Phil Endecott wrote:
> I believe that there is some "magic" in the LVM stuff to make this safe,
> i.e. the filesystem is told to do some sort of flush before the snapshot
> is taken, or something. The feature is designed specifically for things
> like backups. (I'm hoping that someone who is reading this will know a
> definitive answer...)
Even if the utility syncs before making the snapshot, that still does
not guarantee that the filesystem is consistent, because writes can
happen between the sync and the snapshot, where the likelyhood of that
increases with the time between the sync and the snapshot, and the
amount of IO that is going on at the time. It certainly does nothing to
make sure that the state of any files that applications have open at the
time are consistent.
What you have to remember is that this form of backup is not much
different than yanking out the power cord of a running system, booting
it up from a cd, and then trying to backup the hard drive. Most things
don't handle system crashes very well.
> In what sense is a "half commit" possible? It's atomic; by definition,
> either a commit has happened, or it hasn't. If it's possible to
> snapshot "during" a commit, surely subversion is broken. Or am I
> missing something?
The writes to the disk are not atomic, but subversion makes great effort
to make sure that at any moment in time, if the system crashes, that it
can recover the repository to one of two states: before the commit, or
after the commit, with nothing in between. That recovery probably will
involve some effort via svnadmin recover, but it is one of the goals of
subversion that this should work, but hotcopy is safer.
There is another option that is both safe, and causes very little
downtime: shut down services like the subversion server, sync the disk,
and make the snapshot while there are no open files, and thus everything
on the disk is nice and consistent. Then you can restart the services
and do your backup of the snapshot in the background. This allows you
to minimize downtime, because the services only need to shut down long
enough to make the snapshot, not the full backup.
To unsubscribe, e-mail: email@example.com
For additional commands, e-mail: firstname.lastname@example.org
Received on Tue Nov 22 21:19:56 2005