Ron Leach put forth on 1/30/2011 5:00 AM:
Nick Edwards wrote:
xfs is not very nice to you if you lose power, it's not as bad as it used to be, but it still gives you 0 byte files,
I began to worry about this after that other thread showed XFS's considerable strengths, and this one weakness. Co-incidentally,we had already just built a couple of XFS servers in raid1 configurations (the second is purely an rdiff-backup server for the first, and both are raid1).
Because our work is frequently the subject of very close legal scrutiny, we're utterly paranoid about losing email - that's why we've created those two redundant servers.
I remember Stan (in the other thread) saying, also, that write-delays due to caching were more or less built-in to the kernel anyway, so XFS may not be alone in this problem. What I am not (yet) sure about, is whether XFS is any 'more' vulnerable than others, or is any 'more' catastrophically damaged, than others, due to power fail. Has any analysis of this been published?
It's all in the XFS FAQ. See #23 for the power fail issue patch. Did you read the other excellent XFS resources available?
Users guide: http://xfs.org/docs/xfsdocs-xml-dev/XFS_User_Guide//tmp/en-US/html/index.htm...
File system structure: http://xfs.org/docs/xfsdocs-xml-dev/XFS_Filesystem_Structure//tmp/en-US/html...
Training labs: http://xfs.org/docs/xfsdocs-xml-dev/XFS_Labs/tmp/en-US/html/index.html
However, like the OP, our scale is quite small and this (potentially) gives us one advantage over those very large users. We could forgo some 'performance' if there were options in XFS that could reduce its 'vulnerability'. I looked at the XFS FAQ, and several of the archived messages on the XFS list, but could not see any create options, or mount options, that would reduce or inhibit the 'vulnerability window' (but I'm no expert on filesystems, or the kernel, so maybe I didn't understand what the FAQ was telling me). Would appreciate any suggestions from those who use and know XFS.
Once again: http://xfs.org/index.php/XFS_FAQ See #23
There is nothing to configure to make XFS 'more resilient' to power failure. There was a bug that caused problems after power failure. Again, the bug was fixed in May 2007, almost 4 years ago. That's the Jurassic period in internet time folks. There is no 'vulnerability window'.
Now you understand my frustration with Nick for spreading FUD.
so make sure you have a good UPS to issue a safe shutdown of the server,
We are very susceptible to power outages, duration anything from 12 seconds to 14 hours (we're not in a city) and never notified in advance. We use APC desktop UPS for workstations and the few servers we have, and we then shut down. For security, the shutdown needs to be automatic so that it takes effect if the site is unmanned - overnight, for example.
Aren't you using the net enabled APC units? They have a NIC slot for exactly this purpose. You install software on your physical hosts (some come with such software like Linux) and configure it. When wall power fails the UPS goes into battery mode, and when the battery hits a configurable amount of remaining capacity, it sends a packet to all connected/configured hosts to shut down. This has been available since the mid 1990s, and it's a fabulous, necessary feature. This is not limited to APC. Many UPS vendors offer such network capabilities.
'Absolutely secure email' needs the speed of XFS, the performance of XFS on multitudes of small files, and the fault-tolerance of some kind of non-volatile storage coupled with positive confirmation of successful writes. One day, maybe.
Until then, email needs UPSs, it seems.
Anything, everything, needs a UPS, except a laptop or smartphone (anything w/an inbuilt battery). "Online" models are best, and typically more expensive.
-- Stan