AUTOMATIC FAILOVER CONFIGURATION WITH LIGHTWEIGHT OBSERVER

US 20120330899A1
Filed: 08/22/2012
Published: 12/27/2012
Est. Priority Date: 11/30/2005
Status: Active Grant

First Claim

Patent Images

1. An automatic failover configuration comprising:

a primary database system that processes transactions and produces redo data as a primary database system participant;

a standby database system that receives the redo data from the primary database system as a standby database participant, wherein the redo data is applied physically or logically against the standby database system;

an active observer that executes independently of the primary database system and the standby database system, wherein the active observer provides a quorum for a failover operation in which the standby database system participant becomes the primary database system participant;

the active observer exchanging first control messages with the primary database system and the standby database system;

the primary database system and the standby database system exchanging second control messages; and

wherein the automatic failover configuration prevents divergence.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques used in an automatic failover configuration having a primary database system, a standby database system, and an observer for preventing divergence among the primary and standby database systems while increasing the availability of the primary database system. In the automatic failover configuration, the primary database system remains available even in the absence of both the standby and the observer as long as the standby and the observer become absent sequentially. The failover configuration further permits automatic failover only when the observer is present and the standby and the primary are synchronized and inhibits state changes during failover. The database systems and the observer have copies of failover configuration state and the techniques include techniques for propagating the most recent version of the state among the databases and the observer and techniques for using carefully-ordered writes to ensure that state changes are propagated in a fashion which prevents divergence.

Citations

12 Claims

1. An automatic failover configuration comprising:
- a primary database system that processes transactions and produces redo data as a primary database system participant;
  
  a standby database system that receives the redo data from the primary database system as a standby database participant, wherein the redo data is applied physically or logically against the standby database system;
  
  an active observer that executes independently of the primary database system and the standby database system, wherein the active observer provides a quorum for a failover operation in which the standby database system participant becomes the primary database system participant;
  
  the active observer exchanging first control messages with the primary database system and the standby database system;
  
  the primary database system and the standby database system exchanging second control messages; and
  
  wherein the automatic failover configuration prevents divergence.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The automatic failover configuration of claim 1, wherein:
    - the first control messages are pings from the observer to the other participants; and
      
      the second control messages are pings from the primary database system to the standby database system and ping responses from the standby database system.
  - 3. The automatic failover configuration of claim 1, whereinthe first and second control messages propagate a current automatic failover configurations state among participants.
  - 4. The automatic failover configuration of claim 3, wherein:
    - the current automatic failover configurations state includes a value which changes when the active observer is to request further state information from the primary database system; and
      
      the active observer responds thereto by requesting the further state information from the primary database system.
  - 5. The automatic failover configuration of claim 4, wherein:
    - the further state information includes an identifier for the active observer; and
      
      the active observer terminates if it does not receive the identifier.
  - 6. The automatic failover configuration of claim 4, wherein:
    - the further state information includes an identifier for the active observer; and
      
      when the identifier returned to the active observer in response to a request for further state information is different from the active observer'"'"'s current identifier, the active observer terminates.
  - 7. The automatic failover configuration of claim 1, whereinan observer requests further state information upon startup;
    - the primary database system responds to the request for further state information by providing an identifier to the observer only if there are currently no active observers in the configuration; and
      
      the observer terminates if it does not receive the identifier.
  - 8. The automatic failover configuration of claim 1, wherein:
    - the active observer operates on a non-database system entity.
  - 9. The automatic failover configuration of claim 8, wherein:
    - the primary database system and the standby database system operate in database servers; and
      
      the active observer is a client of the database servers.
  - 10. The automatic failover configuration of claim 8, wherein:
    - the active observer employs the same interface to communicate with the primary database system and the standby database system as any other client of the database servers.
  - 11. The automatic failover configuration of claim 8, wherein:
    - the non-database system entity has a hardware and/or operating system platform that is different from the hardware and/or operating system platform used in the primary and standby database systems.

12. Data storage apparatus characterized in that:
- the data storage device contains code, which, when executed, implements an automatic failover configuration, comprising;
  
  a primary database system that processes transactions and produces redo data as a primary database system participant;
  
  a standby database system that receives the redo data from the primary database system as a standby database participant, wherein the redo data is applied physically or logically against the standby database system;
  
  an active observer that executes independently of the primary database system and the standby database system, wherein the active observer provides a quorum for a failover operation in which the standby database system participant becomes the primary database system participant;
  
  the active observer exchanging first control messages with the primary database system and the standby database system;
  
  the primary database system and the standby database system exchanging second control messages; and
  
  wherein the automatic failover configuration prevents divergence.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
CLABORN, George H., VIVIAN, Stephen John, LEE, Steve Taihung, LUO, Jiangbin, GUZMAN, Raymond, VOSS, Douglas Andrew, GARIN, Benedicto Elmo Jr.

Granted Patent

US 8,630,985 B2
Time in Patent Office

Days
Field of Search
US Class Current

707/683
CPC Class Codes

G06F 11/1482   by means of middleware or O...

G06F 11/2023   Failover techniques

G06F 11/2025   using centralised failover ...

G06F 11/2028   eliminating a faulty proces...

G06F 11/2041   with more than one idle spa...

G06F 11/2074   Asynchronous techniques

G06F 11/2076   Synchronous techniques

G06F 11/2082   Data synchronisation

G06F 11/2097   maintaining the standby con...

AUTOMATIC FAILOVER CONFIGURATION WITH LIGHTWEIGHT OBSERVER

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

AUTOMATIC FAILOVER CONFIGURATION WITH LIGHTWEIGHT OBSERVER

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links