Distributed system resource protection via arbitration and ownership
First Claim
1. In a distributed computer system having nodes capable of accessing a resource, a method comprising:
- at a first node, taking ownership of the resource including placing a persistent reservation on the resource that prevents other nodes from accessing the resource;
at a second node, challenging the persistent reservation by;
1) modifying the persistent reservation into a modified persistent reservation that prevents other nodes from accessing the resource, the modifying of the persistent reservation performed such that the resource cannot be accessed during the transition to the modified persistent reservation; and
2) enabling the first node to defend its persistent reservation; and
at the second node, determining whether the first node failed to defend its persistent reservation, and if not defended, taking ownership of the resource.
2 Assignments
0 Petitions
Accused Products
Abstract
In a distributed system, a resource such as a storage device is protected by an owner node'"'"'s exclusive access to it, wherein exclusive access is established via a persistent reservation on the resource. A persistent reservation is never removed, however the owner node'"'"'s persistent reservation may be challenged in an arbitration process, to take it away from a failed owner node. A challenger node challenges by changing an owner'"'"'s access key (that establishes the persistent reservation) to a challenge key, delaying, and determining whether the owner restored the owner'"'"'s access key during the delay, because a properly operating owner replaces a challenge key with its owner access key. If the owner fails to restore its owner access key, the challenger node becomes the new resource owner by replacing the challenge key with an owner access key of the challenger node. The key may include additional information to provide extensibility.
123 Citations
31 Claims
-
1. In a distributed computer system having nodes capable of accessing a resource, a method comprising:
-
at a first node, taking ownership of the resource including placing a persistent reservation on the resource that prevents other nodes from accessing the resource;
at a second node, challenging the persistent reservation by;
1) modifying the persistent reservation into a modified persistent reservation that prevents other nodes from accessing the resource, the modifying of the persistent reservation performed such that the resource cannot be accessed during the transition to the modified persistent reservation; and
2) enabling the first node to defend its persistent reservation; and
at the second node, determining whether the first node failed to defend its persistent reservation, and if not defended, taking ownership of the resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. In a network of distributed computing devices, a system comprising:
-
a resource arranged to be owned based on reservation data associated therewith;
a first node connected to the resource and having ownership of the resource via first reservation data, and having a first process therein that is configured to defend ownership of the resource while the first node is operational by restoring any changes to the reservation data back to the first reservation data;
a second node connected to the resource, the second node having a second process configured to challenge for ownership of the resource by modification of the reservation data into second reservation data, the modification of the reservation data being such that the resource cannot be accessed during the transition to the second reservation data;
wherein the second node modifies the first reservation data into the second reservation data, delays and then reads the reservation data to challenge for ownership, the second node obtaining ownership if it reads the second reservation data; and
wherein when properly operating, the first node defends against the challenge by restoring the second reservation data back to the first reservation data during the second node'"'"'s delay such that the second node will not read the second reservation data. - View Dependent Claims (20, 21, 22, 23)
-
-
24. A computer-readable medium having stored thereon a data structure, comprising,
a reserver data field containing a reserver identifier; -
a owner data field containing an owner identifier; and
the data structure associated with a resource and used to establish ownership of the resource and arbitrate for ownership of the resource, ownership being established by having the reserver identifier in the reserver data field equal to the owner identifier in the owner data field, and ownership being arbitrated for, including;
an owner, when operational, reading the reserver data field to see if it equals the owner identifier, and if not, writing the owner identifier into the reserver data field to win the arbitration and establish ownership; and
a challenger writing a challenger identifier into the reserver data field, delaying and then reading the reserver data field to see if it equals the challenger identifier, and if so, the challenger winning the arbitration and establishing ownership by writing the challenger identifier into the owner data field. - View Dependent Claims (25, 26, 27, 28, 29)
-
-
30. In a distributed computer system having nodes capable of accessing a storage device, a method comprising:
-
at a first node, placing a persistent reservation on the storage device including writing a first node identifier into reserver and owner fields of a reservation key that determines access to the device, accessing the device via the reservation key, and defending against challenges by writing the first node identifier into the reserver field when the first node detects that the first node identifier is in the owner field but not in the reserver field;
at a second node, challenging the persistent reservation key by writing a second node identifier into the reserver field of the reservation key, delaying, and determining whether the first node has failed to replace the second node identifier in the reserver field during the delay, and if not replaced, taking ownership of the storage device including writing the second node identifier into the owner field. - View Dependent Claims (31)
-
Specification