1. Technical Field
The present invention relates generally to data processing networks and data storage subsystems, and more particularly to a data processing network in which a number of hosts can access volumes of data storage in a data storage subsystem.
2. Description of the Related Art
Due to advances in computer technology, there has been an ever increasing need for data storage in data processing networks. In a typical data processing network, there has been an increase in the number of volumes of data storage and an increase in the number of hosts needing access to the volumes. This has been especially true for networks of workstations. Not only have a greater number of workstations been added to the typical network, but also the increase in data processing capabilities of a typical workstation has required more data storage per workstation for enhanced graphics and video applications.
The increased demand for data storage in a network is typically met by using more storage servers in the network or by using storage servers of increased storage capacity and data transmission bandwidth. From the standpoint of cost of storage, either of these solutions appears to be satisfactory. However, a greater number of storage servers in a network substantially increases the cost of managing the storage. This increased cost of management often appears some time after installation, when one of the servers reaches its capacity and some of its volumes must be reassigned to less heavily loaded servers. Network administrators aware of the cost of storage management realize that network storage should be consolidated to the minimum possible number of servers. The management problem is reduced by reducing the number of objects to be managed.
Due to the storage needs of present networks and the desire to consolidate servers, it is practical to provide a single storage subsystem with up to 20 terabytes (TB) storage, or approximately 4000 logical volumes. It may be possible for any host to have access to any volume in a data storage subsystem to which the host has access. However, it may be desirable to restrict the set of volumes that can be seen by any one host. Restricted access is desirable for security of private data. For example, private volumes should be assigned to each host for storage of private data, and other hosts should not be permitted to see or modify the private volumes of other hosts. Moreover, the xe2x80x9cbootxe2x80x9d process for a host is slowed down by searching for and reporting all the volumes to which the host has access. Certain operating systems are limited by the number of storage devices that they can manage at a given period of time, and for a host running such an operating system, it is not only desirable but also necessary to limit the number of volumes that the host can access.
It is possible to restrict access of a host to a limited set of logical volumes in the data storage subsystem by restricting the set of logical volumes accessible through a particular port adapter of the storage subsystem and linking the host to only that particular port adapter. For convenience, however, there should not be any restrictions on which logical storage volumes are accessible from each port adapter. Otherwise, during a reconfiguration of the data processing system, it may be necessary to physically switch the links that are connected to the network ports of the hosts or the port adapters, for example by manually disconnecting and reconnecting the links to the ports. Even in the case where the data network has a fabric for automatically establishing a link between any of the hosts and any of the port adapters, the physical possibility of any port adapter to access any logical storage volume provides alternative data paths that could be used in case of port adapter failure or port adapter congestion. For example, if a host sends a data access request to a port adapter and receives a busy response from the port adapter, then the host can send the data access request to another port adapter. Port adapter congestion is likely, for example, if the storage subsystem is a continuous media server, in which video data is often streamed through a single port adapter to a host for a relatively long period of time.
In accordance with one aspect of the invention, there is provided a method of configuring data storage in a data storage subsystem for restricting access of host processors to the data storage. The method includes subdividing the data storage into addressable logical storage units, and assigning to each host processor a respective subset of the data storage to which access of said each host processor is restricted. The assignment of at least one respective subset includes at least one vector specification of a series of the addressable logical storage units. The addressable logical storage units in the series of addressable logical storage units having addresses that form a vector. The vector includes a beginning address (BEGIN) and a stride (S) that is a difference between neighboring addresses of the addressable logical storage units in the series of addressable logical storage units, such that the addresses of the logical storage units in the series are BEGIN, BEGIN+S, BEGIN+2S, . . . , and wherein the stride (S) is a non-zero integer different from one.
In accordance with another aspect, the invention provides a data storage subsystem. The data storage subsystem includes data storage, and a storage controller coupled to the data storage for controlling access to the data storage. The storage controller has at least one data port for linking the data storage to a plurality of host processors for transfer of data between the data storage and the host processors. The storage controller is programmed to access addressable logical storage units of the data storage, and to restrict access of the host processors to the data storage by assigning to each host processor a respective subset of the data storage to which access of the host processor is restricted. The assignment of at least one respective subset includes at least one vector specification of a series of the addressable logical storage units. The addressable logical storage units in the series of addressable logical storage units have addresses that form a vector. The vector includes a beginning address (BEGIN) and a stride (S) that is a difference between neighboring addresses of the addressable logical storage units in the series of addressable logical storage units, such that the addresses of the logical storage units in the series are BEGIN, BEGIN+S, BEGIN+2S . . . S , and wherein the stride (S) is a non-zero integer different from one.
In accordance with a final aspect, the invention provides a machine-readable program storage device containing a program for a storage controller for controlling access of a plurality of host processors to data storage. The program is executable by the storage controller to access addressable logical storage units of the data storage, and to restrict access of the host processors to the data storage by assigning to each host processor a respective subset of the data storage to which access of said each host processor is restricted. The assignment of at least one respective subset includes at least one vector specification of a series of the addressable logical storage units. The addressable logical storage units in the series of addressable logical storage units have addresses that form a vector. The vector includes a beginning address (BEGIN) and a stride (S) that is a difference between neighboring addresses of the addressable logical storage units in the series of addressable logical storage units, such that the addresses of the logical storage units in the series are BEGIN, BEGIN+S, BEGIN+2S . . . , and wherein the stride (S) is a non-zero integer different from one.