CPC G06F 11/1435 (2013.01) [G06F 2201/84 (2013.01)] | 20 Claims |
1. A method for shared workload anomaly detection across multiple volume hosts, the method comprising:
identifying a shared workload operating across a set of volume hosts;
generating a workload-anomaly table entry for the shared workload,
wherein the workload-anomaly table entry comprises a first identifier of the shared workload and an empty host-snapshot table that is used to track a behavior of an instance of the shared workload across the set of volume hosts;
selecting, from the set of volume hosts, a volume host to serve as a baseline volume host;
identifying a golden workload instance of the shared workload on the baseline volume host;
performing a lookup on a writer-key table using a second identifier of the golden workload instance of the shared workload, wherein, in response to the lookup, a writer-key table entry that specifies the second identifier is identified in the writer-key table;
in response to identifying the second identifier, obtaining a file-system object key from the writer-key table entry, wherein the file-system object key references a file-system object of a collection of file-system objects, wherein the file-system object is associated with the golden workload instance of the shared workload;
identifying an object metadata schema from a most recent backup operation entry, wherein, using the file-system object key, a second lookup is performed on the schema;
obtaining, in response to the second lookup and for the baseline volume host, baseline file-system object metadata descriptive of the collection of file-system objects;
selecting, from the set of volume hosts, a second volume host to serve as a non-baseline volume host;
obtaining, for the non-baseline volume host, non-baseline file-system object metadata descriptive of a second collection of file-system objects;
performing an assessment of the non-baseline file-system object metadata against the baseline file-system object metadata to produce a metadata anomaly result;
performing, based on the metadata anomaly result, an anomaly-driven action concerning the non-baseline volume host, wherein the action comprises upgrading the instance of the shared workload operating on the non-baseline volume host;
creating, based on the metadata anomaly result, a host-snapshot table entry in the host-snapshot table for the non-baseline volume host; and
updating, after the creating, the workload-anomaly table entry using the host-snapshot table entry.
|