You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Tyler Hobbs (JIRA)" <ji...@apache.org> on 2016/03/03 23:28:18 UTC
[jira] [Commented] (CASSANDRA-10112) Refuse to start and print txn
log information in case of disk corruption
[ https://issues.apache.org/jira/browse/CASSANDRA-10112?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15178729#comment-15178729 ]
Tyler Hobbs commented on CASSANDRA-10112:
-----------------------------------------
Overall the patch looks good.
Can you verify that the failing {{org.apache.cassandra.io.sstable.SSTableWriterTest.testAbortTxnWithOpenEarlyShouldRemoveSSTable}} utest is not a regression?
Other than that, I just have a few nitpicks:
* It would be nice to use constants instead of magic numbers for {{StartupException}} exit status codes.
* In {{LogRecord.make()}}, why do we catch {{Throwable}}? Should we be passing that through {{JVMStabilityInspector}}?
* {{removeUnfinishedCompactionLeftovers()}} could use some javadocs (especially explaining the return value).
* I have a slight for using the term "directories" instead of "folders" (but it's not worth changing existing code for this)
* I think this ticket needs a {{doc-impacting}} label
> Refuse to start and print txn log information in case of disk corruption
> ------------------------------------------------------------------------
>
> Key: CASSANDRA-10112
> URL: https://issues.apache.org/jira/browse/CASSANDRA-10112
> Project: Cassandra
> Issue Type: Improvement
> Components: Local Write-Read Paths
> Reporter: Stefania
> Assignee: Stefania
> Fix For: 3.x
>
>
> Transaction logs were introduced by CASSANDRA-7066 and are read during start-up. In case of file system errors, such as disk corruption, we currently log a panic error and leave the sstable files and transaction logs as they are; this is to avoid rolling back a transaction (i.e. deleting files) by mistake.
> We should instead look at the {{disk_failure_policy}} and refuse to start unless the failure policy is {{ignore}}.
> We should also consider stashing files that cannot be read during startup, either transaction logs or sstables, by moving them to a dedicated sub-folder.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)