Locks and leases

SAN File System uses locks and leases to ensure the consistency and integrity of data in the SAN File System global namespace. The internal locks discussed are in addition to the locks provided with the native file systems, such as flock() in UNIX®.

A lock is a mechanism that restricts access to data and metadata. The SAN File System protocol provides locks that enable file sharing among SAN File System clients, and, when necessary, provides locks that allow clients to have exclusive access to files. It uses distributed data locks for cache consistency and file access locks to synchronize multiple, concurrent open instances of the same file. You can use locking semantics that correspond to open modes that are native to Windows® and UNIX operating systems. You can also use byte-range locks.

When a client or server fails, SAN File System uses a lease-based safety protocol to ensure data consistency and to protect the structural integrity of the global namespace.

A client obtains a lease from a metadata server as soon as it makes contact with that server. A lease is valid for a period of time that is set by an administrator using a metadata server configuration parameter. When a client obtains a lock from a server, that lock is guaranteed to be valid by the server only as long as the client has a valid lease with the server. The server renews a client's lease each time the client contacts the server.

If a client does not contact the server within the specified lease period (for example, because of a temporary network failure), the server can revoke the client's locks. If other clients request locks on the same data, the server revokes the first client's locks and grants new locks to the other clients. If no such requests are made, when the client contacts the server again, it can renew its lease and reassert any locks (get its old locks back) that protect modified but uncommitted data in the client's cache, thus preventing data loss.

A client can also lose its lease because of a server failure. However, when the metadata server is restarted, the client can renew its lease and reassert its locks. A metadata server provides a grace period for lock reassertion to allow clients to reassert their locks before allowing other clients to obtain new ones. Reasserting the locks preserves the first client's cache. Clients cannot access any new data until the grace period has ended.

Parent topic: Concepts

Terms of use | Feedback
(C) Copyright IBM Corporation 2003, 2004. All Rights Reserved.