Quicksearch
Disclaimer
The individual owning this blog works for Oracle in Germany. The opinions expressed here are his own, are not necessarily reviewed in advance by anyone but the individual author, and neither Oracle nor any other party necessarily agrees with them.
Some thoughts about deduplication
Tuesday, February 3. 2009
Deduplication is one of this big hype topics at the moment. Deduplication sounds good, but ... well ... hmmm ... letīs say it this way: This technology has to mature.
At first there was a link in a internal mailing list. Deduplication is pretty simple ... at least if you have checksums for every block in your storage. Deduplication is just a very clever usage of checksums. Such a checksum is nothing else than a hash. Itīs a safe assumption, that a block has a higher probability of beeing duplicate if an older block has the same checksum. But as we all know: Hash algorithims are suceptible to collisions. Before simply linking your new block to the old one, you have to check if they are really the same. And there starts the problem.
Letīs assume your storage is a large heap of boxes with screws. To accelerate searching you sort the heaps of boxes in rows: Small screws, Large screws, blade head, torx head. You mark you boxes with the combinations, but there are several boxes with the same name: Small Torx T9 come in several shapes and each shape get each own box.
You want to sort a large torx screw with a silver finish and Whitworth threading. in your boxes, you can hash the screw ("Oh, itīs a large torx") look at your screw boxes. You have open every box and look if they are really the same. First box: Okay, thatīs the black ones. Next box: Cheese ... that the one withs with the metric scew thread. This can take a while.
Now letīs assume you have a more sophisticated hashing ... eeerr ... sorting scheme: You have a box for each size, each type of head, each type of threading and so on. Albeit there are still possible collisions, you have to open fewer boxes to find out which box is really the right one for your screw.
Now there are two ways to dedupe: You can to it right at the delivery of the screws or you can put them in their own box at first and sort them later. If itīs easy to find the correct box, itīs possible to do it immediately. If itīs hard to find the box, you should do it later. You canīt explain to a mechanic, that you have to sort screws at first, before you can deliver his screw at first.
Itīs pretty much the same for storage and data deduplication. The sorting method is the hash, the boxes with screws are the blocks on your screws. And there are exactly such problems. NetApp for example has a 16-bit checksum. Letīs assume you use the biggest possible dedupable volume ... 16 TB. Your checksum has 65.000 possible values. Assuming an even distribution on all the possible blocks, this would lead to 65536 collisions per value. To really check if a block is identical, you have to check up to 65536 blocks. This isnīt something i found out: Jered Floyd pointed to this fact in blog entry Jet Engine on a Duck: You Cant Retrofit Dedupe. Itīs an interesting read, he has done the math about this hash collisions there. Reading this article i thought at first, that there are additional fingerprints, but a technical director at NetApp wrote:
The cure of this problem is easy: Use stronger hashes. Letīs assume a deduplication for ZFS. ZFS uses 256-bit checksums. That leads to 1.15792089 Ũ 1077 states. 16 TB are round about four billion blocks at 4k per block. Even a 32 bit checksum would result in the same of states in the hash giving each possible block potentially an own hash value). ZFS has 256-bit one. We can detect with a probability of 0.9999999999999999999 the validity of a block thus we could detect with the same probability the duplicity of a block (validity and duplicity are different sides of the same medal). Itīs safe to assume, that we would have to check only a single old block for every block of data for duplicity. You have to do the cross check: When you delete the other block, 0.9999999999999999999 isnīt enough. But itīs a difference if you have to check 1 block or if you have to check 65536 blocks.
By the way: Deduplication is the reason, why Linux need a checksumming filesystem and thus brtfs badly for the future. Without checksums in the filesystem, you have to to the duplication detection outside of the filesystem (thus having additional effort to do dedup) and to ensure that your fingerprint database is in sync with the real filesystem. Doesnīt look efficient.
And there is another problem: You loose redundancy with deduplication. When dozens of files use the same blocks and this block goes corrupt you have a really huge problem. Or what happens if you read an incorrect block, the checksum doesnīt detect it and cache it and donīt read it again. With deduplication all files would be incorrect at once. This is another tradeoff. I donīt think of duplicated file as wasted space. It adds redundancy to your data and you have to decide of you want to take the risk even if itīs small or or not. I wouldnīt to dedup without RAID-1 (duplicate the deduplication
) and really strong checksums to be sure. And when you really thing about it: People want dedup because of the costs for fast, enterprise disks per TB. But: 2 TB disks start to emerge and you could use SSD for speed. So you can implement huge amounts of storage with high speed at small costs. The concept of hybrid storage pools put the need for deduplication some time into the future.
As i have written before: Deduplication is a technology has has to mature be use a commodity technology. And in some cases you have to do your homework in the underlying technology. Sun has solved the underlying problems "en passant" with ZFS, thus we have started to develop "Deduplication ... done right" some time ago.
At first there was a link in a internal mailing list. Deduplication is pretty simple ... at least if you have checksums for every block in your storage. Deduplication is just a very clever usage of checksums. Such a checksum is nothing else than a hash. Itīs a safe assumption, that a block has a higher probability of beeing duplicate if an older block has the same checksum. But as we all know: Hash algorithims are suceptible to collisions. Before simply linking your new block to the old one, you have to check if they are really the same. And there starts the problem.
Letīs assume your storage is a large heap of boxes with screws. To accelerate searching you sort the heaps of boxes in rows: Small screws, Large screws, blade head, torx head. You mark you boxes with the combinations, but there are several boxes with the same name: Small Torx T9 come in several shapes and each shape get each own box.
You want to sort a large torx screw with a silver finish and Whitworth threading. in your boxes, you can hash the screw ("Oh, itīs a large torx") look at your screw boxes. You have open every box and look if they are really the same. First box: Okay, thatīs the black ones. Next box: Cheese ... that the one withs with the metric scew thread. This can take a while.
Now letīs assume you have a more sophisticated hashing ... eeerr ... sorting scheme: You have a box for each size, each type of head, each type of threading and so on. Albeit there are still possible collisions, you have to open fewer boxes to find out which box is really the right one for your screw.
Now there are two ways to dedupe: You can to it right at the delivery of the screws or you can put them in their own box at first and sort them later. If itīs easy to find the correct box, itīs possible to do it immediately. If itīs hard to find the box, you should do it later. You canīt explain to a mechanic, that you have to sort screws at first, before you can deliver his screw at first.
Itīs pretty much the same for storage and data deduplication. The sorting method is the hash, the boxes with screws are the blocks on your screws. And there are exactly such problems. NetApp for example has a 16-bit checksum. Letīs assume you use the biggest possible dedupable volume ... 16 TB. Your checksum has 65.000 possible values. Assuming an even distribution on all the possible blocks, this would lead to 65536 collisions per value. To really check if a block is identical, you have to check up to 65536 blocks. This isnīt something i found out: Jered Floyd pointed to this fact in blog entry Jet Engine on a Duck: You Cant Retrofit Dedupe. Itīs an interesting read, he has done the math about this hash collisions there. Reading this article i thought at first, that there are additional fingerprints, but a technical director at NetApp wrote:
Accordingly, every block of data on disk is protected with a checksum. NetApp uses this checksum as its fingerprint. Since we were going to compute it anyway, we get it "for free"there is no additional load on the system.. Of course there is no additional load because of checksum generation for them at write time, but you pay for it at the deduplication.
The cure of this problem is easy: Use stronger hashes. Letīs assume a deduplication for ZFS. ZFS uses 256-bit checksums. That leads to 1.15792089 Ũ 1077 states. 16 TB are round about four billion blocks at 4k per block. Even a 32 bit checksum would result in the same of states in the hash giving each possible block potentially an own hash value). ZFS has 256-bit one. We can detect with a probability of 0.9999999999999999999 the validity of a block thus we could detect with the same probability the duplicity of a block (validity and duplicity are different sides of the same medal). Itīs safe to assume, that we would have to check only a single old block for every block of data for duplicity. You have to do the cross check: When you delete the other block, 0.9999999999999999999 isnīt enough. But itīs a difference if you have to check 1 block or if you have to check 65536 blocks.
By the way: Deduplication is the reason, why Linux need a checksumming filesystem and thus brtfs badly for the future. Without checksums in the filesystem, you have to to the duplication detection outside of the filesystem (thus having additional effort to do dedup) and to ensure that your fingerprint database is in sync with the real filesystem. Doesnīt look efficient.
And there is another problem: You loose redundancy with deduplication. When dozens of files use the same blocks and this block goes corrupt you have a really huge problem. Or what happens if you read an incorrect block, the checksum doesnīt detect it and cache it and donīt read it again. With deduplication all files would be incorrect at once. This is another tradeoff. I donīt think of duplicated file as wasted space. It adds redundancy to your data and you have to decide of you want to take the risk even if itīs small or or not. I wouldnīt to dedup without RAID-1 (duplicate the deduplication
) and really strong checksums to be sure. And when you really thing about it: People want dedup because of the costs for fast, enterprise disks per TB. But: 2 TB disks start to emerge and you could use SSD for speed. So you can implement huge amounts of storage with high speed at small costs. The concept of hybrid storage pools put the need for deduplication some time into the future. As i have written before: Deduplication is a technology has has to mature be use a commodity technology. And in some cases you have to do your homework in the underlying technology. Sun has solved the underlying problems "en passant" with ZFS, thus we have started to develop "Deduplication ... done right" some time ago.
Posted by Joerg Moellenkamp
in English, General
at
09:40
| Comments (9)
| Trackbacks (0)
View as PDF: This entry | This month | Full blog
View as PDF: This entry | This month | Full blog
Comments
Display comments as
(Linear | Threaded)
I can imagine several situations, where "duplicating the deduplication" would still be a great feature and a big bunch of space saving.
When I look at our Fileservers, even keeping each block twice instead of once for each file would be a save.
I don't speak of a deduplicated raid, but even the ditto blocks feature of zfs.
In many applications it might not be worth the computing overhead but I would very glad if I had it at least for some of our boxes.
When I look at our Fileservers, even keeping each block twice instead of once for each file would be a save.
I don't speak of a deduplicated raid, but even the ditto blocks feature of zfs.
In many applications it might not be worth the computing overhead but I would very glad if I had it at least for some of our boxes.
You make some good points - especially the 16-bit checksum used by NetApp. That helps more than anything else that I have seen to give guidance on when it is really bad to do dedup.
Every once in a while I hear the argument that disk (or RAM) is cheap, so just add more. That works well up until you have added more or you started out with the (economically) most. Suppose I have a T2000 with 4 x 73 GB drives that runs Solaris 10. I've taken the leap and use ZFS for / and zone roots. Having gotten tired of being surprised by the poorly packaged app that "needs" to put a symlink in /usr/lib I make use of zfs clones to provision 20 full root zones. After all, each takes hardly any space. My starting point for disk usage looks like:
/ 4 GB
swap 16 GB
dump 16 GB
/zones/$zone 1 GB (50 MB each for app install, etc.)
The second pair of disks is used to store application data.
The first pair of 73 GB drives is about half full - That's not bad. Along comes a patch cycle. I create a new boot environment with live upgrade, download 10_Recommended.zip (1078.54 MB today) to /var/tmp and extract it (another 2 GB?). Let's pretend that about half of the patches (in space) actually apply - which would seem to take up another 13 GB. In reality, each patch creates undo.Z in two places in the global zone (/var/sadm/pkg/$pkg/save/$patch/undo.Z, /var/sadm/pkg/$pkg/save/pspool/$pkg/save/$patch/undo.Z) and one in each non-global zone (/var/sadm/pkg/$pkg/save/$patch/undo.Z). Assuming average compression of 50% for the undo.Z files, we are now at:
/ 7 GB (original 4 GB + 1 GB .zip, + 2 GB unzipped)
swap 16 GB
dump 16 GB
/zones/$zone 1 GB
alt / 2 GB (Free clone, 1 GB patches, 2 x 500 MB undo.Z)
alt /zones/$zone 30 GB (Free clone, 20 x (1 GB patches, 500 MB undo.Z))
Oops, that is 70 GB - things are looking pretty tight. If real-time dedup were used, it would look like:
/ 6 GB (original 4 GB + 1 GB .zip + 2 GB unzipped - dupes in unzipped compared to /)
swap 16 GB
dump 16 GB
/zones/$zone 1 GB
alt / 600 MB (Free clone, new files are dupes of unzip in /var/tmp, /var/sadm/pkg has lots of package metadata changes, 2 x 500 MB undo.Z deduped to 1 x 500 MB)
alt /zones/$zone 2 GB (Free clone, new files are dupes, undo.Z are dupes, metadata changes)
That brings us to about 42 GB - which should remain relatively steady through subsequent patch cycles - especially if undo.Z from earier patch cycles are removed.
The "add more disk" approach would have involved buying a pair of 146 GB drives because the root pool doesn't do striping. The same exercise done for LDoms can start to make the space available in a maxed out T5240 look tight.
Every once in a while I hear the argument that disk (or RAM) is cheap, so just add more. That works well up until you have added more or you started out with the (economically) most. Suppose I have a T2000 with 4 x 73 GB drives that runs Solaris 10. I've taken the leap and use ZFS for / and zone roots. Having gotten tired of being surprised by the poorly packaged app that "needs" to put a symlink in /usr/lib I make use of zfs clones to provision 20 full root zones. After all, each takes hardly any space. My starting point for disk usage looks like:
/ 4 GB
swap 16 GB
dump 16 GB
/zones/$zone 1 GB (50 MB each for app install, etc.)
The second pair of disks is used to store application data.
The first pair of 73 GB drives is about half full - That's not bad. Along comes a patch cycle. I create a new boot environment with live upgrade, download 10_Recommended.zip (1078.54 MB today) to /var/tmp and extract it (another 2 GB?). Let's pretend that about half of the patches (in space) actually apply - which would seem to take up another 13 GB. In reality, each patch creates undo.Z in two places in the global zone (/var/sadm/pkg/$pkg/save/$patch/undo.Z, /var/sadm/pkg/$pkg/save/pspool/$pkg/save/$patch/undo.Z) and one in each non-global zone (/var/sadm/pkg/$pkg/save/$patch/undo.Z). Assuming average compression of 50% for the undo.Z files, we are now at:
/ 7 GB (original 4 GB + 1 GB .zip, + 2 GB unzipped)
swap 16 GB
dump 16 GB
/zones/$zone 1 GB
alt / 2 GB (Free clone, 1 GB patches, 2 x 500 MB undo.Z)
alt /zones/$zone 30 GB (Free clone, 20 x (1 GB patches, 500 MB undo.Z))
Oops, that is 70 GB - things are looking pretty tight. If real-time dedup were used, it would look like:
/ 6 GB (original 4 GB + 1 GB .zip + 2 GB unzipped - dupes in unzipped compared to /)
swap 16 GB
dump 16 GB
/zones/$zone 1 GB
alt / 600 MB (Free clone, new files are dupes of unzip in /var/tmp, /var/sadm/pkg has lots of package metadata changes, 2 x 500 MB undo.Z deduped to 1 x 500 MB)
alt /zones/$zone 2 GB (Free clone, new files are dupes, undo.Z are dupes, metadata changes)
That brings us to about 42 GB - which should remain relatively steady through subsequent patch cycles - especially if undo.Z from earier patch cycles are removed.
The "add more disk" approach would have involved buying a pair of 146 GB drives because the root pool doesn't do striping. The same exercise done for LDoms can start to make the space available in a maxed out T5240 look tight.
Obviously the best way in regard of deduplication is to prevent duplication as you did it with zone cloning.
I understand your argument, but I believe there is a very valid counter-argument.
If I am using zfs to mirror disks, I should have all the data safety I need. To achieve consolidation goals, and likely efficient use of the ZFS ARC, having fewer copies of duplicate data is better. I think you would get better use of disk space and have lower risk of data loss through dedupe + mirror + copies=2.
If I am using zfs to mirror disks, I should have all the data safety I need. To achieve consolidation goals, and likely efficient use of the ZFS ARC, having fewer copies of duplicate data is better. I think you would get better use of disk space and have lower risk of data loss through dedupe + mirror + copies=2.
Yes, a mirror + copies=2 would give you back the redundancy to ensure that you donīt have to go to the tapes. I just have some problems with dedup in conjunction with technologies like RAID-4/5.
I have just a little doubt if people really think about dedup in storage arrays when you can have a fivefold capacity by using 2TB 7200rpm disks+SSD instead of 400 GB SAS disks.
I think itīs a classic hype cycle with dedup. Many of the current implementations arenīt really ready for prime time and often look just like "RfP tick off features". Done right, Dedup may a really interesting feature.
For cache efficiency it may be useful to do cache dedup alone
Like the L2ARC feeder thread, just for throwing out duplicate blocks in the cache.
I have just a little doubt if people really think about dedup in storage arrays when you can have a fivefold capacity by using 2TB 7200rpm disks+SSD instead of 400 GB SAS disks.
I think itīs a classic hype cycle with dedup. Many of the current implementations arenīt really ready for prime time and often look just like "RfP tick off features". Done right, Dedup may a really interesting feature.
For cache efficiency it may be useful to do cache dedup alone
Like the L2ARC feeder thread, just for throwing out duplicate blocks in the cache.
I just wonder if 'block level' deduplication is really relevant, what about 'file level' deduplication?
Comparing filesizes first, checksums and at the end files byte-by-byte could solve the performance and complexity issues.
We have customers with 'strange' users that preffer copy the "C:\Documents and settings" directory on the server every week, to "feel" safe... every week a new fresh copy of 5GB... occupying about 250GB a year for 99% exact copies... file deduplication could save a lot of GB.
I saw the case where customers working with CAD software are using a 10GB library (mecanical components drawing) that they have to save with every project to be sure that he will be able to open his project in the future. In this case, file deduplication, or maybe shoud I call it "auto reverse snapshot" is a killer feature.
Comparing filesizes first, checksums and at the end files byte-by-byte could solve the performance and complexity issues.
We have customers with 'strange' users that preffer copy the "C:\Documents and settings" directory on the server every week, to "feel" safe... every week a new fresh copy of 5GB... occupying about 250GB a year for 99% exact copies... file deduplication could save a lot of GB.
I saw the case where customers working with CAD software are using a 10GB library (mecanical components drawing) that they have to save with every project to be sure that he will be able to open his project in the future. In this case, file deduplication, or maybe shoud I call it "auto reverse snapshot" is a killer feature.
Block level is most useful for things like storing disk images. Imagine a storage device or primary LDom that has disk images (i.e. big files with UFS file systems on them). Each file will most certainly be unique but there is likely to be lots of duplicate blocks.
Arguably a 256-bit checksum is suboptimal because it means you need to load and compare 4 long longs. A 64-bit checksum, the likelihood of a collision is about .00000000000000000005. This means that if you are doing a steady 1 million writes per second, you will need to do a full block comparison once every 634,000 years. Give or take.
I bet 32-bit would be a good compromise. At a million writes per second you should expect a full block comparison about once per day. Assuming chained hashing, a 16 TB pool with 32-bit checksums and average 4KB block size would have an average of chain length of 1.
Arguably a 256-bit checksum is suboptimal because it means you need to load and compare 4 long longs. A 64-bit checksum, the likelihood of a collision is about .00000000000000000005. This means that if you are doing a steady 1 million writes per second, you will need to do a full block comparison once every 634,000 years. Give or take.
I bet 32-bit would be a good compromise. At a million writes per second you should expect a full block comparison about once per day. Assuming chained hashing, a 16 TB pool with 32-bit checksums and average 4KB block size would have an average of chain length of 1.
The problem ... The 256-bit checksums are already there to ensure data integrity. Why not use them? You have more process cycles to spare than IOPS. I donīt think about it as a problem.
And 16 TB are just 8 harddisks today, even a medium sized array will have easily 1 PT in the near future.
You may have to check for duplicity anyway: Extremly low probability collision doesnīt mean there is no collision. On the other hand: When the hash is long enough, itīs more likely, that the data will be corrupted by bit rot than by dedup collision. But i donīt see that at 32-bit.
And 16 TB are just 8 harddisks today, even a medium sized array will have easily 1 PT in the near future.
You may have to check for duplicity anyway: Extremly low probability collision doesnīt mean there is no collision. On the other hand: When the hash is long enough, itīs more likely, that the data will be corrupted by bit rot than by dedup collision. But i donīt see that at 32-bit.
Sorry, but your explanation is plain wrong: Netapp uses the checksum to find candidates for deduplication but before two blocks are assumed to be identical, they are compared bit-by-bit so there is no possibility of a corruption because of hash collisions.
This is a very important difference to stream deduplication (like in tape applications) where you have no chance to see or check an already deduplicated block again.
This is a very important difference to stream deduplication (like in tape applications) where you have no chance to see or check an already deduplicated block again.
+1
The LKSF book
The book with the consolidated Less known Solaris Tutorials is available for download here
Web 2.0
Contact
Networking
xing.com
LinkedIn
Facebook
My photos
- mail: joerg@c0t0d0s0.org
- icq: 144000169
- Me, myself and I
- openBC
- My del.icio.us
- c0t0d0s0@twitter
- c0t0d0s0@last.fm
- wiki@c0t0d0s0
- Amazon Wishlist
Networking
xing.com
My photos
Buttons
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Germany License
Blog Administration
Donate
Okay, okay ... as several people have asked for it ... but you know my opinion.
Personally iīm think that Data Deduplication is vastly overrated, as you need really special data set to get the promised reductions by the vendors. At other points it is even dangerous: Sometimes this duplications are the last line of defence between the
Tracked: Jul 11, 20:56