Slashdot Mirror
Complete Filesystem Checkpointing?
polymath69 asks: "Living on the edge of Debian unstable means that
updates sometimes break stuff, occasionally to an extent that is
difficult to recover from. This got me thinking about treating the
entire set of mounted filesystems as a transactional database.
Mark state, try something which might be dangerous, test, and approve (commit) or panic (rollback). Obviously some filesystem support would be required, but with ext3 and reiserfs available, maybe the potential is already there. And such a system would need lots of disk space, but these days that's a demand easily granted. There's lots out there on process-level checkpointing, and even some stuff about system-level checkpointing, but all I've found on that was in the context of saving and restoring processes for a system freeze and restore. But I couldn't find anything on Google or SourceForge about doing this sort of temporary branching in the filesystem. Is this idea feasible? Is anyone working on it?"
I dont know if anyone is working on it, but it does sound like something microsoft tried with ME, where you can say wops everything is screwed up lets try and restore to yesterday. At first I though wow that kind of cool mainly because I do tech support for an ISP so I get calls like I hosed my computer fix it, so it would be easy to say just restore to last time I spoke with you. However that wasnt how it really worked, mainly what it did was eat up a lot more hard drive space then you would think it would and cause lots of problems with getting corrupted and what nut.
Now maybe if you could have a delaid type raid mirror array, so the mirror gets updated once every 24 hours instead of every time the disk is accesed, then that may be something cool.
---
Well, looks like this guy Chuq is working on it. He seems to be a kernal hacker that works for VERITAS.
You can also find interesting filesystem info here
There's also work being done on TRAM (Transactional RAM).
I'm against picketing, but I don't know how to show it.
This is meant for creating backups while the system is operating normally, without the partition constantly changing. I'm not sure if it would apply to this question (it might not be easy to roll back), but you can read about it if you search for "Linux LVM howto".
The problem is not so much backing up your good data, but restoring it when your system is hosed.
If your filesystem is badly corrupted - is it possible to restore the last backup?
The poster is asking for rollbacks, or restoration, at the file system level.
Windows System Restore does not do this - it assumes the system is still bootable in "safe mode".
---
Oregon
You can do this in VMWare, but I'm not sure it's really the solution you want. :-)
the default increment is daily
one can roll back the filesystem on a PER PROCESS basis with the yesterday command.
In this way you can narrow down what's broken by for instance using yesterday's c library, or last week's , or last years!
Also take a look at Venti
From: Sean Quinlan To: 9fans Mailing list
For those of you interested in the direction we are heading
with respect to plan 9's file system, you might want to
checkout our paper on Venti that will appear in the
USENIX fast conference.
http://www.cs.bell-labs.com/~seanq/pub.html#venti
Venti is a block level storage server that replaces the optical
juke box for a plan 9 file system. Some of the benefits include:
coalescing of duplicate blocks
compression
no block fragmentation
Also, we have switched from optical to magnetic disks as the storage
technology. I know many of you already use magnetic disks to
"fake" a worm, but for those of us using a optical juke box,
the performance improvement is rather substantial!!
seanq
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
It's a bit time consuming, but tar has been doing this job for me for a while. I finally (took me a long time, ok) created a working bootable linux CD that mounts my filesystems RO and tarballs the entire contents to a remote server. It takes about 1h20m to do a full backup.
After it finishes, I test software on the existing system. If it breaks I restore, if it doesn't I play-test it for a while and if it keeps behaving I commit it to the next full "state preservation".
The biggest drawback, of course, is that this sceme requires close to 1.5 hours of downtime for the backup and more if you need to restore. But for noncritical systems it works great.
I'm against picketing, but I don't know how to show it.
root@foobar# dsmc
Tivoli Storage Manager
Command Line Backup Client Interface - Version 4, Release 1, Level 2.0
(C) Copyright IBM Corporation, 1990, 2000, All Rights Reserved.
tsm> q server
Node Name: FOOBAR
Session established with server WAYBACK: Solaris 2.6/7
Server Version 3, Release 7, Level 4.10
Server date/time: 02/10/02 16:13:02 Last access: 01/30/02 00:00:56
tsm> restore -subdir=yes -replace=yes /
Consider it done.
Sounds like basically the same thing, no?
- Steve
What I do is use rsync to backup the company fileserver to a remote machine every 2 hours during business hours. Each update transfers about 10 to 20 MB over DSL/Cable. Then every evening I backup all the files that have changed over the last 24 hours into a seperate dated directory. The first dated backup consisted of the entire server (6 gb) and all the subsiquent backups are about 50 MB a day zipped.
So I have both a snapshot of the current status of the server with 2 hours accuracy and the ability to roll back the server to any point with 24 hours accuracy.
The best part is the company is paying for my Cable connection at home to do this.
Someone else mentioned this too, but can you do LVM in Linux easily? If so, set up to do snapshots before a big upgrade. A snapshot is a virtual copy of your data. When a file is added or changed only the extra info is written to a seperate place on the disk. So, you end up with two "copies" of the data but it doesn't use up a ton of disk space.
This is great for backups too. You don't have to worry about files being open and it's a great way to get a point in time shot of your data in case of short backup windows.
Snapshotting is what you really want for something like this. NetApp has had this functionality available in their Filer appliances for a number of years - you can cd into a 'magic' .snapshot directory where hourly, daily, weekly, and monthly snapshots are kept.
FreeBSD 5.0-CURRENT includes preliminary snapshot support for ffs.
The Linux options aren't quite as good. The most promising new filesystem that could provide this functionality is tux2, where data is structured in a way that would make implementing this functionality fairly easy. There was a post explaining how it would work in the mail archives, but they seem to have disappeared.
There is commercial option: MVD Snap. Their fileserver is Linux based, and the code for their snapfs filesystem was once available during beta testing.
LVM provides the ability to create snapshots of your volumes, so you can easily roll back if anything icky happens. Mind you that write perfomance when using the snapshot feature goes down: instead of one write operation, every write becomes a read/write/write operation slowing things down. And this happens for every active snapshot, so you really can't have too much active snapshots
Then again, if it's just for checkpointing (create snapshot), installing experimental stuff and then committing (delete snapshot) or rollback (restore from snapshot, delete snapshot), it should do the trick wonderfully.
Okay... I'll do the stupid things first, then you shy people follow.
[Zappa]
AFS will do something like that, although not to the extent that I hear NetApp Filers can. Off the top of my head, there are two ways to do this with AFS. Both these methods require superuser access to your AFS cell, unless backups or replication releases are being done automatically.
/afs/mycell/some/path
..
/afs/.mycell/some/volume
/afs/mycell/some/volume/my/file my/file
/afs/cellname and read-write on /afs/.cellname.
(CodaFS should be able to do this too. I haven't played with CodaFS enough to know if it offers any other way to accomplish checkpointing.)
Method 1: backup volumes
$ cd
$ kinit me/admin
Password for me/admin@MYCELL:
$ aklog
$ vos backup some.path.avol
$ kinit me
Password for me@MYCELL:
$ aklog
$ cd avol
do stuff with the filesystem...
Oops! I need files that I modified or deleted!
$ cd
$ fs mkm avol.backup some.path.avol.backup
$ cp avol.backup/little-lost-file avol/
$ fs rmm avol.backup
Many sites run 'vos backupsys' (generally before 'vos dump'ing volumes) every night to automatically back up all their volumes, and leave users' backup home volumes mounted under their home volumes, to provide easy access to yesterday's files without an administrator's help.
Method 2: for replicated volumes
$ cd
do stuff - uh-oh, I need a file back that I changed!
$ cp
ok, finished with the changes. Commit them!
$ kinit me/admin
Password for me/admin@MYCELL:
$ aklog
$ vos release some.volume
Released volume some.volume successfully
$ kinit me
Password for me@MYCELL:
$ aklog
Volume (for volume, read filesystem) backups work by saving the state of a volume at the time the backup command was issued. When changes are made to the volume, the original state is copied to the backup volume. The backup volume only takes as much space as the changes made since the last backup. Replication works by making read-only copies of a volume in one or more locations, as specified by 'vos addsite' commands. The copies are only updated when changes are 'released' from the read-write copy to the read-only copies. By convention, cell root volumes are mounted read-only on
I think that newer versions of Solaris will do checkpointing on UFS. I haven't adminned Solaris since 2.3 (the slooow SS20 with 2.8 under my bed dosen't count until I play with it some more), so I'm not familiar with the details.
It was called SnapFS. You can find traces of this in a LWN article. I don't know if the projects still exists, go ahead and google .....
RFC1925
- A sourceforge project with no files uploaded, no description, and a few messages asking, "What happened?"
- A glossary which describes SnapFS as "A defunct experimental filesystem". There's also a broken link to linuxcare.com.au/projects/snapfs .
- A diary entry from somebody named Martin Pool. On 18 August 2000 he writes,
- And of course, Mountain View Data (or the equivalent snapfs.org),
which now owns the project and seems to have renamed it "MVD Snap". But there is very little information here, and nothing to download.
Is it legitimate for SnapFS to go missing like this? The link you gave says that SnapFS is under the GPL. So doesn't it have to be available somewhere in a free and downloadable form?Thanks to everyone for all the help!
--
I don't want to rule the world... I just want to be in charge of mayonnaise.
The Martin Pool/linuxcare.com.au project seems to be unrelated to the SnapFS in the original announcement, now owned by Mountain View Data. There's a README on the Pool project here. It does seem to be dead, which is OK since it didn't offer the full filesystem rollback capability. In addition, it was a true filesystem, unlike the other, which was designed to sit in another layer above Ext3.
If anyone has an old tarball of the now-MountainView SnapFS, please let me know...
--
I don't want to rule the world... I just want to be in charge of mayonnaise.