The invention relates to scalable and fault-tolerant computer systems.
The need for fast, reliable and secure access to vast amounts of shared data worldwide has been driving the growth of multiprocessing paradigm in which applications, data storage, processing power, and other resources are distributed among a pool of processors. A number of architectures have been developed over time to address the requirements of multiprocessing. Depending on the resources that the processors share, multiprocessing architectures may be classified into three classes: share everything architecture, shared nothing architecture, and shared something architecture.
One example of a shared-everything architecture is a Symmetric Multiprocessing (SMP) architecture. An SMP system is capable of scaling multi-process or multi-threaded loads so that application code can run on any processor in the system without software changes. Adding new throughput to the SMP system may be as simple as adding a new CPU board, provided the operating system can take advantage of it. Implementations of SMP generally provide a plurality of CPU and memory boards which communicate with each other and with input/output boards over a wide and fast bus.
The SMP approach demands close communications between processors. The maintenance of consistency between processors is also non-trivial. The overhead and complexity of the consistency protocols may adversely affect the scalability of the SMP 30 architecture. Further, processors in the SMP architecture typically share one copy of the operating system. In addition to limiting the scalability of the SMP architecture, the sharing of the copy of the operating system creates a potential for many single points of failure occurring when many resources are shared.
One commonly used technique to provide fault-tolerance (fail-over) depends on a client application to recognize when a server is unavailable to satisfy a request, and if so, either to locate another server or to deny the request altogether. For example, object techniques such as CORBA or Microsoft's Component Object Model (COM) and Distributed Component Object Model (DCOM) may be used to implement this technique. These object architectures require a one-to-one relationship between the client and the server. If the server fails for any reason, the client needs to handle the failure either by finding another server that can perform the same service or by handling an error condition. These approaches require complex and time-consuming communication set-ups to provide sufficient fault tolerance for applications.
Another system supporting fail-overs for server processes, available from Microsoft Corp. of Redmond, Washington, is called Microsoft Cluster Server (MSCS). The MSCS system uses a hot-standby technique in which a primary server and a standby server send "keep alive" messages back and forth so that the standby server is activated if it cannot contact the primary server. This is a time consuming fail-over process. Further, the system is inefficient since computer resources of the standby server are not used until a failure occurs.