Linux – How does swappiness affect the longevity of SDHC memory cards in embedded computers

embeddedlinuxsd cardswap

In this question over at superuser several answers report SDHC card failures in Raspberry Pi single-board computers and other embedded devices over the course of periods varying from weeks to years.

In comments to this answer to an unrelated question about the swappiness, there was speculation as to whether adjusting swappiness to favour file cache pages over anonymous pages would increase the longevity of SD cards in embedded systems that rely on SD cards as their primary storage medium. Intuitively it seems that adjusting swappinness should have some effect on writes to the SD cards, but it is difficult to tell it is difficult how much swapping contributes to the overall strain on the SD card endurance compared to other contributing factors, such as logging or temporary files.

The question is: How much does adjusting the swappiness really affect the longevity of SD cards in such systems?

Answers should be backed up by specific experiences or references. Please keep Good Subjective, Bad Subjective in mind.

Best Answer

The answer to this depends heavily on your use case.

I no longer own a Raspberry Pi, but the one I used to have came with 512 MB of RAM. Conveniently, my NFS server has the same amount. In addition to NFS, this server (like all my others) has an m68k cross-compiler that sees regular use via distcc. It also has an always-on GNU screen session attached to the serial port of another server. Let's have a look at vmstat:

$ vmstat | awk '{ printf "%4s %2s %2s\n", $3, $7, $8 }' | tail -n 2
swpd si so
   0  0  0

In this case, no value of swappiness is better than any other, as the system never swaps. Small, embedded systems often don't even have swap space. From Memory Management Approach for Swapless Embedded Systems, a 2005 article in Linux Journal:

The Linux kernel Out of Memory (OOM) killer is not usually invoked on desktop and server computers, because those environments contain sufficient resident memory and swap space, making the OOM condition a rare event. However, swapless embedded systems typically have little main memory and no swap space. In such systems, there is usually no need to allocate a big memory space; nevertheless, even relatively small allocations may eventually trigger the OOM killer.

In systems that take this approach, the same holds: Since there is no swap space, swappiness can have no effect on the longevity of your storage.

If you are using your Raspberry Pi more like a desktop system, perhaps running X and doing gene sequencing in Python for your biology homework (I've seen it done), then you might have something to worry about. Let's find out:

Suppose you run low on memory and your swappiness is set very high, to almost exclusively page out program memory and retain file cache. Suppose also, for concreteness, that you have a class 8 SDHC card and that it has a (fairly low) 16-kilobyte block size.

Then you can write 8 MB/s, or 512 blocks per second. Without wear-leveling, and assuming failure after 100,000 writes, this leaves you only 195 seconds, or just over three minutes, before failure. Of course, this is a worst-case scenario. With wear-leveling, the failure-time is closer to 100,000 writes times the number of unused blocks. Say you have 1 GB, or 65,536 blocks, available for wear-leveling. In this case, you get (roughly) 65,536 times this amount of time, or about 24 years of constant swapping.

Since you probably won't be constantly swapping for 24 years, this won't likely be the cause of premature flash-demise.

Something much more likely to be a problem is the logging of access times of files. Whenever a file is read, its access time is updated unless the filesystem is mounted with the noatime option. This requires one block to be written every time a file is read.

Journaling filesystems like ext3 and ext4 write extra data to an on-medium journal upon each write. Some filesystems (e.g. ext2 or FFS) do not support journaling. Using these filesystems (or turning off journaling in others) definitely improves the longevity of flash media, but reduces data reliability in case of power loss or media-removal.

I don't think that system logs will in general contribute much to the death of flash media, as the only files in my /var/log that have changed in the past month are btmp, wtmp, and lastlog.

Background

When a file is created on a Linux system the default permissions 0666 are applied whereas when a directory is created the default permissions 0777 are applied.

example 1 - file

Suppose we set our umask to 077 and touch a file. We can use strace to see what's actually happening when we do this:

$ umask 077; strace -eopen touch testfile 2>&1 | tail -1; ls -l testfile
open("testfile", O_WRONLY|O_CREAT|O_NOCTTY|O_NONBLOCK, 0666) = 3
-rw-------. 1 root root 0 Sep 4 15:25 testfile

In this example we can see that the system call open() is made with the permissions 0666, however when the umask 077 is then applied by the kernel the following permissions are removed (---rwxrwx) and we're left with rw------- aka 0600.

example - 2 directory

The same concept can be applied to directories, except that instead of the default permissions being 0666, they're 0777.

$ umask 022; strace -emkdir mkdir testdir; ls -ld testdir
mkdir("testdir", 0777)                  = 0
drwxr-xr-x 2 saml saml 4096 Jul  9 10:55 testdir

This time we're using the mkdir command. The mkdir command then called the system call mkdir(). In the above example we can see that the mkdir command called the mkdir() system call with the defaul permissions 0777 (rwxrwxrwx). This time with a umask of 022 the following permissions are removed (----w--w-), so we're left with 0755 (rwxr-xr-x) when the directories created.

example 3 (Applying default ACL)

Now let's create a directory and demonstrate what happens when the default ACL is applied to it along with a file inside it.

$ mkdir acldir
$ sudo strace -s 128 -fvTttto luv setfacl -m d:u:nginx:rwx,u:nginx:rwx acldir

$ getfacl --all-effective acldir
# file: acldir
# owner: saml
# group: saml
user::rwx
user:nginx:rwx          #effective:rwx
group::r-x          #effective:r-x
mask::rwx
other::r-x
default:user::rwx
default:user:nginx:rwx      #effective:rwx
default:group::r-x      #effective:r-x
default:mask::rwx
default:other::r-x

Now let's create the file, aclfile:

$ strace -s 128 -fvTttto luvly touch acldir/aclfile

# view the results of this command in the log file "luvly"
$ less luvly

Now get permissions of newly created file:

$ getfacl --all-effective acldir/aclfile 
# file: acldir/aclfile
# owner: saml
# group: saml
user::rw-
user:nginx:rwx          #effective:rw-
group::r-x          #effective:r--
mask::rw-
other::r--

Notice the mask, mask::rw-. Why isn't it mask::rwx just like when the directory was created?

Check the luvly log file to see what default permissions were used for the file's creation:

$ less luvly |grep open |tail -1
10006 1373382808.176797 open("acldir/aclfile", O_WRONLY|O_CREAT|O_NOCTTY|O_NONBLOCK, 0666) = 3 <0.000060>

This is where it get's a little confusing. With the mask set to rwx when the directory was created, you'd expect the same behavior for the creation of the file, but it doesn't work that way. It's because the kernel is calling the open() function with the default permissions of 0666.

To summarize

Files won't get execute permission (masking or effective). Doesn't matter which method we use: ACL, umask, or mask & ACL.
Directories can get execute permissions, but it depends on how the masking field is set.
The only way to set execute permissions for a file which is under ACL permissions is to manually set them using chmod.

References

acl man page

Best Answer

Related Solutions

Linux – How does forking affect a process’s memory layout

Linux – How Does umask Affect ACLs?