On Wed November 12 2008 4:57:29 am Per Jessen wrote:
Richard wrote:
Now, it isn't theoretical anymore. RAID is NOT a backup mechanism, good backups still are the only 'protection' for recovery of lost or damaged data, but RAID has convinced me that it is a pretty bulletproof HARDWARE solution for the reliability issue. It often *can* eliminate the need to actually use a backup because it helps prevent data damage in the first place (due to hardware, not pilot, errors) It is an integrity mechinism, not a backup mechanism, but if the harware is 'solid', and pilot error is removed, often backups never get used because the data is always available. Backups are primarily 'cockpit' error recovery, RAID does a great job of providing hardware protection against loss.
It's a slightly different topic, but running complete backups are far from always practical. The enormous amounts of disk-space and 24/7 production requirements make it virtually impossible to run complete backups. Backups are a last resort for when disaster strikes.
Totally agree with you there. OFF SITE backups are the only positive way to protect data with any degree of certainty and no version of RAID will provide 'disaster' recovery. If you have a flood or hurricane and your machine is wiped off the face of the earth, it makes no difference *what* version of RAID 'protection' you have. It *is* impractical for most SOHO users to make timely backups of large devices like the new 1+TB drives now hitting the market. If the backup is physically on the same or co-located machine, disaster recovery is largely a myth because all copies of the data is often lost, and backing up a few TB of data real-time does take too much time to complete in many cases making off-machine/off-site backups nearly impossible as the media gets larger. So, while RAID isn't the same as a good backup, it is *way* better than nothing at all in terms of practicality and reducing loss caused by *other* than 'cockpit' errors.
So, it is no longer theoretical; you need RAID both on the primary AND backup hardware devices. That gives you the best fault tolerance, both human and hardware.
What do you do about the risk of a dual-drive failure? RAID6 is one possible answer, but AFAIK it requires at least 5 disks, which is too many (for my situation).
Per, you can always toss more and more drives making the RAID more and more bulletproof, but simultaneous multiple drive failures fortunately are very rare. Raid 6 functionally is one of the more inexpensive ways to add some level of protection against multi-drive failure. If the data is so valuable that the 2-10 hour degraded operation while rebuilding an array that has had a drive fail makes that period of time of exposure to a 2nd drive failure, then NO version of RAID (IMO) is going to be the right solution because it doesn't protect against losses other than local hardware. By that I mean storm, theft, physical or malicious damage and any number of other reasons outside of simple drive failure(s). A SOHO should be able to take the risk that multiple drive failure will not occur in any given 24 hour (or so) period. A large corporation or one like banks, etc, where *any* loss is potentially catestrophic, multiple machine continuous backups including at least one off-site machine needs to be implemented, all with RAID 6 protection. This is the kind of backup that 9-11 at the WTC used and while everything in the buildings was lost including many computers with sensitive data lost, the off-site and transactional backups running continuously allowed for little or no loss of data for the datasets so protected. In my opinion Per, a 4 drive RAID 5 is exposed to 'degraded' operation very infrequently, and when it is, the odds of a 2nd drive failing are almost microscopic, so at a hardware level, a 3 or 4 drive RAID 5 is an acceptible risk. Again, if your data is valuable enough, invest in the extra drive(s) and use RAID 6 or even RAID 6 cascaded with RAID 1 'protection' of the entire array....what is that? Raid 60?
-- /Per Jessen, Zürich
Richard N�����r��y隊Z)z{.�ﮞ˛���m�)z{.��+�Z+i�b�*'jW(�f�vǦj)h���Ǿ��i�������