[DRBD-user] The Problem of File System Corruption w/DRBD
g.danti at assyoma.it
Sun Jun 6 18:02:23 CEST 2021
Il 2021-06-04 15:08 Eric Robinson ha scritto:
> Those are all good points. Since the three legs of the information
> security triad are confidentiality, integrity, and availability, this
> is ultimately a security issue. We all know that information security
> is not about eliminating all possible risks, as that is an
> unattainable goal. It is about mitigating risks to acceptable levels.
> So I guess it boils down to how each person evaluates the risks in
> their own environment. Over my 38-year career, and especially the past
> 15 years of using Linux HA, I've seen more filesystem-type issues than
> the other possible issues you mentioned, so that one tends to feature
> more prominently on my risk radar.
For the very limited goal of protecting from filesystem corruptions, you
can use a snapshot/CoW layer as thinlvm. Keep multiple rolling snapshots
and you can recover from sudden filesystem corruption. However this is
simply move the SPOF down to the CoW layer (thinlvm, which is quite
complex by itself and can be considered a stripped-down
filesystem/allocator) or up to the application layer (where corruptions
are relatively quite common).
That said, nowadays a mature filesystem as EXT4 and XFS can be corrupted
(barring obscure bugs) only by:
- a double mount from different machines;
- a direct write to the underlying raw disks;
- a serious hardware issue.
For what it is worth I am now accustomed to ZFS strong data integrity
guarantee, but I fully realize that this does *not* protect from any
corruptions scenario by itself, not even on
XFS-over-ZVOL-over-DRBD-over-ZFS setups. If anything, a more complex
filesystem (and I/O setup) has *greater* chances of exposing uncommon
So: I strongly advise on placing your filesystem over a snapshot layer,
but do not expect this to shield from any storage related issue.
Assyoma S.r.l. - www.assyoma.it
email: g.danti at assyoma.it - info at assyoma.it
GPG public key ID: FF5F32A8
More information about the drbd-user