Slashdot Mirror
ZFS Replication To the Cloud Is Finally Here and It's Fast (arstechnica.com)
New submitter kozubik writes: Jim Salter at Ars Technica provides a detailed, technical rundown of ZFS send and receive, and compares it to traditional remote syncing and backup tools such as rsync. He writes: "In mid-August, the first commercially available ZFS cloud replication target became available at rsync.net. Who cares, right? As the service itself states, If you're not sure what this means, our product is Not For You. ... after 15 years of daily use, I knew exactly what rsync's weaknesses were, and I targeted them ruthlessly."
rsync synchronises files. ZFS synchronises a file system. Of course it is better to work that way because you can transfer just the changed components of a file. Moving a file just changes a pointer, so send the pointer. That sort of thing.
http://michaelsmith.id.au
I was a little unexcited by (although interested in) the article, even by the general speedups until I got to the part about VM replication. This really makes an enormous difference.
ZFS licensing has kept this as a grey area for me, so I I've largely kept away from deployment (save for an emergency FreeNAS box I needed in a hurry), but I'd clearly benefit from looking here again. Thanks for the reminder.
Oh, I also appreciate the rsync.net advertisement. Good guys, good service ;-)
Oh arse
Who cares, right? As the service itself states, If you're not sure what this means, our product is Not For You.
Ah, there's that welcoming open-source community spirit.
systemd is Roko's Basilisk.
Reading this article, it seems that this "ZFS replication" is very similar to rsync, with one straightforward addition:
Rsync works on an individual file level. It knows how to synchronized each modified file separately, and does this very efficiently. But if a file was renamed, without any further changes, it doesn't notice this fact, and instead notices the new file and sends it in its entirety. "ZFS replication", on the other hand, works on the filesystem level so it knows about renamed files and can send just the "rename" event instead of the entire content of the file.
So if rsync ran through all the files to try to recognize renamed files (e.g., by file sizes and dates, confirming with a hash), it could basically do the same thing. This wouldn't catch the event of renaming *and also* modifying the same file, but this is rarer than simple movements of files and directories. The benefit would have been that this would work on *any* filesystem, not just of ZFS. Since 99.9% of the users out there do not use ZFS, it makes sense to have this feature in rsync, not ZFS.
For those who already understand rsync and zfs the article adds nothing new that is of value. 1/3 of the article is telling you what rsync is, which you can fill with lorem ipsum and still not lowering the next-to-none quality of the article. We already fucking know what rsync is. It's in the man pages for, like 10+ years. And why do you need a Jedi picture just for that?
Then the useless benchmark, taking another 1/3. No repeatable experiments. No statistics. Only one-shot timings. And the worst things is that the result is completely expected. The first pseudo-benchmark is network-limited so the results would be the same. The second is completely expected. The incremental payload is so small that any difference is just overhead, and you expect the rsync with overhead NOT to perform worse than native FS? The third is pointless. It's apples and oranges. Anyone who knows the difference between syncing and replicating already know about this. We don't need a whole article telling us that.
And finally, the obligatory shitty script dump (nobody cares about the verbatim copy of your perl script, kiddie), the apple-to-orange pros-cons comparison, clueless stock picture taking half screen space, and the non-conclusion.
The whole thing can be condensed into a 500-word tech briefing and you wrote that?
Sheesh.
That was ReiserFS, not ZFS.
Jim Salter writes some great pieces on file systems for Ars Technica.
At the linked article are Related Links. Of particular note is "Atomic Cows and Bit Rot" -- read that if you're interested in modern file systems.
Only after the Russian mail-order bride steals the money from your open source "wealth" to fund her new boyfriend's BDSM hobbies.She actually sounded a lot like my ex, the one with the website on breast feeding with nipple rings.
And no, I'm not making *any* of this up.
Er, no. Btrfs may one day make feature parity with ZFS, and it may also achive the reliability of ZFS, but it has a long, long, way to go in both areas to get to those points.
The on-disc structures might have been declared "stable", but what does that mean, really? That you'll be able to mount current filesystems on future kernels, yes. That the frozen design was correct and contains no design flaws? No. Personally, I think they froze it way too early. There are a number of fairly fundamental issues with the Btrfs design which compromise its performance (fsync) and integrity (unbalancing, data loss on recovery), and in some cases place arbitrary limits upon things (e.g. the hardlink issue). Some can be mitigated, while others can not. These and other issues are easily found and researched.
Seriously, I've been using Btrfs since very near the beginning for a variety of tasks. But I've been objective about it, rather than a blinkered fanboi. It's an interesting filesystem with some good ideas. But it has /always/ been a case of "next year it will be stable", and the performance is dire. Progress has been painfully slow, and the bugs I've encountered along the way have been numerous and show-stopping. Maybe it will "get there", but I think your assertion that "once BTFS userland side gets stable" that it will replace ZFS is incredibly naive. It assumes that there are no major issues remaining on the kernel side, and it also assumes that the only thing needing doing on the user side is stability. Based on its history to date, the likelihood of the kernel side being bug-free is close to zero. On the user side the tools are primitive, feature-incomplete and almost completely undocumented, containing little information and no examples. On the ZFS side, the tools are feature complete and are properly documented, with examples, and with whole sets of training material on top of that.
If you needed to make a decision on which to use for a serious deployment, or even just for a smaller scale home NAS, right now if you objectively compare the two, the choice is quite clear, and it's not Btrfs. Based upon the development history of the two, it's unlikely that this will change much in the next few years. Remember also that ZFS development is very active, perhaps even moreso than Btrfs. But who knows, maybe by 2020 Btrfs will surpass it.
I am using Btrfs on my NAS/firewall/server quite happily and in my experience it's been stable and performant, but overall I agree with you. The tools could be better and there are a lot of idiosyncracies here and there. Personally, I find the fact that Btrfs is terribly fragmentation-prone somewhat of an issue as running defrag on any snapshotted or deduped content will ruin the reflinks and ends up duplicating all the blocks needlessly, thereby eliminating the whole point of using snapshots in the first place.
+9001 Funny! I needed that. BTRFS, the FS designed by devs for cool new features!. ZFS, the FS designed by sysadmins for sysadmins.
Anyone else getting tired of is term? All it means is "someone else's computer". All you're doing is renting server space and replicating your data there. There's nothing special about it.
ZFS too resource heavy? Yeah, don't run it on a cell phone. BTRFS balancing seems to have some major issues. I'm not sure if it's fundamental or not, but they're old issues and haven't been fixed for many years.
ZFS is nice .. but it's just not been stable
By your definition of stable, nothing is stable. ZFS is not perfect, but it is closer to perfect than anything else.
Without some kind of incremental snapshot, with read-only privileges after the snapshot, straight replication is next to useless if someone does "rm -rf /". And it happens *all the time*.
So ... zfs covers that ... since it does exactly what you suggest.
Sure, if you can afford to buy 3 times as much disk
What? If you want mirroring or RAID like qualities, yes, you need to duplicate data, thats true of any mechanism like this... you do realize thats what things like NetApp do too ... right, just mirroring or raid?
and roughly 10 times as much network bandwidth as you ever really process with,
... this makes no sense? How does the network come into play here? You're just making random shit up?
ZFS is nice if you can afford one sys-admin/Terabyte of data to try to keep it up to date, but it's just not been stable.
The company I work at rolls over roughly 50tb of data PER DAY, several petabytes worth ... in ZFS ...
You'll have to pardon me if I doubt some random Anonymous Coward spewing clear ignorance has any idea what 'stable' is after making such stupid statements.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
Actually no - it's not better unless you are already using ZFS in which case you probably already know about the feature.
Fortunately, zfs also supports snapshots, and those can be sent/received as well.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
FreeNAS is FreeBSD 9 or 10 with a config layer over the top for a web interface and idiot proof cli (FreeNAS 10). Nothing is changed from the FreeBSD version of ZFS apart from some sysctl variables.
ZFS is an ENTERPRISE file system, it will eat all the RAM you give it and get faster with more RAM as it can cache more I/O. It is designed run on a well spec'ed server with a UPS.
Of course you can run it on anything FreeBSD supports and try your luck, it works well even then for most people.
Wannabe nerd.
Are you for real AC, or just trolling?
Your Synology "reference" is a classic "appeal to authority", only it's a really bad choice of authority due to its complete lack of any technical detail or substance of any kind. That link is to a marketing page for a company which makes money selling hardware. It's just a few bullet points (snapshotting, checksumming in essence), without any discussion of the actual tradeoffs or comparison with other systems. It's worthless. It's only purpose is to tick a feature box to act as an incentive to purchase their systems; as for the actual performance and reliability of those features--that's the customer's problem. Caveat emptor.
I've done more than casual work and development with Btrfs. For example, from back when I was a Debian developer, here's the original inital support for Btrfs snapshotting in schroot. This lets you create virtual environments from Btrfs snapshots, as well as other types such as LVM and overlays. You can then plug this into other tools such as sbuild, and then build the whole of Debian using snapshotted clean build environments. Doing this, Btrfs fails hard around every 18 hours, going read-only. Why? Creating and deleting 18000 snapshots for 8 parallel builds quickly unbalances the filesystem, requiring a manual rebalance. You don't see that unfortunate detail in the Synology fluff page, do you?
You can also get snapshots and decent recovery (albeit without block-level checksums) from LVM and mdraid. In my experience, its recovery behaviour after real hardware failure is vastly more reliable than Btrfs. Simply put, it has always resynched the data without problem, while Btrfs has caused irrecoverable data loss, despite it theoretically being much better. LVM snapshots have very different tradeoffs as well. And on modern Linux with udev, we had to abandon using them due to races in udev/systemd making them randomly fail.
The point I'm making is that the reality of the chosen tradeoffs between performance, reliability and featureset of the different filesystems is a subtle one. You can't reduce it down to "Btrfs is better" or "ZFS is better". That's marketing. But I have spent over seven years pushing Btrfs to its limits, and have found it sorely lacking. It's unacceptable that it unbalances itself to the point of unusability. It's unacceptable that it has led to irrecoverable dataloss on several occasions. It's also unacceptable that in its eight years of existence, none of the developers could be bothered to write any decent documentation. The dataloss was down to bugs, some of which are fixed, but it does leave you in a position of lacking trust in it in the face of such problems. If you compare this with ZFS, while it's not fair to say it has been totally bug free, it has been almost bug free, and the number of dataloss incidents is small. I've yet to encounter any problems with ZFS myself, but I've encountered many serious issues with Btrfs.
Anyone who uses Btrfs or ZFS on a NAS system does so at their own risk after researching the various options and their tradeoffs. Just because a vendor decides to make and market a system using Btrfs does not make that system the best choice. It just means they thought they could make some profit from it.
ZFS disk structures were stable a decade ago but frankly the userland is still a bit buggy today, and that's with ten times as many people working on it as btrfs and people knowing full well where the problems are and what needs to be done to fix them. btrfs hasn't gone through that discovery process yet.
Don't assume undone work is easy. I'll be delighted to be proven wrong in five years (I said the same thing five years ago).
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Er, OpenZFS...
ZFS originated within Sun, which was bought by Oracle. Oracle then laid off most (all?) of the ZFS developers, who then went to work for other companies. The current ZFS development is no longer inside Oracle, and nor is it owned by them. They own the copyright on the original CDDL releases. Big deal. Not using it because of the historic association with Oracle would be a little... extreme.
Without some kind of incremental snapshot, with read-only privileges after the snapshot, straight replication is next to useless if someone does "rm -rf /". And it happens *all the time*.
So, exactly what ZFS provides then... You take periodic snapshots (hourly, daily, weekly, or whatever), then send the deltas between the snapshots to the destination system. You can easily put that in a cron job and have a regular push to a backup system (hey, exactly like what the tool in TFA is doing...). If someone does wipe out all their files, you have the snapshot(s) containing it on both the source and destination system, depending upon your schedule for dropping old snapshots. However you decide to manage things, you can recover the removed files so long as they are present in an older snapshot.
You do realise that Btrfs originated within Oracle, right? ZFS was merely acquired by them.
If btrfs has so many issues, I wonder why Docker doesn't have a deployment on Illumos. or SmartOS.
I would think that Docker enthusiasm would be damped by a beta filesystem and (the lack of) verifiable security in package content.
Don't let the licensing FUD scare you. Linus has publicly stated that licensing in a case that's a very near equivalent to ZFS' licensing is fine.
The anticipated problem with the license has always been on the Linux side. The license ZFS is released under doesn't in any way prohibit the ZFS code from being used in other places with other licenses (like the *BSD's). There has never been a concern that using ZFS with Linux violates the ZFS license (and thus could bring Oracle's well-fed lawyers down upon you). The contention has been that combing CDDL code with GPL-2 in a derivative work violates the GPL and thus places you in trouble with Linux's license. The core problem is that CDDL places additional restrictions on binary code resulting from derivative works, which GPL-2 prohibits.
Linus has weighed in specifically on the AFS filesystem module here: http://yarchive.net/comp/linux...
Given that ZFS was originally written for Solaris and the core code works essentially unmodified (with a porting layer in some cases) on Solaris, *BSD, Linux, possibly other systems, there are lots of indications that it should fall into the same category as the AFS code: The ZFS modules are not derivative works of Linux and thus may be used with Linux even though their license prevents them from being incorporated into Linux.
Having trouble distinguishing between rsync, the tool, and rsync.net, the online service? Having never used either, the distinction was still perfectly clear to me.
--- Most topics have many sides worth arguing, allow me to take one opposite you.
We've had a very significant discount for HN readers for years and we'd be happy to extend that to /. readers. Just email and ask.
Really happy to be here - I am not sure why I am labeled as "new submitter" since I have been a slashdot user for ... 15 years ?
Happy to answer any questions about our service here as well.
If I'm reading this right, ZFS sync opens up one other huge, huge possibility. I had this idea nearly 15 years ago (shortly after Napster), but didn't have the technical expertise to implement it: A distributed redundant filesystem.
ZFS doesn't think in terms of files. It thinks in terms of blocks, and in a redundant z-volume (similar to a RAID array) it distributes those blocks over multiple virtual devices (vdevs) - you can think of them as disks, but they don't have to be. These vdevs can be a disk, a partition, a file on a disk, or more crucially a SAN or iSCSI - disks which aren't connected directly to the computer but are accessed over a network. Til now, those last two have been disks on the same premise, just not in the saem computer. ZFS sync could open it up to any networked vdev anywhere in the world.
So what's the big deal? The big deal is that in a redundant filesystem, you cannot reconstruct the original data from any single vdev. If you have 4 drives in RAID 5, no single drive has a complete file. You need all of the data off of at least 3 drives to reconstruct a file. The same goes for ZFS - if you're using 2-drive redundancy and you have 6 vdevs, you need the data off of at least 4 vdevs to reconstruct the file.
Now what if each of those vdevs were located in different places around the world? One could be Google Drive, another Dropbox, another Microsoft OneDrive, etc. Your data could be on the cloud, and it would still be accessible even if one service went down or even shut down completely. ZFS would just treat it like a drive failure. It would re-verify and recover after the service came back online. Or you could simply replace it with a vdev on a different cloud service. (ZFS redundancy is on a block level, so a block failure doesn't mean it drops the entire vdev from the array like RAID does with a disk which generates an error. It simply marks the block as bad and tries to reconstruct it from redundant info on other vdevs. Other blocks stored on that vdev are assumed to still be good, until you access it and the checksum says it's bad.)
Also, no single cloud service provider would have a complete copy of your data. Hackers could manage to break into a service and get all your data stored at that service. But unless they managed to get data from (n-r) services (n = number of cloud vdevs you're using, r = redundancy level), they couldn't reconstruct your data. More to the point, if said service notified you of the breach in a timely manner, you could respond by creating new vdevs with different encryption, copying your data from the old vdevs to the new, then erasing the old vdevs. Unless the hackers managed to simultaneously hack (n-r) cloud services, your data cannot be compromised. (Or if you're on the dark side, Hollywood could get the feds to raid a cloud storage service and get all your data there, but unless they did it simultaneously with (n-r) services, they wouldn't be able to see that you have copies of pirated movies stored on those services.)
I've been trying to set up something similar between my sister's, my parents', and my house, with our NASes backing up each other so we won't lose our data if one house burns down. But it's been a PITA with rsync. Because rsync thinks in terms of files, each house has to have a complete copy of the other houses' data. If I were able to do it with ZFS vdevs, it would represent a 50% space savings. More if I had more homes to work with.
I guess you missed the RESOLVED tag on that.
To be fair, the race existed in udev prior to the systemd merge as well. When lvremove randomly stops working, it's a bit surprising, and it took a while to pinpoint udev as the culprit keeping the snapshot devices open and preventing their removal. "Helpful" such behaviour is not. We had to move all the debian buildds from using lvm snapshots to unpacking tar files as a result (btrfs being too fragile as mentioned).
Yeah, he writes okay pieces, but it kind of annoys me when he throws up blanket advice and then practically trips over himself extolling the opposite.
ZFS: You should use mirror vdevs, not RAIDZ
Guess what? The entire rsync.net service is built on top of RAID-Z3, if I read their promotional portal correctly.
One use case I can see for this is using ZFS to back up Postgres databases. I'm not the only person to think this might be a good idea. A while back, I listened to this talk, which I really enjoyed:
Keith Paskett: PostgreSQL on ZFS
On hard experience, he's particularly wary about the "drop table" oops disaster scenario.
Keith Paskett bio
* infrared radiometric calibration chambers Space Dynamics Laboratory
* helped develop Utah State University's Climate data server
* National Climate Data Center validated climate data
* all stored in PostgreSQL of course
1. ZFS Snapshotting is incremental, just like NetApp. In fact, it's so 'just like NetApp' that NetApp sued Sun Microsystems over it.
2. You don't know what the hell you're talking about. See #1.
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
Oh, so in your hatred of Oracle, you're recommending a filesystem project that was started by... Oracle.
Only reason Oracle isn't still the major contributor to btrfs is because they bought Sun and got a complete version of what they were trying to create with btrfs.
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
You're able to run as-root / Set-UID binaries with-in them? Nope. LXC emulates this by mapping UID-0 in the container to UID-x on the host via namespaces.
No, that is not correct. Root is root in an lxc container subject to some limitations (ex: making device entries), just like it is with BSD Jails. The mapping that you are referring to is a security mitigation feature, should an attacker manage to break out of the container. If a root-user within the container breaks out of the chroot (containers are essentially chroot with cgroups added in), but are still within the container process (iow, no buffer overflow or similar vulnerability), they will be subject to unprivileged status on the host (basically, the same as an unprivileged shell user). That is good, and is not something that BSD Jails do afaik. So, one might say lxc is more secure than jails in this respect.
From one of the maintainers of Docker (as of June 2014):
You do know that Docker and LXC are not the same thing, right? Docker is built on LXC, but they are not synonymous. Also, the quote is more of a "be careful with this" rather than a "containers can't handle this" type of comment. The thing about Docker specifically that makes it different from LXC, is the docker user space process, which is larger and possibly subject to more attack vectors, hence the conservatism about security. Just plain old LXC containers, though, should be as secure as anything else on the system (sans kernel vulnerabilities, etc).
there has been only one advisory about escaping out of a jail (and it was because of a devfsd bug, not jails itself)
Right, so aside from a kernel vulnerability (devfsd) a kernel-provided capability (jails) is perfectly secure? Nice bit of sophistry there. Jails is fundamentally no more or less secure than lxc containers. They are both "operating system-level virtualization" techniques implemented in similar ways (using chroot combined with kernel capabilities to separate userspace processes and resource limits). They are effectively the same.
BTRFS is less mature than ZFS, but it has a lot of useful functionality and is in some ways more elegant. For example, the snapshot of a subvolume is a first class filesystem in itself without dependency on it's parent. It's also a lot better about handling replacement of physical volumes underneath it if you have mirroring turned on. In particular, you can arbitrarily increase the size of the filesystem by using a larger replacement or just adding on more drives.
On the other hand, I'm not touching the raid5/6 with a ten foot pole in it's current state.