Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 14 Nov 2012 17:37:08 +1100
From:      Stephen McKay <smckay@internode.on.net>
To:        Chris BeHanna <chris@behanna.org>
Cc:        FreeBSD FS <freebsd-fs@freebsd.org>, Stephen McKay <smckay@internode.on.net>
Subject:   Re: SSD recommendations for ZFS cache/log
Message-ID:  <57ac1f$gf6p7c@ipmail05.adl6.internode.on.net>
In-Reply-To: <943159E4-8824-4767-96E1-89E8EC69DCDF@behanna.org> from Chris BeHanna at "Tue, 13 Nov 2012 22:18:54 -0600"
References:  <CAFHbX1K-NPuAy5tW0N8=sJD=CU0Q1Pm3ZDkVkE%2BdjpCsD1U8_Q@mail.gmail.com> <57ac1f$gf3rkl@ipmail05.adl6.internode.on.net><943159E4-8824-4767-96E1-89E8EC69DCDF@behanna.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday, 13th November 2012, Chris BeHanna wrote:

>On Nov 13, 2012, at 21:51, Stephen McKay <smckay@internode.on.net> wrote:
>
>> [...lots of good advice about measuring, and lots of good advice about L2ARC...]

I'm glad people found what I wrote useful.  I'll have to rant more often. :-)

>> I have no way to determine in advance the behaviour of an SSD on
>> power failure so I assume all the ones I can afford have bad
>> behaviour.
>
>If you'll pardon what may be an ignorant question, does this
>matter if you have your machine on a UPS, especially if you run
>upsmon or nut to do a graceful shutdown when there are n minutes
>of battery remaining?

I would still care.  But then, I assume my hardware is out to get me. :-)

In the end, it's a matter of risk assessment.  How valuable your
data is vs how difficult it is to recover vs how likely it is to
be lost.  High value data that cannot be recovered should be stored
(backed up) in many places on highly reliable media because even
a low risk of loss is bad(1).  Low value data can be treated more
roughly, and maybe occasional (detectable) corruption or loss is OK.

The difficulty is in how we can calculate the chance of loss when
we have no published statistics on power failure corruption rates
in SSDs.  Multiply that by the chance your UPS may fail(2) (which
I'm guessing you don't have a number for either), and we have what
we hope is a very small number, but which might in reality be large
enough to cause grief.

If I ran a bank, my ZIL would likely be a redundant array of battery
backed RAM disks (that's the most expensive and fastest sort, you can
reduce your life expectancy simply by reading the price list).  And
my power supply would be redundant.  And my UPS would be redundant.
And I'd do generator tests frequently.  And the armed guards would
keep cleaners out of the computer room.  And ...

But at home, you have to make your best guess and go from there.  As 
I've said before, the end result of my calculations was to have no SSD
ZIL at all.  I think for most people this is an entirely reasonable
situation.

Cheers,

Stephen.

(1) There's a long discussion of disk redundancy (mirror vs raidz, etc)
and backup strategies (periodic vs continuous, off/on-line, on/off-site,
automated/ad hoc) to mitigate hardware failures, software errors, system
administrator fumbles, hacker attacks and the plain disregard the universe
has for you that I've left out here but which matters at least as much as
broken SSDs do.

(2) UPS failure can include the owner tripping over the power cord or
accidentally switching it off.  Watching someone accidentally switch off
a room full of computers this way caused much merriment.  No, wait!  It
caused us all several days of pain. :-(



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?57ac1f$gf6p7c>