The invention relates to fault tolerant computer systems and more particularly to techniques for recording changes to a database so as to allow consistent recovery of the database in the event of a failure.
Fundamental to the design of fault tolerant computer systems is a programmatic construct called a transaction. A transaction is an explicitly delimited operation, or set of related operations, that changes the content of a database from one consistent state to another.
The database operations within a transaction are treated as a single unit. Either all of the changes performed by the transaction are made permanent (the transaction is committed) or none of the changes are made permanent (the transaction is aborted). If a failure occurs during the execution of a transaction, whatever partial changes were made to the database are undone automatically, thus leaving the database in a consistent state.
Before a transaction permanently commits its changes to the database, information about the database rows or records affected by the transaction is written to a so-called audit trail. At a conceptual level, one can view an audit trail as a history of changes to a database. An audit trail consists of a series of files whose records describe changes to the database. An audit trail record typically consists of a before and after image of a modified database record (or physical page). With before images, the database system can undo incomplete modifications which occur when an application program aborts or fails to complete due to a system failure. With after images, the database system can recover from media failures by restoring old (possibly inconsistent) copies of database files and redoing the earlier modifications. Other terms for audit trails containing this information include audit logs, or journals.
Typically, the series of files constituting an audit trail are physically stored on a single disk volume. As successive audit trail files on the disk volume become full, an archiving process migrates them to tape and the files become available for storing newly generated records.
This approach to the physical storage of audit trail files carries many disadvantages. A process that is storing newly generated audit records must compete for disk access with the archiving of previously filled audit files. This contention can effectively limit the permissible rate of audit generation and ultimately the transaction processing speed.
Although the availability of tape for archiving old audit records removes any limit on the total amount of available storage, archived audit trail files are not available for on-line recovery. On-line recovery is limited to the audit records stored on the single disk volume.
One partial solution to the disk contention problem has been presented in J. Gray et al., Transaction Processincr Concepts and Techniques, Morgan Kauffman, 1993, the contents of which are herein incorporated by reference. The Gray et al. technique, presented at section 9.6.4 of the cited reference, ameliorates the problem of disk contention. Unfortunately, on-line recovery is still limited to a single disk volume.