10 disaster recovery, Disaster recovery overview, Sense information shared between sites – HP XP P9500 Storage User Manual

10 Disaster recovery

This chapter discusses disaster recovery.

Disaster recovery overview

Preparing for disaster recovery involves the following major steps:
1.

Identify the volumes and groups that contain important files and data for disaster recovery.

2.

Create Continuous Access Synchronous pairs, paying special attention to the options in P-VOL
Fence Level Settings to ensure that the system responds the way you want in the event of a
failure (see

“Fence Level options for I/O to the P-VOL after suspension” (page 21)

).

3.

Install and configure host failover software between the main and remote sites.

4.

Establish file and database recovery procedures. These procedures for recovering volumes
due to control unit failure should already be in place.

5.

Make sure that the host system at the primary site is configured to receive sense information
from the P9500 primary system (for example, using RAID Manager or SNMP). This should
also be done at the secondary site if a host is connected to it.

Remote copy and disaster recovery procedures are inherently complex. Consult your HP account
team on sense-level settings and recovery procedures.

Sense information shared between sites

When the primary system splits a Continuous Access Synchronous pair due to an error condition,
the primary and secondary system send sense information with unit check status to the appropriate
hosts. This is used during disaster recovery to determine the currency of the S-VOL, and must be
transferred to the remote site via the host failover software.

File and database recovery

File recovery procedures for disaster recovery should be the same as those used for recovering a
data volume that becomes inaccessible due to control unit failure.

Continuous Access Synchronous does not provide a procedure for detecting and retrieving lost
updates. To detect and recreate lost updates, you must check other current information (for example,
database log file) that was active at the primary system when the disaster occurred.

The detection and retrieval process can take some time. Your disaster recovery scenario should
be designed so that detection and retrieval of lost updates is performed after the application has
been started at the secondary site.

You should prepare for file and database recovery using files for file recovery (for example,
database log files that have been verified as current).

Switching operations to the secondary site

If a disaster or failure occurs at the primary site, the first disaster recovery activity is to switch your
operations to the secondary site. S-VOLs are recovered individually based on the pair status and
P-VOL fence level information for each pair.

Procedure 27 To switch operations to the secondary site

1.

Record the pair status and fence level of each S-VOL.

2.

Analyze the currency of the S-VOLs, based on pair status and P-VOL fence level setting. See

“Checking S-VOL currency with the P-VOL” (page 89)

.

3.

Perform file recovery as needed.

88

Disaster recovery