HP Surestore Disk Array FC60 HP SureStore E Disk Array 12H User's and Service - Page 91

Auto Failover

Get HP Surestore Disk Array FC60 PDF manuals and user guides View all HP Surestore Disk Array FC60 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 91 highlights

Concepts and Management Disk Array Features Auto Failover To provide maximum hardware redundancy, a second array controller protects the disk array against a single array controller failure. If the first array controller fails, data continues to be available by the use of the second array controller. This capability is called Auto Failover. NOTE! To have uninterrupted access to data during Auto Failover, your host disk array driver must support failover capability (multiple paths to the same device). The contents of the controller NVRAM is updated on both controllers simultaneously. By maintaining a mirror image of all vital operating parameters, the secondary array controller can take over immediately in the event of a failure, with no disruption to the host should the primary array controller fail. Failure of the first array controller can be detected by the host operating system or by the second array controller, which continually monitors the operation of its partner. Regardless of how the failure is detected, it is ensured that operation is automatically handled by the second array controller if the first array controller ever fails. Following are the firmware behavior scenarios if a controller fails. If a controller fails in a dual controller configuration, the redundant controller may be offline performing necessary initialization routines that check for data integrity. The following scenarios depict the offline activities that will occur: 1) Hot plug event of either controller. • This will cause the redundant controller to invoke a full initialization test cycle. This test cycle is required in order to insure data integrity of the NVRAM contents as well as back end disk drives that were affected by removing a SCSI device (the controller) from the bus. • The controller that is hot plugged will also issue a SCSI reset on the host side. This will invoke host initialization routines as well. • Time offline is approximately 2 minutes. 2) A failure in the "secondary controller" other than a hot plug event. • The primary controller will not need to issue an initialization test cycle. • There should be NO offline time 3) A failure if the "primary controller" other than a hot plug event. • This will cause the redundant controller to invoke a full initialization test cycle. This test cycle is required in order to insure data integrity of the NVRAM contents and to set up the controller as primary. • Time offline is approximately 2 minutes. 91 Concepts

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
Concepts and Management
Disk Array Features
91
Concepts
Auto Failover
To provide maximum hardware redundancy, a second array controller protects the disk array against a
single array controller failure. If the first array controller fails, data continues to be available by the use of
the second array controller. This capability is called Auto Failover.
NOTE!
To have uninterrupted access to data during Auto Failover, your host disk array driver
must support failover capability (multiple paths to the same device).
The contents of the controller NVRAM is updated on both controllers simultaneously. By maintaining a
mirror image of all vital operating parameters, the secondary array controller can take over immediately in
the event of a failure, with no disruption to the host should the primary array controller fail.
Failure of the first array controller can be detected by the host operating system or by the second array
controller, which continually monitors the operation of its partner. Regardless of how the failure is
detected, it is ensured that operation is automatically handled by the second array controller if the first array
controller ever fails.
Following are the firmware behavior scenarios if a controller fails. If a controller fails in a dual controller
configuration, the redundant controller may be offline performing necessary initialization routines that
check for data integrity. The following scenarios depict the offline activities that will occur:
1)
Hot plug event of either controller.
This will cause the redundant controller to invoke a full initialization test cycle. This test cycle is
required in order to insure data integrity of the NVRAM contents as well as back end disk drives
that were affected by removing a SCSI device (the controller) from the bus.
The controller that is hot plugged will also issue a SCSI reset on the host side. This will invoke
host initialization routines as well.
Time offline is approximately 2 minutes.
2)
A failure in the “secondary controller” other than a hot plug event.
The primary controller will not need to issue an initialization test cycle.
There should be NO offline time
3)
A failure if the “primary controller” other than a hot plug event.
This will cause the redundant controller to invoke a full initialization test cycle. This test cycle is
required in order to insure data integrity of the NVRAM contents and to set up the controller as
primary.
Time offline is approximately 2 minutes.