In a typical enterprise storage system, storage servers couple to a plurality of disk arrays via a SAN (storage area network). The storage servers write and read data from the disk arrays in response to requests from clients. Typically, each disk array comprises a plurality of disk drives and at least two controllers. Many disk arrays include a hot swappable feature, which upon failure of a disk drive or a controller allows replacement of the failed component without interrupting operation of remaining components. Often, the disk arrays employ a RAID (redundant array of independent disks) technique to mirror data or create parity data so that a failed disk drive does not lead to loss of data within the disk array.
Numerous techniques are available for protecting against a disk array failure or a site failure. These include backup and inter-array mirroring techniques. Backup techniques include local backup, local backup with remote vault storage, and remote backup. Backup techniques may employ tape backup or backup to a disk media. Backups may be full backups or a combination of full backups and incremental backups or some other backups such as compressed deltas. Backup techniques may employ space-efficient snapshots or split-mirrors/clones. Inter-array mirroring techniques include local mirroring and remote mirroring. Remote mirroring can range from locating a secondary storage in an adjacent building to locating the secondary storage on another continent. Remote mirroring may employ synchronous mirroring, asynchronous mirroring, or batched asynchronous mirroring. Both backup and mirroring techniques require setting numerous parameters.
Backup and mirroring may also be used in other storage systems such as workgroup storage systems and storage systems for desktop computers. Unfortunately, within even a single data protection technique such as backup or mirroring, the range of available configurations and options is large.
Storage systems have been designed and built which employ backup or mirroring to provide some assurance of dependability. The typical design practice looks to a previous design which addresses a similar size and class of storage system to find a base design and then possibly adjusts some parameters using rules of thumb to tailor the design for the particular application. This design process often results in a design that is not as dependable as what is desired or that is significantly over-provisioned. It would be much more desirable to employ a design process that designs a storage system to meet dependability criteria.
What is needed is a method of designing a storage system which meets dependability criteria.