- From: Rainer Klute <klute@nads.de>
- Date: Fri, 09 Aug 1996 15:58:10 +0200
- To: Anselm Baird-Smith <abaird@w3.org>
- Cc: alex@access.com.au (Alexandre Rafalovitch), www-jigsaw@w3.org, "Rainer Klute" <klute@nads.de>
>BTW: While you seem to think a lot these days ;-) if you have any
>other serious design flaws to mention, it is really the right time to
>speak up.
Ok, you asked for it. :-)
I think terminating the server only by getting /Admin/Exit is a
bad idea. The server must be able to deal with a normal kill
command, flush anything in memory to disk and terminate
properly. What if things (the system) get locked up and you
cannot terminate the server in the way it is intended today?
What if errors in the server prohibit normal termination? We had
situations like these! Eventually it is the normal procedure for
a system administrator to just type the "reboot" command to
reboot the machine, without too much thinking required. This
afternoon we had to re-install Jigsaw because it simply refused
to start up after a crash.
The design flaw is that Jigsaw's cache is not write-through. If
everything in the cache always had its counterpart on the disk
things were fine and you could terminate/crash Jigsaw any
moment. Jigsaw should be robust like this to become a production
server.
Dipl.-Inform. Rainer Klute NADS - Advertising on nets
NADS GmbH
Emil-Figge-Str. 80 Tel.: +49 231 9751230
D-44227 Dortmund Fax: +49 231 9751238
<http://www.nads.de/~klute/>
Received on Friday, 9 August 1996 10:00:14 UTC