Various mechanisms are known for replication or recovery of data in a database server system to ensure correct operation in the case of a crash of a system or a failure that causes the system to be out of order for an undefined period of time.
A Hot Standby (HS) is a mechanism which supports non-disruptive failover of database server system maintaining system availability, i.e. its ability to provide desired service when required, by a second server system ready to take over when the main system is unavailable. In the hot standby replication scheme servers usually have two different roles, the first of which is a primary server and the second a secondary (backup, slave) server. The hot standby configuration provides a way for a secondary database to automatically maintain a mirror image of the primary database. The secondary database on the secondary server is usually of read-only type and it is logically identical to the primary database on the primary server. In case a failure occurs in the primary server, the secondary server can take over and assume the role of a new primary server.
There are several methods for achieving high availability in computer systems that contain databases. One known way to carry out continuous hot standby is to mirror the entire system, i.e. databases and the applications that use the database. All operations of the system are performed on both applications of the system. The applications write each transaction to their respective databases so both systems are completely synchronized at all times. To ensure that the applications and their databases are mutually in synchronization, typically a mechanism called application checkpointing is used. After each executed operation, the application ensures by some means that the other application has executed the same operation. In other words, the secondary database in association with the secondary application precisely mirrors the primary database and application. The application level mirroring is a good choice for real-time applications where everything, including the application processes need to be fault tolerant. However, it requires lots of work from the application programmers as the application checkpointing mechanism is a difficult task to implement.
Another method for processing hot standby replication operations is to create a transaction log of the operations of a transaction run in the primary server, transfer the log to the secondary server and run serially the transferred transaction log on the secondary server. This log is a record of all data items that have been inserted, deleted or updated as a result of processing and manipulation of the data within the transaction. The data needs to be written to both databases before it can be committed in either of the databases. This ensures that data is safely stored in the secondary server before the primary server sends acknowledgement of successful commit to the client application. An example of this kind of data mirroring system is described in the U.S. Pat. No. 6,324,654 where “A primary mirror daemon on a local computer system monitors the writelog device (redundant data storage or memory device) for data updates and feeds the data over a network in the same order in which it is stored to a receiving remote mirror daemon on a remote computer system, which in turns commits the data updates to a mirror device.” This document is here cited as a reference for prior art [1]. In a situation of a failure recovery these primary and secondary mirror daemons transfer the log to the secondary node where the log is run just as it was in the primary node. The replicated operations are run serially in the secondary node which slows down processing speed and hence reduces overall performance.
Still another mechanism for achieving database fault tolerance is to have an application connect to two databases. Whenever the application executes an application function, it commits the related data changes to both servers. To ensure that the transaction is committed in both databases, the application typically needs to use so called two-phase commit protocol to ensure the success of the transaction in both databases. If the transaction fails in either of the databases, it needs to fail also in the other databases. Using two-phase commit protocol needs to be done in the application which makes the application code more complex. Moreover, distributed transactions are quite common cause to performance problems as the transaction cannot be completed before both databases acknowledge the transaction commit. In this scenario, recovery from error situations can also be very difficult.
Still another way for processing hot standby replication operations is to copy the transaction rows to the secondary node after they have been committed on the primary node. This method is a mere copying procedure where transactions are run serially in the secondary node. This method is known as asynchronous data replication. This method is not always suitable for real-time database mirroring because all transactions of the primary database may not yet be executed in the secondary database when the fail-over from primary to secondary happens.
Many database servers are able to execute concurrent transactions in parallel in an efficient manner. For example, the server may execute different transactions on different processors of a multi-processor computer. This way, the processing power of the database server can be scaled up by adding processors to the computer. Moreover, parallel execution of transactions avoid blocking effect of serially executed long-running transactions such as creating an index to a large table. To ensure integrity of the database, some concurrency control method such as locking or data versioning needs to be used to manage access to data that is shared between transactions. If two transactions try to have write access to the same data item simultaneously and versioning concurrency control is in use, the server either returns a “concurrency conflict” error to one of the transactions and the application needs to re-attempt executing the transaction later. If locking concurrency control is in use, the server makes one of the transactions wait until the locked resources are released. However, in this scenario it is possible that a deadlock condition, where two transactions lock resources from each other, occurs and one of the transactions must be killed to clear the deadlock condition. The application that tried to execute the killed transaction, must handle the error e.g. by re-attempting execution of the transaction.
These concurrency control methods known in the prior art are suitable for use in the primary server of the Hot Standby database configuration to manage concurrent online transactions of client applications but they cannot be applied in the secondary server of the system. This is because the concurrency conflict errors cannot be allowed in the secondary server as there is no way to properly handle these error conditions. Because of the absence of a proper Hot Standby concurrency control method, in the prior art replicated hot standby operations are run substantially in a serial form in the secondary node. Because operations cannot be executed in parallel, it is difficult to improve secondary server's performance without raising problems in data integrity and transaction consistency. Essentially, a mechanism is needed that allows transactions to run parallel but that ensures that transactions are not started too early and they are committed before dependent transactions are started.