In the field of computer networking, many efforts have been made to develop the most efficient and reliable way for servers within a computer network to communicate updates with one another. In particular, the problem of monitoring the status of servers and server updates has been challenged given that most conventional network database systems often contain multiple servers that are geographically dispersed. “Updates” are generally modifications to data objects or attributes of data objects within the distribute database. Because copies of the data objects may exist on several servers, any modification made to an object of a database on one of the servers must be propagated to all other copies of the object in the system such that updated objects at the various servers reflect the modification.
In order to keep the data objects maintained by each server current, updates made by one server are “replicated” to all other servers of the database system by a process called “replication.” During replication, a “source” server sends data to a “destination” server, updates being replicated may have originated on the source server or on another server in the system. A server on which a modification to an object is initially made, rather than an update received through a replication, is referred to as an “originating” server. Ultimately, the goal is to replicate an update message to all servers in the system that require updated object information.
Several techniques have been developed to effectuate replication in a network. One such technique is applicable in a simple replicated system, whereby a smaller number of servers holding the replicated data, referred to as “replicas” or “replica servers,” can be directly connected to all servers (or, as an optimization, all read/write (or master) replicas). This technique, referred to as “full-mesh replication,” operates in a manner such that as an update is originated on one replica, that replica then sends the update directly to every other replica. According to this technique, if there are N replicas, each replica in a full-mesh system has N−1 inbound communication paths and N−1 outbound communication paths. The network that connects the replicas must sustain all of the order N2 communication paths. At some value N, however, the load on the individual replica servers and/or on the network becomes too great to effectively sustain full-mesh replication.
Consequently, reducing the load requires a reduction in the number of overall communication paths between servers. A workable solution calls for a model that does not require direct connections between all replica servers. One technique, referred to as “store-and-forward replication,” overcomes the loading problem associated with full-mesh replication by allowing an update to originate on server A, replicate to server B, and then replicate from server B to server C. This method, wherein an update can flow through intermediary replicas, does not require a connection between destination server C and originating server A.
Compounding the problem of replication, however, is the fact that replica servers are prone to failure. Failures can be due to a number of problems including network errors, hardware problems, server or network misconfiguration, etc. Some failures result from the situation where the replica server is simply not functioning. In that instance, other servers that query the non-functioning server for information will realize that the server is not operational. Other failures, however, result from the situation where the replica server is functioning but not receiving updates originating from other replica servers. In this more troubling situation, clients that contact a replica server in such a state receive increasingly outdated data until the failure is fixed or the replica server is taken offline. In the meantime, the effects of the outdated data can be subtle. For example, an address book might report an old phone number for a contact. These subtle effects might go unnoticed for a long period of time, during which the amount of data that needs to be replicated to the failed replica server continues to grow as does the amount of time it will take to bring the replica server up-to-date once the failure has been identified and corrected. Thus, most replica systems provide some form of service feature to monitor replica servers so that failures preventing replication can be identified and thereafter rectified.
Monitoring the replication state of a replica server in a full-mesh system is typically easy. Because each server communicates with all other servers directly, each replica server maintains state information about which updates it has successfully sent or received to or from each other replica server. This information, referred to as the “direct replica partner state,” contains timestamps used to evaluate the integrity of the data. For example, the timestamp represents the time of the last successful replication or the time of the last replication attempt. The direct replica partner state, thus, can be queried by an administrator or monitoring tool to determine if replication is functioning properly. Unfortunately, replication monitoring of a full-mesh system becomes an impractical solution for the reason that directly querying all servers in a system is impractical.
Monitoring the replication state of a replica server in a store-and-forward replication system, however, is more difficult. The direct replica partner state, which by definition does not include information about replica servers that are not direct partners, yields only a partial view of the quality of the data replicated inbound or outbound from a given replica server. For example, if server A replicates to/from only server B and server B replicates to/from only server C, then examining server C alone would not provide the administrator with any information regarding how current the data on server C is with respect to the data on server A.
Another method for monitoring the health of store-and-forward systems, employed by Microsoft's Operations Manager, requires each replica server to originate an artificial update referred to as a “heartbeat.” This update is made solely for the benefit of monitoring the replication system. If all replicas are originating artificial updates—which is as simple as writing the current time on data related to that replica server—then any given replica server can examine its local copy of the data, which includes the data being written by all other replica servers, to determine the last update it received from every other replica server. If the last update it received originated at some time in the past beyond what is expected, then action is taken to inform an administrator to investigate the server failure. One problem with this self-monitoring approach is that it requires the data corresponding to each replica server to be updated periodically, often with a period less than the maximum latency tolerated between replica servers, in order to be monitored. As such, the origination and replication of these write messages can be very expensive.
As the number of replica servers in the replication system grows, the complexity of determining how current any given replica server is with respect to all other replica servers grows very quickly, both in terms of the number of servers that must be queried and in determining which servers must be queried. In view of the foregoing, it can be seen that there is a need for a method for proactively monitoring replica servers to ensure that failures preventing replication are addressed and rectified in a timely and efficient manner.