Crash Tolerance

The data service must be crash-tolerant. This means that the data service's daemon processes must be relatively stateless, in that they write all updates to disk synchronously.

When a physical host that masters a logical host crashes and a new physical host takes over, Sun Cluster calls the start method of each data service. The start method triggers any crash recovery of the on-disk data. For example, if the data service uses logging techniques, the start method should cause the data service to carry out crash recovery using the log.