1. Field of the Invention
The invention disclosed and claimed herein generally relates to a data storage configuration that includes a storage controller having both host device access ports, and one or more backend expansion ports. More particularly, the invention pertains to a method for preventing data corruption in a configuration of the above type, when an erroneous or otherwise improper connection is made.
2. Background of the Invention
In a common data storage configuration, a storage controller is provided with a backend bus for connecting the storage controller to storage media comprising an enclosure of hard disk drives, configured as a RAID array or the like. The storage controller is further provided with a number of host connection ports, for use by host PCs or workstations. These ports enable an authorized host to connect to the storage controller, and to thereby gain access to the storage drives to read data from or write data into the drives. The storage controller is configured to ensure that only authorized hosts are allowed access to the storage drives.
In addition to the host ports, the storage controller is typically furnished with expansion port connections. The expansion ports allow additional storage drives to be connected to the storage controller through the backend bus. This enables available storage capacity to be readily expanded, when required. In a common arrangement, host ports and expansion ports are included in the same interface device and on the same chasis. Thus, sets of host port terminals and expansion port terminals are mounted on the same user accessible panel of the interface. Moreover, the same type of connector used to make connections with the host ports can also be used to establish connections with the expansion ports.
The above arrangement of host and expansion ports provides a measure of convenience and efficiency. However, at present the expansion ports are generally connected to the storage drives through the backend bus of the controller, and in some configurations also through a backend protocol converter processor. As a result, a user host that is connected by mistake to an expansion port, rather than to an intended host port, could have direct access to writing the storage drives. If the host engaged in writing to the drives, data therein would become corrupted, due to the metadata and striping that occurs with disk controllers. Since the storage controller has been effectively bypassed in this situtation, it is without knowledge of the data corruption. Moreover, as controller electronics progressively shrink in size, the host and expansion port terminals become closer together. Accordingly, plugging into the wrong port, which can result in catastrophic data loss, becomes more and more likely, notwithstanding labels and warnings.
The invention generally utilizes the intelligence of backend devices, such as the processor of the backend protocol converter processor, to examine the identity of a connected host and to disallow access if the host is not identified as an allowed controller. This would prevent the disallowed host from corrupting customer data or controller metadata on the backend storage devices. In the event that there is no backend processor in the storage configuration, access may be prevented by opening the port interface, if a foreign device is detected on a bus to which it should not be connected. In one useful embodiment, the invention is directed to a method for regulating access to specified data storage drives in a configuration wherein a backend bus connected between a storage controller and the specified drives is also connected to one or more backend ports. The method comprises the steps of detecting connection of a host device to one of the backend ports, and determining whether or not the detected host is authorized to access the storage drives, on the basis of specified information supplied by the detected host. The host is prohibited from accessing the storage drives, if it is determined that the host is not authorized to do so, and otherwise the detected host is allowed to access the storage drives.
The novel features believed characteristic of the invention are set forth in the appended claims. The invention itself, however, as well as a preferred mode of use and further objectives and advantages thereof, will best be understood by reference to the following detailed description of an illustrative embodiment when read in conjunction with the accompanying drawings, wherein:
Referring to
Storage controller 102 is further connected to host port connection components 108 and 110, by means of fibre channels 113 and 114, respectively. Each of the host port connection components is provided with host port terminals 108a-d and 110a-d, respectively, for use in establishing connections between host ports and host cables 116, which are coupled to host devices such as workstations, PCs and the like (not shown). A host connected to a host port terminal is placed in communication with storage controller 102.
When a connection is initially established between a host and storage controller 102, the host bus adapter (HBA) of the host must furnish the storage controller with the World Wide Name (WWN) that uniquely identifies the connected host. This is generally accomplished during a login procedure. Storage controller 102 is provided with a list showing the WWNs of all users, on a worldwide basis, that are entitled to access data on drives 106 of storage configuration 100. If the WWN of a connected host is on the list, the host will be permitted to access the drives 106. Otherwise, the connected host will not be allowed to do so.
Referring further to
In a typical arrangement, the storage controller 102, host port connection components 108 and 110, and backend expansion port hub 112 are all mounted on a common controller/expansion chassis. Moreover, for convenience respective host port terminals such as 108a-d and 110a-d, as well as expansion port terminals 112a-d, are all mounted on a common panel of the chassis. Referring to
A connector known as an optical SFP and optical cable is commonly used to establish connections with host port terminals such as 108a-d and 110a-d. However, this type of connector will also mate with expansion terminals 112a-d, to form connections therewith. Because of the close spacing of the host port terminals and expansion port terminals, it is very easy to connect a host to a backend expansion port 112a-d by mistake, as described above. This could result in substantial corruption of data in the storage drives, as likewise described.
As previously described, a backend protocol converter processor 105 is in place between backend bus 104 and storage drives 106. In accordance with an embodiment of the invention, an algorithm is implemented in backend processor 105 that disallows reads and writes to the drives 106, or to drives in any connected expansion enclosures, if the device attempting the access is not authorized. The backend processor 105 uses the WWN of the host device attempting access to determine whether or not access should be allowed. More particularly, when a host device connected to any of the terminals of backend expansion port 112 engages in the login procedure referred to above, the connected host furnishes its WWN. The intelligence capability available in the backend processor 105 implements the algorithm, to examine the WWN provided by the host device. If the WWN is not on the storage controller authorization list referred to above, access to the storage drivers is prohibited. Thus, the backend processor 105 will allow access only if the WWN of the host connected to the backend port 112 is found on the list, indicating the host to be an authorized controller.
Referring to
If a host is connected to backend processor 105 by means of terminal 120a-b of expansion hub 120, or by means of any other backend expansion hub, processor 105 will operate to apply the steps shown in
Moreover, the backend processor of each expansion unit, such as backend processor 124 of expansion unit 130, must also protect its drives from unauthorized access. For example, hosts could be connected to processor 124 through either terminals 112a-d or 120a-d. Accordingly, the algorithm described above in connection with backend processor 105 is also implemented in processor 124, as well as in the backend processor of any other expansion unit connected to storage controller 102. Thus, processor 124 is operated in accordance with the same procedures described herein for processor 105, to prevent unauthorized access to respective storage drives thereof.
Referring to
In the event that neither processor 105 nor any other backend processor is included in the storage configuration, an embodiment of the invention would implement the above algorithm in a processor contained in storage controller 102. Thus, the storage controller would detect connection of a host to backend expansion port hub 112, and would examine the WWN of the connected host. If the host was found to be unauthorized to have driver access, storage controller 102 would configure backend port hub 112 to prevent the detected host device from having access to the storage drives through the hub.
The description of the present invention has been presented for purposes of illustration and description, and is not intended to be exhaustive or limited to the invention in the form disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art. The embodiment was chosen and described in order to best explain the principles of the invention, the practical application, and to enable others of ordinary skill in the art to understand the invention for various embodiments with various modifications as are suited to the particular use contemplated.