Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add configurable robustness for block recovery #51

Open
LarsKumbier opened this issue Jan 3, 2021 · 6 comments
Open

Add configurable robustness for block recovery #51

LarsKumbier opened this issue Jan 3, 2021 · 6 comments
Labels
enhancement New feature or request

Comments

@LarsKumbier
Copy link

The current bupstash setup does not handle data corruption in the repository (e.g. through bitrot or storing the repository on mediums with a low MTBF). This could be done by adding an optional erasure code like Reed-Solomon-Codes or similar algorithms.

Since this is a trade between robustness and increase of repository size due to the parity data, the user should be able to choose the acceptable amount of data corruption per blocksize. Since a user might use different repositories with different storage mediums and different existing robustness levels in place, the robustness value should be set on a per-repository level.

Bupstash should also include a subcommand to check and repair a remote repository. Since RAID and tape storage systems use the term "scrub" for this, I suggest to use it here as the subcommand as well.
@LarsKumbier
Copy link
Author

Darrenldl's implementation looks interesting in terms of testing, but seems to have a memory leak which should be fixed first.

@andrewchambers andrewchambers added the enhancement New feature or request label Jan 3, 2021
@andrewchambers
Copy link
Owner

andrewchambers commented Jan 11, 2021
edited
Loading

One difficulty I can see here is its harder to fix corruption in the repository sqlite3 database, however I suppose by probabilities, corruption is possibly more likely to occur in the data/* files so this is still valuable even without protections on the sqlite3 data.

@LarsKumbier
Copy link
Author

That needs to be addressed nonetheless. Errors in the storage media can happen anywhere - including the database - with the same probability, so at least it should be tested and documented, what do in such a case. Is it possible to rebuild the database from the current live data, so that the error goes away after the next backup? What happens in the worst case, when the backup is needed and the database is corrupted?

@andrewchambers
Copy link
Owner

andrewchambers commented Jan 11, 2021
edited
Loading

with the same probability ...

My point was If the data to metadata ratio is a million to one the probability of data corruption is actually higher. That being said, I agree and don't want to neglect this if it can be solved well.

edit:

Though its also possible the wear and tear from sqlite operations wears disks more, so really I don't know.

@andrewchambers
Copy link
Owner

Related to #97

@andrewchambers
Copy link
Owner

As a note here, the new repository format stores a redundant copy of the metadata for items, which should make us a lot more resistant to this problem. We are also more free to add erasure codes to this new format.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@LarsKumbier @andrewchambers