Multiple controller sharing in a redundant storage array

US 5,546,535 A
Filed: 01/13/1995
Issued: 08/13/1996
Est. Priority Date: 03/13/1992
Status: Expired due to Term

First Claim

Patent Images

1. A redundant data storage array system including:

a. a multiplicity of physical data storage units, each physical data storage unit comprising at least one logical data storage unit;

b. at least two logical arrays, each comprising at least one logical data storage unit;

c. at least two redundant array controllers, each corresponding to a logical array, at least one redundant array controller actively coupled to at least one physical data storage unit to which at least one other array controller is actively coupled, and each capable of accessing only the corresponding logical array unless another array controller has failed, whereupon an array controller other than the failed array controller is granted access to the logical array corresponding to the failed array controller; and

d. means in each redundant array controller for activating a secondary event management means corresponding to a failed controller after the switch management means determines that such a failure has occurred;

wherein each redundant array controller further includes a normally active primary event management means for controlling data flowing into and out of only the logical array corresponding to that array controller, and at least one normally dormant secondary event management means for controlling the flow of data into and out of only a logical array corresponding to another controller only after the failure of such other controller, the at least one secondary event management means becoming active only when the other controller fails, such that the primary event management means and the at least one secondary event management means share the redundant array controller that includes the primary event management means and the at least one secondary event management means;

wherein the primary event management means is capable of accessing only the logical array corresponding to the redundant array controller, and the secondary event management means is capable of accessing only the logical array corresponding to the failed controller;

wherein each redundant array controller includes a switch management means for determining that another array controller within the system has failed;

wherein the switch management means receives messages from other array controllers on a periodic basis and includes a resetable timer for determining when the time between receipt of each message has exceeded a specified duration.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A redundant array storage system including storage units divided into two logical arrays. The redundant array storage system further includes a plurality of array control units which are all fully utilized to control data transfers between the logical arrays and a central processing unit, each controller being capable of taking over the task of a failed controller. In normal operation, each redundant array controller may only access data stored in a logical array assigned to that controller. If the other redundant array controller fails, the remaining controller may access the data stored in the logical array assigned to the failed controller only through a secondary control process that is independent from the primary control process of the remaining controller. Thus, the invention prevents parity data associated with user data placed in storage from being corrupted by attempts of two or more array control units to access the same redundancy group of data concurrently.

Citations

14 Claims

1. A redundant data storage array system including:
- a. a multiplicity of physical data storage units, each physical data storage unit comprising at least one logical data storage unit;
  
  b. at least two logical arrays, each comprising at least one logical data storage unit;
  
  c. at least two redundant array controllers, each corresponding to a logical array, at least one redundant array controller actively coupled to at least one physical data storage unit to which at least one other array controller is actively coupled, and each capable of accessing only the corresponding logical array unless another array controller has failed, whereupon an array controller other than the failed array controller is granted access to the logical array corresponding to the failed array controller; and
  
  d. means in each redundant array controller for activating a secondary event management means corresponding to a failed controller after the switch management means determines that such a failure has occurred;
  
  wherein each redundant array controller further includes a normally active primary event management means for controlling data flowing into and out of only the logical array corresponding to that array controller, and at least one normally dormant secondary event management means for controlling the flow of data into and out of only a logical array corresponding to another controller only after the failure of such other controller, the at least one secondary event management means becoming active only when the other controller fails, such that the primary event management means and the at least one secondary event management means share the redundant array controller that includes the primary event management means and the at least one secondary event management means;
  
  wherein the primary event management means is capable of accessing only the logical array corresponding to the redundant array controller, and the secondary event management means is capable of accessing only the logical array corresponding to the failed controller;
  
  wherein each redundant array controller includes a switch management means for determining that another array controller within the system has failed;
  
  wherein the switch management means receives messages from other array controllers on a periodic basis and includes a resetable timer for determining when the time between receipt of each message has exceeded a specified duration.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The redundant data storage array system of claim 1, wherein the logical storage units are grouped into logical redundancy groups which are further grouped into logical volumes, each logical storage unit within a logical volume being associated with the same logical array.
  - 3. The redundant data storage array system of claim 1, wherein the logical storage units further include:
    - a. a reserved area; and
      
      b. a user area.
  - 4. The redundant data storage array system of claim 1, wherein the redundant array controllers are each capable of activating at least one of its at least one secondary event management means absent commands from another controller.
  - 5. The redundant data storage array system of claim 4, wherein each redundant array controller further includes a switch management means for determining that another array controller has failed and wherein a message from the switch management means initiates activation of at least one secondary event management means.
  - 6. The redundant data storage array of claim 5 wherein each of said switch management means comprises a resettable timer for determining when a time between receipt of each message has exceeded a specified duration.
  - 7. The redundant data storage array system of claim 1, wherein each redundant array controller further includes a switch management means for determining that another array controller has failed and wherein a message from the switch management means is sent to a remote command source which, upon receipt of the message, determines whether to activate the secondary event management means and wherein the redundant array controllers are each capable of activating a secondary event management means under commands from the remote command source.

8. A method for transferring control of a logical array from a failed array controller to a functional array controller, including the steps of:
- a. providing a plurality of logical arrays, each associated with one of a plurality of active array controllers, each array controller including a normally active event management means and a plurality of normally dormant event management means each uniquely corresponding to the normally active event management means in one of the other array controllers;
  
  b. receiving messages by the functional array controller from other array controllers on a periodic basis;
  
  c. determining when the time between receipt of each message has exceeded a specified duration;
  
  d. determining that an array controller has failed when the specified duration is exceeded for that controller;
  
  e. activating the normally dormant event management means corresponding to the active event management means in the failed controller, in the functioning array controller, after determining that an array controller has failed;
  
  f. sharing the functioning array controller by the activated normally dormant event management means and the normally active event management means of the functioning array controller,wherein at least two array controllers are actively coupled to one data storage means simultaneously;
  
  wherein the primary event management means is capable of accessing only the logical array corresponding to the functional array controller, and the secondary event management means is capable of accessing only the logical array corresponding to the failed controller.
- View Dependent Claims (9, 10)
- - 9. The method of claim 8, wherein the determination as to whether an array controller has failed is made by the steps of:
    - a. receiving messages in a functional array controller sent on regular intervals from each other array controller;
      
      b. monitoring the amount of time between messages received by the functional array controller;
      
      c. identifying any array controller that sends no message to a functional array controller within a specified amount of time, measured from the time the last message was received by the functional array controller, as a failed controller.
  - 10. The method of claim 9, wherein the logical arrays provided include logical data storage units including a reserved area for storing logical structure and status information, further including the steps of:
    - a. storing logical structure and status information in the reserved area of each of the logical data storage units of the logical array;
      
      b. reading logical structure and status information from the reserved area of one of the logical storage units associated with a failed array controller to determine whether the failed array controller was performing an operation at the time the failure occurred;
      
      c. instructing the event management means in a functioning array controller, the event management means corresponding to the active event management means in the failed array controller, to complete any operation that was begun by the active event management means within the failed array controller.

11. A method for transferring control of a logical array from a failed array controller to a functional array controller, including the steps of:
- a. providing a plurality of logical arrays, each associated with one of a plurality of a active array controllers, each array controller including a plurality of normally inactive event management means corresponding to each of the other array controllers and a normally active event management means corresponding to the array controller that includes the normally active event management means;
  
  b. providing an external control source;
  
  c. receiving messages by the functional array controller from other array controllers on a periodic basis;
  
  d. determining when the time between receipt of each message has exceeded a specified duration;
  
  e. determining that an array controller has failed when the specified duration for that array controller is exceeded;
  
  f. sending a message to the external control source indicating that an array controller has failed;
  
  g. receiving commands from the external control source to activate the normally inactive event management means corresponding to the failed array controller in the functioning array controller;
  
  h. sharing the functioning array controller by the activated normally inactive event management means and the normally active event management means of the functioning array controller,wherein at least two active array controllers are coupled to one data storage unit simultaneously;
  
  wherein the normally active event management means is capable of accessing only the logical array corresponding to the functional array controller, and the activated normally inactive event management means is capable of accessing only the logical array corresponding to the failed controller.
- View Dependent Claims (12, 13)
- - 12. The method of claim 11, wherein the determination as to whether an array controller has failed is made by the steps of:
    - a. receiving messages in a functional array controller sent on regular intervals from each other array controller;
      
      b. monitoring the amount of time between messages received by the functional array controller;
      
      c. identifying any array controller that sends no message to a functional array controller within a specified amount of time, measured from the time the last message was received by the functional array controller, as a failed controller.
  - 13. The method of claim 12, wherein the logical arrays provided include logical data storage units including a reserved area for storing logical structure and status information, further including the steps of:
    - a. storing logical structure and status information in the reserved area of each of the logical data storage units of the logical array;
      
      b. reading logical structure and status information from the reserved area of one of the logical storage units associated with a failed array controller to determine whether the failed array controller was performing an operation at the time the failure occurred;
      
      c. instructing the event management means in a functioning array controller, the event management means corresponding to the active event management means in the failed array controller, to complete any operation that was begun by the active event management means within the failed array controller.

14. A redundant data storage array system for performing data storage functions, including global functions, the data storage array system including:
- a. at least two physical data storage units, each physical data storage unit comprising at least one logical data storage unit;
  
  b. at least two logical arrays, each comprising at least one logical data storage unit, the global functions being common to both of the at least two logical arrays;
  
  c. at least two redundant array controllers, each corresponding to a logical array, one of the redundant array controllers being responsible for performing all of the global functions, at least one redundant array controller actively coupled to at least one physical data storage unit to which at least one other array controller is actively coupled, each redundant array controller being capable of accessing only the corresponding logical array unless another array controller is granted access to the logical array corresponding to the failed array controller; and
  
  d. means in each redundant array controller for activating a secondary event management means corresponding to a failed controller after the switch management means determines that such a failure has occurred;
  
  wherein each redundant array controller further includes a normally active primary event management means for controlling data flowing into and out of only the logical array corresponding to that array controller, and at least one normally dormant secondary event management means for controlling the flow of data into and out of only a logical array corresponding to another controller only after the failure of such other controller, the at least one secondary event management means becoming active only when the other controller fails, such that the primary event management means and the at least one secondary event management means share the redundant array controller that includes the primary event management means and the at least one secondary event management means;
  
  wherein the primary event management means is capable of accessing only the logical array corresponding to the redundant array controller having the primary event management means, and the secondary event management means is capable of accessing only the logical array corresponding to the failed controller;
  
  wherein each redundant array controller includes a switch management means for determining that another array controller within the system has failed;
  
  wherein the switch management means receives messages from other array controllers on a periodic basis and includes a resetable timer for determining when the time between receipt of each message has exceeded a specified duration.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
EMC Corporation (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Brinkman, Candace, Andrews, Anthony, Stallmo, David C.
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
Wright, Norman M.

Application Number

US08/372,874
Time in Patent Office

578 Days
Field of Search

371/10.1, 371/8.1, 371/7, 371/11.1, 395/575, 395/425, 395/182.07, 395/183.18, 395/183.16, 395/183.01, 395/182.02, 364/246.3, 364/264.6, 364/268
US Class Current

714/5.11
CPC Class Codes

G06F 11/0757   by exceeding a time limit, ...

G06F 11/1008   in individual solid state d...

G06F 11/2089   Redundant storage control f...

G11B 20/1833   by adding special lists or ...

Multiple controller sharing in a redundant storage array

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Multiple controller sharing in a redundant storage array

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links