hoakley May 27, 2022 Macs, Technology

Efficient resilient storage

Most of what we do in computing reduces to processing, storage and output. Storage is central to everything we do, and its goals are to be reliable, efficient and resilient. Unfortunately, as this article shows, those three are in conflict; in particular, efficiency opposes reliability and resilience.

Theory

Raw file data aren’t, in general, efficient in terms of the space they occupy. Good examples of this are modern formats based on XML, which can readily contain gigabytes of text. That’s easily compressed using non-lossy algorithms, and even rapid methods can reduce the space required considerably. Among the most efficient practical methods of compressing long text files are those based on Lempel-Ziv codes, as they can code large numbers of symbols in the source into smaller bitcounts in the compressed version. However, they seldom approach the practical limit determined by the Shannon information content of the source.

Raw file data are usually more amenable to correction and repair in the event of damage or corruption, though. Because their information content is less dense, it can more readily be parsed by humans or machines, supporting correction and recovery.

As data is compressed towards the practical limit of its Shannon information content, it also becomes more susceptible to the effects of damage or corruption. Efficient stream codes such as Lempel-Ziv normally fail to decode correctly if any of the bits of the compressed file are altered. When chunks as large as 4 KB, the size of hard disk sectors, are lost, such damage normally makes it impossible to decompress the file at all.

Checking the integrity of whole files is quick and simple to achieve by computing a checksum or hash for the file, but that’s only the first step in resilience. If a file doesn’t match its checksum/hash, the more difficult tasks are identifying where the errors are and repairing them. Although there are perfect solutions, they’re so inefficient that it’s generally accepted that practical methods have low chances of failure rather than perfection.

Unfortunately, error detection and correction require that data is added to the file. For example, Hamming codes and their derivatives like Reed-Solomon codes add parity-checking bits; the more bits that are added, the greater the probability of errors being detected and corrected. Special consideration also needs to be made for the complete loss of chunks of data, as might occur with the loss of hard disk sectors of 4 KB. Even methods which considerably increase the amount of data stored face practical limits in the amount of data loss that is recoverable.

Quandary

The more efficiently you store data, using compression, the less recoverable it is from error and damage. The more resilient you make the data stored, the less efficient it becomes.

Examples

PDF file format is very old, dating back over thirty years. By modern standards, it’s antique. It consists of text files containing dictionaries of objects, many of which are compressed, although in its early days most, apart from embedded images, were retained in plain text too. Applying a further compression step to a PDF file seldom reduces its size much, because all the larger objects have already been compressed. Damage to the contents of objects is largely recoverable, although affected objects will be lost, but damage to its file structure is likely to result in total file loss. Limited error detection is built into the format, but there’s no inherent support for correction or recovery.

Making PDF files more resilient can only be achieved using external methods, so increasing their effective size.

Many modern applications now store raw data in open or proprietary XML formats, which are recognised as being highly inefficient. To reduce their storage requirements, these are now commonly compressed using Zip and other techniques. While their uncompressed originals can be repairable in the event of damage, any errors in the compressed data result in total file loss.

Applying further compression to those files seldom results in much saving, and at worst can increase their size. This is because most compression methods work best on average, which means that worst case results can produce a compressed file larger than the original. Few if any compressed XML formats use checksums/hashes to check integrity, and none use error-correcting codes. They too can therefore only be made more resilient by increasing their effective size.

APFS sparse files adopt a completely different approach. Used only for files in which much of their content is void, only non-void data is stored. This is extremely efficient, but has no resilience.

Implementation

There’s no single implementation which provides complete resilience. File systems which incorporate CRC error detection and correction on all stored data don’t provide any protection against lost sectors. RAID mirror storage provides useful protection from data loss only when that loss occurs locally on one of the mirrored disks, for example with sector loss on one hard disk. Combining methods can give good resilience, but only at the cost of efficiency, complexity and price.

Providing good resilience to all files in storage is usually unnecessary, particularly when using more reliable storage media such as SSDs, which tend to work normally or fail completely. In those cases, a combination of integrity checks and multiple independent copies of important files is probably the most efficient in terms of processing and storage required. This is already easily accomplished in a thorough backup scheme, where you should aim to have at least two local backups of all important files, and one off-site. Tagging them with a hash for integrity checking is quick and simple using utilities such as my free Fintch, Dintch and cintch. I’ve even been running a long-term test of this in iCloud Drive.

Rather than using computationally expensive error-correcting codes, the best answer for most Mac users may lie with safety in numbers.

Further reading

Stefan M Moser and Po-Ning Chen (2012) A Student’s Guide to Coding and Information Theory, Cambridge UP. ISBN 978 1 107 01583 8.
David JC MacKay (2003) Information Theory, Inference, and Learning Algorithms, Cambridge UP. ISBN 978 0 521 64298 9.

20Comments

Add yours

1

EcleX on May 27, 2022 at 9:11 am

Thanks for the interesting article. Do you know if APFS has a built-in self-healing feature, as other formats like ZFS have?

LikeLiked by 1 person
- 2
  
  hoakley on May 27, 2022 at 11:24 am
  
  The answer isn’t so simple.
  No, APFS doesn’t offer CRC checksums or a similar system for data, normally. However, I believe that they are used in its file system metadata, to ensure its integrity. Also the SSV has tree of cryptographic hashes, with which it’s sealed. That’s not only sensitive to the smallest change, but is designed to ensure complete security, which CRC doesn’t attempt. But the SSV doesn’t correct errors, as that would be a vulnerability.
  Unlike ZFS, APFS was designed primarily for more reliable storage media, SSDs. However, CRC checksums don’t self-heal typical hard disk sector loss, for which you need RAID mirror systems or a similar storage strategy, which aren’t good news on SSDs because of their inefficiency and cost.
  As the article above states – I hope very clearly – error-correction and efficiency are opposites.
  Howard.
  
  LikeLike
3

EcleX on May 27, 2022 at 12:11 pm

Many thanks. For what are SSD are inefficient?

LikeLiked by 1 person
- 4
  
  hoakley on May 27, 2022 at 12:24 pm
  
  SSDs aren’t inefficient. RAID mirror systems on SSDs are both inefficient and costly.
  Howard
  
  LikeLike
  - 5
    
    EcleX on May 27, 2022 at 1:08 pm
    
    And why are SSD inefficient for RAID mirror systems? Thanks.
    
    LikeLike
    - 6
      
      hoakley on May 27, 2022 at 1:11 pm
      
      All storage is then inefficient as mirroring requires twice the storage capacity in order to create the mirror. In terms of storage space, it’s exactly the opposite of compression.
      Howard
      
      LikeLike
7

hstriepe on May 27, 2022 at 1:22 pm

I am using BTRF (https://en.wikipedia.org/wiki/Btrfs) with SHR (Synology Hybrid RAID) on my Synology NAS for bulk storage and TimeMachine. Pretty happy with its feature set. It does data scrubbing once a month and features compression for specific folders.
A NAS like that is the best accessory a Mac can have.

LikeLiked by 1 person
- 8
  
  hoakley on May 27, 2022 at 9:29 pm
  
  Thank you. Despite having reviewed five excellent NAS system, including one from Synology, I’m still far from enthused. The snag is that BTRFS will protect the integrity of your backup sparsebundle, but that does nothing to protect the virtual APFS file system inside it. If that becomes sick, you’ll still lose your backups in just the same way you would on any far cheaper storage.
  Howard.
  
  LikeLike
  - 9
    
    kapitainsky on May 29, 2022 at 5:57 am
    
    BTRFS also supports snapshots and with Synology NAS you can take snapshot manually or configure to take them automatically on schedule (including their retention rules). If you take snapshots after sucessfull backup verification (which is effectively fsck on APFS volume in case on networked TM) you can alwyas later revert your TM volume back to good state when problem happens.
    
    TM automatically verifies network backup once a month I think – so keep few montly snapshots of your TM volume and it can save your day.
    
    More complicated way is to take control of TM backups (this is another area where Apple TM lacks a lot) – for example myself I use script run everynight which makes TM backup to NAS and then runs quick backup verification. NAS is configured to take snapshots daily before backup happens. I keep one week worth of daily snapshots + 2 months of weekly.
    
    LikeLiked by 1 person
    - 10
      
      hoakley on May 29, 2022 at 7:58 am
      
      Thank you. This is exactly my point – efficiency and resilience are working in opposite directions. You’ve opted for resilience, at great cost to efficiency. Although snapshots aren’t the least efficient way of doing this, they’re taking up disk space beyond that required to store your backups.
      Howard.
      
      LikeLike
11

Duncan on May 27, 2022 at 6:14 pm

Apologies if this is a bit of a tangent, but you wrote:

“…when using more reliable storage media such as SSDs, which tend to work normally or fail completely.”

I know that SSDs (like anything using electronic components) can fail completely, but I have also read that they (might) have a more benign failure mode. Their limited write cycles has been well-established and once a statistically sufficient number of cells has worn out they are no longer usable as Read/Write storage. However, anecdotal reports claim that once no longer able to be written to, SSDs can still offer the existing data as read-only, which would be the best of all possible failure modes. Unfortunately, I can’t find any sources to back up those claims, and find no mention here:

https://en.wikipedia.org/wiki/Solid-state_drive#SSD_failure

I’m curious if you have come across anything that discusses this, or if it’s more a matter of wishful thinking.

Thank you.

LikeLiked by 1 person
- 12
  
  hoakley on May 27, 2022 at 9:35 pm
  
  Thank you. Such graceful failure would be more than welcome. I have no idea whether it will prove true, but in the coming years we should discover whether that does work. So far, though, results don’t seem encouraging: those who have had SSD failures haven’t yet experienced this, it would appear.
  Howard.
  
  LikeLike
13

Raoul on May 28, 2022 at 12:03 am

“… when using more reliable storage media such as SSDs …”

Ah, ok… Curious to see your sources to have this belief. Unless you mean “in general” and not just failure rates in a controlled environment.

LikeLiked by 1 person
- 14
  
  hoakley on May 28, 2022 at 6:04 am
  
  I’m sorry, I’m not going to waste my time responding to this. If you’re not aware of any differences, then you carry on using hard disks, and replacing them all every 3-4 years as they start failing, running them in RAID arrays to minimise the damage their failure causes, and so on.
  I’ve had countless hard disks fail on me, but not one SSD has ever failed, although I have had errors occur briefly on two. In both cases, the SSD reformatted fine and went on to continue working without further error or failure.
  Since 1989, I have written the Q&A sections for a succession of Mac magazines. Hard disk failures were my bread and butter. I still get a few questions about them. The only SSD failures I’ve been asked about are in some of the small SSDs Apple put in Fusion Drives.
  So you’re welcome to believe whatever you wish. Good luck to you, as we’ve always needed with hard disks.
  Howard.
  
  LikeLike
  - 15
    
    kapitainsky on May 29, 2022 at 6:14 am
    
    Definitely you are right for disks used in home environment/worloads. SSDs are superior pretty much in every aspect but for archival purposes. I do not fully trust neither technology and do my backups to both SSD and HDD.
    
    LikeLiked by 1 person
    - 16
      
      hoakley on May 29, 2022 at 8:00 am
      
      Thank you. I don’t think you should distrust either storage medium, just be aware of the risks involved in storage. It’s more important to have two backups than deliberately making backups to different media types.
      Howard.
      
      LikeLike
  - 17
    
    Raoul on May 30, 2022 at 12:50 am
    
    Apology accepted.
    
    I mentioned controlled environment rather than “in general” because there’s more to discuss than just concluding with your dismissive response that ignores it.
    
    It’s difficult to attain data from vendors (Dell/HP/Apple won’t tell my workplace directly) and so hats off to Backblaze who openly publish their SSD and HDD failure rates.
    https://www.backblaze.com/blog/are-ssds-really-more-reliable-than-hard-drives/
    Using your own experience as a sample and referencing other’s experiences/repetition as a journalist is fine to have that conclusion. Our company has over 20,000 employees and storage failure rates have changed little over the years and so we’re not able to conclude anything when it comes to SSD v HDD reliability at present.(← is that a conclusion LOL)
    
    Where’s the relevancy here for me? NAS boxes.
    No doubt for others too when NAS boxes with HDDs slowly evolve to use SSDs as SSD price/size becomes more attractive. It’s all I have to compare SSD v HDDs in a (more) controlled environment.
    Although early days for SSDs given they’re still relatively new in the computing world, Backblaze’s article is worth reading and perhaps best left to individuals to form their own conclusions, or not.
    
    Time well wasted for me.
    
    LikeLiked by 1 person
    - 18
      
      hoakley on May 30, 2022 at 7:30 pm
      
      OK, you have dragged me screaming kicking to an article for Thursday morning. Do you record and analyse your storage failure rates formally, or is this just your impression? Presuming that you operate all your storage at the bottom of the U curve, then even much larger and formal measurements are exceedingly difficult to make sense of. And there are so many biases to beware of too,
      Howard.
      
      LikeLike
19

Raoul on May 31, 2022 at 3:05 am

We do have formal logging via our Service Desk team (Tier 1) when Staff are having any issue in need of help.
These issues are filtered via templates to some degree and some come to me (Tier 3) to tend to.
Contract Management and our Distribution Centre know more about the data breakdown which is how I’ve been informed about HDD v SDD in the End User environment. I will enquire if they’re able to provide me more.
For our larger storage services–no idea as the information shared from this team is virtually zero.

Storage here at the Uni uses a Hybrid Cloud Model with Secure Data Enclaves woven within. Consequently, even some of the information in our meetings is presented vaguely due to security policy at this level.
An example is that we only inform Academia of the minimal number of data-retention-days for backups within certain enclaves, so not to disclose information to ransomware threats/bots that may increase their effectiveness.

Like you said with measuring and bias in the mix, operational policies further complicate covering this topic, not to mention drive manufactures also closely guarding their own factory failure rates to preserve their revenue streams.

LikeLiked by 1 person
- 20
  
  hoakley on May 31, 2022 at 4:09 pm
  
  Thank you.
  Yes, given the value and size of this market, it’s very disappointing that good studies are so infrequent.
  Howard.
  
  LikeLike

·Comments are closed.

Share this:

Like this:

Related