| |
Controller
Redundancy: Active-Active Architecture
An
active-active dual controller environment is created by utilising
two separate and independent controllers over a single common disk
array to service I/O requests. The two controllers operate independently
of each other to service the next request regardless of origin or
destination.
For example, some controllers operate a Primary and Secondary configuration
via a dedicated redundant controller port. The controllers are connected
via this port and communicate with each other. One controller is
designated and configured as the Primary controller and the other
is set as the Secondary controller. Both controllers will handle
I/O requests received from the same hosts. The designated Primary
controller may then initiate a heartbeat signal to monitor the health
and status of its co-worker. Both controllers will then monitor
the other for failure.
If one of the controllers does not respond within a certain specified
time (for example 8 seconds), the correctly operating controller
will cut off all I/O requests to the failed controller to safeguard
against data corruption. However, during normal operation both controllers
will service all I/O requests equally. If the one controller does
not receive the heartbeat signal or response when expected, it will
shut down communication to the master controller and service all
I/O requests.
If both a Primary and Secondary controller exists, then normally
all configuration for both controllers will be carried out on the
Primary controller and automatically replicated to the Secondary.
When using a redundant controller any cache
memory that the controllers have on-board
may need to be reconfigured unless the controllers are capable of
cache synchronisation. If a controller normally uses a Write-Back
cache mode it may need to be set to Write-Through mode to avoid
cache inconsistencies. Controllers that incorporate a dedicated
redundant controller port, should automatically disable Write-Back
mode and switch to Write-Through mode if they cannot synchronise
their cache memory.
However, each controller knows of all logical volumes on the array
so that in the event a controller failure, the surviving controller
can initiate control over the logical volumes owned by the failing
controller. The second active controller is assigned a different
SCSI address
and is usually located on another SCSI bus. In the event that a
controller fails, I/O requests will be "re-routed" to
the surviving controller.
The primary interaction between the controllers consists of a heartbeat
mechanism which allows the controllers to monitor one another for
availability.
If the controllers implement a write-caching mechanism, then the
write-cache on one controller must be mirrored on the other and
visa versa. Since cache updates will be occurring 'both ways' a
very high speed bus
is required to accommodate required performance goals.
Related
topics:
|
