Method and system for backing up data

Description

FIELD OF INVENTION

The present invention relates to data backup. More particularly, the present invention is a method and system for generating a snapshot in a consistent state.

BACKGROUND

Many schemes have been developed to protect data from loss or damage. One such scheme is hardware redundancy, such as redundant arrays of independent disks (RAID). Unfortunately, hardware redundancy schemes are ineffective in dealing with logical data loss or corruption. For example, an accidental file deletion or virus infection is automatically replicated to all of the redundant hardware components and can neither be prevented nor recovered from when using such technologies.

To overcome this problem, backup technologies have been developed to retain multiple versions of a production system over time. This allowed administrators to restore previous versions of data and to recover from data corruption.

One type of data protection system involves making point in time (PIT) copies of data. A first type of PIT copy is a hardware-based PIT copy, which is a mirror of a primary volume onto a secondary volume. The main drawbacks of the hardware-based PIT copy are that the data ages quickly and that each copy takes up as much disk space as the primary volume. A software-based PIT, or so called “snapshot,” is a “picture” of a volume at the block level or a file system at the operating system level.

It is desirable to generate a snapshot when an application or a file system is in a consistent state because it alleviates the need to replay a log of write streams and allows applications to be restarted rapidly. In order to achieve this, prior art systems suspend an application to update source data and flushes the source data to primary storage before generating a snapshot. However, this method is not efficient because the system has to be suspended for a while in order to generate a snapshot. Therefore, there is a need for a method and system for generating a snapshot in a consistent state without suspending an application or a system.

SUMMARY

The present invention is a method and system for generating a snapshot in a consistent state. The system comprises a host computer, primary data storage, a data protection unit, and secondary data storage. The data protection unit monitors a state of an application which is running on the host computer. The data protection unit generates a snapshot of data stored in primary data storage when the application is in a consistent state, and stores the snapshot on secondary storage. In the event of a system failure, the data is recovered using the last snapshot. Snapshot generation may be triggered either by storing a data on a secondary storage or marking data that already exists on the secondary storage.

Alternatively, the system may identify a consistent snapshot by analyzing previous write streams. Snapshots are generated in accordance with a snapshot generation policy. In the event of a system failure, the data protection unit identifies a snapshot which is generated in a consistent state among a plurality of snapshots. The data is recovered from the identified snapshot.

BRIEF DESCRIPTION OF THE DRAWINGS

A more detailed understanding of the invention may be had from the following description of a preferred embodiment, given by way of example, and to be understood in conjunction with the accompanying drawings, wherein:

FIGS. 1A-1C are block diagrams of systems for data backup in accordance with the present invention;

FIG. 2 is a flow diagram of a process for data backup in accordance with one embodiment of the present invention; and

FIG. 3 is a flow diagram of a process for data backup in accordance with another embodiment of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

The present invention will be described with reference to the drawing figures wherein like numerals represent like elements throughout. The present invention may be implemented, purely by way of example, in a Chronospan system, such as is described in U.S. patent application Ser. No. 10/771,613, which is incorporated by reference as if fully set forth.

FIG. 1A shows a system 100 for data backup in accordance with one embodiment of the present invention. The system 100 comprises a host computer 102, a primary data volume 104 (the primary data volume may also be referred to as the protected volume), a data protection unit 106, and a secondary data volume 108. The host computer 102 is connected directly to the primary data volume 104 and to the data protection unit 106. The data protection unit 106 manages the secondary data volume 108. The configuration of the system 100 minimizes the lag time by writing directly to the primary data volume 104 and permits the data protection unit 106 to focus exclusively on managing the secondary data volume 108. The management of the volumes is preferably performed using a volume manager (not shown).

A volume manager is a software module that runs on the host computer 102 or an intelligent storage switch 142 (see FIG. 1C) to manage storage resources. Typical volume managers have the ability to aggregate blocks from multiple different physical disks into one or more virtual volumes. Applications are not aware that they are actually writing to segments of many different disks because they are presented with one large, contiguous volume. In addition to block aggregation, volume managers usually offer software RAID functionality. For example, they are able to split the segments of the different volumes into two groups, where one group is a mirror of the other group. In this embodiment, the volume manager mirrors the writes to both the primary data volume 104 and the data protection unit 106 for redundancy in case of a hardware failure. Therefore, the volume manager also sends copies of all writes to the data protection unit 106.

The data protection unit 106 controls generation of snapshots. A plurality of snapshots are generated, stored and expired in accordance with a snapshot generation policy. The host computer 102 runs an application. Hereinafter, the terminology “application” means any software running on a computer or a file management system for managing and storing data including, but not limited to, a database system, an email system or a file system. The application running on the host computer 102 generates an output and the output is preferably stored in a memory (not shown) in the host computer. The output in the memory is flushed into the primary data volume 104 when the memory is full or a predetermined time expires or instructed by the application. Alternatively, the output may be directly stored in the primary volume.

The application running on the host computer 102 generates information which may be used in determining whether the application is in a consistent state or not. Various schemes may be used for this purpose. For example, a file system may be configured to generate an indicator that the system is in a consistent state. More particularly, the file system may set specific bits to indicate that the file system is in a clean state. The system reads the specific bit to figure out whether the system is in a consistent state, and generates a snapshot when the bits are set. Alternatively, it is possible to analyze the log of a journaling system to find out a consistent state when the log is empty.

The data protection unit 106 monitors state information in real time and detects when the application is in a consistent state. The data protection unit 106 generates a snapshot when the application is in a consistent state. With this scheme, in the case of a system failure, the need to replay a log of write streams to recover data is substantially alleviated, and the application may be restarted more rapidly. The snapshots do not have to be absolutely consistent. The snapshots may be generated slightly before or after the consistent point. The snapshots may be generated at any point that may be a good time in practice, (i.e., any time that requires a small time for replaying the log is a good candidate).

The consistent point may vary from application to application. A snapshot that may be consistent for one application may not be consistent for another application. Therefore, after generating one snapshot which is consistent for one application, if a consistent point is detected for another application, another snapshot is generated. In this case, the second snapshot probably does not have many changes.

It is noted that the primary data volume 104 and the secondary data volume 108 can be any type of data storage, including, but not limited to, a single disk, a disk array (such as a RAID), or a storage area network (SAN). The main difference between the primary data volume 104 and the secondary data volume 108 lies in the structure of the data stored at each location. The primary volume 104 is typically an expensive, fast, and highly available storage subsystem, whereas the secondary volume 108 is typically cost-effective, high capacity, and comparatively slow (for example, ATA/SATA disks).

FIG. 1B shows an alternative embodiment of a system 120 constructed in accordance with the present invention. The host computer 102 is directly connected to the data protection unit 106, which manages both the primary data volume 104 and the secondary data volume 108. The system 120 may be slower than the system 100 described above, because the data protection unit 106 must manage both the primary data volume 104 and the secondary data volume 108. This results in a higher latency for writes to the primary volume 104 in the system 120 and lowers the available bandwidth for use.

FIG. 1C shows another embodiment of a system 140 constructed in accordance with the present invention. The host computer 102 is connected to an intelligent switch 142. The switch 142 is connected to the primary data volume 104 and the data protection unit 106, which in turn manages the secondary data volume 108. The switch 142 includes the ability to host applications and contains some of the functionality of the data protection unit 106 in hardware, to assist in reducing system latency and improve bandwidth.

It is noted that the data protection unit 106 operates in the same manner, regardless of the particular construction of the protected computer system 100, 120, 140. The major difference between these deployment options is the manner and place in which a copy of each write is obtained. To those skilled in the art it is evident that other embodiments, such as the cooperation between a switch platform and an external server, are also feasible.

FIG. 2 is a flow diagram of a process 200 for data backup in accordance with one embodiment of the present invention. A host computer 102 runs an application (step 202). The output generated by the host computer 102 is preferably, but not necessarily, first stored in a memory in the host computer 102 and later flushed into a primary data volume 104. The data stored in the primary data volume 104 is backed up by a plurality of snapshots generated, periodically or non-periodically, in accordance with a snapshot generation policy. A data protection unit 106 constantly monitors whether the state of the application is consistent (step 204). The application generates information that may be used in determining the state of the application. For example, the application may generate an indicator indicating that the application is in a consistent state. The application may set specific bits to indicate that the memory has to be flushed to the data storage and no dirty buffers are outstanding. Alternatively, it is possible to analyze the log of a journaling system to find out a consistent state when the log is empty.

If the data protection unit 106 determines that the application is not in a consistent state, the process 200 returns to step 204 to monitor the state of the application (step 206). If the data protection unit 106 determines that the application is in a consistent state, which means the output temporarily stored in the memory is flushed into the primary data volume 104, the data protection unit 106 generates a snapshot and stores it in the secondary data volume 108 (step 208). If a system failure or other problem is detected at step 210, the data is restored using the last snapshot (step 212).

FIG. 3 is a flow diagram of a process 300 for data backup in accordance with another embodiment of the present invention. The present invention analyzes the log of write streams to find a consistent point to recover the data in the event of a system failure. The present invention keeps a log of every write made to the primary volume 104 (a “write log”) by duplicating each write and directing the copy to the secondary volume 106. The resulting write log on the secondary volume 108 can then be played back one write at a time to recover the state of the primary volume 104 at any previous point in time.

In typical recovery scenarios, it is necessary to examine how the primary volume looked like at multiple points in time before deciding which point to recover to. For example, consider a system that was infected by a virus. In order to recover from the virus, it is necessary to examine the primary volume as it was at different points in time to find the latest recovery point where the system was not yet infected by the virus.

A host computer 102 runs an application (step 302). The output generated by the host computer 102 is first stored in a memory and later flushed into a primary data volume 104. A data protection unit 106 generates a snapshot of the data and stores the snapshot in a secondary data volume 108 (step 304). The snapshots may be generated periodically or non-periodically depending on a snapshot generation policy. If a system failure or other problem is detected at step 306, the data protection unit 106 inspects a log of previous writes. The application updates a log of writes every time it gets output to be recorded in the memory and the primary data volume 104. The data protection unit 106 replays the log of write streams and determines an exact point in time when the application was in a consistent state. The data protection unit 106 identifies a snapshot in a consistent state among a plurality of snapshots (step 310) and restores the data based on the consistent state snapshot (step 312).

The snapshot from which the system is recovered does not have to be absolutely consistent. A snapshot which is generated slightly before or after the consistent point may be utilized. Basically, a snapshot which minimizes the replay of the log is the best snapshot for recovery. The best snapshot may be different from one application to another. Alternatively, when the consistency determination is made in real-time for an application, it is necessary to use a host resident agent that reads non-persistent state information from a memory rather than only analyzing the write data stream.

While specific embodiments of the present invention have been shown and described, many modifications and variations could be made by one skilled in the art without departing from the scope of the invention. The above description serves to illustrate and not limit the particular invention in any way.

Claims

1. A system for backing up data, the system comprising: a host computer configured to run an application, wherein the application generates data that is stored in a buffer of the host computer;a primary data storage configured to store the data generated by the application, wherein the data is copied from the buffer of the host computer to the primary data storage upon the occurrence of a specific condition;a data protection unit configured to monitor a state of the application and to generate a snapshot for the data stored in the primary data storage when the application is in a consistent state without suspending operation of the application to generate the snapshot, wherein the application generates state information to indicate the consistent state, and wherein the state information includes setting a specific bit to indicate to the data protection unit that the buffer has been flushed out to the primary data storage; anda secondary data storage configured to store the snapshot.
2. The system of claim 1 wherein the primary data storage is directly connected to the host computer.
3. The system of claim 1 wherein the data protection unit controls both the primary data storage and the secondary data storage.
4. The system of claim 1 further comprising a switch for connecting the primary data storage and the data protection unit to the host computer.
5. A system for backing up data, the system comprising: a host computer configured to run an application, wherein the application generates data that is stored in a buffer of the host computer;a primary data storage configured to store the data generated by the application, wherein the data is copied from the buffer of the host computer to the primary data storage upon the occurrence of a specific condition;a data protection unit configured to:generate a snapshot of the data stored in the primary data storage without suspending operation of the application to generate the snapshot;determine when the application was in a consistent state, wherein the application generates state information to indicate the consistent state, and wherein the state information includes setting a specific bit to indicate to the data protection unit that the buffer has been flushed out to the primary data storage; andlocate a snapshot corresponding to a time when the application was in the consistent state; anda secondary data storage configured to store the snapshot.
6. The system of claim 5 wherein the consistent state is determined by inspecting a log of write streams.
7. The system of claim 5 wherein the primary data storage is directly connected to the host computer.
8. The system of claim 5 wherein the data protection unit controls both the primary data storage and the secondary data storage.
9. The system of claim 5 further comprising a switch for connecting the primary data storage and the data protection unit to the host computer.
10. A method for backing up data, comprising the steps of: running an application on a host computer, wherein the application generates data that is stored in a buffer of the host computer;storing the data generated by the application in a primary data storage, wherein the data is copied from the buffer of the host computer to the primary data storage upon the occurrence of a specific condition;monitoring a state of the application to determine if the application is in a consistent state, wherein a consistent state exists when there is no data generated by the application waiting to be written to a primary data storage;generating a snapshot for the data stored in the primary data storage when the application is in the consistent state without suspending operation of the application, wherein the application generates state information to indicate the consistent state, and wherein the state information includes setting a specific bit to indicate to the data protection unit that the buffer has been flushed out to the primary data storage; andstoring the snapshot in a secondary data storage.
11. The method according to claim 10, wherein if a system failure is detected, the method further comprising the step of: recovering the system using the snapshot.
12. The method according to claim 10, wherein the monitoring step includes the application generating information to determine the state of the application.
13. The method according to claim 12, wherein the application generates an indicator of the state of the application.
14. The method according to claim 10, wherein the monitoring step includes analyzing a log of a journaling system associated with the application, wherein the application is in the consistent state a point in time when the log is empty at that point in time.
15. The system of claim 1, wherein the consistent state exists when there is no pending data to be written from the buffer to the primary data storage.
16. The system of claim 1, wherein the data protection unit generates snapshots based on consistent states of a plurality of applications.
17. The system of claim 5, wherein the data protection unit generates snapshots based on consistent states of a plurality of applications.
18. The method of claim 10, further comprising: generating snapshots based on consistent states of a plurality of applications.

CROSS REFERENCE TO RELATED APPLICATIONS

This application claims priority from U.S. provisional application Nos. 60/541,626 filed Feb. 4, 2004 and 60/542,011 filed Feb. 5, 2004, which are incorporated by reference as if fully set forth herein.

US Referenced Citations (148)

Number	Name	Date	Kind
4635145	Horie et al.	Jan 1987	A
4727512	Birkner et al.	Feb 1988	A
4775969	Osterlund	Oct 1988	A
5235695	Pence	Aug 1993	A
5297124	Plotkin et al.	Mar 1994	A
5438674	Keele et al.	Aug 1995	A
5455926	Keele et al.	Oct 1995	A
5485321	Leonhardt et al.	Jan 1996	A
5666538	DeNicola	Sep 1997	A
5673382	Cannon et al.	Sep 1997	A
5774292	Georgiou et al.	Jun 1998	A
5774643	Lubbers et al.	Jun 1998	A
5774715	Madany et al.	Jun 1998	A
5805864	Carlson et al.	Sep 1998	A
5809511	Peake	Sep 1998	A
5809543	Byers et al.	Sep 1998	A
5854720	Shrinkle et al.	Dec 1998	A
5864346	Yokoi et al.	Jan 1999	A
5872669	Morehouse et al.	Feb 1999	A
5875479	Blount et al.	Feb 1999	A
5911779	Stallmo et al.	Jun 1999	A
5949970	Sipple et al.	Sep 1999	A
5961613	DeNicola	Oct 1999	A
5963971	Fosler et al.	Oct 1999	A
5974424	Schmuck et al.	Oct 1999	A
6021408	Ledain et al.	Feb 2000	A
6023709	Anglin et al.	Feb 2000	A
6029179	Kishi	Feb 2000	A
6041329	Kishi	Mar 2000	A
6044442	Jesionowski	Mar 2000	A
6049848	Yates et al.	Apr 2000	A
6061309	Gallo et al.	May 2000	A
6067587	Miller et al.	May 2000	A
6070224	LeCrone et al.	May 2000	A
6098148	Carlson	Aug 2000	A
6128698	Georgis	Oct 2000	A
6131142	Kamo et al.	Oct 2000	A
6131148	West et al.	Oct 2000	A
6163856	Dion et al.	Dec 2000	A
6173359	Carlson et al.	Jan 2001	B1
6195730	West	Feb 2001	B1
6225709	Nakajima	May 2001	B1
6247096	Fisher et al.	Jun 2001	B1
6260110	LeCrone et al.	Jul 2001	B1
6266784	Hsiao et al.	Jul 2001	B1
6269423	Kishi	Jul 2001	B1
6269431	Dunham	Jul 2001	B1
6282609	Carlson	Aug 2001	B1
6289425	Blendermann et al.	Sep 2001	B1
6292889	Fitzgerald et al.	Sep 2001	B1
6301677	Squibb	Oct 2001	B1
6304880	Kishi	Oct 2001	B1
6317814	Blendermann et al.	Nov 2001	B1
6324497	Yates et al.	Nov 2001	B1
6327418	Barton	Dec 2001	B1
6336163	Brewer et al.	Jan 2002	B1
6336173	Day et al.	Jan 2002	B1
6339778	Kishi	Jan 2002	B1
6341329	LeCrone et al.	Jan 2002	B1
6343342	Carlson	Jan 2002	B1
6353837	Blumenau	Mar 2002	B1
6360232	Brewer et al.	Mar 2002	B1
6389503	Georgis et al.	May 2002	B1
6408359	Ito et al.	Jun 2002	B1
6487561	Ofek et al.	Nov 2002	B1
6496791	Yates et al.	Dec 2002	B1
6499026	Rivette et al.	Dec 2002	B1
6557073	Fujiwara	Apr 2003	B1
6557089	Reed et al.	Apr 2003	B1
6578120	Crockett et al.	Jun 2003	B1
6615365	Jenevein et al.	Sep 2003	B1
6625704	Winokur	Sep 2003	B2
6654912	Viswanathan et al.	Nov 2003	B1
6658435	McCall	Dec 2003	B1
6694447	Leach et al.	Feb 2004	B1
6725331	Kedem	Apr 2004	B1
6766520	Rieschl et al.	Jul 2004	B1
6779057	Masters et al.	Aug 2004	B2
6779058	Kishi et al.	Aug 2004	B2
6779081	Arakawa et al.	Aug 2004	B2
6816941	Carlson et al.	Nov 2004	B1
6816942	Okada et al.	Nov 2004	B2
6834324	Wood	Dec 2004	B1
6850964	Brough et al.	Feb 2005	B1
6877016	Hart et al.	Apr 2005	B1
6915397	Lubbers et al.	Jul 2005	B2
6931557	Togawa	Aug 2005	B2
6950263	Suzuki et al.	Sep 2005	B2
6973369	Trimmer et al.	Dec 2005	B2
6973534	Dawson	Dec 2005	B2
6978325	Gibble	Dec 2005	B2
7032126	Zalewski et al.	Apr 2006	B2
7055009	Factor et al.	May 2006	B2
7072910	Kahn et al.	Jul 2006	B2
7096331	Haase et al.	Aug 2006	B1
7100089	Phelps	Aug 2006	B1
7111136	Yamagami	Sep 2006	B2
7127388	Yates et al.	Oct 2006	B2
7127577	Koning et al.	Oct 2006	B2
7152077	Veitch et al.	Dec 2006	B2
7155586	Wagner et al.	Dec 2006	B1
20010047447	Katsuda	Nov 2001	A1
20020004835	Yarbrough	Jan 2002	A1
20020016827	McCabe et al.	Feb 2002	A1
20020026595	Saitou et al.	Feb 2002	A1
20020095557	Constable et al.	Jul 2002	A1
20020144057	Li et al.	Oct 2002	A1
20020163760	Lindsay et al.	Nov 2002	A1
20020166079	Ulrich et al.	Nov 2002	A1
20020199129	Bohrer et al.	Dec 2002	A1
20030004980	Kishi et al.	Jan 2003	A1
20030037211	Winokur	Feb 2003	A1
20030120476	Yates et al.	Jun 2003	A1
20030120676	Holavanahalli et al.	Jun 2003	A1
20030126388	Yamagami	Jul 2003	A1
20030135672	Yip et al.	Jul 2003	A1
20030149700	Bolt	Aug 2003	A1
20030182301	Patterson et al.	Sep 2003	A1
20030182350	Dewey	Sep 2003	A1
20030188208	Fung	Oct 2003	A1
20030217077	Schwartz et al.	Nov 2003	A1
20030225800	Kavuri	Dec 2003	A1
20040015731	Chu et al.	Jan 2004	A1
20040098244	Dailey et al.	May 2004	A1
20040181388	Yip et al.	Sep 2004	A1
20040181707	Fujibayashi	Sep 2004	A1
20050010529	Zalewski et al.	Jan 2005	A1
20050044162	Liang et al.	Feb 2005	A1
20050063374	Rowan et al.	Mar 2005	A1
20050065962	Rowan et al.	Mar 2005	A1
20050066118	Perry et al.	Mar 2005	A1
20050066222	Rowan et al.	Mar 2005	A1
20050066225	Rowan et al.	Mar 2005	A1
20050076070	Mikami	Apr 2005	A1
20050076261	Rowan et al.	Apr 2005	A1
20050076262	Rowan et al.	Apr 2005	A1
20050076264	Rowan et al.	Apr 2005	A1
20050144407	Colgrove et al.	Jun 2005	A1
20060047895	Rowan et al.	Mar 2006	A1
20060047902	Passerini	Mar 2006	A1
20060047903	Passerini	Mar 2006	A1
20060047905	Matze et al.	Mar 2006	A1
20060047925	Perry	Mar 2006	A1
20060047989	Delgado et al.	Mar 2006	A1
20060047998	Darcy	Mar 2006	A1
20060047999	Passerini et al.	Mar 2006	A1
20060143376	Matze et al.	Jun 2006	A1
20060235907	Kathuria et al.	Oct 2006	A1

Foreign Referenced Citations (11)

Number	Date	Country
1 333 379	Apr 2006	EP
1 671 231	Jun 2006	EP
WO9903098	Jan 1999	WO
WO9906912	Feb 1999	WO
WO2005031576	Apr 2005	WO
WO2006023990	Mar 2006	WO
WO2006023991	Mar 2006	WO
WO2006023992	Mar 2006	WO
WO2006023993	Mar 2006	WO
WO2006023994	Mar 2006	WO
WO2006023995	Mar 2006	WO

Related Publications (1)

	Number	Date	Country
	20050216536 A1	Sep 2005	US

Provisional Applications (2)

	Number	Date	Country
	60541626	Feb 2004	US
	60542011	Feb 2004	US

Method and system for backing up data

Information

Patent Number

Date Filed

Date Issued

Inventors

Original Assignees

Examiners

Agents

CPC

US Classifications

Field of Search

US

International Classifications

Term Extension