Takahiro Yasui [tyasui@xxxxxxxxxx] wrote: > > The requirements are: > > * if one of legs fail or log fails, you must automatically continue > > without human intervention > > * if both legs fail, you must shut it down and not pretend that something > > was written when it wasn't (this would break durability requirement of > > transactions). > > I agree with this point. lvm mirror could be used on filesystems such as > ext3 and each filesystem and application needs to take care those situation > to prevent data corruption. I don't think that it is realistic, and the > underlying layer should prevent data corruption. I now understand primary > and secondary disks need to be blocked. If you think that I/O needs to be blocked for first or second leg failures, then I am afraid that there is no way to keep the failed mirror in the system for re-integrating failed devices. I would like to keep the mirror as mirror when one of the legs fails as opposed to making it linear now by dmeventd. This is to re-integrate a failed leg into the mirror to handle transient device failures. Here is what I am planning to do, let me know if you find any issues: 1. Secondary leg failure. dmeventd will NOT change the meta data at all. It will call "lvchange --refresh" that will start resynchronization. This will be done a few times. If the device still fails to re-integrate, it is left the way it is and no further re-integrations attempts are done. The number of attempts can be done at configurable intervals. 2. First leg failure (aka Primary leg failure): The kernel would stop handling any further I/O. The dmeventd will change mirror meta data [it will re-order the legs ] so that the secondary now becomes the primary. I will try to re-integrate the failed device few times before giving up just as in the case "1" above. The kernel module will never progress with a first leg failure as you see above. Thanks, Malahal. -- dm-devel mailing list dm-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/dm-devel
