Hitherto, techniques have been utilized for enhancing the reliability and the access speed of a storage system by dividing a plurality of storage devices into groups and implementing the distribution and the redundancy of data between data storage devices in the group.
As such a storage system, for example, RAID (redundant arrays of inexpensive disks) in which hard disks are used for the storage device, is well known in the art. The RAID is a technique for combining a plurality of hard disks and operating them as one virtual hard disk. There is known RAIDs at seven kinds of levels: RAID 0 to RAID 6. Among the RAID 0 to RAID 6, especially, the RAID 0, RAID 1, RAID 5, and RAID 6 are frequently utilized.
The RAID 0 distributes data among a plurality of hard disks and performs reading/writing for speeding-up. The RAID 1 makes data redundant by performing mirroring in which the same content is concurrently written into a plurality of hard disks, to thereby enhance fault tolerance. The RAID 5 distributively records data as well as an error correcting code into a plurality of hard disks, to thereby improve both the fault tolerance and access performance. The RAID 6 is RAID having improved reliability over the RAID 5, and it creates two kinds of redundancy data and records them into two disks, whereby it can address a dual fault, and can restore data even if two drives simultaneously fail.
In each of the RAID 1, RAID 5, and RAID 6, even if some hard disks fail, a logical disk can operate. When a hard disk failure has occurred, the failed hard disk is removed while still operating the virtual disk that has been created using a plurality of hard disks including the failed one, and the failed hard disk is replaced with a replacement hard disk, whereby operation can be continued without deactivating the device. Here, a preparatory disk that is connected instead of the hard disk having failed during an operation of the storage system and that is provided so as to be readily available, is referred to as a “spare disk”.
The storage system includes a plurality of groups, and when each of the groups is treated as a virtually disk, spare disks can be shared between groups.
Besides, there is known so-called LDE (logical device expansion) that performs configuration changes such as a configuration change that, while operating a RAID group, adds new disks to increase the disk capacity of the entire group with the identical RAID level unchanged; and a configuration change that changes the RAID level.
When performing a configuration change of the storage group, data is read out from the logical disk on the basis of an old configuration, and the read-out data is temporarily stored into a buffer. Thereafter, the data is written into logical disk on the basis of a new configuration. During the period from the point in time when the data has been read out until the writing is completed, there occurs a situation in which the data temporarily exists only in the buffer.
Specifically, during the writing from the buffer into the logical disk of the new configuration, it is unclear to what extent the data has been written into the real disk, so that the data in the disk as writing-in processing target is in an unreliable state.
Accordingly, there is a possibility that the data in the buffer may disappear when there occurs a failure of a memory being used as a buffer, or a state where a battery backup becomes nonfunctional due to power outage.
Furthermore, in the conventional art, once a configuration change of the storage group has been started, it has not been possible to interrupt the configuration change in the course of processing to restore the original configuration. For this reason, it has been impossible to address the situation in which the undoing of configuration change is required because of an operation miss, a change in a system operating condition, or the like.
The techniques disclosed herein have been implemented in view of the above-described problem. Embodiments of the techniques disclosed herein present a storage management device, a storage management method, and a storage system capable of preventing disappearance of data in the course of configuration change, and of interrupting the configuration change to restore the original configuration.