| CPC G06F 21/554 (2013.01) [G06F 21/566 (2013.01)] | 17 Claims |
|
1. A method of data protection by delayed ordered write destage operations, comprising:
receiving host write Input/Output (IO) operations;
allocating a respective slot of shared global memory for each received host write IO operation and temporarily storing data of each respective host write IO operation in the respective allocated slot of shared global memory; and
implementing a set of write destage pipelines, each respective write destage pipeline being implemented for a respective set of related storage volumes of a given storage group, and each write destage pipeline being configured to periodically destage the data from batches of the host write IO operations on the corresponding set of related storage volumes from the allocated slots of shared global memory to backend storage resources;
wherein destaging the host write IO operations comprises, by each write destage pipeline:
creating successive batches of host IO write operations on the set of related storage volumes, each batch of host IO write operations including a respective plurality of the host write IO operations on the set of related storage volumes that are received from the host during a respective capture cycle of the write destage pipeline and subsequently processed together to be destaged from the allocated slots of shared global memory to the backend storage resources during an apply cycle of the write destage pipeline;
capturing a current respective set of received host IO write operations during a current capture cycle, the capture cycle having a duration equal to a duration of a current apply cycle, the current apply cycle containing a respective set of a plurality of previous host IO write operations that were received during a previous capture cycle; and
performing anomaly detection on the respective set of the plurality of previous host IO write operations on the set of related storage volumes during a first portion of the current apply cycle to determine whether any host IO write operation of the respective set of the plurality of previous host IO write operations on the set of related storage volumes is anomalous;
in response to a determination that none of the host IO write operations of the respective set of the plurality of previous host IO write operations on the set of related storage volumes is anomalous, destaging the set of previous host IO write operations on the set of related storage volumes to back-end storage resources, ending the current apply cycle after all of the respective set of the plurality of previous host IO write operations on the set of related storage volumes have been destaged to back-end storage resources, and implementing a cycle switch in the write destage pipeline to cause the current respective set of host IO write operations received during the current capture cycle to become the current apply cycle; and
in response to a determination that one or more of the host IO write operations of the respective set of the plurality of previous host IO write operations is anomalous, not destaging any of the host IO write operations of the respective set of the plurality of previous host IO write operations to back-end storage resources and generating a ransomware activity alert;
receiving a host IO read operation;
determining that a first version of the data requested in the host IO read operation resides in back-end storage resources, that a second version of the data requested in the host IO read operation resides in a first slot of global memory referenced by a host IO write operation in the current apply cycle, and that a third version of the data requested in the host IO read operation resides in a second slot of global memory referenced by a host IO write operation in the current apply cycle;
retrieving the first version of the data requested in the host IO read operation from the back-end storage resources;
merging the second version of the data requested in the host IO read operation with the first version of the data to create a first merged version of the data; and
merging the third version of the data requested in the host IO read operation with the first merged version of the data to create a second merged version of the data to be sent to the host in response to the host IO read operation.
|
|
7. A method of data protection by delayed ordered write destage operations, comprising:
implementing a write destage pipeline by creating batches of host IO write operations, each batch of host IO write operations being captured during a capture cycle of the write destage pipeline and subsequently processed to be destaged during an apply cycle of the write destage pipeline;
capturing host IO write operations during a current capture cycle, the capture cycle having a duration equal to a duration of a current apply cycle, the current apply cycle containing a set of previous host IO write operations that were captured during a previous capture cycle; and
performing anomaly detection on the set of previous host IO write operations during a first portion of the current apply cycle to determine whether any host IO write operation of the set of previous host IO write operations is anomalous;
in response to a determination that none of the host IO write operations of the set of previous host IO write operations is anomalous, destaging the set of previous host IO write operations to back-end storage resources, ending the current apply cycle after all of the host IO write operations have been destaged to back-end storage resources, and implementing a cycle switch in the write destage pipeline to cause the current capture cycle to become the current apply cycle; and
in response to a determination that one or more of the host IO write operations of the set of previous host IO write operations is anomalous, not destaging the host IO write operations of the set of previous host IO write operations to back-end storage resources and generating a ransomware activity alert;
receiving a host IO read operation;
determining that a first version of the data requested in the host IO read operation resides in back-end storage resources, that a second version of the data requested in the host IO read operation resides in a first slot of global memory referenced by a host IO write operation in the current apply cycle, and that a third version of the data requested in the host IO read operation resides in a second slot of global memory referenced by a host IO write operation in the current apply cycle;
retrieving the first version of the data requested in the host IO read operation from the back-end storage resources;
merging the second version of the data requested in the host IO read operation with the first version of the data to create a first merged version of the data; and
merging the third version of the data requested in the host IO read operation with the first merged version of the data to create a second merged version of the data to be sent to the host in response to the host IO read operation.
|
|
10. A system for data protection by delayed ordered write destage operations, comprising:
one or more processors and one or more storage devices storing instructions that are operable, when executed by the one or more processors, to cause the one or more processors to perform operations comprising:
receiving host write Input/Output (IO) operations;
allocating a respective slot of shared global memory for each received host write IO operation and temporarily storing data of each respective host write IO operation in the respective allocated slot of shared global memory; and
implementing a set of write destage pipelines, each respective write destage pipeline being implemented for a respective set of related storage volumes of a given storage group, and each write destage pipeline being configured to periodically destage the data from batches of the host write IO operations on the corresponding set of related storage volumes from the allocated slots of shared global memory to backend storage resources;
wherein destaging the host write IO operations comprises, by each write destage pipeline:
creating successive batches of host IO write operations on the set of related storage volumes, each batch of host IO write operations including a respective plurality of the host write IO operations on the set of related storage volumes that are received from the host during a respective capture cycle of the write destage pipeline and subsequently processed together to be destaged from the allocated slots of shared global memory to the backend storage resources during an apply cycle of the write destage pipeline;
capturing a current respective set of received host IO write operations during a current capture cycle, the capture cycle having a duration equal to a duration of a current apply cycle, the current apply cycle containing a respective set of a plurality of previous host IO write operations that were received during a previous capture cycle; and
performing anomaly detection on the respective set of the plurality of previous host IO write operations on the set of related storage volumes during a first portion of the current apply cycle to determine whether any host IO write operation of the respective set of the plurality of previous host IO write operations on the set of related storage volumes is anomalous;
in response to a determination that none of the host IO write operations of the respective set of the plurality of previous host IO write operations on the set of related storage volumes is anomalous, destaging the set of previous host IO write operations on the set of related storage volumes to back-end storage resources, ending the current apply cycle after all of the respective set of the plurality of previous host IO write operations on the set of related storage volumes have been destaged to back-end storage resources, and implementing a cycle switch in the write destage pipeline to cause the current respective set of host IO write operations received during the current capture cycle to become the current apply cycle; and
in response to a determination that one or more of the host IO write operations of the respective set of the plurality of previous host IO write operations is anomalous, not destaging any of the host IO write operations of the respective set of the plurality of previous host IO write operations to back-end storage resources and generating a ransomware activity alert;
receiving a host IO read operation;
determining that a first version of the data requested in the host IO read operation resides in back-end storage resources, that a second version of the data requested in the host IO read operation resides in a first slot of global memory referenced by a host IO write operation in the current apply cycle, and that a third version of the data requested in the host IO read operation resides in a second slot of global memory referenced by a host IO write operation in the current apply cycle;
retrieving the first version of the data requested in the host IO read operation from the back-end storage resources;
merging the second version of the data requested in the host IO read operation with the first version of the data to create a first merged version of the data; and
merging the third version of the data requested in the host IO read operation with the first merged version of the data to create a second merged version of the data to be sent to the host in response to the host IO read operation.
|