At Wed, 25 Jul 2012 08:12:42 +0000, Dietmar Maurer wrote: > > > > 1. There are two node A and B (redundancy level is 2), and each node > > > has one object. > > > 2. Node C joins Sheepdog, and new placement of the object becomes > > > node B and C. > > > 3. A VM writes data to the object, and node B completes the request > > > but node C rejects it since recovery is not started. > > > 4. Node B crashes before node C gets the updated data from node B, > > > and then the written data will be lost even though only one node > > > fails. In addtion, the VM can reads the old object after the > > > failure, which breaks the block device semantics. > > But that is also a problem with the current code. for example when > node B is the gateway node? If the gateway node fails, the VM will receive EIO. EIO means that there is no assurance about whether the sent data is written or not, so it's not a problem. Thanks, Kazutaka |