From owner-freebsd-fs@FreeBSD.ORG Tue Feb 13 18:00:31 2007 Return-Path: X-Original-To: freebsd-fs@freebsd.org Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 52A8D16A407 for ; Tue, 13 Feb 2007 18:00:31 +0000 (UTC) (envelope-from john@kozubik.com) Received: from kozubik.com (kozubik.com [69.43.165.2]) by mx1.freebsd.org (Postfix) with ESMTP id 27FBA13C478 for ; Tue, 13 Feb 2007 18:00:31 +0000 (UTC) (envelope-from john@kozubik.com) Received: from kozubik.com (localhost [127.0.0.1]) by kozubik.com (8.12.11/8.12.11) with ESMTP id l1DHngJN023744 for ; Tue, 13 Feb 2007 09:49:42 -0800 (PST) (envelope-from john@kozubik.com) Received: from localhost (john@localhost) by kozubik.com (8.12.11/8.12.11/Submit) with ESMTP id l1DHng8G023741 for ; Tue, 13 Feb 2007 09:49:42 -0800 (PST) (envelope-from john@kozubik.com) Date: Tue, 13 Feb 2007 09:49:42 -0800 (PST) From: John Kozubik To: freebsd-fs@freebsd.org In-Reply-To: <200702130927.l1D9RBn9034761@lurza.secnetix.de> Message-ID: <20070213093220.C95571@kozubik.com> References: <200702130927.l1D9RBn9034761@lurza.secnetix.de> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Re: comments on newfs raw disk ? Safe ? (7 terabyte array) X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Feb 2007 18:00:31 -0000 Friends, On Tue, 13 Feb 2007, Oliver Fromme wrote: > Randy Bush wrote: > > this has been a wonderfully well-timed thread as i am about > > to hack a 4tb array tomorrow afternoon. the normal spindle > > is separate and partitioned to death and newfsed using the > > defaults. with 2gb of ram, i figure 6gb swap just in case > > two userland hogs are running at once, e.g. some hog while > > background fsck is running. > > A bit careful here ... Background fsck had some issues, > especially when the machine crashed or is otherwise reset > while the background fsck is still running. It resulted > in corruption that could not be repaired by fsck anymore. > I don't know if all of those issues have been resolved in > RELENG_6, but personally I always disable background fsck > on all of my machines, just to be safe. Also remember that filling a filesystem to capacity _while_ it is being snapshotted will lock your system up[1]. I suppose some interesting crash loops could arise from this bug on a near full filesystem that someone is unlucky enough to background fsck. I think that FreeBSD needs to address the default implementation of background fsck in general. UFS2 snapshots are dangerous and unstable, and have been since their introduction in 5.x [2]. Oliver and I and everyone else here knows the dangers of UFS2 snapshots and background fsck, and it's very telling that Oliver (like myself) refuses to use them. I won't touch either of them, despite overwhelming financial incentive to implement them [3]. But how many innocent sysadmins and less well informed unix engineers in the world are loading up FreeBSD because of a perceived history of safety and stability and putting very important data and services on systems, which _by default_ have a dangerous ticking time bomb on them ? Are these people supposed to fall out of the womb knowing that UFS2 snapshots are unstable and dangerous, and that _4 years later_ they still aren't safe ? Until well-informed members of this list feel safe and secure with snapshots and background fsck in general use, I think background fsck should be disabled by default. John Kozubik - john@kozubik.com - http://www.kozubik.com [1] http://lists.freebsd.org/pipermail/freebsd-bugs/2006-January/016703.html [2] http://lists.freebsd.org/pipermail/freebsd-bugs/2004-July/007574.html [3] http://www.rsync.net