1. Field
Implementations of the invention relate to fencing of resources allocated to non-cooperative client computers.
2. Description of the Related Art
In a distributed Input/Output (I/O) environment, such as a Storage Area Network (SAN), a lock granting server computer may provide distributed locking techniques to enable a client computer to gain exclusive/shared access to data blocks in a storage area. A rogue client may be described as a client computer that has lost connectivity with the lock granting server computer while the client computer holds an exclusive lock to one or more data blocks. The loss of connectivity may occur due to a problem at the client computer (e.g., a problem with a device driver) or due to a problem with the environment (e.g., a problem with the SAN).
For example, a lock granting server computer may give a first client computer an exclusive lock to data blocks to fulfill an I/O request (e.g., a copy operation). If the first client computer does not fulfill the I/O request within a specified period of time, the first client computer is deemed to be a rogue client. The lock granting server computer may then revoke the exclusive lock for the first computer and may allow a second client computer to write to the data blocks. In this case, if the rogue client cannot be contacted by the lock granting server computer, the rogue client may continue to write to the data blocks protected by the exclusive lock, and, thus, may overwrite data that the second client computer has written to the same data blocks.
Conventional systems may provide host-based hardware solutions or storage-based solutions to the rogue client problem. With the host-based hardware solutions, a special processor is installed on the client computer and has access to a network. The lock granting server computer is able to send a message to the processor instructing the processor to power cycle (i.e., shut down) a rogue client. An example of this is an IBM® Remote Supervisor Adapter (RSA) card (available for purchase from International Business Machines, Corporation). With RSA cards, the lock granting server computer and the client computer each have RSA cards that communicate with each other. The lock granting server computer notifies its RSA card to send a signal to the client computer RSA card to shut down the client computer. With host-based hardware solutions, if the rogue client problem occurred due to problems with a device driver at the rogue client, shutting down and restarting the client computer may solve the problem. On the other hand, if the rogue client problem occurred because the client computer was unable to communicate with the server computer due to a SAN failure, then, the hardware-based solutions do not solve the rogue client problem.
With storage-based solutions, high end storage systems support features that allow the lock granting server computer to send the storage system a message instructing the storage system to ignore I/O requests from a specific rogue client. An example of this is dynamic Logical Unit Number (LUN) masking in a SAN. A LUN is a unique number that may identify a specific disk. With dynamic LUN masking, the storage subsystem may be notified to ignore I/O requests from a particular client for a particular LUN. Storage-based solutions address situations in which the rogue client problem occurred due to a SAN failure, but do not address situations in which the rogue client problem occurred due to a failure of a device driver at the client computer.
Thus, notwithstanding existing techniques, there is a continued need in the art to provide better techniques for client computer failure recovery.