[systemd-devel] Journal over NFS
David Strauss
david at davidstrauss.net
Tue Feb 12 21:24:27 PST 2013
On Tue, Feb 12, 2013 at 8:08 PM, Lennart Poettering
<lennart at poettering.net> wrote:
> Hmm, so we actually explicitly want to be nice on NFS. This is supposed
> to be one supported transport for the journal. The current code will
> even automatically notice if NFS is used suggest not relying on inotify
> in those cases. See sd_journal_reliable_fd() for information on that.
>
> That said, testing for NFS has been light so far, and especially the NFS
> part of the code is very new still.
Regardless of how friendly the journal file access pattern is, NFS
will always be more fragile, more complex, and often less secure than
protocols like syslog, HTTP, or GELF. Deploying secure NFS generally
requires Kerberos, which has no open, popular implementation that is
highly available. Providing high availability for the NFS servers
themselves requires a complex setup involving fencing, IP address
fail-over, and potential data loss.
The journal also seems to block until it writes each item, and NFS is
prone to locking up when connectivity fails. This can, in turn, lock
up the applications trying to log.
If I'm wrong on any of these, please correct me, but I currently see
no scenario where journal-over-NFS would be anywhere close to
convenient and ideal.
--
David Strauss
| david at davidstrauss.net
| +1 512 577 5827 [mobile]
More information about the systemd-devel
mailing list