1. Field of the Invention
The present invention relates generally to data storage systems, and more particularly, to a method and apparatus for controlling load operations of a data storage cartridge that has been subjected to a shock event.
2. Description of the Related Art
This invention is directed to the providing of a method and apparatus for controlling load operations of a data storage cartridge that has been subjected to a shock event. One of the problems facing organizations that use magnetic tape media to protect their data is what can happen when a data storage cartridge is dropped. When a data cartridge sustains g-forces in excess of 40 G it is much more likely to experience failure during restore operations. According to those knowledgeable in the art, up to 35% of all restore failures can be traced to dropped or damaged data cartridges.
Dropped data cartridges can experience damage in one of two ways. One way that dropped data cartridges may experience significant damage to the tape edge is via impact to the external case, which impact is transmitted to the reel and subsequently to the tape. Damage to the tape edge can render read or write operations on the tracks in that damaged location unreliable or impossible. Dropped data cartridges may continue to operate for a period of time after being dropped, since the tape may not write or read data in the outer tracks due to low utilization. This can lead to a false sense of reliability by backup administrators, since the cartridge may appear to operate normally after being dropped, when in reality it has been damaged.
Another way that dropped data cartridges may experience significant damage is by displacement of the leader pin as a result of the cartridge experiencing an excessive g-force during a drop event. A sudden deceleration may deform the plastic cartridge enclosure and slot where the leader pin is normally held, thereby causing the leader pin to move out of reference position. If the leader pin moves out of reference position, the data storage drive may not be able to successfully load the cartridge.
In certain circumstances, a malfunction can occur during the load operation of a dropped cartridge, which may render both the cartridge and the data storage drive inoperable. Many data storage drive manufacturers will void the drive warranty if a defective cartridge is loaded into the drive and a malfunction results. Data stored on a cartridge that has malfunctioned in this way may become irretrievable.
Further compounding the issue is failure by backup operators and administrators to take appropriate action when a tape cartridge is dropped. Factors contributing to the problem are: (1) failure of operators and backup administrators to understand the negative effects of excessive g-forces on dropped media; (2) Failures of operators and backup administrators to report dropped cartridges to management for fear of reprimand; and (3) failure to remove dropped media from active storage pools.
Depending on the value of the data stored on the cartridge and the severity of damage, dropped media may be duplicated, but dropped cartridges should be treated as read only. Ideally, dropped cartridges should be taken out of service as soon as possible to avoid any potential negative impact on data storage drives and to preserve library performance during backup and restore operations.
The impact of dropped data cartridges is two-fold. First, dropped data cartridges are more likely to fail or cause errors during restore operations and either of these events can delay system recovery by negatively impacting the Recovery Time Objective (RTO), since the administrator will likely need to abort the current restore operation. Restoring the data from the next previous backup also significantly delays system availability. (Offsite media will also significantly delay the recovery process.) Secondly, irretrievable data from dropped cartridges may negatively impact the Recovery Point Objective (RPO), since the system may not be able to be restored to the desired state. As a consequence, data may be lost. Reverting to the previous full backup, which is usually at least 24 hours, or 7 or 14 days old will likely inhibit achieving the desired RPO.
If backup administrators have knowledge of cartridge mishandling, they can preemptively adjust backup processes and procedures to maintain acceptable RTO and RPO in the event of data loss. Loading dropped cartridges into drives may result in a drive becoming inoperable and being removed from service. Repair requires removal of the drive (with the cartridge partially loaded) from the library and the return of the drive to the manufacturer for extraction of the data cartridge and repair of the drive. Sometimes this incurs great cost to the customer, as this type of repair is not usually covered under warranty. Removing data storage drives from service may also negatively impact an organization's ability to adequately protect its data or perform restore operations until the asset is returned to service.
While it is apparent that the problems associated with a storage cartridge that has been subjected to a shock event have been recognized, no solution has been found. It is thus readily apparent that the long-felt need continues to exist for a method and apparatus for controlling load operations associated with data storage cartridges that have been subjected to a shock event.