WO2010015574A1 - Maintaining data integrity in data servers across data centers - Google Patents

Maintaining data integrity in data servers across data centers Download PDF

Info

Publication number
WO2010015574A1
WO2010015574A1 PCT/EP2009/059931 EP2009059931W WO2010015574A1 WO 2010015574 A1 WO2010015574 A1 WO 2010015574A1 EP 2009059931 W EP2009059931 W EP 2009059931W WO 2010015574 A1 WO2010015574 A1 WO 2010015574A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
servers
server
instructions
catalog
Prior art date
Application number
PCT/EP2009/059931
Other languages
French (fr)
Inventor
Jinmei Shen
Hao Wang
Original Assignee
International Business Machines Corporation
Ibm United Kingdom Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corporation, Ibm United Kingdom Limited filed Critical International Business Machines Corporation
Priority to EP09781339A priority Critical patent/EP2281240B1/en
Priority to KR1020117002453A priority patent/KR101547719B1/en
Priority to JP2011521543A priority patent/JP5102901B2/en
Priority to CN200980129274.8A priority patent/CN102105867B/en
Priority to AT09781339T priority patent/ATE518189T1/en
Publication of WO2010015574A1 publication Critical patent/WO2010015574A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/16Error detection or correction of the data by redundancy in hardware
    • G06F11/20Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/16Error detection or correction of the data by redundancy in hardware
    • G06F11/20Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements
    • G06F11/2097Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements maintaining the standby controller/processing unit updated
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/16Error detection or correction of the data by redundancy in hardware
    • G06F11/20Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements
    • G06F11/202Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements where processing functionality is redundant
    • G06F11/2023Failover techniques
    • G06F11/2028Failover techniques eliminating a faulty processor or activating a spare
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/16Error detection or correction of the data by redundancy in hardware
    • G06F11/20Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements
    • G06F11/202Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements where processing functionality is redundant
    • G06F11/2035Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements where processing functionality is redundant without idle spare hardware

Definitions

  • the present invention relates to data management in data centers. More specifically, it relates to maintaining the data integrity of multiple copies of data in the data servers of multiple data centers.
  • a data center is a facility used to house computer systems and their associated components, such as telecommunications and storage systems. Almost all major enterprises have more than one data center, in which a huge amount of data is stored in the storage systems. Data centers provide the data, applications, web-hosting, and e-business functions that are essential for the continued operations of these enterprises.
  • the data centers generally have redundant or backup power supplies, redundant data communications connections, environmental controls (e.g., air conditioning, fire suppression), and special security devices. They are dispersed in different geographical locations both for better disaster recovery and for the efficiency of geographical operations.
  • a method for maintaining data integrity of a plurality of copies of a piece of data comprising: selecting a primary data server from the plurality of data servers to store the piece of data, and duplicating the piece of data to other data servers in the plurality of data servers; maintaining a cluster of catalog servers, wherein one of the catalog servers is selected as the master catalog server; recording a data state information of the piece of data to the master catalog server, and duplicating the data state information to other catalog servers in the cluster of catalog servers; and responsive to a failure of the primary data server, selecting a new primary server from the plurality of data servers, and updating the cluster of catalog servers.
  • a method, computer program product and system are preferably provided for maintaining data integrity of multiple copies of a piece of data in data servers of multiple data centers.
  • a cluster of catalog servers are preferably maintained, wherein one of the catalog servers is selected as the master catalog server.
  • the piece of data is preferably stored in a primary data server chosen from the data servers.
  • the piece of data is preferably duplicated to one or more backup data servers chosen from the data servers.
  • a data state information is preferably recorded to the master catalog server.
  • the data sate information is preferably duplicated to the cluster of catalog servers.
  • the data servers and the cluster of catalog servers are preferably updated when the primary data server fails.
  • a computer program product for maintaining data integrity of a plurality of copies of a piece of data, the plurality of copies being stored in a plurality of data servers across multiple data centers
  • the computer program product comprising: a computer usable medium having computer usable program code embodied therewith, the computer usable program code comprising: instructions to select a primary data server from the plurality of data servers to store the piece of data, and to duplicate the piece of data to other data servers in the plurality of data servers; instructions to maintain a cluster of catalog servers, wherein one of the catalog servers is selected as the master catalog server; instructions to record a data state information of the piece of data to the master catalog server, and to duplicate the data state information to other catalog servers in the cluster of catalog servers; and responsive to a failure of the primary data server, instructions to select a new primary server from the plurality of data servers, and to update the cluster of catalog servers.
  • a computer system comprising: a processor; a memory operatively coupled with the processor; a storage device operatively coupled with the processor and the memory; and a computer program product for maintaining data integrity of a plurality of copies of a piece of data, the plurality of copies being stored in a plurality of data servers across multiple data centers
  • the computer program product comprising: a computer usable medium having computer usable program code embodied therewith, the computer usable program code comprising: instructions to select a primary data server from the plurality of data servers to store the piece of data, and to duplicate the piece of data to other data servers in the plurality of data servers; instructions to maintain a cluster of catalog servers, wherein one of the catalog servers is selected as the master catalog server; instructions to record a data state information of the piece of data to the master catalog server, and to duplicate the data state information to other catalog servers in the cluster of catalog servers; and responsive to a failure of the primary data server, instructions to select a new primary server from the plurality of data servers
  • a computer system for maintaining data integrity of a plurality of copies of a piece of data, the plurality of copies being stored in a plurality of data servers across multiple data centers, comprising: a network partition manager configured to detect and manage first and second network partitions created when one of the plurality of data centers fails; a headmaster controller configured to control functions of data centers in at least one of the first and second network partitions; a router configured to redirect all write transactions to the second network partition to the first network partition; a repair manager configured to reconnect a select data server in the second network partition to the headmaster controller, so that the headmaster controller can remove function limitations on the select data server; a recovery manager configured to recover status and privilege information of the select data server after the repair manager establishes a connection to the headmaster controller; a temporal regrouping manager configured to remove a failing data server in the failing data center, and to regroup other data servers in the plurality of data servers; a load and traffic controller configured to redirect traffic to the other data servers according to the service capability of
  • FIG. 1 is a block diagram of various components of one embodiment of the present invention.
  • FIG. 2 is a block diagram that illustrates, in accordance with one embodiment, how the date integrity and active role control mechanism works;
  • FIG. 3 is a flowchart that illustrates how the present invention maintains, in accordance with one embodiment, data integrity across data servers in multiple data centers;
  • FIG. 4 is a conceptual diagram of a computer system in which the present invention can be utilized in accordance with one preferred embodiment.
  • the present invention may be embodied as a system, method or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-code, etc.) or an embodiment combining software and hardware aspects that may all generally be referred to herein as a "circuit,” "module” or “system.” Furthermore, the present invention may take the form of a computer program product embodied in any tangible medium of expression having computer-usable program code embodied in the medium.
  • the computer-usable or computer-readable medium may be, for example but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, device, or propagation medium. More specific examples (a non- exhaustive list) of the computer-readable medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a transmission media such as those supporting the Internet or an intranet, or a magnetic storage device.
  • the computer- usable or computer-readable medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via, for instance, optical scanning of the paper or other medium, then compiled, interpreted, or otherwise processed in a suitable manner, if necessary, and then stored in a computer memory.
  • a computer-usable or computer-readable medium may be any medium that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
  • the computer-usable medium may include a propagated data signal with the computer-usable program code embodied therewith, either in baseband or as part of a carrier wave.
  • the computer usable program code may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc.
  • Computer program code for carrying out operations of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as JavaTM, Smalltalk, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. (Java and all Java-based trademarks and logos are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both.)
  • the program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server.
  • the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider).
  • LAN local area network
  • WAN wide area network
  • Internet Service Provider an Internet Service Provider
  • These computer program instructions may also be stored in a computer-readable medium that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable medium produce an article of manufacture including instruction means which implement the function/act specified in the flowchart and/or block diagram block or blocks.
  • the computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide processes for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
  • each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s).
  • the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved.
  • each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
  • the present invention preferably enables active-active data centers in which there are no idle copies of data, and many copies of data can serve clients at the same time. Therefore, the present invention preferably increases the utilization and scalability of the servers or the machines in the data centers, and reduces response time to a service request from a user.
  • a cluster of catalog servers one of which is the master catalog server, is used to store the state information of the data, which are also replicated to many other servers in data centers across geographical locations.
  • Each piece of data e.g. a data table
  • the primary server which is also known as the leader
  • many (e.g. thousands of) replication servers When the primary server fails, one of the data replication servers will be selected as the new primary server. Any server can be the primary server of some data and a replication server for other data, hence the workload and the roles of all servers can be balanced.
  • a leader election mechanism is enabled to select one and only one leader at any moment for a piece of data. If an old leader fails, a new leader is selected immediately.
  • the state information of the new leader is registered to the master catalog server and replicated to a cluster of catalog servers.
  • a data-context-aware routing and forwarding system that depends on the roles of the servers is used to ensure any service request is routed to the closest server that has the correct data with the correct role (i.e. primary/replication) .
  • a network partition manager 101 detects and manages disconnected network and initiates actions once a disconnection of the network is detected.
  • the headmaster controller 102 listens to the network partition manager 101, and controls the functions of data centers performed when the network is disconnected. For example, when data centers are divided into a majority group and a minority group by a malfunctioning component, the minority data center group cannot commit any transactions (i.e. transaction commit privilege will be removed) while keeping all non-dirty reads.
  • the router 103 will redirect all write transactions to the majority data center group, and it will compile dirty records.
  • the repair manager 104 spins a thread in each server of disconnected minority data centers, and attempts consistently to connect to the partitioned headmaster controller as scheduled
  • the headmaster controller can remove the limitation of server functionality (e.g. committing write transactions).
  • the recovery manager 105 recovers all status and privileges of a server once the repair manager establishes a connection to the headmaster controller.
  • the temporal regrouping manager 106 pings each leader of each group. If a leader is not reachable, then it extracts all servers this unreachable leader manages. It then pings each member of the unreachable leader, and temporarily removes the servers that are not reachable.
  • the load and traffic controller 107 redirects traffic to other data centers for the disconnected data centers according to their service capability;
  • the inter-data-center connection manager 108 monitors connections between data centers.
  • the present invention preferably enables active-active data centers that maintain massive active replication copies across data centers. For example, there could be 5000 replications active at the same time in the data centers. A data integrity and active role control mechanism is implemented to ensure these massive active replication copies are maintained and updated properly.
  • FIG. 2 is a block diagram that illustrates how the date integrity and active role control mechanism works in one embodiment of the present invention.
  • the inter-data-center connection manager 108 monitors connections between data centers (state 201), and the network partition manager 101 actively monitors networks for possible malfunctions (state 202).
  • the network partition manager 101 manages the malfunctioning component of the data centers that are disconnected from the rest of the data centers (state 203), and initiates actions to repair the malfunctioning components (state 204).
  • the malfunction component may divide the data center into two parts: a minority group and a majority group of servers in the data centers.
  • the headmaster controller 102 receives malfunction information from the network partition manager 101, and controls the functions of the minority group (state 205). For example, it can revoke the transaction commit privilege of the data center in the minority group. All write transactions from the minority group of data servers are then redirected by the router 103 (state 206). The router 103 also compiles dirty records, which keeps the information of the data that has been written in the minority group (state 207). The repair manager 104 then makes attempts to connect the servers in the minority group to the headmaster controller 102, so as to identify the malfunctioning server, and remove it from the data centers (state 208).
  • the recovery manager 105 Once a connection is established between a server and the headmaster controller 102, all status and privileges will be recovered for the server by the recovery manager 105 (state 209).
  • the temporal regrouping manager 106 then pings each leader of each group (state 210). If a leader is not reachable, all servers this unreachable leader manages will be extracted. It then pings each member of the unreachable leader, and temporarily removes the servers that are not reachable. If there are transactions accessing other data centers in the majority group, the load and traffic controller 107 will redirect the traffic to the respective data centers according to their service capability (state 211).
  • FIG. 3 is a flowchart that illustrates how the present invention, in one embodiment, maintains data integrity across data servers in multiple data centers.
  • a cluster of catalog servers is maintained to keep the information of the data on the data servers, wherein one of the catalog servers is selected as the master catalog server.
  • a primary data server is picked. Different primary data servers can be chosen for different pieces of data (state 302). This piece of data is then duplicated to one or more backup data servers chosen from the data servers.
  • a data state information is recorded to the master catalog server, and then duplicated to the cluster of catalog servers.
  • the update process includes three steps. First, a new primary data server is picked for a piece of data (state 311), and the information of this primary data server is registered to the master catalog server (state 312), and the registration information is then duplicated to one or more other catalog servers (state 313).
  • FIG. 4 illustrates a computer system (402) upon which the present invention may be implemented.
  • the computer system may be any one of a personal computer system, a work station computer system, a lap top computer system, an embedded controller system, a microprocessor-based system, a digital signal processor-based system, a hand held device system, a personal digital assistant (PDA) system, a wireless system, a wireless networking system, etc.
  • the computer system includes a bus (404) or other communication mechanism for communicating information and a processor (406) coupled with bus (404) for processing the information.
  • the computer system also includes a main memory, such as a random access memory (RAM) or other dynamic storage device (e.g., dynamic RAM (DRAM), static RAM (SRAM), synchronous DRAM (SDRAM), flash RAM), coupled to bus for storing information and instructions to be executed by processor (406).
  • main memory (408) may be used for storing temporary variables or other intermediate information during execution of instructions to be executed by processor.
  • the computer system further includes a read only memory (ROM) (410) or other static storage device (e.g., programmable ROM (PROM), erasable PROM (EPROM), and electrically erasable PROM
  • EEPROM electrically erasable programmable read-only memory
  • a storage device (412) such as a magnetic disk or optical disk, is provided and coupled to bus for storing information and instructions. This storage device is an example of a computer readable medium.
  • the computer system also includes input/output ports (430) to input signals to couple the computer system.
  • Such coupling may include direct electrical connections, wireless connections, networked connections, etc., for implementing automatic control functions, remote control functions, etc.
  • Suitable interface cards may be installed to provide the necessary functions and signal levels.
  • the computer system may also include special purpose logic devices (e.g., application specific integrated circuits (ASICs)) or configurable logic devices (e.g., generic array of logic (GAL) or re-programmable field programmable gate arrays (FPGAs)), which may be employed to replace the functions of any part or all of the method as described with reference to FIG. 1- FIG. 3.
  • ASICs application specific integrated circuits
  • GAL generic array of logic
  • FPGAs re-programmable field programmable gate arrays
  • removable media devices e.g., a compact disc, a tape, and a removable magneto -optical media
  • fixed, high-density media drives may be added to the computer system using an appropriate device bus (e.g., a small computer system interface (SCSI) bus, an enhanced integrated device electronics (IDE) bus, or an ultra-direct memory access (DMA) bus).
  • the computer system may additionally include a compact disc reader, a compact disc reader- writer unit, or a compact disc jukebox, each of which may be connected to the same device bus or another device bus.
  • the computer system may be coupled via bus to a display (414), such as a cathode ray tube (CRT), liquid crystal display (LCD), voice synthesis hardware and/or software, etc., for displaying and/or providing information to a computer user.
  • a display such as a cathode ray tube (CRT), liquid crystal display (LCD), voice synthesis hardware and/or software, etc.
  • the display may be controlled by a display or graphics card.
  • the computer system includes input devices, such as a keyboard (416) and a cursor control (418), for communicating information and command selections to processor (406).
  • Such command selections can be implemented via voice recognition hardware and/or software functioning as the input devices (416).
  • the cursor control (418) for example, is a mouse, a trackball, cursor direction keys, touch screen display, optical character recognition hardware and/or software, etc., for communicating direction information and command selections to processor (406) and for controlling cursor movement on the display (414).
  • a printer may provide printed listings of the data structures, information, etc., or any other data stored and/or generated by the computer system.
  • the computer system performs a portion or all of the processing steps of the invention in response to processor executing one or more sequences of one or more instructions contained in a memory, such as the main memory. Such instructions may be read into the main memory from another computer readable medium, such as storage device.
  • processors in a multi-processing arrangement may also be employed to execute the sequences of instructions contained in main memory.
  • hard- wired circuitry may be used in place of or in combination with software instructions. Thus, embodiments are not limited to any specific combination of hardware circuitry and software.
  • the computer code devices of the present invention may be any interpreted or executable code mechanism, including but not limited to scripts, interpreters, dynamic link libraries,
  • the computer system also includes a communication interface coupled to bus.
  • the communication interface (420) provides a two-way data communication coupling to a network link (422) that may be connected to, for example, a local network (424).
  • the communication interface (420) may be a network interface card to attach to any packet switched local area network (LAN).
  • the communication interface (420) may be an asymmetrical digital subscriber line (ADSL) card, an integrated services digital network (ISDN) card or a modem to provide a data communication connection to a corresponding type of telephone line.
  • Wireless links may also be implemented via the communication interface (420).
  • the communication interface (420) sends and receives electrical, electromagnetic or optical signals that carry digital data streams representing various types of information.
  • Network link (422) typically provides data communication through one or more networks to other data devices.
  • the network link may provide a connection to a computer (426) through local network (424) (e.g., a LAN) or through equipment operated by a service provider, which provides communication services through a communications network (428).
  • the local network and the communications network preferably use electrical, electromagnetic, or optical signals that carry digital data streams.
  • the signals through the various networks and the signals on the network link and through the communication interface, which carry the digital data to and from the computer system are exemplary forms of carrier waves transporting the information.
  • the computer system can transmit notifications and receive data, including program code, through the network(s), the network link and the communication interface.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Quality & Reliability (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Hardware Redundancy (AREA)
  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

A method, computer program product and system for maintaining data integrity of multiple copies of a piece of data in data servers of multiple data centers, includes maintaining a cluster of catalog servers, where one of the catalog servers is selected as the master catalog server, storing the piece of data in a primary data server chosen from the data servers, duplicating the piece of data to one or more backup data servers chosen from the data servers, recording a data state information to the master catalog server, duplicating the data state information to the cluster of catalog servers, and updating the data servers and the cluster of catalog servers when the primary data server fails.

Description

MAINTAINING DATA INTEGRITY IN DATA SERVERS ACROSS
DATA CENTERS
BACKGROUND Technical Field
The present invention relates to data management in data centers. More specifically, it relates to maintaining the data integrity of multiple copies of data in the data servers of multiple data centers.
Background Information
A data center is a facility used to house computer systems and their associated components, such as telecommunications and storage systems. Almost all major enterprises have more than one data center, in which a huge amount of data is stored in the storage systems. Data centers provide the data, applications, web-hosting, and e-business functions that are essential for the continued operations of these enterprises. The data centers generally have redundant or backup power supplies, redundant data communications connections, environmental controls (e.g., air conditioning, fire suppression), and special security devices. They are dispersed in different geographical locations both for better disaster recovery and for the efficiency of geographical operations.
Most enterprises have multiple data centers. Some enterprises use passive-active data centers that have a copy of data in an active data center (i.e. the primary data center) while the other data centers containing the data (i.e. the backup data centers) are passive. This implementation of data centers usually wastes resources, because a disaster rarely happens to an active data center yet leaves its backup data centers intact. Other enterprises utilize active-active data centers in which both the primary and backup data centers are active. The active-active data centers are more complicated, but they are very efficient to service clients and improve server utilizations for normal operations. However, active-active data centers require reliable and consistent connections among data centers to keep data integrity and to control transaction flows. Otherwise, data in different data centers may not have necessary integrity, and the whole system will be malfunctioning. Moreover, it is usually very hard to maintain reliable and consistent connections across geographical locations where different data centers are located, so active-active data centers are currently used only for data that does not need strict transactions, and within an expensive dedicate Metrod network.
Many enterprises need active-active data centers for better scalability, higher reliability and more efficient use of resources. Good active-active data centers must be able to handle massive active replication copies of data, and to maintain data integrity and active role control when the network, a computer, or a component of a data center is down.
SUMMARY
According to a first aspect, there is provided a method for maintaining data integrity of a plurality of copies of a piece of data, the plurality of copies being stored in a plurality of data servers across multiple data centers, comprising: selecting a primary data server from the plurality of data servers to store the piece of data, and duplicating the piece of data to other data servers in the plurality of data servers; maintaining a cluster of catalog servers, wherein one of the catalog servers is selected as the master catalog server; recording a data state information of the piece of data to the master catalog server, and duplicating the data state information to other catalog servers in the cluster of catalog servers; and responsive to a failure of the primary data server, selecting a new primary server from the plurality of data servers, and updating the cluster of catalog servers.
A method, computer program product and system are preferably provided for maintaining data integrity of multiple copies of a piece of data in data servers of multiple data centers. A cluster of catalog servers are preferably maintained, wherein one of the catalog servers is selected as the master catalog server. The piece of data is preferably stored in a primary data server chosen from the data servers. The piece of data is preferably duplicated to one or more backup data servers chosen from the data servers. A data state information is preferably recorded to the master catalog server. The data sate information is preferably duplicated to the cluster of catalog servers. The data servers and the cluster of catalog servers are preferably updated when the primary data server fails.
According to a second aspect, there is provided a computer program product for maintaining data integrity of a plurality of copies of a piece of data, the plurality of copies being stored in a plurality of data servers across multiple data centers, the computer program product comprising: a computer usable medium having computer usable program code embodied therewith, the computer usable program code comprising: instructions to select a primary data server from the plurality of data servers to store the piece of data, and to duplicate the piece of data to other data servers in the plurality of data servers; instructions to maintain a cluster of catalog servers, wherein one of the catalog servers is selected as the master catalog server; instructions to record a data state information of the piece of data to the master catalog server, and to duplicate the data state information to other catalog servers in the cluster of catalog servers; and responsive to a failure of the primary data server, instructions to select a new primary server from the plurality of data servers, and to update the cluster of catalog servers.
According to a third aspect, there is provided a computer system comprising: a processor; a memory operatively coupled with the processor; a storage device operatively coupled with the processor and the memory; and a computer program product for maintaining data integrity of a plurality of copies of a piece of data, the plurality of copies being stored in a plurality of data servers across multiple data centers, the computer program product comprising: a computer usable medium having computer usable program code embodied therewith, the computer usable program code comprising: instructions to select a primary data server from the plurality of data servers to store the piece of data, and to duplicate the piece of data to other data servers in the plurality of data servers; instructions to maintain a cluster of catalog servers, wherein one of the catalog servers is selected as the master catalog server; instructions to record a data state information of the piece of data to the master catalog server, and to duplicate the data state information to other catalog servers in the cluster of catalog servers; and responsive to a failure of the primary data server, instructions to select a new primary server from the plurality of data servers, and to update the cluster of catalog servers.
According to a fourth aspect, there is provided a computer system for maintaining data integrity of a plurality of copies of a piece of data, the plurality of copies being stored in a plurality of data servers across multiple data centers, comprising: a network partition manager configured to detect and manage first and second network partitions created when one of the plurality of data centers fails; a headmaster controller configured to control functions of data centers in at least one of the first and second network partitions; a router configured to redirect all write transactions to the second network partition to the first network partition; a repair manager configured to reconnect a select data server in the second network partition to the headmaster controller, so that the headmaster controller can remove function limitations on the select data server; a recovery manager configured to recover status and privilege information of the select data server after the repair manager establishes a connection to the headmaster controller; a temporal regrouping manager configured to remove a failing data server in the failing data center, and to regroup other data servers in the plurality of data servers; a load and traffic controller configured to redirect traffic to the other data servers according to the service capability of each of the other data servers; and an inter-data-center connection manager configured to monitor connections between the data centers.
BRIEF DESCRIPTION OF DRAWINGS
A preferred embodiment of the present invention will now be described, by way of example only, and with reference to the following drawings:
FIG. 1 is a block diagram of various components of one embodiment of the present invention;
FIG. 2 is a block diagram that illustrates, in accordance with one embodiment, how the date integrity and active role control mechanism works; FIG. 3 is a flowchart that illustrates how the present invention maintains, in accordance with one embodiment, data integrity across data servers in multiple data centers FIG. 4 is a conceptual diagram of a computer system in which the present invention can be utilized in accordance with one preferred embodiment.
DETAILED DESCRIPTION
The invention will now be described in more detail by way of example with reference to the embodiments shown in the accompanying Figures. It should be kept in mind that the following described embodiments are only presented by way of example and should not be construed as limiting the inventive concept to any particular physical configuration. Further, if used and unless otherwise stated, the terms "upper," "lower," "front," "back," "over,"
"under," and similar such terms are not to be construed as limiting the invention to a particular orientation. Instead, these terms are used only on a relative basis.
As will be appreciated by one skilled in the art, the present invention may be embodied as a system, method or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-code, etc.) or an embodiment combining software and hardware aspects that may all generally be referred to herein as a "circuit," "module" or "system." Furthermore, the present invention may take the form of a computer program product embodied in any tangible medium of expression having computer-usable program code embodied in the medium.
Any combination of one or more computer usable or computer readable media may be utilized. The computer-usable or computer-readable medium may be, for example but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, device, or propagation medium. More specific examples (a non- exhaustive list) of the computer-readable medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a transmission media such as those supporting the Internet or an intranet, or a magnetic storage device. Note that the computer- usable or computer-readable medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via, for instance, optical scanning of the paper or other medium, then compiled, interpreted, or otherwise processed in a suitable manner, if necessary, and then stored in a computer memory. In the context of this document, a computer-usable or computer-readable medium may be any medium that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device. The computer-usable medium may include a propagated data signal with the computer-usable program code embodied therewith, either in baseband or as part of a carrier wave. The computer usable program code may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc.
Computer program code for carrying out operations of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java™, Smalltalk, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. (Java and all Java-based trademarks and logos are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both.) The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider).
The present invention is described below with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable medium that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable medium produce an article of manufacture including instruction means which implement the function/act specified in the flowchart and/or block diagram block or blocks.
The computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide processes for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
The flowchart and block diagrams in the Figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions. The present invention preferably enables active-active data centers in which there are no idle copies of data, and many copies of data can serve clients at the same time. Therefore, the present invention preferably increases the utilization and scalability of the servers or the machines in the data centers, and reduces response time to a service request from a user.
In one embodiment of the present invention, a cluster of catalog servers, one of which is the master catalog server, is used to store the state information of the data, which are also replicated to many other servers in data centers across geographical locations. Each piece of data (e.g. a data table) is stored in its primary server, which is also known as the leader, and many (e.g. thousands of) replication servers. When the primary server fails, one of the data replication servers will be selected as the new primary server. Any server can be the primary server of some data and a replication server for other data, hence the workload and the roles of all servers can be balanced. A leader election mechanism is enabled to select one and only one leader at any moment for a piece of data. If an old leader fails, a new leader is selected immediately. The state information of the new leader is registered to the master catalog server and replicated to a cluster of catalog servers. A data-context-aware routing and forwarding system that depends on the roles of the servers is used to ensure any service request is routed to the closest server that has the correct data with the correct role (i.e. primary/replication) .
In one embodiment of the present invention, as illustrated in FIG. 1, there are eight components: a network partition manager 101, a headmaster controller 102, a router 103, a repair manager 104, a recovery manager 105, a temporal regrouping manager 106, a load and traffic controller 107 and a inter-data-center connection manager 108. The network partition manager 101 detects and manages disconnected network and initiates actions once a disconnection of the network is detected.
The headmaster controller 102 listens to the network partition manager 101, and controls the functions of data centers performed when the network is disconnected. For example, when data centers are divided into a majority group and a minority group by a malfunctioning component, the minority data center group cannot commit any transactions (i.e. transaction commit privilege will be removed) while keeping all non-dirty reads. The router 103 will redirect all write transactions to the majority data center group, and it will compile dirty records.
The repair manager 104 spins a thread in each server of disconnected minority data centers, and attempts consistently to connect to the partitioned headmaster controller as scheduled
(e.g. in every 10 seconds in the first 10 minutes, in one minute interval after first 10 minutes), so that the headmaster controller can remove the limitation of server functionality (e.g. committing write transactions).
The recovery manager 105 recovers all status and privileges of a server once the repair manager establishes a connection to the headmaster controller.
The temporal regrouping manager 106 pings each leader of each group. If a leader is not reachable, then it extracts all servers this unreachable leader manages. It then pings each member of the unreachable leader, and temporarily removes the servers that are not reachable.
The load and traffic controller 107 redirects traffic to other data centers for the disconnected data centers according to their service capability;
The inter-data-center connection manager 108 monitors connections between data centers.
The present invention preferably enables active-active data centers that maintain massive active replication copies across data centers. For example, there could be 5000 replications active at the same time in the data centers. A data integrity and active role control mechanism is implemented to ensure these massive active replication copies are maintained and updated properly.
FIG. 2 is a block diagram that illustrates how the date integrity and active role control mechanism works in one embodiment of the present invention. In a typical working mode, the inter-data-center connection manager 108 monitors connections between data centers (state 201), and the network partition manager 101 actively monitors networks for possible malfunctions (state 202). When a component of the data centers function abnormally, e.g. when a machine is down or a portion of the network works improperly, the network partition manager 101 manages the malfunctioning component of the data centers that are disconnected from the rest of the data centers (state 203), and initiates actions to repair the malfunctioning components (state 204). The malfunction component may divide the data center into two parts: a minority group and a majority group of servers in the data centers. In the repairing mode, the headmaster controller 102 receives malfunction information from the network partition manager 101, and controls the functions of the minority group (state 205). For example, it can revoke the transaction commit privilege of the data center in the minority group. All write transactions from the minority group of data servers are then redirected by the router 103 (state 206). The router 103 also compiles dirty records, which keeps the information of the data that has been written in the minority group (state 207). The repair manager 104 then makes attempts to connect the servers in the minority group to the headmaster controller 102, so as to identify the malfunctioning server, and remove it from the data centers (state 208). Once a connection is established between a server and the headmaster controller 102, all status and privileges will be recovered for the server by the recovery manager 105 (state 209). The temporal regrouping manager 106 then pings each leader of each group (state 210). If a leader is not reachable, all servers this unreachable leader manages will be extracted. It then pings each member of the unreachable leader, and temporarily removes the servers that are not reachable. If there are transactions accessing other data centers in the majority group, the load and traffic controller 107 will redirect the traffic to the respective data centers according to their service capability (state 211).
FIG. 3 is a flowchart that illustrates how the present invention, in one embodiment, maintains data integrity across data servers in multiple data centers. In state 301, a cluster of catalog servers is maintained to keep the information of the data on the data servers, wherein one of the catalog servers is selected as the master catalog server. For a selected piece of data, a primary data server is picked. Different primary data servers can be chosen for different pieces of data (state 302). This piece of data is then duplicated to one or more backup data servers chosen from the data servers. In state 303, a data state information is recorded to the master catalog server, and then duplicated to the cluster of catalog servers. In case the primary data server fails, data servers and the cluster of catalog servers can be effectively updated in state 304. The update process includes three steps. First, a new primary data server is picked for a piece of data (state 311), and the information of this primary data server is registered to the master catalog server (state 312), and the registration information is then duplicated to one or more other catalog servers (state 313).
FIG. 4 illustrates a computer system (402) upon which the present invention may be implemented. The computer system may be any one of a personal computer system, a work station computer system, a lap top computer system, an embedded controller system, a microprocessor-based system, a digital signal processor-based system, a hand held device system, a personal digital assistant (PDA) system, a wireless system, a wireless networking system, etc. The computer system includes a bus (404) or other communication mechanism for communicating information and a processor (406) coupled with bus (404) for processing the information. The computer system also includes a main memory, such as a random access memory (RAM) or other dynamic storage device (e.g., dynamic RAM (DRAM), static RAM (SRAM), synchronous DRAM (SDRAM), flash RAM), coupled to bus for storing information and instructions to be executed by processor (406). In addition, main memory (408) may be used for storing temporary variables or other intermediate information during execution of instructions to be executed by processor. The computer system further includes a read only memory (ROM) (410) or other static storage device (e.g., programmable ROM (PROM), erasable PROM (EPROM), and electrically erasable PROM
(EEPROM)) coupled to bus (404) for storing static information and instructions for processor. A storage device (412), such as a magnetic disk or optical disk, is provided and coupled to bus for storing information and instructions. This storage device is an example of a computer readable medium.
The computer system also includes input/output ports (430) to input signals to couple the computer system. Such coupling may include direct electrical connections, wireless connections, networked connections, etc., for implementing automatic control functions, remote control functions, etc. Suitable interface cards may be installed to provide the necessary functions and signal levels. The computer system may also include special purpose logic devices (e.g., application specific integrated circuits (ASICs)) or configurable logic devices (e.g., generic array of logic (GAL) or re-programmable field programmable gate arrays (FPGAs)), which may be employed to replace the functions of any part or all of the method as described with reference to FIG. 1- FIG. 3. Other removable media devices (e.g., a compact disc, a tape, and a removable magneto -optical media) or fixed, high-density media drives, may be added to the computer system using an appropriate device bus (e.g., a small computer system interface (SCSI) bus, an enhanced integrated device electronics (IDE) bus, or an ultra-direct memory access (DMA) bus). The computer system may additionally include a compact disc reader, a compact disc reader- writer unit, or a compact disc jukebox, each of which may be connected to the same device bus or another device bus.
The computer system may be coupled via bus to a display (414), such as a cathode ray tube (CRT), liquid crystal display (LCD), voice synthesis hardware and/or software, etc., for displaying and/or providing information to a computer user. The display may be controlled by a display or graphics card. The computer system includes input devices, such as a keyboard (416) and a cursor control (418), for communicating information and command selections to processor (406). Such command selections can be implemented via voice recognition hardware and/or software functioning as the input devices (416). The cursor control (418), for example, is a mouse, a trackball, cursor direction keys, touch screen display, optical character recognition hardware and/or software, etc., for communicating direction information and command selections to processor (406) and for controlling cursor movement on the display (414). In addition, a printer (not shown) may provide printed listings of the data structures, information, etc., or any other data stored and/or generated by the computer system.
The computer system performs a portion or all of the processing steps of the invention in response to processor executing one or more sequences of one or more instructions contained in a memory, such as the main memory. Such instructions may be read into the main memory from another computer readable medium, such as storage device. One or more processors in a multi-processing arrangement may also be employed to execute the sequences of instructions contained in main memory. In alternative embodiments, hard- wired circuitry may be used in place of or in combination with software instructions. Thus, embodiments are not limited to any specific combination of hardware circuitry and software.
The computer code devices of the present invention may be any interpreted or executable code mechanism, including but not limited to scripts, interpreters, dynamic link libraries,
Java classes, and complete executable programs. Moreover, parts of the processing of the present invention may be distributed for better performance, reliability, and/or cost. The computer system also includes a communication interface coupled to bus. The communication interface (420) provides a two-way data communication coupling to a network link (422) that may be connected to, for example, a local network (424). For example, the communication interface (420) may be a network interface card to attach to any packet switched local area network (LAN). As another example, the communication interface (420) may be an asymmetrical digital subscriber line (ADSL) card, an integrated services digital network (ISDN) card or a modem to provide a data communication connection to a corresponding type of telephone line. Wireless links may also be implemented via the communication interface (420). In any such implementation, the communication interface (420) sends and receives electrical, electromagnetic or optical signals that carry digital data streams representing various types of information.
Network link (422) typically provides data communication through one or more networks to other data devices. For example, the network link may provide a connection to a computer (426) through local network (424) (e.g., a LAN) or through equipment operated by a service provider, which provides communication services through a communications network (428). In preferred embodiments, the local network and the communications network preferably use electrical, electromagnetic, or optical signals that carry digital data streams. The signals through the various networks and the signals on the network link and through the communication interface, which carry the digital data to and from the computer system, are exemplary forms of carrier waves transporting the information. The computer system can transmit notifications and receive data, including program code, through the network(s), the network link and the communication interface. It should be understood, that the invention is not necessarily limited to the specific process, arrangement, materials and components shown and described above, but may be susceptible to numerous variations within the scope of the invention.

Claims

1. A method for maintaining data integrity of a plurality of copies of a piece of data, the plurality of copies being stored in a plurality of data servers across multiple data centers, comprising: selecting a primary data server from the plurality of data servers to store the piece of data, and duplicating the piece of data to other data servers in the plurality of data servers; maintaining a cluster of catalog servers, wherein one of the catalog servers is selected as the master catalog server; recording a data state information of the piece of data to the master catalog server, and duplicating the data state information to other catalog servers in the cluster of catalog servers; and responsive to a failure of the primary data server, selecting a new primary server from the plurality of data servers, and updating the cluster of catalog servers.
2. The method of claim 1, wherein the updating comprises: registering a new data state information containing the new primary data server to the master catalog server; and duplicating the new data state information to other catalog servers in the cluster of catalog servers.
3. The method of claim 2, further comprising, before selecting the new primary data server, managing a majority group and a minority group of data servers disconnected by the failing primary data server; controlling functions of data servers in the minority group; compiling dirty records of data in the minority group of data servers; removing the failing primary data server by attempting to connect each server in the minority group to a headmaster controller; and regrouping the data servers connected to the headmaster controller.
4. The method of any of claims 1 to 3, further comprising routing a service request from a user to a closest data server in the plurality of data servers.
5. A computer program product for maintaining data integrity of a plurality of copies of a piece of data, the plurality of copies being stored in a plurality of data servers across multiple data centers, the computer program product comprising: a computer usable medium having computer usable program code embodied therewith, the computer usable program code comprising: instructions to select a primary data server from the plurality of data servers to store the piece of data, and to duplicate the piece of data to other data servers in the plurality of data servers; instructions to maintain a cluster of catalog servers, wherein one of the catalog servers is selected as the master catalog server; instructions to record a data state information of the piece of data to the master catalog server, and to duplicate the data state information to other catalog servers in the cluster of catalog servers; and responsive to a failure of the primary data server, instructions to select a new primary server from the plurality of data servers, and to update the cluster of catalog servers.
6. The computer program product of claim 5, wherein the instructions to update comprise: instructions to register a new data state information containing the new primary data server to the master catalog server; and instructions to duplicate the new data state information to other catalog servers in the cluster of catalog servers.
7. The computer program product of claim 6, further comprising, before instructions to select the new primary data server, instructions to manage a majority group and a minority group of data servers disconnected by the failing primary data server; instructions to control functions of data servers in the minority group; instructions to compile dirty records of data in the minority group of data servers; instructions to remove the failing primary data server by attempting to connect each server in the minority group to a headmaster controller; and instructions to regroup the data servers connected to the headmaster controller.
8. The computer program product of any of claims 5 to 7, further comprising instructions to route a service request from a user to a closest data server in the plurality of data servers.
9. A computer system comprising: a processor; a memory operatively coupled with the processor; a storage device operatively coupled with the processor and the memory; and a computer program product for maintaining data integrity of a plurality of copies of a piece of data, the plurality of copies being stored in a plurality of data servers across multiple data centers, the computer program product comprising: a computer usable medium having computer usable program code embodied therewith, the computer usable program code comprising: instructions to select a primary data server from the plurality of data servers to store the piece of data, and to duplicate the piece of data to other data servers in the plurality of data servers; instructions to maintain a cluster of catalog servers, wherein one of the catalog servers is selected as the master catalog server; instructions to record a data state information of the piece of data to the master catalog server, and to duplicate the data state information to other catalog servers in the cluster of catalog servers; and responsive to a failure of the primary data server, instructions to select a new primary server from the plurality of data servers, and to update the cluster of catalog servers.
10. The computer system of claim 9, wherein the instructions to update comprise: instructions to register a new data state information containing the new primary data server to the master catalog server; and instructions to duplicate the new data state information to other catalog servers in the cluster of catalog servers.
11. The computer system of claim 10, further comprising, before instructions to select the new primary data server, instructions to manage a majority group and a minority group of data servers disconnected by the failing primary data server; instructions to control functions of data servers in the minority group; instructions to compile dirty records of data in the minority group of data servers; instructions to remove the failing primary data server by attempting to connect each server in the minority group to a headmaster controller; and instructions to regroup the data servers connected to the headmaster controller.
12. The computer system of any of claims 9 to 11, further comprising instructions to route a service request from a user to a closest data server in the plurality of data servers.
13. The computer system of claim 9 comprising: a network partition manager configured to detect and manage first and second network partitions created when one of the plurality of data centers fails; a headmaster controller configured to control functions of data centers in at least one of the first and second network partitions; a router configured to redirect all write transactions to the second network partition to the first network partition; a repair manager configured to reconnect a select data server in the second network partition to the headmaster controller, so that the headmaster controller can remove function limitations on the select data server; a recovery manager configured to recover status and privilege information of the select data server after the repair manager establishes a connection to the headmaster controller; a temporal regrouping manager configured to remove a failing data server in the failing data center, and to regroup other data servers in the plurality of data servers; a load and traffic controller configured to redirect traffic to the other data servers according to the service capability of each of the other data servers; and an inter-data-center connection manager configured to monitor connections between the data centers.
14. The computer system of claim 13, wherein the first network partition comprises more data centers than the second network partition.
15. The computer system of claim 13 or 14, wherein the functions comprise removing a transaction commit privilege of data centers in a select network partition, and keeping non- dirty reads to the select network partition.
16. The computer system of claim 15, wherein the select network partition is one of the first and second network partitions that has a smaller number of data centers than the other one.
17. The computer system of any of claims 13 to 16, wherein the router is also configured to compile dirty records.
18. The computer system of any of claims 13 to 17, wherein the repair manager consistently attempts to connect to the partitioned headmaster controller according to a preset schedule.
19. A computer system for maintaining data integrity of a plurality of copies of a piece of data, the plurality of copies being stored in a plurality of data servers across multiple data centers, comprising: a network partition manager configured to detect and manage first and second network partitions created when one of the plurality of data centers fails; a headmaster controller configured to control functions of data centers in at least one of the first and second network partitions; a router configured to redirect all write transactions to the second network partition to the first network partition; a repair manager configured to reconnect a select data server in the second network partition to the headmaster controller, so that the headmaster controller can remove function limitations on the select data server; a recovery manager configured to recover status and privilege information of the select data server after the repair manager establishes a connection to the headmaster controller; a temporal regrouping manager configured to remove a failing data server in the failing data center, and to regroup other data servers in the plurality of data servers; a load and traffic controller configured to redirect traffic to the other data servers according to the service capability of each of the other data servers; and an inter-data-center connection manager configured to monitor connections between the data centers.
20. The computer system of claim 19, wherein the first network partition comprises more data centers than the second network partition.
21. The computer system of claim 19 or 20, wherein the functions comprise removing a transaction commit privilege of data centers in a select network partition, and keeping non- dirty reads to the select network partition.
22. The computer system of claim 21, wherein the select network partition is one of the first and second network partitions that has a smaller number of data centers than the other one.
23. The computer system of any of claims 19 to 22, wherein the router is also configured to compile dirty records.
24. The computer system of any of claims 19 to 24, wherein the repair manager consistently attempts to connect to the partitioned headmaster controller according to a preset schedule.
25. A computer program comprising program code means adapted to perform the method of any of claims 1 to 4, when said program is run on a computer.
PCT/EP2009/059931 2008-08-05 2009-07-31 Maintaining data integrity in data servers across data centers WO2010015574A1 (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
EP09781339A EP2281240B1 (en) 2008-08-05 2009-07-31 Maintaining data integrity in data servers across data centers
KR1020117002453A KR101547719B1 (en) 2008-08-05 2009-07-31 Maintaining data integrity in data servers across data centers
JP2011521543A JP5102901B2 (en) 2008-08-05 2009-07-31 Method and system for maintaining data integrity between multiple data servers across a data center
CN200980129274.8A CN102105867B (en) 2008-08-05 2009-07-31 Method and system for maintaining data integrity in data servers across data centers
AT09781339T ATE518189T1 (en) 2008-08-05 2009-07-31 MAINTAIN DATA INTEGRITY ON DATA SERVERS IN MULTIPLE DATA CENTERS

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US12/185,863 US8676760B2 (en) 2008-08-05 2008-08-05 Maintaining data integrity in data servers across data centers
US12/185,863 2008-08-05

Publications (1)

Publication Number Publication Date
WO2010015574A1 true WO2010015574A1 (en) 2010-02-11

Family

ID=41172355

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2009/059931 WO2010015574A1 (en) 2008-08-05 2009-07-31 Maintaining data integrity in data servers across data centers

Country Status (7)

Country Link
US (1) US8676760B2 (en)
EP (1) EP2281240B1 (en)
JP (1) JP5102901B2 (en)
KR (1) KR101547719B1 (en)
CN (1) CN102105867B (en)
AT (1) ATE518189T1 (en)
WO (1) WO2010015574A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014083672A1 (en) * 2012-11-30 2014-06-05 株式会社日立製作所 Management device, management method, and recording medium for storing program

Families Citing this family (53)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2003209194A1 (en) 2002-01-08 2003-07-24 Seven Networks, Inc. Secure transport for mobile communication network
US8438633B1 (en) 2005-04-21 2013-05-07 Seven Networks, Inc. Flexible real-time inbox access
WO2006136660A1 (en) 2005-06-21 2006-12-28 Seven Networks International Oy Maintaining an ip connection in a mobile network
US8805425B2 (en) 2007-06-01 2014-08-12 Seven Networks, Inc. Integrated messaging
US9002828B2 (en) 2007-12-13 2015-04-07 Seven Networks, Inc. Predictive content delivery
US8862657B2 (en) 2008-01-25 2014-10-14 Seven Networks, Inc. Policy based content service
US20090193338A1 (en) 2008-01-28 2009-07-30 Trevor Fiatal Reducing network and battery consumption during content delivery and playback
US8909759B2 (en) 2008-10-10 2014-12-09 Seven Networks, Inc. Bandwidth measurement
US8838783B2 (en) 2010-07-26 2014-09-16 Seven Networks, Inc. Distributed caching for resource and mobile network traffic management
WO2012018430A1 (en) 2010-07-26 2012-02-09 Seven Networks, Inc. Mobile network traffic coordination across multiple applications
US8484314B2 (en) 2010-11-01 2013-07-09 Seven Networks, Inc. Distributed caching in a wireless network of content delivered for a mobile application over a long-held request
US8843153B2 (en) 2010-11-01 2014-09-23 Seven Networks, Inc. Mobile traffic categorization and policy for network use optimization while preserving user experience
WO2012060995A2 (en) 2010-11-01 2012-05-10 Michael Luna Distributed caching in a wireless network of content delivered for a mobile application over a long-held request
EP3422775A1 (en) 2010-11-22 2019-01-02 Seven Networks, LLC Optimization of resource polling intervals to satisfy mobile device requests
EP2661697B1 (en) 2011-01-07 2018-11-21 Seven Networks, LLC System and method for reduction of mobile network traffic used for domain name system (dns) queries
EP2700019B1 (en) 2011-04-19 2019-03-27 Seven Networks, LLC Social caching for device resource sharing and management
US8621075B2 (en) 2011-04-27 2013-12-31 Seven Metworks, Inc. Detecting and preserving state for satisfying application requests in a distributed proxy and cache system
WO2012149216A2 (en) 2011-04-27 2012-11-01 Seven Networks, Inc. Mobile device which offloads requests made by a mobile application to a remote entity for conservation of mobile device and network resources and methods therefor
US8522068B2 (en) * 2011-05-02 2013-08-27 International Business Machines Corporation Coordinated disaster recovery production takeover operations
US8671308B2 (en) 2011-05-02 2014-03-11 International Business Machines Corporation Optimizing disaster recovery systems during takeover operations
WO2013086225A1 (en) * 2011-12-06 2013-06-13 Seven Networks, Inc. A mobile device and method to utilize the failover mechanisms for fault tolerance provided for mobile traffic management and network/device resource conservation
US8934414B2 (en) 2011-12-06 2015-01-13 Seven Networks, Inc. Cellular or WiFi mobile traffic optimization based on public or private network destination
GB2498064A (en) 2011-12-07 2013-07-03 Seven Networks Inc Distributed content caching mechanism using a network operator proxy
WO2013086447A1 (en) 2011-12-07 2013-06-13 Seven Networks, Inc. Radio-awareness of mobile device for sending server-side control signals using a wireless network optimized transport protocol
US20130159511A1 (en) 2011-12-14 2013-06-20 Seven Networks, Inc. System and method for generating a report to a network operator by distributing aggregation of data
WO2013103988A1 (en) 2012-01-05 2013-07-11 Seven Networks, Inc. Detection and management of user interactions with foreground applications on a mobile device in distributed caching
US8812695B2 (en) 2012-04-09 2014-08-19 Seven Networks, Inc. Method and system for management of a virtual network connection without heartbeat messages
US20130268656A1 (en) 2012-04-10 2013-10-10 Seven Networks, Inc. Intelligent customer service/call center services enhanced using real-time and historical mobile application and traffic-related statistics collected by a distributed caching system in a mobile network
WO2014011216A1 (en) 2012-07-13 2014-01-16 Seven Networks, Inc. Dynamic bandwidth adjustment for browsing or streaming activity in a wireless network based on prediction of user behavior when interacting with mobile applications
US9591080B2 (en) 2012-09-17 2017-03-07 Tencent Technology (Shenzhen) Company Limited Method of establishing a network socket with a data server
CN103685398B (en) * 2012-09-17 2015-08-19 腾讯科技(深圳)有限公司 Communication connection method for building up and communication system
US9161258B2 (en) 2012-10-24 2015-10-13 Seven Networks, Llc Optimized and selective management of policy deployment to mobile clients in a congested network to prevent further aggravation of network congestion
US9307493B2 (en) 2012-12-20 2016-04-05 Seven Networks, Llc Systems and methods for application management of mobile device radio state promotion and demotion
US9241314B2 (en) 2013-01-23 2016-01-19 Seven Networks, Llc Mobile device with application or context aware fast dormancy
US8874761B2 (en) 2013-01-25 2014-10-28 Seven Networks, Inc. Signaling optimization in a wireless network for traffic utilizing proprietary and non-proprietary protocols
US8750123B1 (en) 2013-03-11 2014-06-10 Seven Networks, Inc. Mobile device equipped with mobile network congestion recognition to make intelligent decisions regarding connecting to an operator network
US9065765B2 (en) 2013-07-22 2015-06-23 Seven Networks, Inc. Proxy server associated with a mobile carrier for enhancing mobile traffic management in a mobile network
US9626261B2 (en) * 2013-11-27 2017-04-18 Futurewei Technologies, Inc. Failure recovery resolution in transplanting high performance data intensive algorithms from cluster to cloud
CN104714853B (en) * 2013-12-16 2018-05-04 雅特生嵌入式计算有限公司 Use the fault-tolerant failure safe computer system of COTS components
US20160021171A1 (en) * 2014-07-18 2016-01-21 Jive Communications, Inc. Datacenter event stream processing in a network-based communication system
US10055307B2 (en) * 2015-06-30 2018-08-21 Vmware, Inc. Workflows for series of snapshots
US10656991B2 (en) * 2015-08-24 2020-05-19 International Business Machines Corporation Electronic component having redundant product data stored externally
CN105302865B (en) * 2015-09-22 2019-04-26 中国联合网络通信集团有限公司 A kind of method and device for realizing data processing
US10681113B2 (en) 2015-10-14 2020-06-09 International Business Machines Corporation Geographically distributed highly available mailbox
US10346270B2 (en) * 2016-05-25 2019-07-09 Arista Networks, Inc. High-availability network controller
US10621145B2 (en) 2016-10-18 2020-04-14 Arista Networks, Inc. Cluster file replication
US10270646B2 (en) * 2016-10-24 2019-04-23 Servicenow, Inc. System and method for resolving master node failures within node clusters
KR20180089682A (en) * 2017-02-01 2018-08-09 삼성전자주식회사 Electronic apparatus and method for verifing data integrity based on a blockchain
CN108196984A (en) * 2017-12-30 2018-06-22 安华智能股份公司 A kind of computer system for maintaining data integrity
US10951395B2 (en) * 2018-08-20 2021-03-16 Fujitsu Limited Data fetching in data exchange networks
US11068351B2 (en) * 2018-11-19 2021-07-20 International Business Machines Corporation Data consistency when switching from primary to backup data storage
US12050587B2 (en) 2021-05-28 2024-07-30 Bank Of America Corporation Data feed meta detail categorization for confidence
US12056112B2 (en) 2021-05-28 2024-08-06 Bank Of America Corporation Data feed meta detail categorization for confidence

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060090095A1 (en) 1999-03-26 2006-04-27 Microsoft Corporation Consistent cluster operational data in a server cluster using a quorum of replicas
WO2008021636A2 (en) 2006-08-11 2008-02-21 Chicago Mercantile Exchange, Inc. Fault tolerance and failover using active copy-cat

Family Cites Families (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5596716A (en) * 1995-03-01 1997-01-21 Unisys Corporation Method and apparatus for indicating the severity of a fault within a computer system
KR0147150B1 (en) * 1995-06-29 1998-09-15 김주용 Crc error debugging system using decoder
JP4689137B2 (en) 2001-08-08 2011-05-25 株式会社日立製作所 Remote copy control method and storage system
US6865591B1 (en) * 2000-06-30 2005-03-08 Intel Corporation Apparatus and method for building distributed fault-tolerant/high-availability computed applications
US7574499B1 (en) * 2000-07-19 2009-08-11 Akamai Technologies, Inc. Global traffic management system using IP anycast routing and dynamic load-balancing
US20030126197A1 (en) * 2001-12-28 2003-07-03 Black Brad R. Efficient content placement using network proximity
US20030158909A1 (en) * 2002-02-20 2003-08-21 Simpson Shell S. Composite image generation
US7096228B2 (en) * 2002-03-27 2006-08-22 Microsoft Corporation Method and system for managing data records on a computer network
US7035858B2 (en) * 2002-04-29 2006-04-25 Sun Microsystems, Inc. System and method dynamic cluster membership in a distributed data system
JP3923863B2 (en) * 2002-07-09 2007-06-06 株式会社日立製作所 Request router device
US20040083213A1 (en) * 2002-10-25 2004-04-29 Yuh-Cherng Wu Solution search
JP4037257B2 (en) 2002-12-26 2008-01-23 株式会社日立製作所 Information processing system control method, information processing system, and program
JP2004318743A (en) * 2003-04-21 2004-11-11 Hitachi Ltd File transfer device
US7747586B2 (en) * 2003-04-23 2010-06-29 International Business Machines Corporation Apparatus and method to map and copy computer files
US7120825B2 (en) * 2003-06-06 2006-10-10 Hewlett-Packard Development Company, L.P. Adaptive batch sizing for asynchronous data redundancy
JP2005196683A (en) 2004-01-09 2005-07-21 Hitachi Ltd Information processing system, information processor and control method of information processing system
US7523341B2 (en) * 2004-05-13 2009-04-21 International Business Machines Corporation Methods, apparatus and computer programs for recovery from failures in a computing environment
JP4377790B2 (en) 2004-09-30 2009-12-02 株式会社日立製作所 Remote copy system and remote copy method
US7451347B2 (en) 2004-10-08 2008-11-11 Microsoft Corporation Failover scopes for nodes of a computer cluster
US7577805B2 (en) 2004-11-01 2009-08-18 Hitachi, Ltd. Using bandwidth and capacity parameters to control remote copy operations in storage systems
JP2006139477A (en) 2004-11-11 2006-06-01 Hitachi Ltd Computer system, management method, and storage network system
US7490111B2 (en) * 2006-06-07 2009-02-10 International Business Machines Corporation Efficient handling of mostly read data in a computer server
US7975115B2 (en) * 2007-04-11 2011-07-05 Dot Hill Systems Corporation Method and apparatus for separating snapshot preserved and write data
US7849354B2 (en) * 2007-06-12 2010-12-07 Microsoft Corporation Gracefully degradable versioned storage systems
US8271967B2 (en) * 2008-06-09 2012-09-18 Ricoh Company, Ltd. MFP software update using web service

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060090095A1 (en) 1999-03-26 2006-04-27 Microsoft Corporation Consistent cluster operational data in a server cluster using a quorum of replicas
WO2008021636A2 (en) 2006-08-11 2008-02-21 Chicago Mercantile Exchange, Inc. Fault tolerance and failover using active copy-cat

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014083672A1 (en) * 2012-11-30 2014-06-05 株式会社日立製作所 Management device, management method, and recording medium for storing program

Also Published As

Publication number Publication date
KR101547719B1 (en) 2015-08-26
ATE518189T1 (en) 2011-08-15
JP5102901B2 (en) 2012-12-19
US8676760B2 (en) 2014-03-18
JP2011530127A (en) 2011-12-15
CN102105867A (en) 2011-06-22
CN102105867B (en) 2014-03-26
US20100036885A1 (en) 2010-02-11
KR20110044858A (en) 2011-05-02
EP2281240B1 (en) 2011-07-27
EP2281240A1 (en) 2011-02-09

Similar Documents

Publication Publication Date Title
EP2281240B1 (en) Maintaining data integrity in data servers across data centers
US9280430B2 (en) Deferred replication of recovery information at site switchover
US20020194015A1 (en) Distributed database clustering using asynchronous transactional replication
CN110807064B (en) Data recovery device in RAC distributed database cluster system
US8856091B2 (en) Method and apparatus for sequencing transactions globally in distributed database cluster
US9576040B1 (en) N-site asynchronous replication
US20140244578A1 (en) Highly available main memory database system, operating method and uses thereof
US7444335B1 (en) System and method for providing cooperative resource groups for high availability applications
JP2002041348A (en) Communication pass through shared system resource to provide communication with high availability, network file server and its method
WO2007028248A1 (en) Method and apparatus for sequencing transactions globally in a distributed database cluster
KR20030003264A (en) Server duplexing method and duplexed server system
JP2005535241A (en) Method of moving application software in multicomputer architecture, multicomputer method and apparatus for realizing continuity of operation using the moving method
JP2002024069A (en) File server to enable restoration of execution state, transaction logging mechanism, system resource and recovering method of execution state
US9367409B2 (en) Method and system for handling failures by tracking status of switchover or switchback
CN101145946A (en) A fault tolerance cluster system and method based on message log
US8527454B2 (en) Data replication using a shared resource
CN103136070A (en) Method and device for processing data disaster tolerance
US7475280B1 (en) Active-active server for high availability of data replication management application
CN107357800A (en) A kind of database High Availabitity zero loses solution method
KR101605455B1 (en) Method for Replicationing of Redo Log without Data Loss and System Thereof
US20110179305A1 (en) Process for secure backspacing to a first data center after failover through a second data center and a network architecture working accordingly
CA2619778C (en) Method and apparatus for sequencing transactions globally in a distributed database cluster with collision monitoring
Cisco Fault Tolerance
Cisco Fault Tolerance
Cisco Fault Tolerance

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200980129274.8

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09781339

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2009781339

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2011521543

Country of ref document: JP

Kind code of ref document: A

ENP Entry into the national phase

Ref document number: 20117002453

Country of ref document: KR

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 1204/CHENP/2011

Country of ref document: IN