This invention relates to testing of the operability of data storage backup systems and, more particularly, to a method of simulating disasters in peer to peer remote copy (PPRC) data storage systems.
A typical digital computer system includes a host processor for storing data and executing instructions, and one or more disk subsystems for data storage. Since stored data may be corrupted or destroyed, backup systems have been used to create multiple copies of the stored data, usually on separate disk subsystems so that in the event of a disaster, the data can be recovered from one or more of the copies. Such provision of copies is referred to as either xe2x80x9cshadowingxe2x80x9d or xe2x80x9cmirroringxe2x80x9d of the data. When mirroring is carried on by one disk subsystem reflecting data to a remotely positioned disk subsystem, those subsystems are referred to as a xe2x80x9cpeer to peer remote copyxe2x80x9d (PPRC) pair.
Assume a PPRC data storage system comprising a host processor, a primary storage subsystem and a secondary storage subsystem. During normal operation, the host processor issues write commands to the primary storage subsystem and data is mirrored to the secondary storage subsystem by operation of the primary storage subsystem. If the primary storage subsystem suffers a malfunction, the host can then connect directly to the secondary storage subsystem and continue operation, or a remote secondary host can be used to continue operation. The success of such a system is contingent upon an accurate mirroring of data between the primary and secondary storage subsystems.
It is desirable to conduct a controlled test to assure that the PPRC system is properly mirroring data between the storage subsystems, and that the integrity of the data is faithfully maintained. Conventionally, such tests have been performed by manually simulating disasters that interfere with the operation of the PPRC system. This form of testing is time consuming and difficult because the disaster conditions must be set up through manual intervention.
It is an object of this invention to provide an improved method of testing the operation of a PPRC data storage system in disaster situations and verifying the integrity of the mirrored data without manual intervention.
A PPRC data storage system includes at least a host processor, a primary data storage subsystem and a secondary storage subsystem. Initially, the host processor communicates with the primary storage subsystem while the primary and secondary storage subsystems are remotely coupled as a PPRC pair to enable a mirroring of data therebetween.
To test a disaster scenario, the host processor configures and transmits a special command to the primary storage subsystem. Upon receipt of the command, the primary storage subsystem simulates a disaster to affect all or some of the PPRC disk volumes. The host processor senses the malfunction of the primary storage subsystem by detecting an aberration in its communications with the primary storage subsystem, and responds by establishing communications directly with the secondary storage subsystem. The secondary storage subsystem then terminates the PPRC remote copy operation with the failed primary storage subsystem. Next, the host verifies the integrity of the mirrored data by comparing data from the secondary storage subsystem to data from the primary storage subsystem. This process may be automated to cycle through a set of different types of simulated disasters.
As compared to the prior art, this method allows for relatively quick and easy verification of the operation of a PPRC data storage system and its ability to recover in the case of a disaster without requiring manual intervention.