1. Field of the Invention
The present invention relates to data preservation in an information handling system by asynchronous remote data duplexing (also termed remote data copying) and more particularly, to the real-time continuous copying of data at a remote location from copies based at a primary site storage subsystem.
2. Description of the Related Art
Data copying is one form of data preservation in an information handling or computer system. However, data preservation via data copying must take many factors into account. This is of special significance where it is anticipated that data copied and stored at a remote site would be the repository for any continued interaction with the data should the work and data of a primary site become unavailable. The factors of interest in copying include the protection domain (system and/or environmental failure or device and/or media failure), data loss (no loss/partial loss), time where copying occurs as related to the occurrence of other data and processes (point in time/real time), the degree of disruption to applications executing on said computer, and whether the copy is application or storage system based. With regard to the last factor, application based copying involves log files, data files, and program routines while storage based copying involves an understanding of direct access storage device (DASD) addresses with no knowledge of data types or application use of the data.
Real-time remote data duplexing systems require some means to ensure update sequence integrity as write updates to the secondary or remote DASD data copy. One way to accomplish this is to provide a synchronous system to control the DASD subsystems. In such a system, the primary DASD write operation does not complete until a copy of that data has been confirmed at a secondary location. The problem with such synchronous systems is that they slow down the overall operation of the duplexing system.
Asynchronous copy systems accomplish sequence integrity through communications between primary and secondary DASD subsystems. In such systems, a system at the primary site can determine the sequence among different update write operations among all DASD subsystems at the primary site and communicate that information to the DASD subsystem at the remote site. The secondary subsystem in turn uses the sequence information from the primary to control the application of update data to the secondary DASD data copy. Known asynchronous copy systems are described below.
McIlvain and Shomler, U.S. patent application No. 08/036,017 entitled "Method and Means for Multi-System Remote Data Duplexing and Recovery" describes the use of a store and forward message interface at the DASD storage management level between a source of update copies and a remote site in a host to host coupling in which the difference in update completeness or loss of the sequence of write updates could be completely specified in the event of interruption.
Cheffetz, et al., U.S. Pat. No. 5,133,065 entitled "Backup Computer Program for Networks" issued Jul. 21, 1992, discloses a local area network (LAN) having a file server to which each local node creates and transmits a list of local files to be backed-up. Such remote generation reduces the traffic where a network server initiates the list creation and file copying activity. Arguably, art published before this reference taught centrally administered file selection. This resulted in compromises to local node security and overuse of the server. This is presumptively avoided by Cheffetz's local node generated lists and remission of the lists to the file server.
Beale, et al., U.S. Pat. No. 5,155,845 entitled "Data Storage System for Providing Redundant Copies of Data on Different Disk Drives", dual copies variable length records (CKD) on two or more external stores by causing a write to be processed by the first storage controller and be communicated in parallel over a direct link (broad band path) to the second storage controller obviating the path length limitation between the primary and remote copy sites. Such a limitation is occasioned by the fact that CKD demand/response architecture is length limited to in the range of 150 meters.
Another example of an asynchronous system is disclosed in U.S. patent application No. 07/992,219, entitled "Remote Data Duplexing Asynchronous Information Packet Message", by Micka et. al. Disclosed is a system for asynchronously duplexing direct access storage device (DASD) data in a plurality of DASD subsystems has the advantage of decoupling the data duplexing operation from the DASD write I/O operation. This ensures the write does not incur unnecessary wait states in the subsystem. By establishing a sequence checkpoint at which time a set of information packets are grouped together and processed as a single sequence unit, this decoupling and independent operation takes place. Through this independence, data copying to a secondary location can take place without affecting the performance of the subsystems and also without affecting the corresponding integrity of the data that is being updated.
In an asynchronous remote dual copy, the work of the application continues while the data required for recovery of that application is being sent to the remote copy location. If the primary system location is taken out of service, requiring that applications be resumed at the remote location using data copied there, the most recent data from the primary is likely to have been enroute or to have not been received at the remote location. When the application is a data base process, recovery operations at the remote site analyze the data present and adjust transaction records so as to discard partial, incomplete transactions.
Some transactions that had been completed at the primary site thus will not appear to have been completed (or even started) when the data base process resumes operations at the secondary. In effect, these transactions are `lost`. This is inherent in an asynchronous copy scheme and is an accepted mode of operation, since ensuring that every element of transaction data was secured at a remote copy site before actually completing a transaction imposes an unacceptably high performance burden.
Certain transactions are, however, viewed as sufficiently valuable and important to the user of a system that said user wishes to take extraordinary measures to insure that essential transaction related data are secured at the remote site before completing the transaction; i.e., before committing the transaction outside the system or enterprise.
Synchronizing on a particular transaction requires, for data base consistency, that all data preceding the transaction's data also be secured--written at the remote site in its proper update sequence. Forcing the copy system into a synchronous mode of operation--holding up the flow of transactions while the data was secured at the remote location and acknowledged back to the primary, would be very disruptive to ongoing work.
What is needed, therefore, is an asynchronous copy system in which transactions are secured at a remote site without interrupting the flow of other transactions in the system. Such a system should be simple to implement, efficient and non-disruptive to existing asynchronous copy systems.
The present invention addresses such a need.