Abstract: Techniques are describe herein for associating storage management properties with a group of files of a database referred to herein as a “file group”. In this system, storage management properties are defined at the database-level. Thus, multiple databases can be stored across a single disk group, gaining the benefits of having multiple block access devices working in parallel, but each respective database may be associated with a respective file group in a one-to-one relationship, so that each database can have different storage management properties.

Abstract: Techniques are describe herein for associating storage management properties with a group of files of a database referred to herein as a “file group”. In this system, storage management properties are defined at the database-level. Thus, multiple databases can be stored across a single disk group, gaining the benefits of having multiple block access devices working in parallel, but each respective database may be associated with a respective file group in a one-to-one relationship, so that each database can have different storage management properties.

Abstract: Techniques are describe herein for associating storage management properties with a group of files of a database referred to herein as a “file group”. In this system, storage management properties are defined at the database-level. Thus, multiple databases can be stored across a single disk group, gaining the benefits of having multiple block access devices working in parallel, but each respective database may be associated with a respective file group in a one-to-one relationship, so that each database can have different storage management properties.

Abstract: Embodiments enable a database management system (DBMS) to manage two levels of disk failure groups. These two levels of redundancy are achieved by grouping the disks of the disk group for the DBMS into two levels of failure groups (i.e., “data sites” each containing two or more “failure groups” of disks). This system of disk grouping allows a DBMS to potentially tolerate the loss of both an entire first site and part of a second site. Such a DBMS uses a multi-level voting system, based on both failure group-level votes and site-level votes, to identify the current version of administrative data structures (ADS) that store key administrative data. In addition to data sites that store database data, the DBMS includes a quorum site with a single quorum failure group that stores a copy of the ADS. The quorum site contributes a site-level vote during a multi-level voting event.

Abstract: Techniques are described herein for re-syncing a snapshot database with a base database. Data units of each database are associated with version numbers. When a data unit is modified, the data unit is associated with the current version number. When a snapshot database is re-synced with a base database, particular data units are copied from the base database to the snapshot database, based on the version number associated with the particular data units.

Abstract: Systems, methods, and other embodiments associated with separating executables and working data of an application between separate images are described. In one embodiment, a method includes mounting an application image together with a working image to create an application directory for an application. The application image is read-only and includes at least an executable of the application and the working image includes working data modified by the application. The application directory provides files and paths of the files for the application together within a single unified directory while separating the executable in the application image from the working data in the working image. The method includes in response to receiving a write request to the application directory, arbitrating access to the application directory by controlling the processor to write data for the write request to the working image to maintain the working data separate from the executable of the application.

Abstract: A multi-node cluster is configured for credential management. A method commences by retrieving a super-user credential from a credential record stored in a location accessible to the cluster, then propagating the super-user credential to a set of nodes in the multi-node cluster. A credential creating processes is invoked on at least some of the set of nodes. Application-level credential access can be implemented in a multi-cluster environment by carrying-out an exchange that passes credentials between a first cluster and a second cluster over a secure channel. A protocol is observed whereby one or more applications running on the first cluster receive new credentials for accessing the second cluster from the credential serving process after the credential creating process creates the new credential.

Abstract: A method and apparatus for booting a clustered management system is provided where the configuration information required to boot the system is stored within the system itself. The techniques cope with several issues including finding the configuration data on the physical disk before the logical disk system is established, coping with replicated copies of configuration data, network partitions and disk drive failures that may prevent a booting node to have perfect knowledge of the state of the entire system, and active nodes modifying or moving configuration data while the booting node is searching for a consistent, correct copy of configuration data.

Abstract: A method, system, and computer program for high-availability database systems. The method commences by replicating (e.g., from a first server to a second server) a data structure having entries describing resource locks and client states. The replication can be performed to any number of servers. Upon detecting a failure of a connection between the first server and a client to which the first server is connected, the system establishes a new connection between the second server and the client by updating the replicated data structure to describe new connection between the second server and the client and updating the entries of the replicated data structure to reflect the new connection and the then current aspects of the resource locks and client states. The client can be a database instance, and the act of replicating can be accomplished using a broadcast channel. The servers can be organized in a computing cluster.

Abstract: A method, system, and computer program product for upgrade procedures in high-availability clustered systems. The method selects fail-over nodes during rolling patch installation and comprises steps for identifying a first node to upgrade, migrating services of the first node to a second node and shutting down the first node to perform its upgrade, then migrating the services back from the second node to the first node. When performing an upgrade of the other nodes of the cluster (e.g., nodes of the cluster other than the first node), rather than migrating the services of the node to be upgraded to another node that still needs to be upgraded, instead migrate the services of the node to be upgraded to a node that has already been upgraded. This reduces the brown-out time at least to the extent that this method incurs only one migration per node rather than two migrations per node.

Abstract: Embodiments enable a database management system (DBMS) to manage two levels of disk failure groups. These two levels of redundancy are achieved by grouping the disks of the disk group for the DBMS into two levels of failure groups (i.e., “data sites” each containing two or more “failure groups” of disks). This system of disk grouping allows a DBMS to potentially tolerate the loss of both an entire first site and part of a second site. Such a DBMS uses a multi-level voting system, based on both failure group-level votes and site-level votes, to identify the current version of administrative data structures (ADS) that store key administrative data. In addition to data sites that store database data, the DBMS includes a quorum site with a single quorum failure group that stores a copy of the ADS. The quorum site contributes a site-level vote during a multi-level voting event.

Abstract: A method, system, and computer program product for restoring blocks of data stored at a corrupted data site using two or more mirror sites. The method commences by receiving a trigger event from a component within an application server environment where the trigger event indicates detection of a corrupted data site. The trigger is classified into at least one of a plurality of trigger event types, which trigger event type signals further processing for retrieving from at least two mirror sites, a first stored data block and a second stored data block corresponding to the same logical block identifier from the first mirror site. The retrieved blocks are compared to determine a match value, and when the match value is greater than a confidence threshold, then writing good data to the corrupted data site before performing consistency checks on blocks in physical or logical proximity to the corrupted data site.

Abstract: Techniques are described for logically isolating data I/O requests from different operating systems (OSes) for a same multi-tenant storage system (MTSS). Techniques provide for OSes and the MTSS to obtain security tokens associated with the OSes. In an embodiment, an OS uses a security token to generate an authentication token based on the contents of a data input/output (I/O) request and sends the authentication token to the MTSS along with the data I/O request. When an MTSS receives such data I/O request, MTSS retrieves its own copy of the security token associated with the OS and generates its own authentication token based on the contents of the received data I/O request. If the authentication token generated by the MTSS matches the authentication token generated by the OS, then the data I/O request is successfully authenticated. Otherwise, if the authorization tokens fail to match, then the data I/O request has been compromised.

Abstract: Techniques are described for logically isolating data I/O requests from different operating systems (OSes) for a same multi-tenant storage system (MTSS). Techniques provide for OSes and the MTSS to obtain security tokens associated with the OSes. In an embodiment, an OS uses a security token to generate an authentication token based on the contents of a data input/output (I/O) request and sends the authentication token to the MTSS along with the data I/O request. When an MTSS receives such data I/O request, MTSS retrieves its own copy of the security token associated with the OS and generates its own authentication token based on the contents of the received data I/O request. If the authentication token generated by the MTSS matches the authentication token generated by the OS, then the data I/O request is successfully authenticated. Otherwise, if the authorization tokens fail to match, then the data I/O request has been compromised.

Abstract: A method and apparatus for booting a clustered management system is provided where the configuration information required to boot the system is stored within the system itself. The techniques cope with several issues including finding the configuration data on the physical disk before the logical disk system is established, coping with replicated copies of configuration data, network partitions and disk drive failures that may prevent a booting node to have perfect knowledge of the state of the entire system, and active nodes modifying or moving configuration data while the booting node is searching for a consistent, correct copy of configuration data.

Abstract: Techniques are described for logically isolating data I/O requests from different operating systems (OSes) for a same multi-tenant storage system (MTSS). Techniques provide for OSes and the MTSS to obtain security tokens associated with the OSes. In an embodiment, an OS uses a security token to generate an authentication token based on the contents of a data input/output (I/O) request and sends the authentication token to the MTSS along with the data I/O request. When an MTSS receives such data I/O request, MTSS retrieves its own copy of the security token associated with the OS and generates its own authentication token based on the contents of the received data I/O request. If the authentication token generated by the MTSS matches the authentication token generated by the OS, then the data I/O request is successfully authenticated. Otherwise, if the authorization tokens fail to match, then the data I/O request has been compromised.

Abstract: Systems, methods, and other embodiments associated with separating executables and working data of an application between separate images are described. In one embodiment, a method includes mounting an application image together with a working image to create an application directory for an application. The application image is read-only and includes at least an executable of the application and the working image includes working data modified by the application. The application directory provides files and paths of the files for the application together within a single unified directory while separating the executable in the application image from the working data in the working image. The method includes in response to receiving a write request to the application directory, arbitrating access to the application directory by controlling the processor to write data for the write request to the working image to maintain the working data separate from the executable of the application.

Abstract: Techniques are described herein for re-syncing a snapshot database with a base database. Data units of each database are associated with version numbers. When a data unit is modified, the data unit is associated with the current version number. When a snapshot database is re-synced with a base database, particular data units are copied from the base database to the snapshot database, based on the version number associated with the particular data units.

Abstract: Techniques are describe herein for associating storage management properties with a group of files of a database referred to herein as a “file group”. In this system, storage management properties are defined at the database-level. Thus, multiple databases can be stored across a single disk group, gaining the benefits of having multiple block access devices working in parallel, but each respective database may be associated with a respective file group in a one-to-one relationship, so that each database can have different storage management properties.

Abstract: Techniques are described for logically isolating data I/O requests from different operating systems (OSes) for a same multi-tenant storage system (MTSS). Techniques provide for OSes and the MTSS to obtain security tokens associated with the OSes. In an embodiment, an OS uses a security token to generate an authentication token based on the contents of a data input/output (I/O) request and sends the authentication token to the MTSS along with the data I/O request. When an MTSS receives such data I/O request, MTSS retrieves its own copy of the security token associated with the OS and generates its own authentication token based on the contents of the received data I/O request. If the authentication token generated by the MTSS matches the authentication token generated by the OS, then the data I/O request is successfully authenticated. Otherwise, if the authorization tokens fail to match, then the data I/O request has been compromised.