The present invention relates to a data storage system including a plurality of storage subsystem and a method of storing data therein.
In recent years, the computer storage systems are configured to handle a huge amount of data. In addition, data is updated very frequently in these computer systems. A method for backing up large amounts of data and restoring a system to its normal state when an error occurs are important concerns in this technology field. One method used to address this concern has been a remote-copying technique. According to the technique, the data storage subsystems (external storage units), each having a magnetic disk array, are disposed away from each another. These data storage subsystems are then connected to each another through a communication path, so that data updated in one of these subsystems is also copied automatically to another subsystem.
This remote-copying technique enables recovery of data even when the primary data storage subsystem experiences a failure from a secondary storage subsystem. Accordingly, the data consistency between the primary and secondary storage subsystems should be maintained at regular intervals, preferably very frequently. However, a copy stop often occurs unexpectedly. To address this concern, therefore, each application program is required to update the data in the right in the copy source subsystem to ensure that the data consistency between the primary and secondary storage subsystems are maintained.
A conventional remote-copy technique is disclosed in JP-A No. 6-290125. JP-A No. 11-85408 also discloses another conventional technique that employs an asynchronous method to keep the data updating order. The method requires no confirmation of each data copy completion through a host computer.
In one embodiment, each program that runs in the host computer connected to a data storage subsystem often has enhanced functions for handling data, so that it can instruct the data storage subsystem not only to store data, but also to control other additional control processing. Generally, the controlling is done to logical volumes. The logical volume is a unit of data storage areas used by the host computer when accessing the storage subsystems.
One example of the additional controlling is controlling access to a logical volume from a plurality of host computers. The control is preferably made for enabling/disabling such operations as referring to and updating of each logical volume from each host computer or each program instance independently and the enable/disable setting should preferably be changed dynamically. When accesses to a target logical volume from each host computer is controlled independently, the data storage subsystem identifies the host computer according to the host computer ID or the ID of the port connected to the host computer. The simplest controlling method of accesses to a logical volume from each host computer is to use a reservation function that enables only a single host computer to access the logical volume. On the other hand, when the access control is made with respect to each program instance, the controlling can be realized with a function for registering a key value for enabling accesses and a controlling method that enables only a request having the key value in its access command such as a data read/write one to access the target logical volume.
As another example of the access control, there is a function for reporting the state of a target logical volume. For example, while the ID information of a host computer (A) that is accessing a logical volume at a certain time is registered, if the ID information is returned to another host computer (B) in response to a request therefrom, the host computer (B) can know that the logical volume is used, so that the host computer (B) can use the knowledge to determine the subsequent operation. In addition, instead of the LUN (Logical Unit Number) specific to a subject data storage subsystem, a proper tag information added to the connected host computer can be used to recognize the target logical volume.
The program can also make the access controlling by its own function without using the controlling function provided from the target data storage subsystem. For example, when a plurality of program instances distributed in a plurality of host computers are combined for an operation, they exchange necessary information through a common data storage subsystem. In this connection, they use a method for reading/writing necessary information in a working memory area in the data storage subsystem without writing the data in the logical volume of the data storage subsystem. Consequently, writing in physical disks is omitted, thereby data exchange among the program instances can be speeded up significantly. In this connection, the data storage subsystem comes to provide each of the program instances with control commands for reading and writing given working information.
The information used for control processes in those data storage subsystems or generated from those control processes is stored in a memory area shared by the processors in those data storage subsystems. Hereinafter, those information will be referred to as “attribute information” in this specification. Each attribute information, in each example described above, includes items of access setting list, reservation control information, access enabling key value, active host ID, logical volume tag information, given working information itself to be read/written by programs, etc.
Each of those additional control operations is closed in each data storage subsystem. Attribute information generated by such an additional control operation has not been subjected to the remote-copy operation as described above. However, when a disaster occurs in a duplicate side data storage subsystem and it is to be replaced with another so as to be recovered from the disaster, the attribute information having been stored in the subsystem should preferably be used so as to restore the data therein more accurately.
Conventionally, when the attribute information is to be used, the information has been exchanged between the host computers connected to the subject data storage subsystems through communications. For example, the JP-A No. 11-305947 discloses a technique for a magnetic disk control unit to receive an attention report command information from a host computer, then transfer the information to a remote magnetic disk control unit, thereby the report is sent to a remote host computer from the remote magnetic disk control unit.