I'm still wondering if a SSD used as a ZIL device really must have a super capacitor or any other means to assure that data in its volatile DRAM buffer is written to stable NAND Flash memory in case of a power loss.
According to this blog post:
http://milek.blogspot.de/2010/05/zfs-synchronous-vs-asynchronous-io.html
with the setting for proper POSIX compliant behaviour:
>> sync=standard
>>
>> This is the default option. Synchronous file system transactions
>> (fsync, O_DSYNC, O_SYNC, etc) are written out (to the intent log)
>> and then secondly all devices written are flushed to ensure
>> the data is stable (not cached by device controllers).
the data should be flushed from the ZIL drives volatile DRAM cache before ZFS is returning the COMMIT.
So even if the system would lose power and the synchronous file system transactions would get lost from the intent log SSDs volatile DRAM buffer it should not cause any problem on the application side since the write operation was not committed.
It would only be committed after the buffer had been flushed to stable NAND Flash memory.
The following blog post further supports this:
https://blogs.oracle.com/roch/entry/nfs_and_zfs_a_fine
saying that:
>> ZFS is designed to work correctly whether or not the disk write caches are enabled.
>> This is acheived through explicit cache flush requests,
>> which are generated (for example) in response to an NFS COMMIT.
>> Enabling the write caches is then a performance consideration,
>> and can offer performance gains for some workloads.
So it sounds to me as if it's not that important that a SSD does have a super capacitor but more that it is honest about having flushed it's dirty buffers to stable madia.
Of cause I would expect that a SSD with a super capacitor is honest or could at least afford to be dishonest because it will be able to flush it's dirty buffers in an emergency case.
It would be nice if we could feel safe using one of the better performing cheap MLC SSDs without a super capacitor, heavily overprovisioned, as a ZIL device.
However, I'm not 100% sure that my conclusion is correct and that the information on which it is based is still up to date and correct.
According to this blog post:
http://milek.blogspot.de/2010/05/zfs-synchronous-vs-asynchronous-io.html
with the setting for proper POSIX compliant behaviour:
>> sync=standard
>>
>> This is the default option. Synchronous file system transactions
>> (fsync, O_DSYNC, O_SYNC, etc) are written out (to the intent log)
>> and then secondly all devices written are flushed to ensure
>> the data is stable (not cached by device controllers).
the data should be flushed from the ZIL drives volatile DRAM cache before ZFS is returning the COMMIT.
So even if the system would lose power and the synchronous file system transactions would get lost from the intent log SSDs volatile DRAM buffer it should not cause any problem on the application side since the write operation was not committed.
It would only be committed after the buffer had been flushed to stable NAND Flash memory.
The following blog post further supports this:
https://blogs.oracle.com/roch/entry/nfs_and_zfs_a_fine
saying that:
>> ZFS is designed to work correctly whether or not the disk write caches are enabled.
>> This is acheived through explicit cache flush requests,
>> which are generated (for example) in response to an NFS COMMIT.
>> Enabling the write caches is then a performance consideration,
>> and can offer performance gains for some workloads.
So it sounds to me as if it's not that important that a SSD does have a super capacitor but more that it is honest about having flushed it's dirty buffers to stable madia.
Of cause I would expect that a SSD with a super capacitor is honest or could at least afford to be dishonest because it will be able to flush it's dirty buffers in an emergency case.
It would be nice if we could feel safe using one of the better performing cheap MLC SSDs without a super capacitor, heavily overprovisioned, as a ZIL device.
However, I'm not 100% sure that my conclusion is correct and that the information on which it is based is still up to date and correct.