Fault tolerant computer system

US 5,157,663 A
Filed: 09/24/1990
Issued: 10/20/1992
Est. Priority Date: 09/24/1990
Status: Expired due to Term

First Claim

Patent Images

1. A method for providing a fault tolerant computer system comprising the steps of:

providing a first processing means for operation of said computer system, said first processing means comprising a first operating system (OS) engine and a first input/output (I/O) engine;

providing a second processing means, said second processing means comprising a second operating system (OS) engine and a second input/output (I/O) engine;

determining a state of said first processing means and providing said state to said second processing means;

defining an operation that can change said state of said first OS engine as an event;

providing a plurality of events to said first I/O engine and converting each of said events into a message;

providing said message to a first message queue in said first OS engine and to a second message queue in said second OS engine;

executing said message in said first OS engine and said second OS engine;

switching said computer system operation to said second processing means upon failure of said first processing means, such that no loss of operation of said computer system occurs during said switchover.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for providing a fault-tolerant backup system such that if there is a failure of a primary processing system, a replicated system can take over without interruption. The invention provides a software solution for providing a backup system. Two servers are provided, a primary and secondary server. The two servers are connected via a communications channel. The servers have associated with them an operating system. The present invention divides this operating system into two "engines." An I/O engine is responsible for handling and receiving all data and asynchronous events on the system. The I/O engine controls and interfaces with physical devices and device drivers. The operating system (OS) engine is used to operate on data received from the I/O engine. All events or data which can change the state of the operating system are channeled through the I/O engine and converted to a message format. The I/O engine on the two servers coordinate with each other and provide the same sequence of messages to the OS engines. The messages are provided to a message queue accessed by the OS engine. Therefore, regardless of the timing of the events, (i.e., asynchronous events), the OS engine receives all events sequentially through a continuous sequential stream of input data. As a result, the OS engine is a finite state automata with a one-dimensional input "view" of the rest of the system and the state of the OS engines on both primary and secondary servers will converge.

370 Citations

32 Claims

1. A method for providing a fault tolerant computer system comprising the steps of:
- providing a first processing means for operation of said computer system, said first processing means comprising a first operating system (OS) engine and a first input/output (I/O) engine;
  
  providing a second processing means, said second processing means comprising a second operating system (OS) engine and a second input/output (I/O) engine;
  
  determining a state of said first processing means and providing said state to said second processing means;
  
  defining an operation that can change said state of said first OS engine as an event;
  
  providing a plurality of events to said first I/O engine and converting each of said events into a message;
  
  providing said message to a first message queue in said first OS engine and to a second message queue in said second OS engine;
  
  executing said message in said first OS engine and said second OS engine;
  
  switching said computer system operation to said second processing means upon failure of said first processing means, such that no loss of operation of said computer system occurs during said switchover.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 further including the steps of:
    - providing each event to said second I/O engine when said first processing means does not operate;
      
      converting each of said events to a message in said second I/O engine;
      
      providing said message to said second message queue in said second OS engine for execution by said second OS engine.
  - 3. The method of claim 1 wherein said steps of determining the state of said first processing means and providing said state to said second processing means comprises the steps of:
    - executing in said first OS engine any messages available to said first OS engine until said first OS engine has achieved a stable state; and
      
      ,transferring a memory image of said first OS engine through said first I/O engine to said second processing means.
  - 4. The method of claim 1 wherein said first processing means comprises at least one processor.
  - 5. The method of claim 1 wherein said second processing means comprises at least one processor.
  - 6. The method of claim 1 further including the steps of:
    - generating a request in said OS engine, said request for accomplishing an input/output operation;
      
      providing said request to a first request queue in said first I/O engine for execution by said first I/O engine;
      
      generating a reply to said first OS engine to indicate execution of said request.
  - 7. The method of claim 1 wherein said event is asynchronous.

8. A fault tolerant computer system comprising:
- first processing means for operation of said computer system, said first processing means comprising a first operating system (OS) engine and a first input/output (I/O) engine;
  
  second processing means comprising a second operating system (OS) engine and a second input/output (I/O) engine;
  
  said first I/O engine coupled to said second I/O engine on a first bus;
  
  said first I/O engine including a converting means for converting operations that can change said state of said first OS engine into a message;
  
  said first I/O engine for providing said message to a first message queue in said first OS engine and to a second message queue in said second OS engine;
  
  said first OS engine and said second OS engine including means for executing said message;
  
  means for switching said computer system operation to said second OS engine upon failure of said first processing means such that no loss of operation of said computer system occurs during said switchover.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
- - 9. The computer system of claim 8 wherein said first processing means comprises at least one processor.
  - 10. The computer system of claim 8 wherein said second processing means comprises at least one processor.
  - 11. The computer system of claim 8 further including a first storage means coupled to said first processing means, said first storage means storing a memory image corresponding to said state of said first OS engine.
  - 12. The computer system of claim 11 further including a second storage means coupled to said second processing means, said second storage means storing a memory image corresponding to said state of said second OS engine.
  - 13. The computer system of claim 8 wherein said first OS engine controls execution of instructions of said computer system.
  - 14. The computer system of claim 13 wherein said second OS engine controls execution of instructions of said computer system when said first OS engine cannot execute said instructions.
  - 15. The computer system of claim 8 wherein said I/O engine controls communication with input and output devices.
  - 16. The computer system of claim 8 wherein said message comprises synchronous and asynchronous events.

17. A method for providing a fault tolerant computer system comprising the steps of:
- providing a first processing means for operation of said computer system, said first processing means comprising a first operating system (OS) engine and a first input/output (I/O) engine;
  
  providing a second processing means comprising a second operating system (OS) engine and a second input/output (I/O) engine;
  
  determining a state of said first processing means and providing said state to said second processing means;
  
  defining an operation that can change said state of said first OS engine as an event;
  
  providing a plurality of events to said first I/O engine and serializing said events into an event sequence;
  
  providing successive events in said event sequence to said first OS engine and to said second OS engine;
  
  executing said successive events in said first OS engine and said second OS engine,switching said computer system operation to said second processing means upon failure of said first processing means, such that no loss of operation to said computer system occurs during said switchover.
- View Dependent Claims (18, 19, 20, 21, 22, 23)
- - 18. The method of claim 17 further including the steps of:
    - providing each event to said second I/O engine when said first processing means does not operate;
      
      serializing said events into an event sequence in said second I/O engine;
      
      providing successive events of said event sequence to said second OS engine for execution by said second OS engine.
  - 19. The method of claim 17 wherein said step of determining the state of said first processing means and providing said state to said second processing means comprises the steps of:
    - executing in said first OS engine any successive events available to said first OS engine until said first OS engine has achieved a stable state; and
      
      ,transferring a memory image of said first OS engine through said first I/O engine to said second processing means.
  - 20. The method of claim 17 wherein said first processing means comprises at least one processor.
  - 21. The method of claim 17 wherein said second processing means comprises at least one processor.
  - 22. The method of claim 17 further including the steps of:
    - generating a request in said OS engine, said request for accomplishing an input/output operation;
      
      providing said request to a first request queue in said first I/O engine for execution by said first I/O engine;
      
      generating a reply to said first OS engine to indicate execution of said request.
  - 23. The method of claim 17 wherein said plurality of events are asynchronous.

24. A fault tolerant computer system comprising:
- first processing means for operation of said computer system, said first processing means comprising a first operating system (OS) engine and a first input/output (I/O) engine;
  
  second processing means comprising a second operating system (OS) engine and a second input/output (I/O) engine;
  
  said first I/O engine coupled to said second I/O engine on a first bus;
  
  said first I/O engine including a converting means for converting operations that can change said state of said first OS engine into an operation sequence;
  
  said first I/O engine for providing said operations in sequence to said first OS engine and to said second OS engine;
  
  said first OS engine and said second OS engine including means for executing said operations;
  
  means for switching said computer system operation to said second OS engine upon failure of said first processing means such that no loss of operation of said computer system occurs during said switchover.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32)
- - 25. The computer system of claim 24 wherein said first processing means comprises at least one processor.
  - 26. The computer system of claim 24 wherein said second processing means comprises at least one processor.
  - 27. The computer system of claim 24 further including a first storage means coupled to said first processing means, said first storage means storing a memory image corresponding to said state of said first OS engine.
  - 28. The computer system of claim 27 further including a second storage means coupled to said second processing means, said second storage means storing a memory image corresponding to said state of said second OS engine.
  - 29. The computer system of claim 24 wherein said first OS engine controls execution of instructions of said computer system.
  - 30. The computer system of claim 29 wherein said second OS engine controls execution of instructions of said computer system when said first OS engine cannot execute said instructions.
  - 31. The computer system of claim 24 wherein said I/O engine controls communication with input and output devices.
  - 32. The computer system of claim 24 wherein said sequence comprises synchronous and asynchronous operations.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Novell Incorporated (Open Text Corporation)
Original Assignee
Novell Incorporated (Open Text Corporation)
Inventors
Powell, Kyle, Major, Drew, Neibaur, Dale
Primary Examiner(s)
BEAUSOLIEL JR, ROBERT W

Application Number

US07/586,807
Time in Patent Office

757 Days
Field of Search

371/9.1, 371/8.1, 371/8.2, 371/12, 364/200, 364/900
US Class Current

714/10
CPC Class Codes

G06F 11/1482   by means of middleware or O...

G06F 11/1658   Data re-synchronization of ...

G06F 11/1687   at event level, e.g. by int...

G06F 11/2038   with a single idle spare pr...

G06F 11/2048   where the redundant compone...

G06F 11/2076   Synchronous techniques

Fault tolerant computer system

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

370 Citations

32 Claims

Specification

Use Cases

Quick Links

Others

Fault tolerant computer system

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

370 Citations

32 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others