Failure and recovery of IBM Spectrum Scale Data Management API for GPFS
Failure and recovery of DMAPI applications in the multiple-node GPFS™ environment is different than in a single-node environment.
The failure model in XDSM is intended for a single-node environment.
In this model, there are two types of failures:
- DM application failure
- The DM application has failed, but the file system works normally. Recovery entails restarting the DM application, which then continues handling events. Unless the DM application recovers, events may remain pending indefinitely.
- Total system failure
- The file system has failed. All non-persistent DMAPI resources are lost. The DM application itself may or may not have failed. Sessions are not persistent, so recovery of events is not necessary. The file system cleans its state when it is restarted. There is no involvement of the DM application in such cleanup.
The simplistic XDSM failure model is inadequate for GPFS. In a multiple-node environment, GPFS can fail on one node, but survive on other nodes. This type of failure is called single-node failure (or partial system failure). GPFS is built to survive and recover from single-node failures, without meaningfully affecting file access on surviving nodes.
Designers of Data Management applications for GPFS must comply with the enhanced DMAPI failure
model, in order to support recoverability of GPFS. These areas are addressed: