The present invention generally relates to efficient failover and failback techniques in a data storage system, and more particularly to efficient failover and failback techniques for data storage systems utilizing at least dual-active controller configuration for minimizing a delay in responding to input/output requests from a host system following a controller failure.
Modern computers, particularly computers operating in a server environment, typically require or at least benefit from a large, fault-tolerant data storage system. Storage devices (such as hard disk drives) in all computer systems are susceptible to failures caused by temperature variations, head crashes, motor failure, controller failure, changing voltage conditions, and mechanical and electrical failure generally. To improve reliability and protect the data in data storage systems, many data storage systems use a redundant array of independent disks (RAID) controlled or operated by a disk array controller. Conventional RAID systems typically consist of several individual disk controllers combined with a rack or enclosure of storage devices to provide a fault-tolerant data storage system that is directly attached to a host computer system. The host system is then connected to a network of client computers to provide a large, fault-tolerant pool of storage accessible to all network clients. Typically, the disk array controller provides the brains of the data storage system, servicing all host requests, storing data to storage devices, such as, for example, RAID drives, caching data for fast access, and handling any drive failures without interrupting host requests.
Disk array controllers may generally include one or both of storage controllers and caching controllers. A storage controller (or non-caching storage controller) is a device which is capable of directing data traffic from the host system to one or more non-volatile storage devices. It may or may not have an intermediary cache to stage data between the non-volatile storage device and the host system. A caching controller (or caching storage controller) is a device which is capable of directing the data traffic from a host system to one or more non-volatile storage devices which uses an intermediary data storage device (the cache memory) to stage data between the non-volatile storage device and the host system. In general, the intermediary storage device is built out of RAM or other solid-state memory to allow a quicker access time to the data. Furthermore, it provides a buffer in which to allow exclusive-or (XOR) operations to be completed for RAID Level 5 (RAID 5) operations.
Multiple active (multi-active) controllers are defined as a collection of storage controllers or caching storage controllers which work in a cooperative manner with each other. They provide the ability for recovering from a controller failure by allowing multiple paths to a storage volume. Dual-active controllers are one example of such multi-active controllers. The storage volume is a contiguous range of randomly accessible sector of data. For practical purposes, the sector numbering starts at 0 and goes to N, where N is the total number of sectors available to the host system. A data extent is a range of data within a storage volume delineated by a starting sector and an ending sector. The storage volume is broken up into a number of data extents which are not required to be of equivalent sizes, but may not overlap. These concepts are used in the discussion of the background and the detailed description of embodiments of the invention, and apply to both.
Caching data by a caching controller into a cache memory increases the performance of data storage and retrieval operations by maintaining a collection of the most recent references to the stored and/or retrieved data made by a host computer. Cache memory can typically be operated in a write-back or write-through mode. In a write-back mode, write data is temporarily stored in the cache and written out to disk at a subsequent time. An advantage of this mode is that it increases the controller""s performance. The RAID or other disk or storage array controller notifies a host computer that the write operation succeeded (by sending the host computer a completion status) although the write data has not been stored on the disk.
It is desirable for a data storage system to reliably function with any type of failed component, including a failed disk array controller. Failure of a single disk array controller in a data storage system having a single, or multiple independent controllers, renders the tasks that were being performed by the failed controller, and/or those tasks scheduled to be performed by the failed controller, inoperable.
Worse yet, the failure of a single disk array controller in a data storage system having only one controller, renders the entire RAID system inoperable. (Hereinafter, xe2x80x9cdisk array controllerxe2x80x9d is often referred to as xe2x80x9ccontrollerxe2x80x9d to simplify the description, unless otherwise stated.) To circumvent the problem of a single point of failure that all single controller RAID systems exhibit and provide redundancy to a data storage system, dual active controllers were implemented. Multiply-active controllers provide additional redundancy.
A dual active controller configuration typically consists of a first controller and a second controller coupled to one another (or integrated in some manner), so that in the event of a single controller failure, the surviving controller is able to take over the tasks that were being performed by the failed controller, and perform those tasks that were scheduled to be performed by the failed controller.
To take over the tasks of a failed controller, a surviving controller must keep track of both the tasks that its partner controller is working on, and the tasks that its partner controller is scheduled to work on before the failure occurs. To illustrate this, consider, for example, that a controller fails before data stored in its cache (in response to a write request from a host computer) is written onto a system drive. Data in the cache of a failed controller is lost in the event of an electrical failure unless, for example, the cache memory is provided with a battery backup and the memory itself has not failed. In this situation, it is desirable for a surviving controller to complete the scheduled task of the failed controller by writing the data that was in the failed controller""s cache onto the storage device. To accomplish this, a surviving controller in active configuration would need to have a copy, or a mirror of the failed controller""s cache. However, state-of-the-art data storage systems are limited because there are no known structure or procedures for copying or mirroring a controller""s cache between other different controllers in active configuration.
Therefore, there remains a need to overcome the above limitations in the existing art which is satisfied by the inventive structure and method described hereinafter.
The present invention overcomes the identified problems associated with conventional systems and methods by providing an efficient failover and failback technique in a data storage system. More specifically, the invention provides a method for efficient failback technique in a data storage system utilizing a dual-active controller configuration for minimizing a delay in responding to input/output (I/O) requests from a host system following a controller failure. A stripe lock data structure is defined to maintain reservation status or stripe locks of cache lines within data extents that are part of a logical unit or storage volume. When a controller fails, dirty cache line data of a failed controller is taken over by a survivor controller. The stripe lock data structure is used to process I/O requests from a host system, by the failed controller. The data storage system functions in a single-active configuration until the dirty cache line data is flushed to one or more storage volumes, by the survivor controller. Once the dirty cache line data is flushed to the system drive, the data storage system continues processing host I/O requests in the dual-active or multiply-active configuration.
The inventive structure and method provide a storage volume reservation system in a computing environment that allows data access through two or more caching controllers. The stripe lock data structure is defined in memory within each of the two or more caching controllers. The stripe lock data structure is used to provide consistent information within each of the two or more caching controllers. In addition, the stripe lock data structure is used by a failed controller to process I/O requests from a host system until dirty cache line data is flushed to one or more storage volumes by a survivor controller.
A computer program and computer program product for efficient failover and/or failback in a data storage system is also provided, a data storage system managed in dual active controller configuration is also provided which includes a computer readable medium and a computer mechanism stored thereon for implementing the inventive method and procedures thereof. Method and structure which minimizes a delay required to begin processing of host I/O request following a controller failure are also advantageously provided.