From owner-freebsd-fs@FreeBSD.ORG Fri Aug 30 12:24:57 2013 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id EAC06819 for ; Fri, 30 Aug 2013 12:24:57 +0000 (UTC) (envelope-from matt.home@userve.net) Received: from smtp-outbound.userve.net (smtp-outbound.userve.net [217.196.1.22]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 897B02FD7 for ; Fri, 30 Aug 2013 12:24:57 +0000 (UTC) Received: from webmail.userve.net (db3.userve.net [217.196.1.19]) (authenticated bits=0) by smtp-outbound.userve.net (8.14.5/8.14.5) with ESMTP id r7UCC0Tv023529 for ; Fri, 30 Aug 2013 13:12:00 +0100 (BST) (envelope-from matt.home@userve.net) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Date: Fri, 30 Aug 2013 13:12:04 +0100 From: Matt Churchyard To: Subject: Boot problem if a ZFS log device is missing Message-ID: <78b974623984482459c6279b43144276@users.userve.net> X-Sender: matt.home@userve.net User-Agent: Roundcube Webmail/0.8.0 X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Aug 2013 12:24:58 -0000 > Yesterday I have done some test. If I remove the stick from the USB > port, before the shutdown the PC, it don't crash but continues to > works. Then I am able to reboot the laptop without inserting the > stick > with a pool that works in degraded mode. > From the end user point of view a PC should always boot, even with a > missing ZFS log device. The problem is that if a machine comes up without a LOG device that was there previously, It can't guarantee that there weren't pending writes. To automatically import the pool could be dangerous - leaving critical data corrupt. That's not really acceptable in a production environment. ZFS does the *right* thing by requiring an admin to get involved. It may be that the admin forces a rollback and checks any applications are ok manually, or it could be that they just plug in a device that was removed by accident. I haven't followed official ZFS since Oracle came along but Sun's kit used to only allow a simple disk or mirror for the root pool. There are some good reasons for this, and the failure to import the pool if ZIL is lost was probably one of them. I wouldn't recommend running any serious system with a large or complex pool that's also being used for root. For a home PC maybe it is useful to have a tunable that says "just force an import and ignore any possible writes if the ZILs gone, I'll deal with any problems that appear". The only issue with that is most people won't know to switch it on until it's too late.