Opened at 2010-01-18T03:54:56Z
Last modified at 2010-06-19T01:01:43Z
#915 new defect
the timers used by tahoe backup to trigger repair for unhealthy files should be configurable
Reported by: | davidsarah | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | eventually |
Component: | code-frontend-cli | Version: | 1.5.0 |
Keywords: | tahoe-backup preservation usability | Cc: | |
Launchpad Bug: |
Description
Reported by Kyle Markley:
I am nervous about synchronization between backupdb.sqlite and the grid. As happened recently, if a large chunk of the grid goes down, some files may go below their minimum number of shares. I could repair those files by re-uploading them, but the backupdb assumes those files are fine. So those files won't be reuploaded and they'll stay broken on the grid -- possibly forever. I'll think they're backed up, but they aren't! I'd like to have some way for a deep-check to inject a dose of reality into my backupdb.
For extra credit, I'd like behavior that's a hybrid between backup and deep-check. Run a backup operation, but check every file as we go along, and repair or re-upload the file if the grid doesn't have enough shares.
(Actually it should be if there are insufficient servers of happiness for the file, as per #614.)
Change History (4)
comment:1 Changed at 2010-01-18T22:43:09Z by warner
comment:2 Changed at 2010-01-20T07:06:06Z by davidsarah
- Keywords usability added
- Summary changed from tahoe backup should trigger repair for unhealthy files to the timers used by tahoe backup to trigger repair for unhealthy files should be configurable
comment:3 Changed at 2010-02-01T19:46:49Z by davidsarah
- Milestone changed from undecided to 1.7.0
comment:4 Changed at 2010-06-19T01:01:43Z by zooko
- Milestone changed from 1.7.0 to eventually
Take a look at source:docs/backupdb.txt . Clients of the backupdb (like "tahoe backup") are required to eventually do a filecheck on the files that they skip uploading. It uses an age-since-last-check -based probability. The timer values are set such that all files will be checked at least every two months. If the check indicates unhealthy, the file is re-uploaded.
It would probably be useful to make these timers configurable. Setting them to "zero" would give you the check-each-time behavior you'd like. source:src/allmydata/scripts/backupdb.py#L163 (NO_CHECK_BEFORE and ALWAYS_CHECK_AFTER in BackupDB_v2) are the values that would need configuring.