On Fri, Apr 10, 2009 at 12:43 AM, Andre van Eyssen <an...@purplecow.org>wrote:
> On Fri, 10 Apr 2009, Rince wrote: > > FWIW, I strongly expect live ripping of a SATA device to not panic the >> disk >> layer. It explicitly shouldn't panic the ZFS layer, as ZFS is supposed to >> be >> "fault-tolerant" and "drive dropping away at any time" is a rather >> expected >> scenario. >> > > Ripping a SATA device out runs a goodly chance of confusing the controller. > If you'd had this problem with fibre channel or even SCSI, I'd find it a far > bigger concern. IME, IDE and SATA just don't hold up to the abuses we'd like > to level at them. Of course, this boils down to controller and enclosure and > a lot of other random chances for disaster. > > In addition, where there is a procedure to gently remove the device, use > it. We don't just yank disks from the FC-AL backplanes on V880s, because > there is a procedure for handling this even for failed disks. The five > minutes to do it properly is a good investment compared to much longer > downtime from a fault condition arising from careless manhandling of > hardware. > IDE isn't supposed to do this, but SATA explicitly has hotplug as a "feature". (I think this might be SATA 2, so any SATA 1 controllers out there are hedging your bets, but...) I'm not advising this as a recommended procedure, but the failure of the controller isn't my point. *ZFS* shouldn't panic under those conditions. The disk layer, perhaps, but not ZFS. As far as it should be concerned, it's equivalent to ejecting a disk via cfgadm without telling ZFS first, which *IS* a supported operation. - Rich -- Procrastination means never having to say you're sorry.
_______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
