Fault tolerant computer system

US 5,455,932 A
Filed: 10/20/1992
Issued: 10/03/1995
Est. Priority Date: 09/24/1990
Status: Expired due to Term

First Claim

Patent Images

1. A method of disk mirroring in a computer system, comprising the steps of:

providing a first processing means for operation of said computer system;

providing a second processing means for operation of said computer system;

providing said first processing means with primary mass storage;

providing said second processing means with secondary mass storage;

providing a first manager for control of said primary mass storage;

providing a second manager for control of said second mass storage;

synchronizing said primary mass storage and said secondary mass storage using said first manager and said second manager;

marking said primary mass storage and said secondary mass storage with a current synchronization level counter value to indicate that said primary mass storage and said secondary mass storage are fully synchronized;

changing said current value synchronization level counter when there is a change to synchronization state.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for providing a fault-tolerant backup system such that if there is a failure of a primary processing system, a replicated system can take over without interruption. The invention provides a software solution for providing a backup system. Two servers are provided, a primary and secondary server. The two servers are connected via a communications channel. The servers have associated with them an operating system. The present invention divides this operating system into two "engines." An I/O engine is responsible for handling and receiving all data and asynchronous events on the system. The I/O engine controls and interfaces with physical devices and device drivers. The operating system (OS) engine is used to operate on data received from the I/O engine. All events or data which can change the state of the operating system are channeled through the I/O engine and converted to a message format. The I/O engine on the two servers coordinate with each other and provide the same sequence of messages to the OS engines. The messages are provided to a message queue accessed by the OS engine. Therefore, regardless of the timing of the events, (i.e., asynchronous events), the OS engine receives all events sequentially through a continuous sequential stream of input data. As a result, the OS engine is a finite state automata with a one-dimensional input "view" of the rest of the system and the state of the OS engines on both primary and secondary servers will converge.

Citations

8 Claims

1. A method of disk mirroring in a computer system, comprising the steps of:
- providing a first processing means for operation of said computer system;
  
  providing a second processing means for operation of said computer system;
  
  providing said first processing means with primary mass storage;
  
  providing said second processing means with secondary mass storage;
  
  providing a first manager for control of said primary mass storage;
  
  providing a second manager for control of said second mass storage;
  
  synchronizing said primary mass storage and said secondary mass storage using said first manager and said second manager;
  
  marking said primary mass storage and said secondary mass storage with a current synchronization level counter value to indicate that said primary mass storage and said secondary mass storage are fully synchronized;
  
  changing said current value synchronization level counter when there is a change to synchronization state.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1 further including the steps of:
    - determining whether both processing means will perform a disk operation using said first manager;
      
      completing said disk operation by said first processing means and waiting until it has received completion confirmation from said second processing means when both I/O engines perform said disk operation;
      
      determining by said first manager which processing means will perform said disk operation when said first manager determines that only one processing means will perform said disk operation;
      
      transferring data by the processing means that performs said disk operation to the other processing when only one processing means performs said disk operation.
  - 3. The method of claim 1 wherein said first processing means tracks which memory blocks have been changed.
  - 4. The method of claim 1 further including the steps of:
    - changing said current synchronization level counter value by a surviving processing means upon the failure of the other processing means;
      
      tracking memory blocks written to disk by said surviving processing means;
      
      verifying that the failed processing means has the same data as before said failure upon said failed processing means being brought back on line;
      
      synchronizing a repaired processing means by transfer to said repaired processing means the memory blocks that were changed while it was out of service.

5. A method for executing an operation in a fault tolerant computer system comprising the steps of:
- providing a first processing means for operation of said computer system, said first processing means comprising a first operating system (OS) engine and a first input/output (I/O) engine;
  
  generating a request by said first OS engine to said first I/O engine and said first OS engine waiting for a reply from said first I/O engine;
  
  executing in said first I/O engine the requested operation as specified by said request and matching an initial I/O event by matching it with said request.
- View Dependent Claims (6)
- - 6. The method of claim 5 further including the steps of:
    - providing a second processing means, said second processing means comprising a second operating system (OS) engine and a second input/output (I/O) engine;
      
      determining by said first I/O engine that there is an event for said first OS engine;
      
      building said event into a message by said first I/O engine and communicating said message to said second I/O engine;
      
      waiting by said first I/O engine until said second I/O engine accepts said message before providing said message to said first OS engine;
      
      accepting said message from said first I/O engine by said second I/O engine if said second I/O engine is ready;
      
      sending an acknowledgement of said message by said second I/O engine to said first I/O engine and placing said event in the event queue of said second OS engine;
      
      placing the event in the event queue of said first OS engine after acceptance of said message by said second I/O engine;
      
      executing said event by said first I/O engine;
      
      determining if said event should be executed by said second processing means;
      
      waiting by the first I/O engine for the completion of said event by said second processing means if secondary execution is necessary;
      
      executing said request by said second processing means if said secondary execution is necessary;
      
      informing said first I/O engine of completion of said request by said second processing means if said secondary execution is necessary;
      
      determining by said first I/O engine if said event generates a completion event;
      
      generating said completion event by said first I/O engine if said completion event is necessary;
      
      waiting by the second I/O engine for said completion event from said first I/O engine if said completion event is necessary.

7. A method for synchronous management of timer interrupts, comprising the steps of:
- providing a first processing means for operation of a computer system, said first processing means comprising a first operating system (OS) engine and an input/output (I/O) engine;
  
  defining a timer interrupt as an event;
  
  placing said timer interrupt in an event queue;
  
  relinquishing control of said first OS engine by a task currently running on said first OS engine;
  
  executing said first timer interrupt by said first OS engine when said OS engine reaches a message in said event queue.

8. A method of defining the states of a fault tolerant computer system comprising the steps of:
- providing a first processing means for operation of said computer system, said first processing means comprising a first operating system (OS) engine and a first input/output (I/O) engine;
  
  providing a second processing means, said second processing means comprising a second operating system (OS) engine and a second input/output (I/O) engine;
  
  providing a first state to define the status of the fault tolerant computer to identify when said first engine is operational but said first engine is not operational called No Server Active State;
  
  providing a second state to define the status of the fault tolerant computer to identify when said first I/O engine is operational but said second I/O engine is not called Primary System With No Secondary State;
  
  providing a third state to define the status of the fault tolerant computer to identify when said first I/O engine is running in a mirrored primary system;
  
  providing a fourth state to define the status of the fault tolerant computer to identify when said first I/O engine is running in a mirrored secondary system;
  
  allowing a transition from said first state to said second state when said first OS engine is activated;
  
  allowing a transition from said second state to said third state when said first processing means is synchronized with said second processing means;
  
  allowing a transition from said first state to said fourth state when said second OS engine is synchronized with said first processing means;
  
  allowing a transition from said fourth state to said second state when said first processing means fails;
  
  allowing a transition from said third state to said second state when said second processing means fails.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
EMC Corporation (Dell Technologies Inc.)
Original Assignee
Novell Incorporated (Open Text Corporation)
Inventors
Powell, Kyle, Neibaur, Dale, Major, Drew
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
Chung, Phung M.

Application Number

US07/964,077
Time in Patent Office

1,078 Days
Field of Search

371/9.1, 371/8.1, 371/8.2, 371/12, 371/47.1, 371/46, 364/290 MS, 364/268.3 MS, 364/268.9 MS, 364/699.2 MS, 395/575 MS, 395/550
US Class Current

711/162
CPC Class Codes

G06F 11/1482   by means of middleware or O...

G06F 11/1658   Data re-synchronization of ...

G06F 11/1687   at event level, e.g. by int...

G06F 11/2038   with a single idle spare pr...

G06F 11/2048   where the redundant compone...

G06F 11/2076   Synchronous techniques

Fault tolerant computer system

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Fault tolerant computer system

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links