Editor
348
edits
m (Add Micron 5210 Ion) |
(Update background to reflect the present reality in 2020 WRT power failure protection.) |
||
Line 162: | Line 162: | ||
=== Background === | === Background === | ||
On-flash data structures are highly complex and | On-flash data structures are highly complex and traditionally have been highly vulnerable to corruption. In the past, such corruption would result in the loss of *all* drive data and an event such as a PSU failure could result in multiple drives simultaneously failing. Since the drive firmware is not available for review, the traditional conclusion was that all drives that lack hardware features to avoid power failure events cannot be trusted, which was found to be the case multiple times in the past[http://lkcl.net/reports/ssd_analysis.html][https://www.usenix.org/system/files/conference/fast13/fast13-final80.pdf][http://blog.nordeus.com/dev-ops/power-failure-testing-with-ssds.htm]. Discussion of power failures bricking NAND flash SSDs appears to have vanished from literature following the year 2015. SSD manufacturers now claim that firmware power loss protection is robust enough to provide equivalent protection to hardware power loss protection. Kingston is one example[https://www.kingston.com/us/solutions/servers-data-centers/ssd-power-loss-protection]. Firmware power loss protection is used to guarantee the protection of flushed data and the drives’ own metadata, which is all that filesystems such as ZFS need. | ||
However, those that either need or want strong guarantees that firmware bugs are unlikely to be able to brick drives following power loss events should continue to use drives that provide hardware power loss protection. The basic concept behind how hardware power failure protection works has been [https://www.intel.com/content/dam/www/public/us/en/documents/technology-briefs/ssd-power-loss-imminent-technology-brief.pdf documented by Intel] for those who wish to read about the details. As of 2020, use of hardware power loss protection is now a feature solely of enterprise SSDs that attempt to protect unflushed data in addition to drive metadata and flushed data. This additional protection beyond protecting flushed data and the drive metadata provides no additional benefit to ZFS, but it does not hurt it. | |||
It should also be noted that drives in data centers and laptops are unlikely to experience power loss events, reducing the usefulness of hardware power loss protection. This is especially the case in datacenters where redundant power, UPS power and the use of IPMI to do forced reboots should prevent most drives from experiencing power loss events. | |||
Lists of drives that provide hardware power loss protection are maintained below for those who need/want it. Since ZFS, like other filesystems, only requires power failure protection for flushed data and drive metadata, older drives that only protect these things are included on the lists. | |||
=== NVMe drives with power failure protection === | === NVMe drives with power failure protection === |