-----Original Message-----
From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
[mailto:xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Agent Rooker
Sent: Thursday, October 30, 2008 16:19
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] Block level domU backup
On Wed, Oct 29, 2008 at 5:34 AM, John Haxby <john.haxby@xxxxxxxxxx> wrote:
> Agent Rooker wrote:
>>
>> On Tue, Oct 28, 2008 at 1:10 PM, Nick Anderson <nick@xxxxxxxxxxxx> wrote:
>>
>>>
>>> The one case where I figured there would be a window for corruption
>>> was if information was coming over the wire that was being written.
>>>
>>
>> So would this be any worse than just yanking the network cable?
>>
>>
>>
>
> Yes. When you take a snapshot backup of domU you're basically doing a
> fork() of a running system. The parent, the original continues and runs
> all its outstanding transactions (receiving mail, sending mail, buying CDs
> from Amazon) and those transactions complete.
>
> When (or if) you restore the snapshot backup those half-completed
> transactions will continue as well. Anything in-bound will have been lost
> and chances are the worst that will happen is that you'll log a message.
> Anything outbound will be duplicated -- two copies of a mail messages,
two
> CDs from Amazon, credit card debited twice. Oops.
>
> You can, of course, prepare a system for a snapshot (or fork) so that
> transactions are completed or arrangements made for those important ones
to
> not continue in the forked copy. This isn't a problem unique to Xen, of
> course, you can have this problem with normal, bare-metal backups and
> transactions that are held on disk rather than in memory -- it's just that
> when you do bare-metal backups you're selective about what you back up and
> you don't typically backup things like, for example, the sendmail queue.
>
> jch
>
>
Assuming these transactions are done over TCP, wouldn't the duplicate
outgoing packets be discarded by the receiving server as out of order?
The exact workings of TCP are a little out of my depth, but that is
my understanding of it.
But let's suppose that you're right. What if I just disable
networking in the xen config file before doing an emergency restore
and then shutting down the domU cleanly before starting it up again
with networking. That should make the process of restoring a domU
less risky.
--
Agent Rooker
_______________________________________________
You are correct, outgoing packets that were part of a stream would
be discarded for being out of order. However, new connections (for mail
about to be delivered from queue, for example) would be established as new
connections and go through. This would be true even if you tried restoring
without networking, which may or may not be an option, as the mail would
still be in queue upon starting up. You could certainly do a clean shutdown
and startup after restore, but it wouldn't change anything unless there was
a problem with such a large number of connections suddenly stuck in
time_wait, and such a problem would probably be considered a bug, as other
situations (like a router going down) can cause the same situation and your
server shouldn't crash. However, I'm not so familiar with the software side
of things, and shutting down cleanly couldn't hurt, I just suspect it would
be a waste of time.
Dustin
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|