Details
Technical task
Medium Description
When we write to a EC protected file the EC mirror will become stale.
If an OST is missing we can still recover the data IFF the EC mirror is not stale. I.e. via degraded read.
But if an OST is already missing, then if we allow writing to any of the other OSTs in the data mirror, we would now cause the parities to become stale and can no longer recover using degraded read. I.e. writing to an OST while the raid set is degraded will cause data loss.
One way to partially address this is to not allow writes to a file if/when the client knows OSTs are offline and fail the write with -EROFS.
An OST might only be temporarily off-line, during OSS restart or similar, so when this trigger, instead of failing a write immediately we might want to delay the write for some set amount of time, in case the OST becomes on-line again before failing it and returning an error to the application.
We might also want a configuration setting where we can control this behavior.