[PPT] - Single-pass restore after a media failure Caetano Sauer , Goetz PowerPoint Presentation

SLIDE 1

Single-pass restore after a media failure

Caetano Sauer, Goetz Graefe, Theo Härder

SLIDE 2

2 https://www.backblaze.com/blog/how-long-do-disk-drives-last/

20% of drives fail after 4 years Expectation of 50% for 6 years High failure rate

n first year

(factory defects)

SLIDE 3

3 https://www.backblaze.com/blog/best-hard-drive/

Bad batches among

therwise reliable

products More reliability at a premium price tag

SLIDE 4

Disk is dead?

4

Sep 2013 Drawbacks of traditional recovery apply (in varying degrees) to all types of media

SLIDE 5

Media restore

Log DB Log archive Full Incr. Backups Replacement Primary storage (latency-optimized) Secondary storage (bandwidth-optimized)

1. Restore backups
2. Log replay

5

SLIDE 6

How bad can it get?

Scenario:

Drive: 6 TB; 200 MB/s bandwidth; 4ms latency
Backups: full every week; incremental every day
Workload: 2% of data pages change daily

Sun 11PM Mon 11PM Tue 11PM Wed 11PM Thu 11PM Fri 11PM Sat 11PM

Full Incr. Incr. Incr. Incr. Incr. Incr.

Sun 10PM

Disk failure* * Subject to Murphy‘s law

6

SLIDE 7

How bad can it get?

1. Restore full backup: 6 TB at 200 MB/s = 9 hours
2. Restore 6 incremental backups: 6 * 16 mi pages * 1 ms = 26h

(Assuming 1ms latency of jump-sequential access)

3. Log replay with 75% buffer hit ratio = 10h

(Assuming 20 log records per modified page)

TOTAL = 45 hours Depends on device Depends on workload (growth rate & skew) and luck Depends on amount

f RAM and luck

Single-pass restore:

7

SLIDE 8

Scope: physiological logging

8

Fundamental assumption: page-based storage

page = unit of recovery

(i.e., virtually all database systems in use today)

Every log record reflects changes to a delimited region of physical storage

„recovery independence among objects“ (C. Mohan)

SLIDE 9

Some recent work…

9

SLIDE 10

Some recent work…

10

SLIDE 11

Sorted log archive

Log DB Log archive Replacement Sorted log archive Full Merge log and backup in a single pass! Merge join

11

SLIDE 12

So what's new?

12

SLIDE 13

Partially sorted log archive

External sort has two phases: during log archiving (normal processing)

Log DB

during restore

Run Run Run Run Run Run Run Run

Log archive

In-memory sorting

13

1. Run generation
2. Merge

SLIDE 14

Single-pass restore

15

Run 1 Run 2 Run 3 Run

1000

... Merge Merge Restored DB Full backup Sorted log

No need for incrementals

SLIDE 15

Single-pass restore

16

Run 1 Run 2 Run 3 Run

1000

... Merge Merge Restored DB Full backup Buffer Buffer Buffer Buffer RAM

Merge fan-in is limited by memory But number of runs can be kept manageable

SLIDE 16

Run management

17

Back to example: 6 TB with 2% daily change; 20 log records per page

Assume average log record size = 128 bytes

→ Log volume: 2 GB per day; 14 GB per week

Assume initial run size = 100 MB

→ 20 runs per day

Assume 1 MB merge buffers

→ 140 MB to merge a whole week worth of log

1 MB of RAM to merge 100 MB of log Runs as history units:

2007

...

2008 Jan 2014 Feb 2014 W 1 2015 W 2 2015

... ...

Mar 2 2015

40 MB to merge 1 year worth of log

(11 monthly + 3 weekly + 6 daily + 20 current day)

SLIDE 17

Backups reconsidered

19

How often?

monthly, quarterly, annually?
log replay bottleneck eliminated

Virtual backups

new full backup generated by merging old backup and log archive
decoupled from DB activity – may run on remote site

Run Run Run Run Run Run Run Run

Old backup New backup Merge Monthly run

SLIDE 18

Incremental backups

20

Goal: alleviate cost of log replay without overhead of taking a full backup

In single-pass restore:

very fast log replay (faster than loading scattered pages)
log replay hidable on load of full backup
log records can be aggregated (net change)
log archiving with zero interference in transaction processing logic
full backups much cheaper to take

But does it still make sense?

SLIDE 19

Experiments

21

SLIDE 20

Hypotheses

22

1. The cost of run generation during normal processing is negligible

i.e., substantially faster media recovery practically for free

2. Single-pass restore uses very little memory, independent of DB size

i.e., memory is not stolen from buffer pool

3. Single-pass restore hides log replay costs

i.e., restoring up-to-date DB takes the same as loading an outdated full backup

SLIDE 21

Run generation overhead is negligible

23

Scenarios:

B

= baseline (no log archiving → no media recovery)

T

= traditional log archiving (process and copy; no sorting)

S

= sorting (run generation)

S+M = sorting with asynchronous merging

Setup:

Shore-MT
24-core machine
TPC-C benchmark
All in memory

SLIDE 22

Run generation overhead is negligible

24

B = baseline T = traditional log archiving S = sorting (run generation) M = async. merging

Log in DRAM

1.5% Slightly higher CPU utilization

(OLTP workloads rarely fully utilize CPU)

SLIDE 23

Run generation overhead is negligible

25

B = baseline T = traditional log archiving S = sorting (run generation) M = async. merging

Log in SSD

No observable difference in throughput

SLIDE 24

Single-pass restore uses very little memory

26

Small memory footprint, independent

f database size

SLIDE 25

Single-pass restore hides log replay

27

(TPC-C databases)

Outdated (days or weeks) Up-to-date

SLIDE 26

Future work (teaser)

28

SLIDE 27

Instant restore

30

Log DB

Log archive

In-memory sorting + index load Run Run Run Run Run Run Run Run Backup Restore failed device:

incrementally
n-demand
while transactions are running

(on buffer pool and healthy/restored storage)

SLIDE 28

Conclusion

31

Thank you!

http://instantrecovery.github.io

R R Traditional restore: Single-pass restore: Instant restore: New transactions running