Toward I/O-Efficient Protection Against Silent Data Corruptions in RAID Arrays

Post on 23-Feb-2016

48 views 0 download

Preview:

Click to see full reader

Tags:

Report this document
SHARE

description

Toward I/O-Efficient Protection Against Silent Data Corruptions in RAID Arrays. Mingqiang Li and Patrick P. C. Lee The Chinese University of Hong Kong MSST ’14. [Patterson et al., SIGMOD ’88]. RAID. RAID is known to protect data against disk failures and latent sector errors - PowerPoint PPT Presentation

transcript

1

Toward I/O-Efficient Protection Against Silent Data Corruptions in RAID Arrays

Mingqiang Li and Patrick P. C. LeeThe Chinese University of Hong Kong

MSST ’14

RAID RAID is known to protect data against disk failures and

latent sector errors• How it works? Encodes k data chunks into m parity chunks,

such that the k data chunks can be recovered from any k out of n=k+m chunks

2

[Patterson et al., SIGMOD ’88]

Silent Data Corruptions

Silent data corruptions: Data is stale or corrupted without indication from

disk drives cannot be detected by RAID Generated due to firmware or hardware bugs or

malfunctions on the read/write paths More dangerous than disk failures and latent

sector errors

3[Kelemen, LCSC ’07; Bairavasundaram et al., FAST ’08; Hafner et al., IBM JRD 2008]

Silent Data Corruptions

Lost write:

Torn write:

Misdirected writes/reads:

4

Stale

Stale

(a) Misdirected writes (b) Misdirected reads

updated

Silent Data CorruptionsConsequences: User read:

• Corrupted data propagated to upper layers

User write:• Parity pollution

Data reconstruction• Corruptions of surviving chunks propagated to

reconstructed chunks

5

Integrity Protection Protection against silent data corruptions:

• Extend RAID layer with integrity protection, which adds integrity metadata for detection

• Recovery is done by RAID layer

Goals:• All types of silent data corruptions should be detected• Reduce computational and I/O overheads of

generating and storing integrity metadata• Reduce computational and I/O overheads of

detecting silent data corruptions

6

Our Contributions

A taxonomy study of existing integrity primitives on I/O performance and detection capabilities

An integrity checking model

Two I/O-efficient integrity protection schemes with complementary performance gains

Extensive trace-driven evaluations

7

Assumptions At most one silently corrupted chunk within a

stripe If a stripe contains a silently corrupted chunk,

the stripe has no more than m-1 failed chunks due to disk failures or latent sector errors

8

Otherwise, higher-level RAID is needed!

D0 D1 D2 D3 D4 D5 P0 P1

m-1=1

How RAID Handles Writes? Full-stripe writes:

• Parity chunks are computed directly from data chunks to be written chunks (no disk reads needed)

Partial-stripe writes:• RMW (Read-modify-writes) for small writes

• Read all touched data chunks and all parity chunks• Compute the data changes and the parity chunks• Write all touched data chunks and parity chunks

• RCW (Reconstruct-writes) for large writes• Read all untouched data chunks• Compute the parity chunks• Write all touched data chunks and parity chunks

9

Existing Integrity Primitives Self-checksumming / Physical identity

10

Data and metadata are read in a single disk I/O Inconsistency implies data corruption Cannot detect stale or overwritten data

[Krioukov et al., FAST ’08]

Existing Integrity Primitives Version Mirroring

11

Keep a version number in the same data chunk and m parity chunks

Can detect lost writes Cannot detect corruptions

[Krioukov et al., FAST ’08]

Existing Integrity Primitives Checksum Mirroring

12

[Hafner et al., IBM JRD 2008]

Keep a checksum in the neighboring data chunk (buddy) and m parity chunks

Can detect all silent data corruptions High I/O overhead on checksum updates

Comparisons

13

Question: How to integrate integrity primitives into I/O-efficient integrity protection schemes?

Additional I/O overhead

No additional I/O overhead

Integrity Checking Model

Two types of disk reads:• First read: sees all types of silent data corruptions• Subsequent reads: see a subset of types of silent data corruptions

Observation: A simpler and lower-overhead integrity checking mechanism is possible for subsequent-reads

14

Checking Subsequent-Reads

Subsequent-reads can be checked by self-checksumming and physical identity without additional I/Os

Integrity protection schemes to consider: • PURE (checksum mirroring only), HYBRID-1, and HYBRID-2

15

Seen by subsequent-reads

No additional I/O overhead

15

Integrity Protection Schemes

16

Hybrid-1• Physical identity + self-checksumming + version mirroring• A variant of the scheme in [Krioukov et al., FAST ’08]

Integrity Protection Schemes

17

Hybrid-2• Physical identity + self-checksumming + checksum mirroring• A NEW scheme

Additional I/O Overhead for a Single User Read/Write

18

Both Hybrid-1 and Hybrid-2 outperform Pure in subsequent-reads

Hybrid-1 and Hybrid-2 provide complementary I/O advantages for different write sizes

Switch point:

Choosing the Right Scheme

If choose Hybrid-1

If choose Hybrid-2

19

• = average write size of a workload (estimated through measurements)

• = RAID chunk size

• The chosen scheme is configured in the RAID layer (offline) during initialization

Evaluation

Computational overhead for calculating integrity metadata

I/O overhead for updating and checking integrity metadata

Effectiveness of choosing the right scheme

20

Computational Overhead Implementation:

• GF-Complete [Plank et al., FAST’13] and Crcutil libraries

Testbed:• Intel Xeon E5530 CPU @ 2.4GHz

with SSE4.2

Overall results:• ~4GB/s for RAID-5• ~2.5GB/s for RAID-6

RAID performance is bottlenecked by disk I/Os, rather than CPU

21

I/O Overhead Trace-driven simulation

• 12 workload traces from production Windows servers

• RAID-6 with n=8 for different chunk sizes

22

[Kavalanekar et al., IISWC ’08]

I/O Overhead

23

Pure can have high I/O overhead, by up to 43.74% I/O overhead can be kept at reasonably low (often below 15%) using

the best of Hybrid-1 and Hybrid-2, due to I/O gain in subsequent reads More discussions in the paper

43.74%

Choosing the Right Scheme

24

Accuracy rate: 34/36 = 94.44% For the two inconsistent cases, the I/O overhead difference

between Hybrid-1 and Hybrid-2 is small (below 3%)

Implementation Issues Implementation in RAID layer:

• Leverage RAID redundancy to recover from silent data corruptions

Open issues:• How to keep track of first reads and subsequent

reads?• How to choose between Hybrid-1 and Hybrid-2 based

on workload measurements?• How to integrate with end-to-end integrity protection?

25

Conclusions A systematic study on I/O-efficient integrity

protection schemes against silent data corruptions in RAID systems

Findings:• Integrity protection schemes differ in I/O overheads,

depending on the workloads• Simpler integrity checking can be used for

subsequent reads

Extensive evaluations on computational and I/O overheads of integrity protection schemes

26

Top related

DroboTM BeyondRAIDTMlevels to change once the array is live. RAID arrays that do allow protection level changes require the entire RAID set to be rebuilt. This rebuild can sometimes
Documents
Configuring a RAID Set (B450 Series)€¦ · only to fault-tolerant arrays such as RAID 1 and RAID 10 arrays. To replace the old drive, make sure to use a new drive of equal or greater
Documents
HDI and Corruptions
Documents
Power Systems SAS RAID controllers for Linux - IBM€¦ · SAS architecture summary .....10 Disk arrays .....11 Supported RAID levels ... (FFM) DMA Engine (for Redundant Array of
Documents
Marxist Obama' CrOOKest County Corruptions
Documents
RocketRAID 4320 SAS Host Adapter · 2018. 4. 9. · • Web browser-base RAID management software • Disk scrubbing to prevent degraded RAID arrays • Bad sector repair and re-mapping
Documents
RAIDs { Redundant arrays of independent disksHauke Stieler RAIDs { Redundant arrays of independent disks 1 Basics things about RAID The term RAID means Redundant Array of Independent
Documents
A Case for Redundant Arrays of Inexpensive Disks (RAID)
Documents
Durban's corruptions and disruptions - Centre for Civil ...ccs.ukzn.ac.za/files/Durban's corruptions and disruptions.pdfDurban’s Corruptions and Disruptions 1 UKZN Centre for ...
Documents
Chapter 6 External Memory Disk and RAID (Redundant Arrays of Independent Disks) CS-147 Fall 2010 Jonathan Wang.
Documents
A performance comparison of RAID-5 and Log-Structured-Arrays
Documents
Reference Guide for Linux - IBM · PDF filePCI-X SCSI RAID Controller Reference Guide for Linux SA23-1327-01. PCI-X SCSI RAID Controller ... . 135 Disk Arrays..... 135 Supported RAID
Documents
Understanding RAID Levels (RAID 0, RAID 1, RAID 2, RAID 3, RAID 4, RAID 5)
Software
RAID: high-performance, reliable secondary storage...Next, the article describes seven disk array architectures, called RAID (Redundant Arrays of Inexpensive Disks) levels O–6 and
Documents
Silent Data Corruptions at Scale - Facebook
Documents
A performance comparison of RAID-5 and Log-Structured- Arrays Jai Menon.
Documents
RAID, Disk, I/Oinst.eecs.berkeley.edu/~cs61c/resources/su18_lec/Lecture25.pdf · ~700 KHrs. RAID: Redundant Arrays of Inexpensive Disks •Files are “striped” across multiple
Documents
Raid reconstruction and Hooking - SourceForgepyflag.sourceforge.net/Presentations/Raid_Reconstruction.pdf · – RAID arrays are common in server class machines – Traditional techniques
Documents
Storage 2: RAID Learning Objectives – To understand the technology drivers leading to RAID arrays – To understand the principles of common RAID configurations.
Documents
A Case for Redundant Arrays of Inexpensive Disks (RAID)web.eecs.umich.edu/~michjc/eecs584/notes/lecture05-raid.pdf · RAID=Redundant Array of Independent Disks Use extra disks to
Documents

Copyright © 2018 DOCUMENTS