initramfs/udev/mdadm/lvm2 integration

[Kees Cook]

On Thu, Sep 13, 2007 at 05:59:34PM -0400, Phillip Susi wrote:
> Yes, but you may not be ABLE to change something if it is unattended and 
> won't boot up.  At least if it boots degraded, it is available for you to 
> remotely admin and mdadm should email you that it is running degraded, and 
> automatically try to rebuild using a hot spare if available.  Then you can 
> remotely start offlining unimportant services, tell users you will be going 
> down, start backing up, mail the datacenter a new drive and ask them to 
> replace it, etc.
>
> If the server is attended, then the admin will see it sitting there beeping 
> and saying it can't find the last drive, and if he thinks there's nothing 
> wrong with the drive but it just takes a while, he can hit a key to tell it 
> to keep waiting.

So, the question is, which is the "least surprising"?

a) having the machine spew "I can't mount, here's what you can do...",
   potentially endangering SLA and/or convenience.
b) mounting degraded, possibly due to poor timing, potentially endangering
   partitions and/or data.

I personally think "b" is more surprising.  I don't think it would be
hard to add another boot-time flag that means "auto-boot-when-degraded"
(which could be mentioned in the spew from "a").

-- 
Kees Cook
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20070913/29a75dda/attachment.pgp