the fs is in a sane state if there is a |
9 |
> > crash. Likely. Not a guarantee. Your data? No one cares. |
10 |
> > |
11 |
> |
12 |
> That depends on the mode of operation. In journal=data I believe |
13 |
> everything gets written twice, which should make it fairly immune to |
14 |
> most forms of corruption. |
15 |
|
16 |
No, journal != data integrity. Journal only ensure that data is written |
17 |
transactionally. You won't end up with messed up meta data, and from |
18 |
API perspective and with journal=data, a partial written block of data |
19 |
will be rewritten after recovering from a crash - up to the last fsync. |
20 |
If it happens that this last fsync was half way into a file: Well, then |
21 |
there's only your work written upto the half of the file. A well |
22 |
designed application can then handle this (e.g. transactional |
23 |
databases). But your carefully written thesis may still be broken. |
24 |
Journals only ensure consistency on API level, not integrity. |
25 |
|
26 |
If you need integrity, so then file system can tell you if your file is |
27 |
broken or not, you need checksums. |
28 |
|
29 |
If you need a way to recover from a half written file, you need a CoW |
30 |
file system where you could, by luck, go back some generations. |
31 |
|
32 |
> f2fs would also have this benefit. Data is not overwritten in-place |
33 |
> in a log-based filesystem; they're essentially journaled by their |
34 |
> design (actually, they're basically what you get if you ditch the |
35 |
> regular part of the filesystem and keep nothing but the journal). |
36 |
|
37 |
This is log-structed, not journalled. You pointed that out, yes, but |
38 |
you weakened that by writing "basically the same". I think the |
39 |
difference is important. Mostly because the journal is a fixed area on |
40 |
the disk, while a log-structured file system has no such journal. |
41 |
|
42 |
> > If you want an fs that cares about your data: zfs. |
43 |
> > |
44 |
> |
45 |
> I won't argue that the COW filesystems have better data security |
46 |
> features. It will be nice when they're stable in the main kernel. |
47 |
|
48 |
This point was raised because it supports checksums, not because it |
49 |
supports CoW. |
50 |
|
51 |
Log structered file systems are, btw, interesting for write-mostly |
52 |
workloads on spinning disks because head movements are minimized. |
53 |
They are not automatically helping dumb/simple flash translation layers. |
54 |
This incorporates a little more logic by exploiting the internal |
55 |
structure of flash (writing only sequentially in page sized blocks, |
56 |
garbage collection and reuse only on erase block level). F2fs and |
57 |
bcache (as a caching layer) do this. Not sure about the others. |
58 |
|
59 |
Fully (and only fully) journalled file systems are a little similar for |
60 |
write-mostly workloads because head movements stay within the journal |
61 |
area but performance goes down as soon as the journal needs to be |
62 |
spooled to permanent storage. |
63 |
|
64 |
I think xfs spreads the journal across the storage space along with the |
65 |
allocation groups (thus better exploiting performance on jbod RAIDs and |
66 |
RAID systems that do not stripe diagonally already). It may thus also be |
67 |
an option for thumb drives. But it is known to prefer killing your |
68 |
complete file contents of what you just saved for security reasons |
69 |
during unclean shutdowns / unmounts. But it is pretty rock solid. And |
70 |
it will gain CoW support in the future which probably eliminates the |
71 |
kill-the-contents issue, even supporting native snapshotting then. |
72 |
|
73 |
|
74 |
-- |
75 |
Regards, |
76 |
Kai |
77 |
|
78 |
Replies to list-only preferred. |