EmailDiscussions.com - View Single Post - Fastmail Database Problems

paleolith · 19 Aug 2003, 10:28 PM

It has not been clear from the reports whether the "rebuilding the database" has been the result of disk failure or of the database "just rotting" (that is, software errors).

I do not know whether all the disks are mirrored. Whereas wide-area duplication remains very expensive, there is no excuse for a system of this nature not to mirror all its disk. And if the disks were mirrored, there should have been no outage for a disk failure. But as I said, I don't know whether the failure is hardware or software.

It also has not been clear whether the excessive recovery times have been due to intrinsic flaws in the software or due to improper configuration and operation. (I recall that SpamCop has had some database problems that took about ten times as long as expected to rebuild from.)

It is not clear whether the MySQL developers pay as much attention to recovery as they should. Relational databases are in fashion now, and when I see a group following fashion, I have to wonder if they have blinders on.

What is clear is that full recovery under production conditions has not been adequately tested.

This kind of outage is NOT necessary. This IS a professional opinion. I'm familiar with a financial institution that handles millions of transactions per day. About the only time they go down is to upgrade the OS or DB software. But hey, this is mainframe stuff that's been under development for over 30 years. It has industrial strength reliability. This is difficult to attain in free software due to the extreme stress testing requirements. Developers don't like testing, and I haven't seen many testing experts gravitating toward the free software movement.

Yes, it costs more to use mirrored disk and industrial strength software. It costs more to fully test database recovery. It costs more to do the frequent online backups that are necessary for fast recovery.

But frankly, $40/year for reliable email is cheap to those of us in the first world. If it takes a higher price to make it reliable -- and retain all the other advantages that fastmail.fm offers -- then it's worth it to me. For those in parts of the world where this is already expensive, I would hope that the revenue from yearly paid accounts could carry along the free and lifetime accounts.

Edward

19 Aug 2003, 10:28 PM	#9
paleolith Cornerstone of the Community Join Date: Mar 2002 Location: Florida Posts: 545	It has not been clear from the reports whether the "rebuilding the database" has been the result of disk failure or of the database "just rotting" (that is, software errors). I do not know whether all the disks are mirrored. Whereas wide-area duplication remains very expensive, there is no excuse for a system of this nature not to mirror all its disk. And if the disks were mirrored, there should have been no outage for a disk failure. But as I said, I don't know whether the failure is hardware or software. It also has not been clear whether the excessive recovery times have been due to intrinsic flaws in the software or due to improper configuration and operation. (I recall that SpamCop has had some database problems that took about ten times as long as expected to rebuild from.) It is not clear whether the MySQL developers pay as much attention to recovery as they should. Relational databases are in fashion now, and when I see a group following fashion, I have to wonder if they have blinders on. What is clear is that full recovery under production conditions has not been adequately tested. This kind of outage is NOT necessary. This IS a professional opinion. I'm familiar with a financial institution that handles millions of transactions per day. About the only time they go down is to upgrade the OS or DB software. But hey, this is mainframe stuff that's been under development for over 30 years. It has industrial strength reliability. This is difficult to attain in free software due to the extreme stress testing requirements. Developers don't like testing, and I haven't seen many testing experts gravitating toward the free software movement. Yes, it costs more to use mirrored disk and industrial strength software. It costs more to fully test database recovery. It costs more to do the frequent online backups that are necessary for fast recovery. But frankly, $40/year for reliable email is cheap to those of us in the first world. If it takes a higher price to make it reliable -- and retain all the other advantages that fastmail.fm offers -- then it's worth it to me. For those in parts of the world where this is already expensive, I would hope that the revenue from yearly paid accounts could carry along the free and lifetime accounts. Edward