From: Duncan <1i5t5.duncan@cox.net>
To: linux-btrfs@vger.kernel.org
Subject: Re: RAID1 storage server won't boot with one disk missing
Date: Fri, 18 Sep 2015 01:36:50 +0000 (UTC) [thread overview]
Message-ID: <pan$5cdb2$42505f02$e2b552bf$4a4e51e@cox.net> (raw)
In-Reply-To: 55FAD9CC.5060206@oracle.com
Anand Jain posted on Thu, 17 Sep 2015 23:18:36 +0800 as excerpted:
>> What I expected to happen:
>> I expected that the [btrfs raid1 data/metadata] system would either
>> start as if nothing were wrong, or would warn me that one half of the
>> mirror was missing and ask if I really wanted to start the system with
>> the root array in a degraded state.
>
> as of now it would/should start normally only when there is an entry
> -o degraded
>
> it looks like -o degraded is going to be a very obvious feature,
> I have plans of making it a default feature, and provide -o nodegraded
> feature instead. Thanks for comments if any.
As Chris Murphy, I have my doubts about this, and think it's likely to
cause as many unhappy users as it prevents.
I'd definitely put -o nodegraded in my default options here, so it's not
about me, but about all those others that would end up running a silently
degraded system and have no idea until it's too late, as further devices
have failed or the one single other available copy of something important
(remember, still raid1 without N-mirrors option, unfortunately, so if a
device drops out, that's now data/metadata with only a single valid copy
regardless of the number of devices, and if it goes invalid...) fails
checksum for whatever reason.
And since it only /allows/ degraded, not forcing it, if admins or distros
want it as the default, -o degraded can be added now. Nothing's stopping
them except lack of knowledge of the option, the *same* lack of knowledge
that would potentially cause so much harm if the default were switched.
Put it this way. With the current default, if it fails and people have
to ask about the unexpected failure here, no harm to existing data done,
just add -o degraded and get on with things. If -o degraded were made
the default, failure mode would be *MUCH* worse, potential loss of the
entire filesystem due to silent and thus uncorrected device loss and
degraded mounting.
So despite the inconvenience of less knowledgeable people losing the
availability of the filesystem until they can read the wiki or ask about
it here, I don't believe changing the default to -o degraded is wise, at
all.
--
Duncan - List replies preferred. No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master." Richard Stallman
next prev parent reply other threads:[~2015-09-18 1:37 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-09-16 23:56 RAID1 storage server won't boot with one disk missing erpo41
2015-09-17 15:18 ` Anand Jain
2015-09-17 15:42 ` Chris Murphy
2015-09-17 17:00 ` Goffredo Baroncelli
2015-09-17 19:02 ` Roman Mamedov
2015-09-17 20:18 ` Chris Murphy
2015-09-18 13:29 ` Austin S Hemmelgarn
2015-09-21 20:00 ` Erkki Seppala
2015-09-18 1:36 ` Duncan [this message]
2015-09-18 3:02 ` Gareth Pye
2015-09-21 20:35 ` Erkki Seppala
2015-09-22 5:12 ` Duncan
2015-09-22 11:32 ` Austin S Hemmelgarn
2015-09-22 12:51 ` Qu Wenruo
2015-09-22 13:21 ` Austin S Hemmelgarn
2015-09-22 18:35 ` Chris Murphy
2015-09-22 19:45 ` Austin S Hemmelgarn
2015-09-17 15:26 ` Chris Murphy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='pan$5cdb2$42505f02$e2b552bf$4a4e51e@cox.net' \
--to=1i5t5.duncan@cox.net \
--cc=linux-btrfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).