How resilient is Ubuntu to repeated "power-off" shutdowns?

My company is considering the use of Ubuntu as an OS for use on a hardware device.

It would be installed on compact flash drive - apparently this is not standard flash drive but a specific type of memory that is supposed to "cope" with immediate power shutdown (I am not sure how this is achieved but they are supposedly a "high end" card).

The units that would be run using Ubuntu are the type of units that will not be gracefully shutdown - the power cable would be removed and that is that.

Can anybody give me some advice on the potential problems that can occur? Is Ubuntu a good system that can deal with this kind of power outage and reboot successfully on next startup?

I realise that nothing is unbreakable, but is it a commonly used OS for an embedded setup? Is it asking for trouble to use Ubuntu in this kind of environment?


Solution 1:

Note: this answer is from the perspective of a production environment where data loss or downtime can lead to loss of money, customers, industrial equipment malfunctioning, etc. If you are just tinkering with a Raspberry Pi at home, I'd say there's no problem... :)

I would not recommend Ubuntu in its default configuration, and the (default) ext4 filesystem by design, for an embedded environment where there would be repetitive "ungraceful" shutdowns like you suggest.

If I'm correct, you're using Ubuntu 8.04, which supports ext3 at best. While both ext3/ext4 use journaling as a way to maintain file (write) integrity and to aid in recovery, these should not be relied on when "pull the power cable" is the rule rather than the exception.

  • The ideal option, assuming that your system will not need dynamic reconfiguration once set up, is to mount its root filesystem read-only and to entirely use a temporary in-memory partition when operational (like the LiveCD does). In this case, the system would return to its "initial" configuration whenever booted up.
  • To store (a limited amount of) user data in a non-volatile way, you could create a secondary partition, perhaps using a filesystem optimized for flash media such as JFFS2 depending on the internal structure of the CF card. To reduce the chances of data corruption by pulling the plug, you could disable hardware write caching for the device, and mount it in synchronous (sync) mode, disabling write caching by the kernel. These options may severely affect throughput and performance, even on a "high-end" CF card, so you would have to take the intended use into consideration too.

Solution 2:

The Operating System will be fine as long as it is setup for read-only use. LiveCD's have a setup like that, so that you can power them off at anytime, and the OS will not suffer harm.

On a read-write drive, ext4 filesystems are very resilient. But no matter the filesystem, any drive that is writable will be subject to corrupt files.

Solution 3:

You are in emergency mode. After logging in, type

journalctl -xb

to view the system logs, systemctl reboot to reboot and systemctl default or exit to boot into default mode.

Press Enter for maintenance (or press CTRL-D to continue):

I've seen that message everytime after power failure, any Windows OS is far more resilient to power failure, than Linux as default configuration.

I'n my city the power grid shutdown twice a month in summer.