1. Field of the Invention
The present invention relates to a determination of blocking, etc. by a RAID apparatus.
2. Description of the Related Art
FIG. 1 shows the rough configuration of the conventional RAID system. In FIG. 1, a RAID apparatus 100 has a CM 101, BRTs 102 and 103, and a RAID group 104 including a plurality of disks. In FIG. 1, there is only one RAID group 104, but there are a plurality of groups in many cases. A host 110 issues to the CM 101 a request for access to any RAID group through any communication line.
The CM 101 manages and controls various disk access processes in the RAID apparatus 100. The BRTs 102 and 103 are positioned between the CM 101 and the RAID group 104, and function as switches for connecting the CM 101 to the RAID group 104. There are two paths for the host 110 to access the RAID group 104 through the CM 101 (FIG. 1 shows only one access path), and each of the two access paths is provided with the BRTs 102 and 103. Therefore, although one of the paths becomes unavailable for any reason (for example, a broken BRT, etc.), access can be gained using another access path.
However, for example, both paths (both systems) can become unavailable. In the example shown in FIG. 1, the BRTs 102 and 103 are broken. In this case, all RAID groups 104 cannot be accessed (In FIG. 1, there is only one RAID group 104, but there are a plurality of groups in many cases).
As described above, when a RAID group cannot be accessed in the RAID apparatus, and if the host 110 continues issuing an access request, the RAID apparatus 100 determines a broken disk, and finally a broken RAID group is determined, thereby possibly losing user data. Since the host 110 tries to gain access although it is not possible, it becomes the cause of a delay in a host process.
Therefore, except when the cause of inaccessibility is a disk, a RAID is temporarily placed in a blocked status. RAID blocking refers to a status in which the status of an inaccessible RAID group is maintained in the same status as before the blocking, and host access is inhibited. Thus, the user data is protected, and the access of the host is immediately put to abnormal termination.
The host access can be accepted upon resolution of the cause of blocking in the blocked RAID group.
The problem is the method of determining whether or not RAID blocking is to be performed.
FIG. 2 shows an example of the conventional RAID blocking determining method. FIG. 2 shows a block determining method corresponding to the case in which a RAID group to be determined is a RAID 1.
As indicated in the table shown in FIG. 2, it has been conventionally registered whether or not a RAID group is to be blocked depending on the combination between an “event in which RAID can be blocked” (event (3) occurring as a device) and a “status of each disk in a DLU unit” (2). When one of the “events in which RAID can be blocked” occurs, the table is referred to, and it is determined whether or not the RAID group is to be blocked. The table is stored in the memory, etc. of the CM 101, and it is determined by the CM 101. In this table “o” indicates blocking, and “x” indicates not blocking.
The “events in which RAID can be blocked” are, in the examples shown in FIG. 2, a “broken BRT pair”, a “broken port of a BRT pair”, a “broken BRT pair (BRT straddle)”, a “broken port of the BRT pair (BRT straddle)”, a “P1 transition to Ne (not exist)”, etc., and various other events can also occur.
The “broken BRT pair” refers to, for example, both BRTs 102 and 103 have been broken. Therefore, in this case, all “o (blocking)” is indicated regardless of the status of each disk.
The “broken port of the BRT pair” refers to, for example, the case where the ports connected to the same RAID group in the BRTs 102 and 103 are broken. The “BRT straddle” refers to the case where the disks belonging to the same RAID group are connected to different systems. For example, as shown in FIG. 5, a disk P1 connected to the systems of a BRT 0 and a BRT 1 and a disk P2 connected to a BRT 2 and a BRT 3 belong to the same RAID group.
Described below is the meaning of each symbol (indicating a status) shown in FIG. 2.
The DLU is explained first. As shown in FIGS. 3A and 3B, the RLU refers to the RAID group itself, and the DLU refers to a concept of a connection of a logical volume to a physical volume. The DISK refers to each hard disk itself. As shown in FIG. 3A, in the case of a RAID 1, the DLU and the RLU store the same contents. Therefore, the DLU shown in FIG. 2 can be replaced with the RLU.
The disks P1, P2, HS1, and HS2 shown in FIG. 2 are the names assigned to each disk constituting one RAID group. As shown in FIG. 3A, in the RAID 1, the RAID group is constituted by two disks (P1 and P2), and the same data is written to both disks P1 and P2. Practically, spare disks (referred to as hot spares) are prepared as indicated by the disk HS1 and disk HS2 shown in FIG. 2.
The meanings of the symbols such as Av, Br, etc. indicating the statuses of the DLU and each disk shown in FIG. 2 are described below.
That is, Av (available indicating an available status, Br (broken indicating a broken status), Fu (failed usable indicating a read permitted status when a RAID is faulty), Ex (exposed indicating an exposed status), Ne (not exist indicating a temporarily invisible status due to loop down, etc.), Rb (rebuild indicating a rebuild status), Spr (sparing indicating a redundant copy status), SiU (spare in use indicating a hot spare in use status, Cp (copyback indicating a copyback status), and an SpW (Spr+WF) status.
As shown in FIG. 2, depending on the status of each disk constituting the DLU/RLU, the status of the DLU/RLU is determined. For example, if both disks P1 and P2 are in the available status (Av), the DLU naturally becomes available status (Av) It is explained below by referring to FIG. 4.
The case shown in FIG. 4A is described above. In this available status, when one of the disks becomes broken status, its DLU becomes the exposed status (Ex) (FIG. 4B). As shown in FIG. 2, when the disk becomes Ne status, not the broken status (Br), the DLU becomes the exposed status. Otherwise, for example, when the disk P1 are poor condition, the disk P1 is put in the Spr status, the disk HS1 is put in the Rb status, and the data of the disk P1 is copied to the disk HS1, thereby bringing the disk P2 into the Br status. In this case, the DLU becomes the exposed status.
When the status shown in FIG. 4B is entered, it is necessary that two or more disks store the same data in the RAID 1. Therefore, to use the above-mentioned hot spare (HS 1 in this example), the stored data in the disk P1 is copied to the disk HS1 as shown in FIG. 4C. In this status, the disk HS1 is in the Rb status, and the DLU is also in the Rb status. When the data is completely copied, the disk HS1 becomes the available status as shown in FIG. 4D. Thus, the status of the DLU in the available status using the hot spare enters the Siu status.
When any fault but not a broken status occurs and there is fear in continuously using the disk (P2 in this example), the disk P2 is put in the Spr status as shown in FIG. 4E, and the hot spare (HS1 in this example) is put in the Rb status, and the data on the disk P2 is copied to the hot spare. The status of the DLU is the redundant copy (Spr) status.
While the normal operation is being performed using the hot spare and, for example, the disk P2 becomes available, the disk P2 is put in the Rb status as shown in FIG. 4F, and the stored data is copied to the disk P2. The status of the DLU at this time is the copyback (Cp) status.
Furthermore, as shown in FIG. 4G, when one of the disks P1 and P2 is in the Fu status, and the other is in the Br status, the DLU is in the Br status. When the RAID group come to be in the unavailable status (when both disks P1 and P2 are broken), the disks broken then are not put in the Br status. In the example shown in FIG. 4G, the disk P2 is in the Br status because the disk P2 first falls in the broken status. However, when the disk P1 is broken afterwards, it is not put in the Br status, but put in the Fu status, thereby saving the most possible stored data. In the case of the RAID 1, the device is not put in the unavailable status when only one disk is broken, but in the case of the RAID 0, the device is put in the unavailable status when only one disk is broken. Therefore, there is no disk which is placed in the Br status.
The DLU is in the Siu status in the status shown in FIG. 4H in addition to the status shown in FIG. 4D. In FIG. 4H, since the disk P1 additionally becomes faulty from the status shown in FIG. 4D, the disk P1 is put in the Spr status, and the data is being copied to the disk HS2 (naturally the disk HS2 is in the Rb status).
As shown at the upper right in FIG. 2, for example, when the disk P2 is not in the Spr status, but in the SpW (Spr+WF) status, the DLU assumes that it is in the Spr status. The “Spr+WF” is explained by referring to FIGS. 4I and 4J.
First, as shown in FIG. 4I, it is assumed that a write occurs when the disk P1 is in the Av status, the disk P2 is in the Spr status, the disk HS1 is in the Rb status, and data is being copied from the disk P1 to the disk HS1. In this case, the write is performed on all disks as shown in FIG. 4I. Then, as shown in FIG. 4I, it is assumed that the write has failed on the disk P2. Since the disk P2 stores the OLD data on the disk P2 (the status before the write), data cannot be read from the disk P2. Therefore, as shown in FIG. 4J, the disk P2 is put in the “Spr+WF” status. However, in this status, the copy from the disk P2 to the disk HS1 is continued. FIG. 2 show this status at the upper right portion.
In addition, the technologies disclosed by the patent documents 1, 2, and 3 are well known.
The invention disclosed by the patent document 1 is an error retrial method in which the determining process by a computer can be reduced and a wasteful retrial process can be reduced in the fault recovery process when a fault occurs at an input/output operation request to the peripheral device having a disk device.
The invention disclosed by the patent document 2 is a method of automatically bypassing the device connected to the HUB for each port by the cooperation of various monitors when a fault occurs in a FC-AL connected system, collecting fault information by executing the T & D, and managing the information with the log information.
The invention of the patent document 3 is a method of blocking a device path to prevent the influence of a fault by blocking only a corresponding device path if the fault depends on a device path according to a fault notification from the disk subsystem.
[Patent Document 1] Japanese Published Patent Application No. 2000-132413
[Patent Document 2] Japanese Published Patent Application No. 2000-215086
[Patent Document 3] Japanese Published Patent Application No. H4-291649
In the above-mentioned conventional system shown in FIG. 2, there are the following problems (1) through (4), etc.
(1) Each time the “event in which RAID can be blocked” increases, the event is added to the table, and it is necessary to set the possibility of the RAID blocking depending on the combination of the additional event and various “statuses in which the RAID group is put”, thereby requiring laborious operations.(2) When an event which cannot be handled only using the table shown in FIG. 2 occurs, it is necessary to perform exceptional handling.(3) As a result of adding the exceptional handling described in (2) above, the logic becomes complicated, and it is hard to perform appropriate maintenance.(4) Since the “event in which RAID can be blocked” is designated, a logic cannot be shared, and the number of source codes increases.
The patent documents 1 through 3 have nothing to do with solving the above-mentioned problems. That is, the invention according to the patent document 1 relates to the retrial process for the disk device, and does not relate to the method for handling an error in the disk device. The invention of the patent document 2 relates to a recovery method and collecting fault information/log information as a system when a fault occurs in any subsystem, and has nothing to do with the method for handling error in a subsystem (in the disk device in this example). The patent document 3 is the invention for regarding a device path, automatically blocking the device path when it is in an abnormal condition, and minimizing the influence on the system, but does not relate to the protection of data of the RAID group in the device path blocked after the device path is blocked.