JP2009086701A - Virtual computer system and virtual machine restoration method in same system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To restore a virtual machine to a state right before occurrence of a fault in a short period of time. <P>SOLUTION: In a virtual computer system, when a fault occurs in a physical computer 10-1 which a virtual machine 11-1 operates at a first time of day, a restoration mechanism 140-2 on a physical computer 10-2 restores a virtual machine 11-1 of a state of a second time of day into a virtual machine 11-2 on a physical computer 10-2 based on a snapshot 112 acquired by a disk device 100 at the second time of day nearest to the first time of day. The restoration mechanism 140-2 restores the virtual machine to the state right before the first time of day by supplying input data from the second time of day to the first time of day recorded by a communication recording device 40 as the data to be processed by the application to the virtual machine by a predetermined parallel degree in a log table associated with the virtual machine 11-1 and the application which operates on this virtual machine. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a virtual machine system including a virtual machine that operates on a physical machine, and more particularly to a virtual machine system that is suitable for restoring a virtual machine in the event of a failure of a physical machine that operates the virtual machine. The present invention relates to a virtual machine restoration method.

In recent years, for example, a virtual computer system including a virtual machine as described in Patent Document 1 has been developed. A virtual machine is known as a virtualized computer that operates on a physical computer (operating system thereof). The virtual machine includes a virtualized disk, memory, CPU (processor), and network interface (network interface card: NIC). By installing an operating system (OS) and applications (application programs) on this virtual machine, the OS and applications can be executed. Here, the application operates on the OS of the virtual machine. When any input (for example, sending of an instruction) is performed from the outside (client machine) to the application, the virtual machine executes processing according to the input content according to the application, and sends the execution result (including a response) to the outside (including the response). Output to the client machine).
JP 2006-202279 A

  As described above, in the virtual machine, the state of the virtual machine changes from the state before the processing to the state after the processing by the processing according to the application (processing of the application). That is, the state transition of the virtual machine is caused by an input to an application operating on the virtual machine. Therefore, for example, if the state of the virtual machine before processing is state # 1, and the state of the virtual machine after processing is state 2, the virtual machine in state # 1 is Such a method can be considered. This method is to set the virtual machine to the state # 1, and then perform the same input to the application running on the virtual machine as when the virtual machine transitioned from the state # 1 to the state # 2. is there. By applying this method, for example, even if a failure occurs in a physical computer, it is possible to restore the virtual machine that was running on the physical computer to the state immediately before the failure occurred.

  As a method for restoring a virtual machine running on a physical computer to a state immediately before the failure of the physical computer occurs, for example, periodically snapshots of the virtual machine (save the virtual machine operating state at a certain time) It is conceivable to acquire (collect) the information file) and acquire a log of input data and output data that trigger the state transition of the virtual machine. That is, when a failure occurs in the physical computer, the state of the virtual machine at the time ty is restored by the snapshot acquired at the time ty (ty <tx) closest to the time tx when the failure occurs, and then according to the log If the input to the application running on the virtual machine from the time ty to the time tx is reproduced, the virtual machine can be returned to the state immediately before the time tx when the failure of the physical computer occurs.

  However, if a large number of inputs to the virtual machine (the application running on it) occur within the time interval for acquiring the snapshot, the virtual machine is restored by reproducing the input to the virtual machine in chronological order according to the log It is expected that it will take a long time to do.

  The present invention has been made in consideration of the above circumstances, and its purpose is that, depending on the application, the same output and the same state transition are performed for the same input from any state regardless of the preceding processing. In view of the above, it is an object of the present invention to provide a virtual machine system that can quickly restore a virtual machine on which such a special application operates to a state immediately before a failure occurs, and a virtual machine restoration method in the system.

  According to one aspect of the present invention, a virtual computer system including a plurality of physical computers including a first physical computer and a second physical computer, each of which can operate a virtual machine, is provided. The virtual computer system is a disk device shared by the plurality of physical computers, and provides a data area that can be used as a virtual disk by a virtual machine operating on an arbitrary physical computer among the plurality of physical computers. In the log table associated with the disk device, the virtual machine and the application running on the virtual machine, the input data processed by the application, the result of the processing executed by the application according to the input data As a history of communication with a client machine that uses a service provided by the virtual machine executing the application, a set of output data and information indicating the input time of the input data is recorded in chronological order And a communication recording device. In addition, when the virtual machine operates on the first physical computer, the first physical computer periodically takes an operation state of the virtual machine and a state of the virtual disk used by the virtual machine as a snapshot. Snapshot management means for acquiring and storing in the disk device in association with the virtual machine, wherein the second physical computer is in a state where the virtual machine is operating in the first physical computer; When a failure occurs in the first physical computer at the first time, the snapshot acquired at the second time closest to the first time and stored in the disk device in association with the virtual machine Based on the first time, the first restoring means for restoring the virtual machine in the second time state on the second physical computer, and restored to the second time state When the application running on the virtual machine is a specific type of application in which the same output and the same state transition are performed for the same input from any state regardless of the preceding process, the second time In this state, input data from the second time to the first time recorded in the log table associated with the virtual machine and the application is preliminarily set as data to be processed by the application. A restoration process of a specific restoration type that restores the virtual machine to a state immediately before the first time by being input to the virtual machine restored to the state of the second time with a predetermined degree of parallelism 2 restoration means.

  According to the present invention, an application running on a virtual machine to be restored has a specific type in which the same output and the same state transition are performed for the same input from any state regardless of the preceding process. In the case of an application (special application), the input data recorded in the time series in the log table associated with the virtual machine and the application is irrelevant as the data to be processed by the application. Since the virtual machine is input to the virtual machine restored using the snapshot at a predetermined parallelism, the virtual machine can be restored to the state immediately before the occurrence of the failure in a short time with respect to the application.

Embodiments of the present invention will be described below with reference to the drawings.
FIG. 1 is a block diagram showing a configuration of a virtual machine system according to an embodiment of the present invention. The virtual computer system of FIG. 1 includes a plurality of physical computers (physical server computers), for example, two physical computers 10-1 and 10-2. The physical computers 10-1 and 10-2 are interconnected by a communication path 20. The communication path 20 is realized by a network, for example.

  The physical computers 10-1 and 10-2 include well-known hardware resources (not shown) such as a CPU, an I / O device, and a memory. The physical computers 10-1 and 10-2 are connected to a disk device 100 shared by the computers 10-1 and 10-2. That is, the disk device 100 is a hardware resource shared by the physical computers 10-1 and 10-2.

  The hardware resources of the physical computers 10-1 and 10-2 are virtualized to provide an environment (virtual machine execution environment) in which a virtual machine (VM) operates. FIG. 1 shows a state in which the virtual machine 11-1 is operating in the virtual machine execution environment of the physical computer 10-1. This virtual machine execution environment includes a virtual disk 110 which is a virtualized disk area (the virtual machine 11-1 can be used) assigned to the virtual machine 11-1 in the disk device 100. The contents of the virtual disk 110 are recognized as one file by virtual machine managers (VMM) 13-1 and 13-2, which will be described later.

  On the virtual machine 11-1 (its OS), for example, applications (AP) 12-1 and 12-2 operate. Assume that port numbers P1 and P2 are assigned to the applications 12-1 and 12-2, respectively. The client machine 30 can access the applications 12-1 and 12-2 via the ports having the port numbers P1 and P2.

  When a failure occurs in the physical computer 10-1 on which the virtual machine 11-1 operates, the physical computer 10-1 is transferred to, for example, the physical computer 10-2 to take over the service provided by the virtual machine 11-1. 2, a virtual machine 11-2 corresponding to the virtual machine 11-1 is generated (regenerated). In FIG. 1, the virtual machine 11-2 is indicated by a broken-line block. This indicates that in the state of FIG. 1, the virtual machine 11-2 has not yet been generated on the physical computer 10-2. When the virtual machine 11-2 operates, the applications (AP) 12-1 and 12-2 can operate on the virtual machine 11-2 (the OS) as in the virtual machine 11-1. . For example, a configuration may be employed in which a plurality of virtual machines including the virtual machine 11-1 operate on the physical computer 10-1.

  On the physical computers 10-1 and 10-2, virtual machine managers (VMM) 13-1 and 13-2, which are hypervisors, respectively operate. The VMMs 13-1 and 13-2 are also referred to as virtual machine monitors (VMMs), and virtual machines are managed by managing the use of the hardware resources of the physical computers 10-1 and 10-2, respectively. Manage machines. For example, the VMMs 13-1 and 13-2 provide a virtual machine execution environment in which a virtual machine operates by virtualizing hardware resources of the physical computers 10-1 and 10-2. In other words, the VMMs 13-1 and 13-2 construct virtual machines having virtualized hardware resources.

  Cluster managers 14-1 and 14-2 also operate on the physical computers 10-1 and 10-2, respectively. The cluster managers 14-1 and 14-2 control a cluster system composed of virtual machines 11-1 and 11-2 operating on the physical computers 10-1 and 10-2, respectively. The cluster managers 14-1 and 14-2 communicate with each other (heartbeat communication), thereby causing failures in the virtual machines 11-2 and 11-1 operating on the physical computers 10-2 and 10-1, respectively. It has a well-known fault detection function for detecting The virtual machines 11-1 and 11-2 are recognized as the same virtual machine from the client machine 30 described later. That is, the virtual machines 11-1 and 11-2 are recognized by the client machine 30 as virtual machines to which a single IP (Internet Protocol) address is assigned. Assume that this single IP address is IPA.

  The cluster managers 14-1 and 14-2 include restoration mechanisms 140-1 and 140-2, respectively. When the restoration mechanism 140-i (i = 1, 2) detects a failure of the virtual machine 11-j (j = 1, 2, j ≠ i), the state of the virtual machine 11-j immediately before the failure occurs Is restored to the virtual machine 11-i, that is, the virtual machine 11-i is used to restore the virtual machine 11-j in the state immediately before the failure on the physical computer 10-i.

  Snapshot managers 15-1 and 15-2 also operate on the physical computers 10-1 and 10-2, respectively. When the virtual machines operate on the physical computers 10-1 and 10-2, respectively, the snapshot managers 15-1 and 15-2 periodically operate the virtual machine and the virtual machine used by the virtual machine. The contents of the disk are acquired as a snapshot and stored in the disk device 100. The operation state of the virtual machine includes a CPU state (program counter and register states) and a memory state assigned to the virtual machine.

  The physical computers 10-1 and 10-2 are connected to the client machine 30 via the communication path 20. When the virtual machine operates on the physical computer 10-1 or 10-2, the client machine 30 communicates with the virtual machine via the communication path 20 in order to use a service provided by the virtual machine. . In the example of FIG. 1, the client machine 20 communicates with the virtual machine 11-1 operating on the physical computer 10-1.

  A communication recording device 40 is disposed on the communication path 20. The communication recording device 40 records a history of communication (input / output) performed via the communication path 20 between the client machine 30 and the virtual machine (the upper application) operating on the physical computer 10-1 or 10-2. The time information (time information indicating the input time) is recorded in time series order for each virtual machine (the upper application). Here, communication from the client machine 30 to the virtual machine (upper application) is referred to as “input”, and communication from the opposite virtual machine to the client machine 30 is referred to as “output”.

  In the present embodiment, the communication recording device 40 is provided in a switch for connecting the client machine 30 to a virtual machine operating on the physical computer 10-1 or 10-2. However, the communication recording device 40 may be provided in a router or a proxy server (a proxy server proxying access from the client machine 30 to a virtual machine operating on the physical computer 10-1 or 10-2).

  In the disk device 100, a snapshot area 111 is secured. The snapshot area 111 is used to periodically store, for example, the operation state of the virtual machine 11-1 and the contents of the virtual disk 110 as a snapshot 112. In the snapshot area 111, snapshot management information 113 for managing a column of the snapshot 112 stored in the area 111 is also stored.

  The disk device 100 also stores a restoration management table 114. The restoration management table 114 indicates a restoration type indicating a restoration method when restoring a virtual machine, for each application operating on the virtual machine, an IP address assigned to the virtual machine, and a port number assigned to the application. And stored in advance.

  There are two types of restoration applied in the present embodiment: restoration type RT1 and restoration type RT2. The restoration types RT1 and RT2 indicate restoration methods suitable for restoring virtual machines in which the first and second types of applications operate, respectively.

  The first type of application is a specific application in which the same output and the same state transition are performed for the same input from any state regardless of the preceding process when operating on the virtual machine. Point to. The first type of application is an application dedicated to database reference, for example. In the present embodiment, the application 12-1 is a first type application. The restoration type RT1 preliminarily stores an input data string included in the history in an application operating on the virtual machine to be restored regardless of the input order indicated by the communication history recorded by the communication recording device 40. It refers to a restoration method that is input with a predetermined degree of parallelism.

  The second type of application is an application in which a different state transition may be performed from a different output depending on a difference in the preceding state even when the input is the same (that is, a preceding process) when operating on a virtual machine. Application that depends on). In the present embodiment, the application 12-2 is a second type application. The restoration type RT2 operates on the virtual machine to be restored, in accordance with the input order and the input timing indicated by the communication history recorded by the communication recording device 40, in accordance with the input data string included in the history. Refers to the restoration method that is submitted to the application.

  FIG. 2 is a block diagram showing the configuration of the communication recording device 40. The communication recording device 40 includes a log acquisition unit 41, log tables 42-1 and 42-2, a log storage unit 43, a log transmission unit 44, and a filter unit 45.

  The log acquisition unit 41 acquires a history (log) of communication performed via the communication path 20 between the client machine 2 and the applications 12-1 and 12-2 operating on the virtual machine 11-1. The log tables 42-1 and 42-2 hold a history of communication between the client machine 2 and the applications 12-1 and 12-2 operating on the virtual machine 11-1 acquired by the log acquisition unit 41. Used to do. The log storage unit 43 stores (records) the communication history acquired by the log acquisition unit 41 in the corresponding table of the log tables 42-1 and 42-2 in chronological order.

  The log transmission unit 44 transmits the communication history stored in the log tables 42-1 and 42-2 to the restoration mechanism 140-i according to the request from the restoration mechanism 140-i (i = 1, 2). . The filter unit 45 filters communication data addressed to the application on the virtual machine that is the target of the restoration process sent from the client machine 30 during the restoration process by the restoration mechanism 140-i.

  FIG. 3 shows an example of the log table 42-1. As shown in FIG. 3, the log table 42-1 stores a pair of input data and output data corresponding to the input data together with time information at the time of input in chronological order.

  FIG. 4 is a block diagram showing a configuration of the restoration mechanism 140-2. The restoration mechanism 140-2 includes a first restoration unit 141 and a second restoration unit 142. Note that the restoration mechanism 140-1 has the same configuration as the restoration mechanism 140-2.

  When a failure occurs in the physical computer (physical computer 10-1), the first restoration unit 141 performs the above operation on the physical computer acquired at the time closest to the failure occurrence time (latest snapshot acquisition time). Based on the snapshot relating to the virtual machine (virtual machine 11-1), the state of the virtual machine at the latest snapshot acquisition time is changed to a physical computer (physical computer 10-) provided with the first restoration unit 141. 2) Restore on top. The second restoration unit 142 includes log tables (applications 12-1 and 12-2) associated with virtual machines restored to the latest snapshot acquisition time and applications (applications 12-1 and 12-2) operating on the virtual machines. Input the input data recorded between the latest snapshot acquisition time and the failure occurrence time in the log tables 42-1 and 42-2) into the virtual machine as data to be processed by the application. Thus, the virtual machine is restored to the state immediately before the failure occurrence time.

  The second restoration unit 142 includes a log request unit 143, a log storage unit 144, a re-input unit 145, a processing result acquisition unit 146, and a restoration determination unit 147. When the virtual machine is restored, the log request unit 143 requests the communication recording device 40 for a history (log) of communication between the application running on the virtual machine and the client machine. The log storage unit 144 stores a communication history transmitted from the communication recording device 40 in response to a request from the log request unit 143. The re-input unit 145 restores the input data sequence included in the communication history stored in the log storage unit 144 by the input procedure (restoration method) specific to the restoration type indicated by the restoration management table 114. To the application running on the virtual machine. The re-input unit 145 includes a restoration type determination unit 145a. The restoration type determination unit 145a determines a restoration type that represents a loading procedure (restoration method) to be applied when a string of input data is loaded into an application.

  The processing result acquisition unit 146 acquires output data as a processing result (processing result) output from the input destination in response to input of input data by the re-input unit 145. The restoration determination unit 147 compares the processing result (output data) acquired by the processing result acquisition unit 146 with the input data corresponding to the processing result and the output data paired in the communication history. Determine if the virtual machine to be restored is restored correctly.

  FIG. 5 shows an example of the restoration management table 114. In the example of FIG. 5, in the restoration management table 114, IP addresses, port numbers, and restoration types are registered for the two applications 12-1 and 12-2 operating on the virtual machine 11-1 or 11-2. Yes. That is, for the application 12-1, IPA, P1, and RT1 are registered as the IP address, port number, and restoration type, respectively, and for the application 12-2, the IPA, port number, and restoration type are assigned as IPA, respectively. , P2 and RT2 are registered.

Next, operations in the virtual machine system of FIG. 1 will be described.
Now, in order for the client machine 20 to use the service provided by the virtual machine 11-1 running on the physical computer 10-1, the application 12- running on the virtual machine 11-1 via the communication path 20 is used. It is assumed that communication is performed between 1 and 12-2. In this case, the log acquisition unit 41 in the communication recording device 40 has a history of all communications that occurred in the communication sequence between the client machine 20 and the applications 12-1 and 12-2 running on the virtual machine 11-1. To get. The log storage unit 43 in the communication recording device 40 stores the communication history acquired by the log acquisition unit 41 in the log tables 42-1 and 42-2 for each of the applications 12-1 and 12-2.

  In the physical computer 10-1 on which the virtual machine 11-1 operates, the snapshot manager 15-1 displays the operation status of the virtual machine 11-1 and the contents of the virtual disk 110 used by the virtual machine 11-1 on the disk. It is periodically acquired (stored) as a snapshot 112 in the snapshot area 111 for the virtual machine 11-1 secured in the apparatus 100 (for example, every time Δt). Each time the snapshot manager 15-1 acquires the snapshot 112, the snapshot manager 15-1 updates the snapshot management information 113 for generation management of the acquired snapshot 112.

  In this manner, for example, it is assumed that “snap1” is acquired as the snapshot 112 at time t1, and “snap2” is acquired as the snapshot 112 at time t2 (t2 = t1 + Δt) after Δt from time t1. Further, it is assumed that a failure (for example, hardware failure) of the physical computer 10-1 occurs at a certain time t from the time t2 until the next time t3 (t3 = t2 + Δt) at which the snapshot 112 should be acquired. FIG. 6 shows that snapshots 112 “snap1” and 112 “snap2” are acquired in the snapshot area 111 at times t1 and t2, respectively. The snapshots 112 “snap1” and 112 “snap2” can be said to be state information indicating the normal state of the virtual machine 11-1 at times t1 and t2, respectively. The snapshots 112 “snap1” and 112 “snap2” at the times t 1 and t 2 are generation-managed by the snapshot management information 113.

  Further, the input data IN1, IN2, IN3, IN4, IN5, and IN6 are transferred from the client machine 30 to the virtual machine 11 at times t11, t12, t13, t14, t15, and t16 in the period from the time t1 to the time t2, respectively. -1 is given to the application 12-1 operating on the port number P1 as a result of processing in the application 12-1 for these input data IN11, IN12, IN13, IN14, IN15 and IN16. Assume that the output data OUT11, OUT12, OUT13, OUT14, OUT15, and OUT16 are returned from the application 12-1 to the client machine 30. Then, the input data IN21, IN22, IN23, and IN24 are run on the virtual machine 11-1 from the client machine 30 at times t21, t22, t23, and t24 in the period from the time t2 to the time t, respectively. -1 and output data OUT21, OUT22, OUT23 and OUT24 are returned from the application 12-1 to the client machine 30 in response to the input data IN21, IN22, IN23 and IN24.

  A pair of the input data input to the application 12-1 and the output data corresponding to the input data within the period from the time t1 to the time t (failure occurrence time t) is time-series in the log table 42-1. Saved in order. FIG. 3 shows the state of the log table 42-1 at time t.

  FIG. 7 shows the procedure of the above process performed on the physical computer 10-1 during the period from time t1 to time t. In FIG. 7, processing in the application 12-2 running on the virtual machine 11-1 is omitted.

  When a failure occurs in the physical computer (first physical computer) 10-1 at time t as described above, a process for restoring the virtual machine 11-1 operating on the physical computer 10-1. The (virtual machine restoration process) is performed on, for example, the physical computer (second physical computer) 10-2. Hereinafter, the virtual machine restoration process will be described with reference to the flowchart of FIG.

  First, the occurrence of a failure in the physical computer 10-1 at time t is detected by the cluster manager 14-2 operating on the physical computer 10-2. Then, the restoration mechanism 140-2 in the cluster manager 14-2 is activated. For the VMM 13-2, the restoration mechanism 140-2 creates a virtual machine 11-1 operating on the physical computer 10-1 in which the failure has occurred as a virtual machine 11-2 on the OS of the physical computer 10-2. Request to (build). In response to this request, the VMM 13-2 creates a virtual machine 11-2 on the OS of the physical computer 10-2 (step S1).

  The first restoration unit 141 in the restoration mechanism 140-2 displays the state of the virtual machine 11-2 generated by the VMM 13-2 at the time t in the column of the snapshots 112 stored in the snapshot area 111. Using the snapshot 112 acquired at the snapshot acquisition time closest to (that is, the failure occurrence time t) (that is, the latest snapshot acquisition time), the same as the virtual machine 11-1 at the latest snapshot acquisition time The state is restored (step S2). As is apparent from FIG. 6, the snapshot acquisition time (second time) closest to time t (first time) is t2, and the snapshot 112 acquired at time t2 is “snap2”. Therefore, in this embodiment, the restoration mechanism 140-2 restores the virtual machine in the same state as the virtual machine 11-1 at the time t2 as the virtual machine 11-2 using the snapshot 112 “snap2”. That is, the restoration mechanism 140-2 restores the state of the virtual machine 11-1 at the time t2 on the virtual machine 11-2 using the snapshot 112 “snap2”. Note that step S2 may be performed by the VMM 13-2. That is, the VMM 13-2 may be provided with a restoration function for restoring a virtual machine based on the snapshot.

  When a virtual machine in the same state as the virtual machine 11-1 at time t2 is restored on the physical computer 10-2 as the virtual machine 11-2, the virtual machine at time t2 is displayed on the OS of the virtual machine 11-2. In the same state as the machine 11-1, the same applications 12-1 and 12-2 that the virtual machine 11-1 was executing can be executed.

  Therefore, the log request unit 143 in the restoration mechanism 140-2 sends the communication recording device 40 with the applications 12-1 and 12- running on the client machine (in this embodiment, the client machine 30) and the virtual machine 11-1. A history (log) of communication with 2 is requested (step S3). In response to this request, the log transmission unit 44 in the communication recording device 40 transmits the communication history stored in the log tables 42-1 and 42-2 to the restoration mechanism 140-2. Here, the communication histories stored in the log tables 42-1 and 42-2, that is, the communication histories between the client machine (client machine 30) and the applications 12-1 and 12-2 are respectively shown in the application 12. This is called a communication history corresponding to -1 and 12-2.

  When the log transmission unit 44 transmits the communication history stored in the log tables 42-1 and 42-2 to the restoration mechanism 140-2, the log transmission unit 44 addresses the applications 12-1 and 12-2 to the filter unit 45. Request filtering of communication data. Thereby, the filter unit 45 filters (blocks) all communication data addressed to the applications 12-1 and 12-2 until the cancellation of filtering is requested from the restoration mechanism 140-2.

  The log request unit 143 stores the communication history transmitted from the log transmission unit 44 in the log storage unit 144 (step S4). The re-input unit 145 in the restoration mechanism 140-2 includes the communication history stored in the log storage unit 144, that is, the communication history corresponding to the applications 12-1 and 12-2, from time t2. Only the column of input data up to t (failure occurrence time t) is input to the applications 12-1 and 12-2 running on the virtual machine 11-2 through the ports indicated by the port numbers P1 and P2. Here, the procedure for inputting the input data to the applications 12-1 and 12-2 is indicated by the restoration type corresponding to the applications 12-1 and 12-2 registered in the restoration management table 114. However, in the following description, only input of input data included in the communication history corresponding to the application 12-1 will be described for simplification.

  In this embodiment, the IP address of the virtual machine 11-2 is the same IPA as the IP address of the virtual machine 11-1, and the port number assigned to the application 12-1 is P1. In this case, the restoration type determination unit 145a in the re-injection unit 145 reads the restoration management table 114 stored in the disk device 100 prior to input (re-injection) of input data included in the communication history. Referring to this, it is checked whether the restoration type associated with the pair of IP address IPA and port number P1 is RT1 (step S5).

  As apparent from FIG. 5, the restoration type associated with the pair of the IP address IPA and the port number P1 on the restoration management table 114 is RT1. In this case, the re-input unit 145 converts the input data string from time t2 to time t included in the communication history corresponding to the application 12-1 to the virtual machine 11-2 with a predetermined parallelism. The application 12-1 operating above is entered through the port of port number P1. In this embodiment, it is assumed that the degree of parallelism is 4. In this case, four input data are simultaneously input to the application 12-1. These four input data are represented by IN # a, IN # b, IN # c, and IN # d.

  As is apparent from FIG. 3, the input data columns from time t2 to time t included in the communication history corresponding to the application 12-1 are IN21, IN22, IN23, and IN24. Therefore, in the present embodiment in which the degree of parallelism is 4, the re-input unit 145 uses the input data IN21, IN22, IN23, and IN24 as the input data IN # a, IN # b, IN # c, and IN # d as a virtual machine. In parallel with the application 12-1 running on 11-2 (steps S6a, S6b, S6c, S6d).

  The virtual machine 11-2 executes the processing of the input data IN21, IN22, IN23 and IN24 input in parallel according to the application 12-1. That is, on the virtual machine 11-2, processing based on the input data IN21, IN22, IN23, and IN24 input in parallel is performed by the application 12-1.

  As described above, when the application 12-1 operates on the virtual machine, the same output and the same state transition are performed with respect to the same input from any state regardless of the preceding process. Type of application. Therefore, even if the input data IN21, IN22, IN23, and IN24 are not input in the same order as input by the client machine 30 between time t2 and time t, the input data IN21, IN22, IN23, and As a result of execution of the application 12-1 by the processing in the application 12-1 for IN24 (processing according to the application 12-1 by the virtual machine 11-2), the virtual machine 11-2 performs virtual processing immediately before the time t (immediately before the failure occurs). It is expected to be restored to the state of the machine 11-1.

  The source IP addresses of the input data IN21, IN22, IN23 and IN24 match the IP address assigned to the client machine 30. Therefore, the IP address assigned to the client machine 30 is used as the transmission destination IP address of the processing result (response) in the application 12-1 for the input data IN21, IN22, IN23, and IN24. Therefore, the processing result acquisition unit 146 in the restoration mechanism 140-2 sends the processing result (response) in the application 12-1 to the input data IN21, IN22, IN23, and IN24 output from the virtual machine 11-2 on the client machine. It is acquired instead of 30, that is, intercepted (steps S7a, S7b, S7c, S7d), and the processing result is prevented from being transmitted to the client machine 30.

  The restoration determination unit 147 in the restoration mechanism 140-2 uses the processing results (processing results) O21, O22, O23, and O24 for the input data IN21, IN22, IN23, and IN24 acquired by the processing result acquisition unit 146 as applications. Compared with the output data OUT21, OUT22, OUT23 and OUT24 paired with the input data IN21, IN22, IN23 and IN24 in the communication history corresponding to 12-1 (steps S8a, S8b, S8c and S8d), It is determined whether or not the restoration process is normally performed depending on whether or not it is done (steps S9a, S9b, S9c, and S9d).

  If O21, O22, O23, and O24 are equal to OUT21, OUT22, OUT23, and OUT24, respectively, the restoration determination unit 147 determines that the restoration process by the input of IN21, IN22, IN23, and IN24 is successful. In the application 12-1, since it does not depend on the preceding process, even if input is performed in parallel processing, the result is the same as when input is performed in the same order as the communication history. For this reason, when the restoration process by the input of IN21, IN22, IN23 and IN24 is successful, it can be said that the whole restoration process is also successful. On the other hand, if a mismatch (restoration failure) is determined in any one of steps S9a, S9b, S9c, and S9d, the virtual machine restoration process described above is retried, although omitted in FIG.

  When the restoration determination unit 147 determines that the restoration process is successful, the re-input unit 145 determines whether the input data to be input next is left in the communication history corresponding to the application 12-1 (step S1). S10). If input data to be input next is left, the re-input unit 145 inputs this input data with a parallel degree of 4. However, when the number of remaining input data is less than 4, the re-input unit 145 inputs all the remaining input data.

  On the other hand, if there is no input data to be input next, the restoration mechanism 140-2 ends the virtual machine restoration process (virtual machine restoration process related to the application 12-1). At this time, regarding the operation of the application 12-1, the virtual machine 11-2 is restored to the state of the virtual machine 11-1 immediately before the failure occurrence time t. Therefore, the virtual machine 11-2 can continue the service to the client machine 30 by the application 12-1 in the same state as the virtual machine 11-1 immediately before the failure occurrence time t. In this case, the restoration mechanism 140-2 requests the filtering unit 45 in the communication recording device 40 to cancel filtering of communication data addressed to the application 12-1 on the virtual machine 11-2.

  As described above, according to the present embodiment, by inputting the input data strings included in the communication history corresponding to the application 12-1 in parallel, the virtual machine 11-2 Can be restored to the state of the virtual machine 11-1 immediately before the failure occurs at high speed. The parallelism applied in the restoration type RT1 virtual machine restoration process may be set in advance in the restoration management table 114 in association with the restoration type RT1.

  Although omitted in the above description, the restoration type RT2 virtual machine restoration process using the communication history stored in the log table 42-2 (that is, the communication history corresponding to the application 12-2) is as follows. It is executed in parallel with the restoration type RT1 virtual machine restoration process using the communication history stored in the log table 42-1 (that is, the communication history corresponding to the application 12-1). However, in the virtual machine restoration process of the restoration type RT2, input data included in the communication history corresponding to the application 12-2 is input in chronological order, and the history and relative time are input at the same timing.

  That is, the application 12-2 is a second type application that depends on the preceding process. For this reason, in the virtual machine restoration processing related to the application 12-2, the input sequence included in the history is converted into the virtual machine while keeping the input order and the input timing indicated by the communication history corresponding to the application 12-2. A restoration method of restoration type RT2 that is sequentially input to the application 12-2 running on 11-2 is applied.

  By the way, when an input is made to the application 12-2, a long waiting time may occur until the next input is performed after the input is performed once and the processing for the input is completed. For this reason, if the virtual machine restoration processing related to the application 12-2 is performed in accordance with the input order and the input timing indicated by the communication history corresponding to the application 12-2 as in the above embodiment, a certain input When there is a large waiting time between an output and the next input / output, the virtual machine restoration process with the restoration type RT2 becomes slower.

  Therefore, in the virtual machine restoration process related to the second type application, the input order indicated by the communication history corresponding to the application is maintained, but the input timing may be shorter than the input timing indicated by the history. Specifically, when the waiting time exceeds a predetermined time, the next input data may be input after the predetermined time. Further, all the input data columns may be input with a minimum waiting time that is not related to the waiting time of the history and does not affect the state transition. Such a waiting time can be set in advance for each second type of application. By applying this restoration method, it is possible to speed up the virtual machine restoration process for the second type application.

  In the above embodiment, all the communication histories stored in the log tables 42-1 and 42-2 are transmitted in the log transmission in the communication recording device 40 in response to a request from the log request unit 143 in the restoration mechanism 140-2. This is transmitted by the unit 44 to the restoration mechanism 140-2. However, the request from the log request unit 143 includes the time information indicating the start time and end time of the required history, and only the history of the period indicated by the start time and end time is restored from the log transmission unit 44. It is good also as a structure which transmits to 140-2.

  In the above embodiment, the client machine 30 is the only client machine that uses the applications 12-1 and 12-2 running on the virtual machine 11-1 or 11-2. However, a plurality of client machines including the client machine 30 may use the applications 12-1 and 12-2 that operate on the virtual machine 11-1 or 11-2.

  In the above embodiment, when a failure occurs in the physical computer 10-1, the state of the virtual machine 11-1 immediately before the failure is restored as the virtual machine 11-2 on the physical computer 10-2. . However, when the failure of the physical computer 10-1 is recovered, the state of the virtual machine 11-1 immediately before the occurrence of the failure may be restored on the physical computer 10-1.

  In addition, this invention is not limited to the said embodiment or its modification example as it is, A component can be deform | transformed and embodied in the range which does not deviate from the summary in an implementation stage. In addition, various inventions can be formed by appropriately combining a plurality of constituent elements disclosed in the embodiment or its modification. For example, you may delete a some component from all the components shown by embodiment or its modification.

1 is a block diagram showing a configuration of a virtual machine system according to an embodiment of the present invention. The block diagram which shows the structure of the communication recording apparatus shown by FIG. The figure which shows an example of the log table shown by FIG. The block diagram which shows the structure of the decompression | restoration mechanism shown by FIG. The figure which shows an example of the restoration | restore management table shown by FIG. The figure for demonstrating regular snapshot acquisition. The flowchart which shows an example of the process performed on the physical computer in the period from a certain time to the time of physical computer failure occurrence. 9 is a flowchart showing a procedure of virtual machine restoration processing in the embodiment.

Explanation of symbols

  10-1, 10-2 ... physical computer, 11-1, 11-2 ... virtual machine, 12-1, 12-2 ... application (AP), 13-1, 13-2 ... virtual machine manager (VMM), 14-1, 14-2 ... cluster manager, 15-1, 15-2 ... snapshot manager, 20 ... communication path, 30 ... client machine, 40 ... communication recording device, 41 ... log acquisition unit, 42-1, 42 -2 ... log table, 43 ... log storage unit, 44 ... log transmission unit, 45 ... filter unit, 100 ... disk device, 110 ... virtual disk, 111 ... snapshot area, 112 ... snapshot, 114 ... restoration management table, 140-1, 140-2 ... Restoration mechanism, 141 ... First restoration unit, 142 ... Second restoration unit, 143 ... Log request unit, 144 ... Log storage unit, 145 ... Re-injection unit, 145a ... Restoration type determination Part, 1 6 ... processing result acquisition unit, 147 ... restoring determination unit.

Claims (5)

In a virtual computer system including a plurality of physical computers including first and second physical computers, each of which can operate a virtual machine,
A disk device shared by the plurality of physical computers, the disk device providing a data area that can be used as a virtual disk by a virtual machine operating on an arbitrary physical computer of the plurality of physical computers;
In a log table associated with the virtual machine and an application running on the virtual machine, input data processed by the application, and output data as a result of processing executed by the application according to the input data And a communication recording apparatus that records a set of information indicating the input time of the input data as a history of communication with a client machine that uses a service provided by the virtual machine executing the application in time series order And
When the virtual machine operates on the first physical computer, the first physical computer periodically acquires the operation state of the virtual machine and the state of the virtual disk used by the virtual machine as a snapshot. Snapshot management means for storing in the disk device in association with the virtual machine
The second physical computer is
When a failure occurs at a first time in the first physical computer while the virtual machine is operating on the first physical computer, the information is acquired at a second time closest to the first time. And a first restoring means for restoring the virtual machine at the second time on the second physical computer based on the snapshot stored in the disk device in association with the virtual machine. ,
A specific type in which an application running on a virtual machine restored to the state at the second time undergoes the same output and the same state transition for the same input from any state regardless of the preceding process Input from the second time to the first time recorded in the log table associated with the virtual machine restored to the state at the second time and the application. By inputting the data as data to be processed by the application into the virtual machine restored to the state at the second time with a predetermined degree of parallelism, the virtual machine is immediately before the first time. And a second restoration means for performing a restoration process of a specific restoration type for restoring to the state of the virtual machine system. It is a restoration management table stored in the disk device, and for each combination of a port number of a port assigned to a virtual machine and an application operating on the virtual machine, whether or not the application is the specific type of application Further comprising a restoration management table in which restoration type information indicating the restoration method to be determined is registered;
The second restoration means registers in the restoration management table in association with a combination of a port number assigned to a virtual machine restored to the state at the second time and an application operating on the virtual machine. The virtual machine system according to claim 1, wherein when the restored type information indicates the specific restoration type, the restoration process of the specific restoration type is performed. The second restoration means registers in the restoration management table in association with a combination of a port number assigned to a virtual machine restored to the state at the second time and an application operating on the virtual machine. In a case where the information on the restored type does not indicate the specific restoration type, the first time from the second time recorded in the log table associated with the virtual machine and the application As input data to be processed by the application, a pair of input data that exceeds a predetermined input time interval in a time series order and at least a predetermined input time interval is stored in the virtual machine at the predetermined input time interval. To restore the virtual machine to the state immediately before the first time. The virtual computer system according to claim 2.   The response from the virtual machine as a result of the processing according to the application of the virtual machine to the input data is compared with the output data recorded in the log table in a pair with the input data The virtual computer system according to claim 2, further comprising: a restoration determination unit that determines whether the state of the virtual machine has been correctly restored. When a plurality of physical computers including the first and second physical computers that can operate the virtual machines and the virtual machines operate on the physical computers, the operation state of the virtual machines and the use of the virtual machines A plurality of physical computers including snapshot management means for periodically acquiring the state of the virtual disk as a snapshot and storing it in the disk device in association with the virtual machine; A set of information indicating input data processed by the application, output data as a result of processing executed by the application according to the input data, and an input time of the input data Provided by the virtual machine executing the application. A virtual machine restore method applied to a virtual computer system composed of a communication recording apparatus for recording the time series order as a communication history between a client machine that utilizes that service,
In the state where the virtual machine is operating on the first physical computer, if a failure occurs at the first time in the first physical computer, the second physical computer is at the first time. Based on the snapshot acquired at the closest second time and stored in the disk device in association with the virtual machine, the virtual machine at the second time is placed on the second physical computer. Steps to restore,
A specific type in which an application running on a virtual machine restored to the state at the second time undergoes the same output and the same state transition for the same input from any state regardless of the preceding process The second physical computer from the second time recorded in the log table associated with the virtual machine restored to the state of the second time and the application. By inputting the input data up to the first time as data to be processed by the application into the virtual machine restored to the state at the second time with a predetermined parallelism, the virtual machine Performing a restoration process of a specific restoration type that restores the state to the state immediately before the first time. Method.

Images