Symantec v. Veeam Software

1 QUINN EMANUEL URQUHART & SULLIVAN, LLP 2 Jennifer A. Kash (Bar No. 203679) jenniferkash@quinnemanuel.
com 3 50 California Street, 22nd Floor San Francisco, California 94111 4 Telephone: (415) 875-6600 Facsimile: (415) 875-6700 5 Amar Thakur (Bar No. 194025) 6 amarthakur@quinnemanuel.com Quinn Emanuel Urquhart & Sullivan, LLP 7 865 South Figueroa Street, 10th Floor Los Angeles, CA 90017-2543 8 Telephone: (213) 443 3000 Facsimile: (213) 443 3100 9 Dave Nelson* 10 davenelson@quinnemanuel.com Chris Lawnicki* 1 1 chrislawnicki@quinnemanuel.com 500 West Madison Street, Suite 2450 12 Chicago, IL 60661 Telephone: (312) 705-7400 13 Facsimile: (312) 705-7401 14 Kate Cassidy* katecassidy@quinnemanuel.com 15 51 Madison Avenue, 22nd Floor New York, NY 10010 16 Telephone: (212) 849-7000 Facsimile: (212) 849-7100 17 *pro hac vice to be filed. 18 Attorneys for Symantec Corporation. 19 UNITED STATES DISTRICT COURT 20 NORTHERN DISTRICT OF CALIFORNIA 21 SAN FRANCISCO DIVISION 22 SYMANTEC CORPORATION, 1 2 23 Case o. Plaintiff, (Related Case No. 3:12-cv-00700 SI) 24 vs. COMPLAINT FOR 25 PATENT INFRINGEMENT VEEAM SOFTWARE CORPORATION 26 DEMAND FOR JURY TRIAL Defendant. 27 28
COMPLAINT DEMAND FOR JURY TRIAL
1 2 3 4 5
This is a patent infringement action brought before this Court pursuant to 28 U.S.C. 1331 and 1338(a), in which Plaintiff, Symantec Corporation ("Symantec"), for its complaint against Defendant Veeam Software Corporation ("Veeam") alleges as follows: INTRODUCTION 1. This is an action brought by Symantec against Veeam for Veeam's infringement of
6 Symantec's patents. In particular, Symantec seeks remedies for Veeam's infringement of 7 Symantec's U.S. Patents Nos. 7,024,527 ("the '527 patent"); 7,480,822 ("the '822 patent"); 8 7,831,861 ("the '861 patent"); and 8,117,168 ("the '168 patent"). 9 10 2. PARTIES Symantec Corporation is a corporation organized and existing under the laws of the
11 State of Delaware, having a principal place of business at 350 Ellis Street, Mountain View, 12 California 94043. 13 3. Veeam Software Corporation is a corporation organized and existing under the
14 laws of the State of Delaware, having a principal place of business at 8800 Lyra drive, Suite 350, 15 Columbus, Ohio 43240. Veeam has appointed CT Corporation, 1300 East 9 th Street, Cleveland, 16 Ohio 44114 as its registered agent upon whom process against the corporation may be served. 17 Veeam sells virtual infrastructure management and data protection software both directly and 18 indirectly through partners, resellers and retailers. 19 20 4. JURISDICTION AND VENUE This lawsuit is a civil action for patent infringement arising under the patent laws
21 of the United States, 35 U.S.C. 101, et seq. Accordingly, this Court has subject matter 22 jurisdiction pursuant to 28 U.S.C. 1331 and 1338(a). 23 5. This Court has personal jurisdiction over Veeam for at least the following reasons:
24 (i) Veeam has committed acts of patent infringement and/or contributed to or induced acts of 25 patent infringement by others in this District and elsewhere in California and the United States; (ii) 26 Veeam regularly does business or solicits business, engages in other persistent courses of conduct, 27 and/or derives substantial revenue from products and/or services provided to individuals in this 28 District and in the State of California; and (iii) Veeam has purposefully established substantial,
1 systematic and continuous contacts with this District and expects or should reasonably expect to 2 be haled into court here. Veeam has previously been a patent infringement defendant in this 3 district and has not objected to jurisdiction . Thus, this Court's exercise of jurisdiction over 4 Veeam will not offend traditional notions of fair play and substantial justice. 5 6. Venue is proper in this judicial district pursuant to 28 U.S.C. 1391(b)-(c) and
6 1400(b) because Veeam does business in the State of California, has committed acts of 7 infringement in this State and in this District, a substantial part of the events or omissions giving 8 rise to this claim occurred in this District, and Veeam is subject to personal jurisdiction in this 9 District. 10 11 7. INTRADISTRICT ASSIGNMENT Pursuant to Civil L.R. 3-2(c), this case is appropriate for assignment on a district-
12 wide basis because this is an Intellectual Property Action. However, because this case is related to 13 Civil Action No. 3:12-cv-00700 before Judge Susan Illston, and should be related thereto, this 14 action should be filed in the San Francisco Division. 15 16 17 Symantec's Patents-in-Suit 8. U.S. Patent No. 7,024,527. The '527 patent is directed to restoring data from FACTUAL BACKGROUND
18 backups while applications are active and accessing the data from the backup. This allows users 19 to access data from a backup in a near instantaneous manner instead of waiting the hours or days 20 necessary to restore an entire backup. 21 9. U.S. Patent No. 7,480,822. The '822 patent is directed to backing up and restoring
22 access to computing systems. The '822 patent backs up multiple primary computing systems, and 23 restores access to the running states of multiple primary computing systems onto a single 24 computing system through the use of virtualization. 25 10. U.S. Patent No. 7,831,861. The '861 patent is directed to a technique for the
26 efficient restoration of granular application data. The '861 patent teaches a full backup of 27 application data, followed by the virtualization of the application data into a staging area, and the 28 recovery of one or more portions of the application data.
11.
U.S. Patent No. 8,117,168. The '168 patent is directed to methods and systems for
2 creating and managing virtual backups using virtual disks. The '168 patent discloses the use of 3 synthetic virtual disk backups and the retargeting of empty virtual disks to enable the booting of 4 virtual machines. 5 6
Veeam's Free-Riding On Symantec's Intellectual Property & Brand Has Irreparably Harmed Symantec
12. Symantec is harmed by Veeam's use of Symantec's patented technologies in a way 7 8 that cannot be compensated for by monetary damages alone. Veeam has received millions of dollars in revenue and increased its market share by selling products that incorporate Symantec's 9 10 technology without having to incur the costs of developing or licensing this technology. 11 Symantec, on the other hand, has borne and continues to bear these costs.
13. On information and belief, Veeam's infringement has caused Symantec to suffer 12 13 irreparable harm due to, among other things, lost business opportunities, lost market share, and 14 price erosion. The parties directly compete for customers in the VM protection market. Veeam 15 has diverted existing and potential customers away from Symantec's qualitatively superior 16 products by claiming Symantec's innovations as its own and misrepresenting Veeam's 17 contribution to the market. 14. The harm caused by Veeam's infringement cannot be remedied by damages alone. 18 19 Even if Veeam were to subsequently pay past due royalties, lost profits, or other damages, there is 20 no reason to believe that Veeam would stop infringing and it would still enjoy a market share it 21 has developed during its period of "free riding" on Symantec's intellectual property. Due to the 22 difficulty in predicting whether, if at all, Symantec can recover this market share, Symantec's 23 harm cannot be compensated by payment of monetary damages alone. 24
Veeam Infringes Symantec's Patents
15. Symantec's Asserted Patents claim methods and systems for backup and recovery 25 26 for virtual environments. Veeam has infringed and continues to infringe Symantec's Asserted 27 patents through at least its Backup & Replication line of products and related services, including 28
1 for example, Backup & Replication v6.1, Veeam Backup Free Edition, and Veeam's Universal 2 Application-Item Recovery. 3 16. In addition, Veeam indirectly infringes the Asserted Patents. On information and
4 belief, Veeam is and has been on notice of one or more claims of the Asserted Patents. At a 5 minimum, Veeam is and will be on notice of the Asserted Patents on the date of filing and service 6 of this Complaint. Moreover, on information and belief, one or more of the Asserted Patents is 7 marked on Symantec products. 8 17. Veeam induces distributors, consumers, and end-users to directly infringe the
9 Asserted Patents by selling or using Backup & Replication products. Veeam's marketing, sales, 10 and customer support materials, which it makes publicly-available, describe and direct users to use 11 infringing features of the Backup & Replication and/or to use Backup & Replication products in 12 an infringing manner. Veeam also provides verbal and written instructions, including technical 13 know-how, to its distributors and customers that intentionally aid, assist, and encourage 14 infringement. 15 18. Veeam's Backup & Replication products, which it sells directly to consumers as
16 well as through its distribution partners, are designed to be used (and are used by said distributors, 17 consumers, and end-users) in an infringing manner. Additionally, on information and belief, 18 Veeam's products, including its Backup & Replication line of products, were especially designed, 19 made, or adapted for use in an infringing manner. Veeam's Backup & Replication products have 20 no substantial non-infringing uses and are material to the claimed inventions. 21 22 23 24 25 26 1-18. 20. The '527 patent, entitled Data Restore Mechanism, was duly and lawfully issued on 19. COUNT I: INFRINGEMENT OF U.S. PATENT NO. 7,204,527 Symantec incorporates by reference the preceding averments set forth in paragraphs
April 4, 2006. A true and correct copy of the '527 patent is attached to this Complaint as Exhibit A. 21. Symantec is the owner of all rights, title, and interest in the '527 patent, including
27 the right to bring this suit for injunctive relief and damages. 28
22.
On information and belief, Veeam has infringed and continues to infringe, has
2 contributed to and continues to contribute to acts of infringement, and/or has actively and 3 knowingly induced and continues to actively and knowingly induce the infringement of the '527 4 patent by making, using, offering for sale and selling in the United States, and by importing into 5 the United States without authority, and/or by causing others to make, use, offer for sale and sell 6 in the United States, and import into the United States without authority, products and services, 7 including but not limited to Backup & Replication v6.1. 8 23. On information and belief, Veeam's infringement, contributory infringement and/or
9 inducement of infringement is literal infringement or, in the alternative, infringement under the 10 doctrine of equivalents. 11 24. Veeam's infringing activities have caused and will continue to cause Symantec
12 irreparable harm, for which it has no adequate remedy at law, unless Veeam' infringing activities 13 are enjoined by this Court in accordance with 35 U.S.C. 283. 14 25. Symantec has been and continues to be damaged by Veeam's infringement of the
15 '527 patent in an amount to be determined at trial. 16 17 18 1-18. 19 27. The '822 patent, entitled Recovery and Operation of Captured Running States 26. COUNT II: INFRINGEMENT OF U.S. PATENT NO. 7,480,822 Symantec incorporates by reference the preceding averments set forth in paragraphs
20 From Multiple Computing Systems on a Single Computing System, was duly and lawfully issued 21 on January 20, 2009. A true and correct copy of the '822 patent is attached to this Complaint as 22 Exhibit B. 23 28. Symantec is the owner of all rights, title, and interest in the '822 patent, including
24 the right to bring this suit for injunctive relief and damages. 25 29. On information and belief, Veeam has infringed and continues to infringe, has
26 contributed to and continues to contribute to acts of infringement, and/or has actively and 27 knowingly induced and continues to actively and knowingly induce the infringement of the '822 28 patent by making, using, offering for sale and selling in the United States, and by importing into
1 the United States without authority, and/or by causing others to make, use, offer for sale and sell 2 in the United States, and import into the United States without authority, products and services, 3 including but not limited to Backup & Replication v6.1 and Universal Application Item-Level 4 Restore. 5 30. On information and belief, Veeam's infringement, contributory infringement and/or
12 '822 patent in an amount to be determined at trial. 13 14 15 1-18. 16 34. The '861 patent, entitled Techniques for Efficient Restoration of Granular 33.
COUNT III: INFRINGEMENT OF U.S. PATENT NO. 7,831,861

Symantec incorporates by reference the preceding averments set forth in paragraphs
17 Application Data, was duly and lawfully issued on November 10, 2010. A true and correct copy 18 of the '861 patent is attached to this Complaint as Exhibit C. 19 35. Symantec is the owner of all rights, title, and interest in the '861 patent, including
22 contributed to and continues to contribute to acts of infringement, and/or has actively and 23 knowingly induced and continues to actively and knowingly induce the infringement of the '861 24 patent by making, using, offering for sale and selling in the United States, and by importing into 25 the United States without authority, and/or by causing others to make, use, offer for sale and sell 26 in the United States, and import into the United States without authority, products and services, 27 including but not limited to Backup & Replication v6.1 and Universal Application Item-Level 28 Restore.
37.
On information and belief, Veeam's infringement, contributory infringement and/or
8 '861 patent in an amount to be determined at trial. 9
COUNT IV: INFRINGEMENT OF U.S. PATENT NO. 8,117,168

40. 1-18. 41. The '168 patent, entitled Methods and Systems for Creating and Managing Symantec incorporates by reference the preceding averments set forth in paragraphs
10
11 12
13 Backups Using Virtual Disks, was duly and lawfully issued on February 14, 2012. A true and 14 correct copy of the '168 patent is attached to this Complaint as Exhibit D. 15 42. Symantec is the owner of all rights, title, and interest in the '168 patent, including
18 contributed to and continues to contribute to acts of infringement, and/or has actively and 19 knowingly induced and continues to actively and knowingly induce the infringement of the '168 20 patent by making, using, offering for sale and selling in the United States, and by importing into 21 the United States without authority, and/or by causing others to make, use, offer for sale and sell 22 in the United States, and import into the United States without authority, products and services, 23 including but not limited to Backup & Replication v6.1. 24 44. On information and belief, Veeam's infringement, contributory infringement and/or
25 inducement of infringement is literal infringement or, in the alternative, infringement under the 26 doctrine of equivalents. 27 28
45.
Veeam's infringing activities have caused and will continue to cause Symantec
2 irreparable harm, for which it has no adequate remedy at law, unless Veeam' infringing activities 3 4 5 6 7 8 are enjoined by this Court in accordance with 35 U.S.C. 283. 46. Symantec has been and continues to be damaged by Veeam's infringement of the
'168 patent in an amount to be determined at trial. REQUEST FOR RELIEF WHEREFORE, Symantec respectfully requests that: (a) Judgment be entered that Veeam has infringed one or more claims of each of the
9 Asserted Patents; 10 11 (b) Judgment be entered permanently enjoining Veeam, its directors, officers, agents,
servants and employees, and those acting in privity or in concert with them, and their subsidiaries,
12 divisions, successors and assigns, from further acts of infringement, contributory infringement, or 13 14 inducement of infringement of the Asserted Patents; (c) Judgment be entered awarding Symantec all damages adequate to compensate it for
15 Veeam' infringement of the Asserted Patents including all pre-judgment and post-judgment 16 interest at the maximum rate permitted by law; and 17 (d) Judgment be entered awarding Symantec such other and further relief as this Court
18 may deem just and proper. 19 20 DATED: October 22, 2012 21 22 23 24 25 26 27 28

Respectfully submitted, QUINN EMANUEL URQUHART & SULLIVAN By:
ri)(/
Je der A. Kash Attorneys for Plaintiff Symantec Corporation
QUINN EMANUEL URQUHART & SULLIVAN, LLP 2 Jennifer A. Kash (Bar No. 203679) jermiferkash@quinnemanuel.corn 3 50 California Street, 22nd Floor San Francisco, California 94111 4 Telephone: (415) 875-6600 Facsimile: (415) 875-6700 5 Amar Thakur (Bar No. 194025) 6 amarthakur@quinnemanuel.com Quinn Emanuel Urquhart & Sullivan, LLP 7 865 South Figueroa Street, 10th Floor Los Angeles, CA 90017-2543 8 Telephone: (213) 443 3000 Facsimile: (213) 443 3100 9 Dave Nelson* 10 davenelson@quinnemanuel.com Chris Lawnicki* 11 chrislawnicki@quinnemanuel.com 500 West Madison Street, Suite 2450 12 Chicago, IL 60661 Telephone: (312) 705-7400 13 Facsimile: (312) 705-7401 14 Kate Cassidy* katecassidy@quinnemanuel.com 15 51 Madison Avenue, 22nd Floor New York, NY 10010 16 Telephone: (212) 849-7000 Facsimile: (212) 849-7100 17 *pro hac vice to be filed. 18 Attorneys for Symantec Corporation. 19 UNITED STATES DISTRICT COURT 20 NORTHERN DISTRICT OF CALIFORNIA 21 SAN FRANCISCO DIVISION 22 SYMANTEC CORPORATION, 23 Case No. Plaintiff, 24 vs. DEMAND FOR JURY TRIAL 25 VEEAM SOFTWARE CORPORATION 26 Defendant. 27 28
10
1 2
TO EACH PARTY AND TO THE COUNSEL OF RECORD FOR EACH PARTY: Plaintiff Symantec Corporation hereby demands a jury trial in the above-titled action
3 pursuant to Rule 38(b) of the Federal Rules of Civil Procedure. 4 5 DATED: October 22, 2012 6 7 8 9 10 11 19 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 11
Respectfully submitted, QUINN EMANUEL URQUHART & SULLIVAN
Attorneys for Plaintiff Symantec Corporation
EXHIBIT A
1 1 1 1 1 1 1 I I 1 1 1 1E1 1
(12)
s s! 0!s21 s1 1 11 1 1
11 11 11
711/162 711/162 707/204 711/162
United States Patent

Ohr
(45)
(113) Patent No.: US 7,024,527 B1 Apr. 4, 2006 Date of Patent:
(54) DATA RESTORE MECHANISM (75) Inventor: James Philip Ohr, St. Paul, MN (US)
(73) Assignee: VERITAS Operating Corporation, Mountain View, CA (US) * Notice: Subject to any disclaimer, the term of this patent is extended or adjusted under 35 U.S.C. 154(b) by 327 days.
6.880.051 BI * 4/2005 Timpanaro-Perrot1a 6.901.493 131* 5/2005 Maliezzoni 2003/0177149 Al * 9/2003 Coombs 2003/0177324 Al* 9/2003 Timpanaso-Perrotta 2004/0078637 Al 412004 Tellin et al. 2004/0078639 Al 4/2004 Anna ,et al. 8/2004 Foley et al. 2004/0163029 AI 2004/0172577 Al 9/2004 Tan et al. 2004/0193950 Al 9/2004 Gagne et al. 2004/0268067 Al 12/2004 Kenji 2004/0268178 A I 12/2004 Fredin
(21) Appl. No.: 10/623,384 (22) Filed: (51) Cl.

GO6F 12/00
Jul. 18, 2003
OTHER PUBLICATIONS "EMC Data ManagerConsole 1Jser Guide, Release 5.0.0," EMC2 Corporation, Nov. 2002 (20 Pages). * cited by examiner
Primary ExaminerTuan V. Thai (74) Attorney Agent, or FinnRobert
(2006.01) (52) U.S. Cl. 711/161; 100/154; 100/162 (58) Field of Classification Search 711/100, 711/154, 161, 162; 709/201, 203; 714/13 See application file for complete search history. (56) References Cited U.S. PATENT DOCUMENTS
5,907,672 A * 5/1999 Matz& et al. 6,269,431 131* 7/2001 Dunham 6.353.878 Bl* 3/2002 Dunham 6.366,987 Bl* 4/2002 Tzelnic el al. 6.385,707 131* 5/2002 Maffezzoni 6,397,229 131* 5/2002 Menon et al. 6.424,999 B1 7/2002 Arnon et al. 6,490,598 BI 12/2002 Taylor 6,715,048 B1 3/2004 Kamvysselis 6,721,766 131 4/2004 Gill et al. 6,742,138 B1 5/2004 Gegne et al. 6.772,198 131 8%2004 Arnon et al. 6,820,171 Bl* 11/2004 Weber et al. 6,865,655 B1 3/2005 Andersen 6,871,271 B1 3/2005 Oxhan et al. 6,871,295 B1 3/2005 Ulrich et al. 714/8 711/162 711/162 711/162 711/162 707/204
C. Kowert; Meyertons, Hood, Kivlin, Kowert & Goetze], P.C. (57) ABSTRACT
711/114
System and method for performing restores from backups while applications are active and accessing the data being restored. A map correlating destination locations on primary storage to source locations on backup storage for files to be restored may be generated. A restore of the files from the backup storage to the primary storage may be started. During the restore, one or more blocks of data of a file needed by an application may be determined. The map may be accessed to determine if the blocks have been restored. If the blocks have not been restored, the blocks may be restored from the backup storage to the primary storage. The restored blocks of data are accessible by the application while the restore is in progress. The map may be updated to indicate blocks of data that have been restored to the primary storage. 25 Claims, 5 Drawing Sheets
Generates,
Map 120
checks, and atm
File System
jill
Generates, checks, and updates
On-demand reqeusts
Responses
Restore application
Primary Data
Restore Data
Restore Data
Backup Storage 116
U.S. Patent
Apr. 4, 2006
Sheet 1 of 5
US 7,024,527 B1
File server 102 Fire system 110 Restore Application 112
Primary Storage 114
Backup Storage 116
FIG. I
U.S. Patent
Apr. 4, 2006
Sheet 2 of 5
US 7,024,527 B1
Map 120
op.
File System 110
On-demand reqeusts Responses
Restore application 112
Primary
Data
Restore Data ,--'"
Restore Data
Backup Storage 116
FIG. 2
U.S. Patent
Apr. 4, 2006
Sheet 3 of 5
US 7,024,527 B1
Map 120
Primary storage block information
122A
Backup storage block information 124A
Primary storage block information 122B

4111111110.-
Backup storage block information 124B
Primary storage block information 122N
-4110---1111
Backup storage block information 124N
FIG. 3
U.S. Patent
Apr. 4, 2006
Sheet 4 of
US 7,024,527 B1
Disk Mapping/Block requests
Primary Data
Restore Data
Backup Storage 204
Primary Storage 206
FIG. 4
U.S. Patent
Apr. 4, 2006
Sheet 5 of 5
US 7,024,527 B1
Generate a map correlating destination locations on primary storage to source locations on backup storage for a set of files to be restored 300
Start a restore of the set of files from the backup storage to the primary storage 302
Determine one or more blocks of data of a file in the set of files needed by an application 304
Access the map to determine if the blocks have been restored 306
If the blocks have not been restored, immediately restore the one or more blocks to the primary storage 308
FIG. 5
US 7,024,527 Bl 1
DATA RESTORE MECHANISM BACKGROUND OF THE INVENTION
2
a restore operation may restore files in any order, an application may have to wait a considerable amount of time for a particular file to be fully restored. Large databases may include hundreds of gigabytes or even terabytes of data; 5 restores of these databases may take hours or even days before the data reaches a stable state. In many cases, applications may have to wait until all of the data is restored before they can access any of the data. Therefore, it is desirable to provide a restore mechanism 10 that has reduced impact on production applications. It is also desirable to restore data needed from disk-based disaster recovery backups in a near instantaneous manner front the production application's perspective. It is also desirable to allow application to be active and accessing data being 15 restored while the restore is in progress transparent to the applications.
1. Field of the Invention This invention is related to the field of computer systems and, more particularly, to restoring data from backup storage. 2. Description of the Related Art ln disaster recovery backups, data is physically transferred from the primary storage media to the backup media. The backup may be to either disk or tape, though tape has - traditionally dominated this market. With the continuing reduction in the cost of disk storage more sites are switching to disks as the backup media. In addition to the lower cost. disk storage tends to occupy less space and is faster than tape. While disk tends to be faster than tape, it should be SUMMARY noted that disk backups and restores typically result in a considerable amount of application down time (typically Embodiments of a system and method for performing hours). 20 restores from backups while applications are active and In high-end applications, primary storage disks are typiaccessing the data being restored are described. Embodically high performance (e.g. EMC, Hitachi, or IBM arrays). ments may provide a restore mechanism that may restore Purchasing and maintaining equivalent sets of disk arrays to data in near real-time from a disk-based backup through a perform mirroring can be very expensive. Therefore, many sites use inexpensive, mediocre-performance solutions for 25 coupling of a restore application with a file system and/or volume manager. Embodiments may allow restoring data backup storage (e.g. arrays of IDE disks). Typically, users of into a file system while one or more applications that may such high-end applications do not use such backup storage use the data being restored are active. Embodiments may as "mirrors" that can be switched to and nm off backup allow users to get backup data from backup storage onto storage due to the poor performance of the backup storage. primary storage as rapidly as possible while the restore is For this and other reasons, mirroring and switching to a 30 taking place with limited or no impact on the application(s). backup image to run in a production system may not be a To perform restores from backups while applications are viable solution for many enterprises. active and accessing the data being restored according to one In addition, disaster recovery backups are typically not embodiment, a map correlating destination locations on just copies of data like mirrors. A backup application may primary storage to source locations on backup storage for a include backup-specific information or formatting with the 35 set of files to be restored may be generated. A restore of the backed-up data. A backup application may write to disk like set of files from the backup storage to the primary storage it is writing to tape, e.g. in TAR format. Therefore, the may be started. During the restore, it may be determined that backed-up data in backup storage may not be in a format that one or more blocks of data of a file in the set of files is can be switched to directly to serve as the primary data in a needed by an application. The map may be accessed to production system. 40 determine if the blocks have been restored. If the blocks In general, data moved to or from storage devices is have not been restored, the blocks may be restored from the provided using either block-level or file-level access. File backup storage to the primary storage. The restored blocks level access requires some knowledge of the underlying file of data are accessible by the application while the restore is system and/or volume management system used to organize data on the storage devices. This type of information is 45 in progress. The map may be updated to indicate blocks of data that have been restored to the primary storage. typically available only at the host level, and thus I/0 One embodiment may generate a map that depicts the file operations utilizing file-level access must be perfonned or at system afier the restore is complete. The map describes the least managed by software executing on a host computer. blocks that will be restored to the file system and their origin Block-level access uses physical storage device addresses to access data and thus need not be "assisted" by some entity 50 location on the backup disk. By providing the map of the blocks being restored to the file system, and continuously having file system and/or volume knowledge. updating the map as to which block have been restored, the A data restore application may restore data from backup file system may determine if a block has already been storage to primary storage using the addresses of the source restored, and if not to request an immediate restore of any and destination devices and blocks. Such address information is typically in the form of an extent list having one or 55 required blocks. Embodiments may be implemented in Storage Area Netmore extents. ..A.n extent is typically a contiguous set of work (SAN) enviromnents or other types of network storage storage blocks allocated for a file portion, a file, or multiple environments. Embodiments may also be implemented in files. Extents are typically represented by a device address non-networked storage environments, for example in a indication, a starting block address on that device, and a length (number of contiguous blocks). However, extents can 60 single-machine system. be defined in a variety of different ways, e.g., a starting BRIEF DESCRIPTION OF THE DRAWINGS address and an ending address, no device information explicitly included, etc. Thus, an extent is generally any The following detailed description makes reference to the information used to locate a desired portion of a storage accompanying drawings, which are now briefly described. resource. 65 FIG. 1 illustrates a network environment in which the Typically, during restores, an application will have to wait restore mechanism may be implemented according to one for a file to be fully restored before accessing the file. Since embodiment.
US 7,024,527 B1 3
FIG. 2 illustrates the restore mechanism with a map correlating source locations to destination locations for data of a restore according to one embodiment. FIG. 3 illustrates a map that correlates source locations to destination locations for data of a restore according to one embodiment. FIG. 4 illustrates the restore mechanism in an environment with a media server according to one embodiment. FIG. 5 is a flowchart of a method for performing restores from backups while applications are active and accessing tbe data being restored according to one embodiment. While the invention is described herein by way of example for several embodiments and illustrative drawings, those skilled in the art will recognize that the invention is not limited to the embodiments or drawings described. It should be understood, that the drawings and detailed description thereto are not intended to limit the invention to the particular form disclosed, but on the contrary, the intention is to cover all modifications, equivalents and alternatives falling within the spirit and scope of the present invention as defined by the appended claims. The headings used herein are for organizational purposes only and are not meant to be used to limit the scope of the description or the claims. As used throughout this application, the word "may" is used in a permissive sense (i.e., meaning having the potential to). rather than the mandatory sense (i.e., meaning must). .Similarly, the words "include", "including", and "includes" mean including, but not limited to.
embodiment, the map may be generated by the file system. The map describes the blocks that will be restored to the file system and their origin location on the backup disk. By providing the map of the blocks being restored to the file 5 system, and continuously updating the map as to which block have been restored, the file system may detennine if a block has already been restored, and if not to request an immediate restore of any required blocks. Embodiments may be implemented in Storage Area Net10 work (SAN) envirolunents or other types of network storage environments. Embodiments may also be implemented in non-networked storage environments, even in a singlemachine system. FIG. l illustrates a network environment in which the 15 restore mechanism may be implemented according to one embodiment. In one embodiment, the restore mechanism may map the files to be restored. In one embodiment, file system 110 and restore application 112 may be on different servers (e.g. in this illustration, file system 110 is on file 20 server 102, and restore application 112 may be on another server such as a media server). In one embodiment, restore application 112 may be on file server 102 with file system 110. In one embodiment, part of restore application 112 may be on file server 102 (e.g. an engine or driver) while the rest 25 of restore application may be on another server (e.g. a media server). ID one embodiment, the file system 110 may allocate blocks for the files on the primary (destination) storage 114; there may be no application data in the blocks when alloDETAILED DESCRIPTION OF EMBODIMENTS 30 cated. The locations on the backup storage 116 where the data to be restored is located may be determined. In one Embodiments of a system and metbod for performing embodiment, the restore application 112 may perform the restores from backups while applications are active and determination. A correspondence or map of where the data accessing the data being restored are described. Embodiis coming from on the backup storage and where the data is ments may provide a restore mechanism that may restore 35 going to on the primary storage may be generated. This map data in near real-time from a disk-based backup through a may be a bitmap, linked list, or any other suitable data coupling of the restore application with the file system structure. This map may pair the source and destination of and/or volume manager. Using embodiments, a block-level blocks to be restored. The map may include indications of restore may be performed while the application(s) that whether particular blocks or extents including blocks have access the data is active. In one embodiment, the file system 40 been restored. This map may be located on the file server and/or volume manager may determine if blocks of data 102, a media server (not shown), on a server with the restore needed by active applications have been restored. In one application 112, or on any server (or storage system) in the embodiment, if a block has not yet been restored, the file network environment where it is accessible by both the file system and/or volume manager generates a request to the system 110 and the restore application 112. restore application to have the block immediately restored. 45 In one embodiment, the map generation may be perln another embodiment, the file system or volume manager formed by coupling the restore application 112 with the file may have direct access to the backup storage, and thus may system 110. In one embodiment, the generation of the map directly access and restore the needed block(s) without may be performed at the file server level. In one embodigoing through the restore application. In this embodiment, ment, the file system 110 may generate the map. During the the restore application may determine or be notified that the 50 restore operation, the map may be updated to indicate which needed blocks have been restored to avoid overwriting the blocks or extents have been restored. In one embodiment, blocks. Embodiments of the restore mechanism may allow the restore application 112 may maintain the map. In another blocks of data to be restored to primary storage on demand embodiment, the file system 110 may maintain the map. In and out-of-order from backup storage. yet another embodiment, both the file system 110 and the Embodiments may allow restoring data into a file system 55 restore application 112 may maintain the map. In other while one or more applications that may use the data being embodiments, other entities (e.g. a driver or engine on file restored are active. In the prior art, an application may have server 102 or a volume manager) may maintain the map. to wait for a file to be fully restored before accessing the file, One embodiment may include a media server (not shown) and in many cases applications may have to wait until all of that may perform block detection (e.g. detecting when the data is restored before they can access the data. Embodi- 60 blocks are needed by applications running during the ments may allow users to get backup data from backup restore), checking of the map to determine if needed blocks storage onto primary storage as rapidly as possible while the have been restored, and on-demand requesting of nonrestore is taking place with limited or no impact on the restored blocks. When the file system 110 or alternatively a application(s). media server determines that an application needs a block of One embodiment may generate a map that depicts the file 65 data in the restore, the file system 110 or media server may system after the restore is complete. In one embodiment, this examine the map to determine if the block has been restored. map may be generated by the restore application. In another In one embodiment, during the restore, when an application
Us 7,024,527 Bl
5
needs a block that has not been restored from the backup storage 116 to the primary storage 114 by the restore application 112, the file system 110 or alternatively a media server operating in conjunction with the file system sends a request to the restore application 112 to immediately restore the block from the backup storage 116 to the primary storage 114. Alternatively, the restore application 112 may provide the requested block directly to the requestor (e.g. file system
file server may perform these tasks. One embodiment may not have a separate media server. In one embodiment, the restore application may run in the file server. One embodiment may be implemented on one server and one storage 5 network. In one embodiment. the restore application may have an engine running on the file server that moves the data and that is coupled with the file system; the map may be maintained in the file server. The engine may move the data 110). from backup storage to primary storage. If file system needs In one embodiment, detection and request for the imme- to some blocks that have not been restored, the file system diate restore of non-restored blocks occurs within the file notifies the engine to get and restore the indicated blocks. server 102. In this embodiment, detection and request for One embodiment may be implemented in network enviblocks is performed at a software level on the file server 102 ronments that include a volume manager. A volume manager and not at the storage hardware level. In one embodiment, typically sits under the file system 110 and is used to detection of needed blocks may be performed by the file 15 aogregate groups of storage devices together to form larger system 110. In this embodiment, the file system 110 deterviews of storage (e.g. striped or concatenated). A volume mines that there is a block that is needed that has not yet manager may provide a uniform, singular space in which the been restored by examining the map and makes a request to file system 110 may operate. Multiple disks can be made to the restore application 112 to immediately restore the block, appear as one storage system to the file system 110. In this In one embodiment, a driver on the file server 102, rather 20 embodiment, the file system 110 may perform the prethan the file system 110, may perform the detection and mapping of the files. The file system 110 may allocate request for non-restored blocks. Alternatively, a media storage where the data is to be restored, as files may typically server between the file server 110 and the primary and be identified at the file system 110 level and not at the backup storage may perform non-restored block detection volume manager level. In one embodiment, detection of and requests for the immediate restore of non-restored 25 blocks, checking of the map, and making on-demand blocks, requests to the restore application for the restore of needed Referring to FIG. 1, in some network storage environblocks may be performed at the file system 110 level. In ments such as SAN environments, the file server 102 may another embodiment, block detection, map checking, and have direct access to the back-up storage 116. In these on-demand requests to the restore application may be perenvironments, in one embodiment, the file server 102 may 30 formed at the volume manager level. retrieve blocks from the backup storage 116 that it needs and In embodiments, address spaces may be translated; for that have not been restored as indicated by the map. The file example, the file system 110 addresses at the file level, other server 102 may then update the map to indicate that the levels may address at the block or extent level, and lower block has been retrieved and restored. Thus, in this embodilevels address at the physical level (e.g. using LUNs). ment, the file server 102 may satisfy the on-demand request 35 Embodiments may include or alternatively access a mapping on its own without sending a request to the restore applicamechanism that may be used to map addresses to whatever tion 112. In this embodiment, the file server 102 may do the layer is necessary to perform the mapping and/or on-demand work that the restore application 112 would otherwise have restore operations. to do, preferably reducing the number of messages and other FIG. 2 illustrates the restore mechanism with the map operations that have to be performed and thus causing less 40 according to one embodiment. FlG. 2 illustrates means for impact to the overall restore process. restoring a set of files from a backup storage to a primary In this embodiment, the file server 102 may coordinate storage, means for determining on a file server that one or on-demand restores with the restore application 112, e.g. by more blocks of data of a file in the set of files needed by an. updating the map, to prevent the restore application 112 application have not been restored during the restore, and from overwriting blocks restored to primary storage 114 45 means for restoring the determined one or more blocks of with potentially older data from the backup storage 116. In data according to one embodiment. one embodiment, the file server 102 may update the map to In one embodiment, a set of files may need to be restored. indicate that a retrieved block has been restored, and the 'fhe restore application 112 may be requested to restore the restore application 112 may check the map to determine if set of files. The restore applicatiOn 112 may communicate blocks it is about to restore have already been restored and 50 with the file system 110 to inform the file system 110 to not restore any blocks that have been restored directly by the pre-allocate the set of files. The restore application 112 may file server 102 to thus avoid overwriting blocks already provide the file names and size of the files, and potentially retrieved by the file server 102 and possibly modified by other information about the set of files. The file system 110 applications. In another embodiment, the file server 102 may may pre-allocate space (blocks or extents) for the set of files notify the restore application 112 when it directly retrieves 55 on primary storage 114 and return to the restore application blocks and the restore application 112 may update the map. 112 information describing the set of destination blocks (or One embodiment may include a media server between the extents) on the primary storage 114 to where the data is to file server 110 and the storage. In one embodiment, the be restored. The restore application 112 then may pair that restore application 112 may run on the media server. In one set of destination blocks on the primary storage 114 with the embodiment, the media server may handle detection of 6O source locations of the blocks on the backup storage 116 to blocks, checking of the map, and interacting with the restore generate a map 120. application for the on-demand restore of detected blocks. In FIG. 3 illustrates a map according to one embodiment. In another embodiment, the file server may handle detection of FIG. 3, primary storage block information 122 is correlated blocks, checking of the map, and interacting with the restore with backup storage block information 124 for the N blocks application for the on-demand restore of detected blocks. In 65 or extents to be restored. Map 120 may be a bitmap, linked one embodiment, a file system on the file server may list, or any other suitable data structure. In one embodiment, perform these tasks. In another embodiment, a driver on the for each file in the restore, there may be a map 120 generated
US 7,024,527 BI 7
8
for that file that correlates source and destination informadiately restored, the restore may be proceeding as normal; tion for the file. In another embodiment, there may be one the restore application 112 may be moving other, nonmap 120 generated that correlates source and destination requested blocks from the backup storage 116 to the primary information for all files in the restore. Other embodiments storage 114. The restore may be proceeding normally in the may generate separate maps 120 for each of two or more sets 5 background while on-demand restores may be occurring if of files. In one embodiment, this mapping of source and the file system 110 determines blocks that it needs have not destination information may be performed for all files to be yet been restored. restored up front, before the restore of the files actually While the data is being moved, the map 120 is being starts. Therefore, all the blocks for all the files to be restored updated so that the map 120 reflects what has been restored may be pre-mapped at the beginning of the restore process. I o to the primary storage 116. If the file system 110 checks the This pre-allocation and pre-mapping process may, for map 120 and sees that a block it needs has not yet been example. take seconds to minutes. restored, the file system 110 notifies the restore application Referring again to FIG. 2, in one embodiment, the file 112 to provide the block immediately. system 110 may maintain the map 120 that it uses to In one embodiment, if a file access by an application does determine what blocks of the set of files that arc being 15 not involve a file that is being restored, then the file system restored are currently valid in (restored to) the primary 110 may determine that it does not have to check the map to storage 114. The map 120 may be dynamically updated as determine if the file's blocks have been restored. In one the restore is performed, in one embodiment by the file embodiment, the restore application 112 may inform the lile system 110, in another embodiment by the restore applicasystem 110 when the restore has completed so that the file tion 112, or in yet another embodiment by both. In some 20 system 110 will know it no longer needs to check the map embodiments, other entities such as a driver or a media 120 and the map 120 may be disposed of if desired. server may access and/or update the map 120. In one In one embodiment, each file's metadata may include an embodiment, the restore application 112 may keep the map indication to mark if the file is to be restored. When the file updated to indicate which blocks have been restored. In system 110 receives a request for a file or a portion of a file, another embodiment, the restore application 112 may send 25 the file system 110 may check the metadata for the file to messages to the file system 110 indicating which blocks determine if the file is to be restored. If it is to be restored, have been restored, and the file system 110 may update the then the file system may check the map 120 for that file to map 120. In one embodiment, both the file system 110 and determine if the needed blocks have been restored. If the the restore application 112 may update the map 120 when needed blocks have not been restored, then the file system necessary. In some embodiments, other entities such as a 30 110 may send a request to the restore application 112 to media server or a driver on the file server may maintain immediately restore the needed blocks. In one embodiment, and/or update the map 120. the file system 110 may check the file's metadata to deterIn one embodiment, when the file system 110 needs to mine if the file has been restored; if the file has been access a block on the primary storage 114, it checks the map restored, then the file system 110 can serve the request 120 to see if the block has been restored. If the block has not 35 without checking the map 120: otherwise, the file system been restored, the file system 110 knows that it cannot access 110 checks the map 120 and, if the map 120 indicates the the block directly from the primary storage 114. The file needed blocks have not been restored, notifies the restore system 110 then sends a request to the restore application application 112 to restore the needed non-restored blocks. 112 that indicates that the file system 110 needs the block FIG. 4 illustrates the restore mechanism in an environimmediately. The restore application 112 then goes to the 40 ment with a media server according to one embodiment. backup storage 116 and gets the block. In one embodiment, Primary storage 206 may be, for example, a disk array that the restore application 112 may restore the requested block holds the data being accessed by the file server 200 and to to the primary storage 116 and notify the file system 10 that which a restore is being performed. The backup storage 204 the block has been restored. In another embodiment, the may hold the data that was previously stored as part of a restore application 112 may provide the block directly to the 45 backup operation. In one embodiment, the restore applicafile system 110, which may then write the block to the tion may reside primarily on the Media Server 202. In one primary storage 114. In both embodiments, the map 120 is embodiment, some components of the restore application updated to indicate that the block has been restored. In one may reside on the File Server (client) 200. In one embodiembodiment, the file system 110 may update the map 120. ment, when a request is made to restore some files, the files In another embodiment, the restore application 112 may 50 may be pre-allocated and mapped by the restore application update the map 120. Alternatively, the restore application using the capabilities of the file system on file server 200. 112 may restore the block to the primary storage 114, update The extents pre-allocated by the file server 200 may be the map 120, and the file system 110 may check the map 120 transferred to the Media Server 202, and the restore applito detect if the block has been restored. cation may correlate the location of the data on the backup Thus, in embodiments, the restore application 112 may 55 storage 204 to the extents on the Primary Storage 206. Once get the block from the backup storage 116 and make it the correlation is completed, the media server 202 may available to the file system 110 in response to the file system provide the file system on file serve 200 a map of the blocks 110 sending a message to the restore application 112 indithat are in the process of being restored. The file system may cating it needs the block. The map 120 is updated to indicate use this map to make a determination if the data on the the block has been restored. In addition, the map 120 is 60 primary storage 206 is current or is in the process of being updated to indicate non-requested blocks restored to primary restored. If a data block is required that has not yet been storage 114 by the restore application 112 in the course of restored to the primary storage 206, then the file system may the normal restore process. The file system 10 may thus make a request to the restore application for an immediate provide blocks of files from the backup storage 116 to an restore. The restore application may preferably immediately application for access (read or write) while the restore is in 65 retrieve requested data blocks and mark the blocks as having progress. At the same time the file system 110 may be been restored. The file system may then proceed with the making on-demand requests for needed blocks to be immestorage request. The restore application may be concurrently
US 7,024,527 B1 9 10
restoring data from the backup storage 204 to the primary accordance with the foregoing description upon a carrier storage 206. Tbe map may be updated, for example, but not medium. Generally speaking, a carrier medium may include necessarily, at regular intervals, to indicate the blocks that storage media or memory media such as magnetic or optical have been restored. media. e.g., disk or CD-ROM, volatile or non-volatile media ln one embodiment, the backup storage 206 may be 5 such as RAM (e.g. SDRAM, DDR SDRAM, RDRAM, directly accessible to the File Server 200. In this embodiSRAM, etc.), ROM, etc. As well as transmission media or ment, the file system may directly read blocks from the signals such as electrical, electromagnetic, or digital signals, backup storage 204 based on the extent mappings created by conveyed via a communication medium such as network the restore application. and/or a wireless link. Embodiments may include at least some integration 10 The various methods as illustrated in the Figures and between the file system and the restore application. In one described herein represent exemplary embodiments of methembodiment, the file system pre-allocates and maps the ods. The methods may be implemented in software, hardrestore storage on primary storage 206. In one embodiment, ware, or a combination thereof The order of method may be the file system checks the map (e.g. bitmap, linked list or changed. and various elements may be added, reordered, other structure) to determine if the current block being 15 combined, omitted, modified. etc. accessed has been restored. If a block has not yet been Various modifications and changes may be made as would restored, then the file system requests the block be immebe obvious to a person skilled in the art having the benefit diately restored or. alternatively, accesses the backup storage of this disclosure. It is intended that the invention embrace 206 for the specific block. When notified of the block's all such modifications and changes and, accordingly, the availability, the file system may proceed with the l/O access above description to be regarded in an illustrative rather than (e.g. generated by an application). In one embodiment. a restrictive sense. during the restore process with on-demand restores of What is claimed is: blocks, the file system may run in a degraded state; however, 1. A system, comprising: customers may prefer to run in a degraded state than to have a primary storage; the application down throughout the restore. 25 a backup storage; One embodiment may include a driver under the file a restore application configured to restore a set of files system to monitor the requested blocks and provide the from the backup storage to the primary storage; and on-demand requests. This embodiment may be used, for a file server configured to, during said restore: example, in environments where the restore application determine that one or more blocks of data of a file in the cannot be (fully) integrated with the file system. In this 30 set of files needed by an application have not been embodiment, pre-allocation and mapping may be performed restored; and by the file system. direct the restore application to restore the determined FIG. 5 is a flowchart of a method for performing restores one or more blocks of data in response to said from backups while applications are active and accessing the determination that the one or more blocks of data data being restored according to one embodiment. As indi- 35 have not been restored; cated at 300, a map correlating destination locations on wherein the restored one or more blocks of data are primary storage to source locations on backup storage for a accessible by the application while said restore is in set of files to be restored may be generated. A restore of the progress. set of files from the backup storage to the primary storage 2. The system as recited in claim 1, may be started as indicated at 302. As indicated at 304, 40 wherein the restore application is further configured to, during the restore, it may be determined that one or more prior to said restore, generate a map correlating destiblocks of data of a file in the set of files is needed by an nation locations on the primary storage to source locaapplication. As indicated at 306, the map may be accessed to tions on the backup storage for the set of files to be determine if the blocks have been restored. As indicated at restored; and 308, if the blocks have not been restored, the blocks may be 45 wherein, to determine that one or more blocks of data of restored from the backup storage to the primary storage. The a file in the set of files needed by an application have restored one or more blocks of data are accessible by the not been restored, the file server is further configured to application while the restore is in progress. The map may be access the map to determine if the one or more blocks updated to indicate blocks of data that have been restored to have been restored. the primary storage. 50 3. The system as recited in claim 2, wherein for at least hi one embodiment, a restore application performs the one file of the set of files that comprises a plurality of data map generation and the restore of the set of files from the blocks, the map comprises a separate correlation of each backup storage to the primary storage. In one embodiment, block of the plurality of data blocks at the primary storage a file system performs the determining of the one or more blocks of data needed by the application and accessing the 55 to a corresponding block at the secondary storage. 4. The system as recited in claim 1, map to determine if the blocks have been restored. In one embodiment, if it is determined that the blocks have not been wherein, to direct the restore application to restore the restored, the file system sends a message to the restore determined one or more blocks of data in response to application to instruct the restore application to restore the said determination that the one or more blocks of data blocks. In this embodiment, the restore application restores 60 have not been restored, the file server is configured to the blocks of data to the primary storage in response to the send a message to the restore application, wherein the message. message is configured to direct the restore application to restore the determined one or more blocks of data; CONCLUSION and 65 wherein the restore application is further configured to Various embodiments may further include receiving, restore the one or more blocks of data to the primary sending or storing instructions and/or data implemented in storage in response to the message.
US 7,024,527 BI 11 12
5. The system as recited in claim 1. wherein the file server response to said determining that the one or more comprises a file system configured to perform said determiblocks of data have not been restored; and nation that one or more blocks of data of a file in the set of the restore application restoring the determined one or files needed by an application have not been restored and more blocks of data; said direction of the restore application to restore the deter- 5 wherein the restored one or more blocks of data are mined one or more blocks of data. accessible by the application while said restore is in 6. The system as recited in claim 1, wherein the file server progress. comprises a file system and a driver coupled to the file 15. Tbe method as recited in claim 14, further comprising: system, wherein the driver is configured to perform said prior to said restore, generating a map correlating destidetermination that one or more blocks of data of a file in the to nation locations on the primary storage to source locaset of files needed by an application have not been restored tions on the backup storage for the set of files to be and said direction of the restore application to restore the restored; and determined one or more blocks of data on behalf of the file wherein said determining that one or more blocks of data system. of a file in tbe set of files needed by an application have 7. The system as recited in claim 1, wherein the restore 15 not been restored comprises accessing the map to application is further configured to update the map to determine if the one or more blocks have been restored. indicate blocks of data that have been restored to the primary' 16. The method as recited in claim 14, storage. wherein said directing the restore application to restore 8. 'f he system as recited in claim 1, wherein the system is the determined one or more blocks of data comprises a Storage Area Network (SAN) system. sending a message to the restore application, wherein 9. The system as recited in claim 1. wherein, prior to said 20 the message is configured to direct the restore applicadetermination that the one or more blocks of data have not tion to restore the determined one or more blocks of been restored, the file server is further configured to: data; and receive a file access request from the application, wherein wherein the restore application restores the determined the file access request specifies a portion of the file to 25 one or more blocks of data in response to the message. be accessed by the application, wherein the file access 17. The method as recited in claim 14, wherein the file request is received while said restore is in progress; server comprises a file system, wherein the file system identify a set of blocks of data of the file corresponding to performs said determining that one or more blocks of data of the portion of the file, wherein the set of blocks a file in the set of files needed by an application have not comprises the one or more blocks. 30 been restored and said directing the restore application to 10. The system as recited in claim 9, wherein the file restore the determined one or more blocks of data. access request specifies the portion of tbe file using file level 18. The method as recited in claim 14, wherein the file addressing, wherein said identifying the set of blocks comserver comprises a file system and a driver coupled to the file prises translating a file level address to a block-level address. 11. The system as recited in claim 9, wherein the file 35 system, wherein the driver performs said determining that one or more blocks of data of a file in the set of files needed server is further configured to: by an application have not been restored and said directing identify, from among the set of blocks of data correspondthe restore application to restore the determined one or more ing to the portion of the file, a particular block that does blocks of data on behalf of the file system. not have to be restored from the backup storage; and 19. The method as recited in claim 14, further comprising provide access to the particular block of data to the 40 updating the map to indicate blocks of data that have been application from the primary storage. restored to the primary storage. 12. The system as recited in claim 1, wherein the restore 20. A computer-accessible medium comprising program application is further configured to restore blocks of one or instructions, wherein the program instructions are configmore other files of the set as a background task while restoring the one or more blocks in response to said directing 45 ured to implement: a restore application starting a restore of a set of files from by the file server. a backup storage to a primary storage; A system, comprising: 13. during said restore: means for restoring a set of files from a backup storage to a file server determining that one or more blocks of data a primary storage; of a file in the set of files needed by an application means for determining on a file server that one or more 50 have not been restored; and blocks of data of a file in the set of files needed by an the file server directing the restore application to restore application have not been restored during said restore; the determined one or more blocks of data in and response to said determining that the one or more means for restoring the determined one or more blocks of blocks of data have not been restored; and data; 55 the restore application restoring the determined one or wherein the restored one or more blocks of data are more blocks of data; accessible by the application while said restore is in wherein the restored one or more blocks of data are progress. accessible by the application while said restore is in 14. A method, comprising: progress. a restore application starting a restore of a set of files from 60 21. The computer-accessible medium as recited in claim a backup storage to a primary storage; during said restore: 20, wherein the program instructions are further configured to implement: a file server determining that one or more blocks of data of a file in the set of files needed by an application prior to said restore, generating a map correlating destihave not been restored; and nation locations on the primary storage to source loca65 the file server directing the restore application to restore tions on the backup storage for the set of files to be the determined one or more blocks of data in restored; and
US 7,024,527 fil 13 14
wherein said determining that one or more blocks of data blocks of data of a file in the set of files needed by an of a file in the set of files needed by an application have application have not been restored and said directing the not been restored comprises accessing the map to restore application to restore the determined one or more determine if the one or more blocks have been restored. blocks of data. 22. The computer-accessible medium as recited in claim 5 24. The computer-accessible medium as recited in claim 20, 20, wherein the file server comprises a file system and a wherein, in said directing the restore application to restore driver coupled to the file system, wherein the driver perthe determined one or more blocks of data, the program forms said determining that one or more blocks of data of a instructions arc further configured to implement sendfile in the set of files needed by an application have not been ing a message to the restore application, wherein tbe to restored and said directing the restore application to restore message is configured to direct the restore application the determined one or more blocks of data on behalf of the to restore the determined one or more blocks of data; file system. and 25. The computer-accessible medium as recited in claim wherein the restore application restores the determined 20, wherein the program instructions are further configured one or more blocks of data in response to the message. 15 to implement updating the map to indicate blocks of data 23. The computer-accessible medium as recited in claim that have been restored to the primary storage. 20, wherein the file server comprises a file system, wherein the file system performs said determining that one or more
EXHIBIT B
11111111111111111111111111pli !i)1 81g!11111 1 1 1 1 1 1 1 1 1 1 li

(12)

Arbon et al.
(45)
(10) Patent No.: Date of Patent:
US 7,480,822 B1 Jan. 20, 2009

718/1 714/6 709/224 707/202 714/4 714/4 714/4 714/4 707/100
(54) RECOVERY AND OPERATION OF CAPTURED RUNNING STATES FROM MULTIPLE COMPUTING SYSTEMS ON A SINGLE COMPLMNG SYSTEM (75) Inventors: Val Arbon, Orem, UT (US); Daniel H. Hardman, American Fork. UT (US) (73) Assignee: Symantec Corporation, Cupertino, CA (US)
(*
6.728.746 Bl C 4/2004 Murasc et al. 6,973.587 B1 * 12/2005 Maity et al. 7.197.561 BI * 3/2007 Lovy et al. 7,200.622 B2* 412007 Nakatani et al. 2003/0018927 Al * 1/2003 Gadir et al. 2004/0172574 AI * 9/2004 Wing d al. 2005/0108593 Al * 5/2005 Purushothatnan et al. 2005/0172160 Al * 8/2005 *laylor et al. 2006/0271575 Al* 11/2006 Harris et al.
* cited by examiner
Primary ExantinerJoshua A Lohn (74)Attorney Agent, or FirmAdvantEdge Law Group
Notice:
Subject to any disclaimer, the term of this patent is extended or adjusted under 35 U.S.C. 154(b) by 522 days.
(57)
ABSTRACT
(21) .Appl. No.: 11/180,412 (22) Filed: (51) Int. Cl.

G06F 11/00 (2006.01) (52) U.S. Cl. 714/13; 714/4; 714/15 (58) Field of Classification Search 714/4, 714/5, 6, 7, 12, 13, 15 See application file for complete search history.
Jul. 13, 2005
(56)
References Cited U.S. PATENT DOCUMENTS

5,488,716 A * 1/1996 Schneider et al. 5,805,790 A * 911998 Nota et al. 5,832,222 A * 1111998 Dziadosz et al. 714/10 714/10 709/216
Restoring access to miming states of multiple primary computing systems onto a single computing system. The captured running states each include, or are altered to include, at least one device driver that is configured to interface with a common virtualization component that runs on the single computing system. The common virtualization component is Configured to at least indirectly interface with hardware on the single computing system. The hardware potentially operates using a different interface than the device driver is configured to interface with. The system identifies a boot order for each ofthe primary computing systems, and then starts the running states for each of the primary computing systems in the appropriate boot order in a manner tbat takes advantage of the virtual environment exposed by the single computing system. 25 Claims, 7 Drawing Sheets
Device Driver Insertion Component 352
Pnrnary Computing System 310 Running State 311
Primary Compuhng System 320 Running State
321
Primary Computing System 330 Running State
341
Capture channel 35/ / Captured Running State 312 Captured Applications And Data 313 Captured Boot Order 11? . Network Infra t Recovery as. Operating System 362 I Recovery Comp;ding System
22
\
Captured Running State 112 Captured Applications And Data 333 Captured O.S. 334
as. 214
1
Captured Running State M Captured Applications And Data 323 Captured as. 324 Standard Device Driver 225 1
Standard Device Driver 315
Standard Device Driver 335
342
Virtualization Component M I t
I $
1
Recovery C.S. Hardware 363
Computing System 100 Processor(s) 102
lualvd*S1
fa ZZ8`0817`LS il
L JO t oaqS
t.4 LD
(
Memory 104 Volatile Non-Volatile
Communication Channels 108
Fig.
r.
U.S. Patent
Jan. 20, 2009
Sheet 2 of 7
US 7,480,822 B1
200 ( 201 Capture Running State Of Primary Computing Systems ( 202 Ensure Captured Running State Includes Virtual Driver ( 204 Identify Boot Order For Primary Computing Systems
4
Recovery Computing System Accesses Running State 203
Boot Running States In Identification Boot Order
205
Emulate Network Between Primary Computing Systems
206
Fig. 2
U.S. Patent
Jan. 20, 2009
Sheet 3 of 7
US 7,480,822 B1
Device Driver Insertion Component 352 Primary Computing System 310 Running State
311
Primary Computing System no Running State I

321
Primary Computing System 330 Running State 331
* 341
Capture channel
351
Recovery Computing System 350 Captured Running State 312 Captured Applications And Data 313 Captured 0.S. 314 Boot Order 353 I Standard Device Driver 315 & I Captured Running State 322 Captured Applications And Data 323 Captured O.S. 324 Standard Device Driver 325
A
Captured Running State 332 Captured Applications And Data 333 Captured 0.S. 334 I Standard Device Driver 335
&
342
Virtualization Component 361 Network Infra 354
Recovery C.S. Operating System 362
Recovery C.S. Hardware 363
Fig. 3
U.S. Patent
Jan. 20, 2009
Sheet 4 of 7
US 7,480,822 B1
400 Primary Computing System 310 411 (e.g., Web) 431 443
t.-
Primary Computing System 320 441 421 (e.g., DB) 442
Primary Computing System 330
422 (e.g., DNS)
(e.g., File) 444
432 (e.g., Domain Controller)
Fig. 4
500
Monitor Initialization Times For Prior [-- 501 Initializations Of Computing Services
Repeatable
Estimate Initialization Dependencies
502
Jr
Derive An Initialization Ordering 1,-503
Jr
Derive Boot Order Of Primary Computing Systems
Fig. 5
U.S. Patent
Jan. 20, 2009
Sheet 5 of 7
US 7,480,822 B1
600
Monitor Event Logs For All Computing Systems
601
Filter For Initialization Events For The Computing Services
------- 602
Fig. 6
700
Estimate Sequential Time-Based Correlation For A Pair Of Initialization Events

hr
------ 701
Estimate That Computin9 Services With Higher Sequential Time-Based Correlation Have An Initialization Dependency
----- 702
Fig. 7
800
1 .0
Significance Of Event Pair
1 min 10 min
60 min
Time Between Events

IllZZ8`08eL S il
Fig. 8
L J O9WEIS
ltialud 'SU
r -Servers
930 910
Desktops and Laptops 920
Network Site 900
Recovery Computing System NO
I tt
LI LL=
Fig. 9
zu'ost'L sa
0E000 CLJ ECED
L JOL jaaqs
llialud*S11
US 7,480,822 B1 1
RECOVERY AND OPERATION OF CAPTURED RUNNING STATES FROM MULTIPLE COMPUTING SYSTEMS ON A SINGLE COMPUTING SYSTEM
2
single computing system. After capturing the running state for each of the primary computing systems, the single computing system then accesses and exposes for external use the captnred running states. The captured running states each 5 include, or are altered to include, at least one device driver that is configured to interface with a common virtualization component that runs on the single computing system. The common virtualization component is configured to at least indirectly interface with hardware on the single compotto ing system. The hardware potentially operates using a different interface than the device driver in the capture running state is configured to interface with. The system identifies a boot order for each of the primary computing systems, and then starts the running states for each of the primary computing is systems in the appropriate boot order. Accordingly, access to the running state of the primary computing systems is restored on a single computing system, and without requiring the primary computing systems' hardware. This can significantly reduce the amount of time needed 20 to restore access to the functionality offered by the primary computing systems. Furthermore, this process may be used to test the recovery even if the primary computing systems continue operation. Additional embodiments of the invention will be set forth 25 in the description that follows, and in part will be obvious from the description, or may be learned by the practice of the invention. The embodiments of the invention may be realized and obtained by means of the instruments and combinations particularly pointed out in the appended claims. These and 30 other embodiments of the present invention will become more fully apparent from the following description and appended claims, or may be learned by the practice of the invention as set forth hereinafter.
35
BACKGROUND OF THE INVENTION Computing technology has transformed the way we work and play. Businesses, residences, and other enterprises have come to rely on computing systems to manage their key operational data. Often, the data itself is many times more valuable to an enterprise than the computing hardware that stores the data. Accordingly, in this information age, many enterprises have taken precautions to protect their data. One way of pmtecting data is to introduce storage redundancy. For example, a primary computing system maintains and operates upon the active data. Meanwhile, a backup computing system maintains a copy of the data as the active data existed at a previous instant in time. The backup copy of the data is periodically updated. More frequent updates tend to increase the freshness of the data at the backup computing system. At some point, the data at the primary computing system may become inaccessible or otherwise lost. When needed, the data is then transferred back from the backup computing system to the primary computing system. For faster recovery, some backup systems perform volumebased backup in which all ofthe sectors of a particularvolume are backed up. Such sectors may include application data, but may also include application programs, operating system(s), and associated configuration information. This protects against more severe failures in which more than just data is lost, but perhaps the entire volume has become corrupted. In that case, the previously backed-up volume is transferred from the backup computing system to the primary computing system. Reinstallation and reconfiguration of the operating system and application program is not needed since the installed and configured executable representations of the operating system and application programs are already present in the backed-up volume. This traditional volume-based backup works well so long as the primary computing system is still available to restore its running state to. Unfortunately, some failure events may result in not just lost data or state from a particular volume, but may also result in a loss of the hardware itself. In that case, unless there is an identical redundant primary computing system with the same hardware (which itself can be quite expensive), restoration of the backup volume is postponed until identical hardware is acquired. This can take substantial time. The problem is compounded when multiple computing systems have been lost in the failure event. When recovering data access after such a failure, time is money. Depending on the enterprise size and operation, each minute without operational data may mean thousands, or even millions, of dollars in lost revenue. Therefore, what would be advantageous are mechanisms for efficiently restoring access to data and other operational state of multiple primary computing systems. even if the primary computing systems are no longer available, and without necessarily requiring replacement computing systems that have identical hardware as the lost primary computing systems. BRIEF SUMMARY OF THE INVENTION The foregoing problems with the prior state of the art are overcome by the principles of the present invention, which are directed towards mechanisms for restoring access to running states of multiple primary computing systems onto a
BRIEF DESCRIPTION OF THE DRAWINGS In order to describe the manner in which the above-recited and other advantages and features of the invention can be obtained, a more particular description of the invention briefly described above will be rendered by reference to specific embodiments thereof which are illustrated in the appended drawings. Understanding that these drawings depict only typical embodiments of the invention and are not therefore to be considered to be limiting of its scope, the invention will be described and explained with additional specificity and detail through the use of the accompanying drawings in which: FIG. 1 illustrates a computing system that may be used to implement the principles of the present invention; FIG. 2 illustrates a flowchart of a method for restoring access to the running state of multiple primary computing systems onto a single recovery computing system in accordance with tbe principles of the present invention; FIG. 3 illustrates an environment in which the principles of the present invention may operate, including a recovery computing system, multiple primary computing systems, and a driver insertion component; FIG. 4 illustrates an example system that includes multiple interdependent computing services distributed across multiple primary computing systems; FIG. 5 illustrates a flowchart of a method for automatically deriving an order of dependency between multiple computing services distributed across multiple primary computing systems; FIG. 6 illustrates a flowchart of a method for monitoring initialization times for prior initializations of computing services;
40
45
50
55
60
65
US 7,480,822 Bl 3
FIG. 7 illustrates a flowchart of a method for estimating initialization dependencies; FIG. 8 illustrates a weighting function that may be used to estimate initialization dependencies; and FIG. 9 illustrates a network site environment in which the 5 principles of the present invention may be used to quickly restore an entire complex network site.
and services described herein may be implemented as objects or processes that execute on the computing system (e.g., as separate threads). While the systems and methods described herein may be implemented in software, implementations in hardware, and in combinations of software and hardware are also possible and contemplated. In the description that follows, embodiments of the invention are described with reference to acts that are performed by DETAILED DESCRIPTION OF THE PREFERRED one or more computing systems. If such acts are implemented EMBODIMENTS to in software, one or more processors of the associated computing system that performs the act direct the operation of the The principles of the present invention relate to mechacomputing system in response to having executed computernisms for restoring access to running stales of multiple priexecutable instructions. An example of such an operation mary computing systems onto a single recovery computing involves the manipulation of data. The computer-executable system. This permits for rapid recovery of tbe functionality 15 instructions (and the manipulated data) may be stored in the provided by the primary computing systems in case the primemory 104 of the computing system 100. mary computing systems cease operation. Alternatively, this Computing system 100 may also contain communication allows the recovery to the recovery computing system to be channels 108 that allow the computing system 100 to comtested even if the primary computing systems continue operamuMcate with other computing systems over, for example, tion. 20 network 110. Conununication channels 108 are examples of First, a general computing system will be described with communications media. Communications media typically respect to FIG. 1, as being a suitable computing system that embody computer-readable instructions, data structures, promay be used to practice the principles of the present invengram modules, or other data in a modulated data signal such tion. Then, general restore operations consistent with the as a carrier wave or other transport mechaMsm and include principles of the present invention will be described in further 25 any information-delivery media. By way of example, and licit detail with respect to FIGS. 2 and 3.A method for deriving a limitation, communications media include wired media, such boot order will then be described with respect to FIGS. 4 as wired networks and direct-wired connections, and wireless through 8. Finally, the application of the principles of the media such as acoustic, radio, infrared, and other wireless present invention to quickly restore a complex network site media. The term computer-readable media as used herein will be described with respect to FIG. 9. 30 includes both storage media and communications media. FIG. 1 shows a schematic diagram of an example computFIG. 2 illustrates a flowchart of a method 200 for restoring ing system that may be used to implement features of the access to running states of multiple primary computing syspresent invention. The described computing system is only tems onto a single recovery computing system. FIG. 3 illusone example of such a suitable computing system and is not trates an environment 300 in which the naming states of intended to suggest any limitation as to the scope of use or 35 multiple primary computing systems are recovered to a single functionality of the invention. Neither should the invention be recovery computing system. The recovery computing system interpreted as having any dependency or requirement relating may then provide the functionality offered by all of the prito any one or combination of components illustrated in FIG. mary computing systems by operating upon the running state. 1. As the method 200 of FIG. 2 may be perfonned in the enviComputing systems are now increasingly taking a wide 40 romnent 300 of FIG. 3, the method 200 will now be described variety of forms. Computing systems may, for example, be with frequent reference to the environment 300. handheld devices, appliances, laptop computers, desktop The method 200 includes capturing the running states of computers, mainframes, or distributed computing systems. In each of the primary computing systems (act 201). Referring this description and in the claims, the term "computing systo FIG. 3, the example environment 300 includes three illustem" is defined broadly as including any device or system (or 45 trated primary computing systems 310, 320 and 330, amongst combination thereof) that includes at least one processor, and potentially many more as represented by the ellipses 341. The a memory capable of having thereon computer-executable primary computing systems 310, 320 and 330 may, but need instructions that may be executed by the processor. The not, be structured as described above for the computing sysmemory may take any form and may depend on the nature and tem 100 of FIG. I. Although three primary computing sysform of the computing system. A computing system may be 50 tems are illustrated in the environment 300, the principles of distributed over a network environment and may include multhe present invention may be applied to recover the miming tiple constituent computing systems. state of any number of multiple primary computing systems. Referring to FIG. 1, in its most basic configuration, a Each primary computing system bas an associated running computing system I 00 typically includes at least one processstate. For instance, primary computing systems 310, 320 and ing unit 102 and memory 104. The memory 104 may be 55 330 have corresponding running states 311, 321 and 331, volatile, non-volatile, or some combination of the two. An respectively. The running state may be an entire volume or set example of volatile memory includes Random Access of volumes that includes application data, the executable Memory (RAM). Examples of non-volatile memory include instructions for application programs, the executable instrucRead Only Memory (ROM), flash memory, or the like. The tions for the operating system, and configuration information term "memory" may also be used herein to refer to non- 60 for the application programs and the operating system. The volatile mass storage. Such storage may be removable or running state may also include compressed or encrypted non-removable, and may include (but is not limited to) PCMforms of the volume. The running state may also include just CIA cards, magnetic and optical disks, magnetic tape, and the a portion of the volume, just specific files or folders, or translike. formations of instructions or data on the volume. For AS used herein, the term "module" or "component" can 65 instance, computer-executable instructions that conform to refer to software objects or routines that execute on the comone instruction set, may be transformed to computer-executputing system. The different components, modules, engines, able instructions that conform to another instruction set.
US 7,480,822 Bl
5 6 Each of the numing states is captured via the use of capture cation programs and data 333 and the captured operating charmel 351. The capture charmel 351 includes the mechasystem 334 that operated upon the primary computing system nisms used to acquire the running state from the respective 330. As previously mentioned, each of the captured naming primary computing systems. and provide the running state to the recovery computing system 350. Such a capture channel 5 states includes standard device driver(s) (e.g., 315, 325 and 335) that are configured to interface with the common virtuneed not contain communica(ions media only, but also may alization component 361 that nms on the recovery computing include storage in which the captured miming state may be system 350. The virtualization component 361 contains stored for a period of time prior to being provided to the executable instructions that, when executed by one or more recovery computing system 350. For instance, the capture to processors of the recovery computing system 350, causes the channel 350 may include a Storage Area Network (SAN). recovery computing system 350 to at least indirectly interface Referring back to FIG. 2, the method 200 includes ensuring with hardware 363 of the recovery computing system 350. If that each of the captured naming states includes device the recovery computing system is represented by the computdriver(s) that are configured to interface with a common viring system 100 of FIG. 1, the execution of such instructions malization component (act 202). Referring to FIG. 3, the 15 by processor(s) 102 may instantiate the common virtualizadevice driver insertion component 352 inserts device drivers lion component 361. into the running state. For instance, standard device driver(s) In the illustrated embodiment, the virtualization compo315 is inserted into running state 311. standard device nent 361 interfaces with the recovery computing system harddriver(s) 325 is inserted into running state 321, and standard ware 363 using the recovery computing system's operating driver(s) 335 is inserted into naming state 331. 20 system 362. An example of the virtualization component is VMWAREO, although other similar product may do as well. These standard drivers may be inserted at any point. For The standard device driver(s) may include one driver for instance, the standard drivers may be inserted into the running interfacing with a network interface, and one driver for interstate while the running state is still on the primary computing facing with a disk driver, and other drivers as desired. The system 310, 320 or 330, while the running state is in the 25 device drivers may be standardized across all running states. capture channel 351, or after the running state is restored to Thus, each captured running state will include a common the recovery computing system 350. Tbe standard device Network Interface Card (NIC) device driver, a common disk drivers comprise computer-executable instructions that interdrive device driver, and a common driver for other classes of face correctly with a common virtualization component such hardware as desired. as virtualization component 361. 30 Whatever the interface used by such device drivers, the Returning to FIG. 2, after capturing the running state for virtualization component 361 receives communications from each primary computing system (act 201), the method 200 the standard device drivers, and provides appropriate equivarestores the capture running state to the single recovery cornlent commands through the operating system 362 to the puling system (act 203). Referring to the example of FIG. 3, recovery system hardware 363. Likewise, communications the naming state 311 is restored to the recovery computing 35 received from the recovery system hardware 363 or operating system 350 in the form of captured running state 312. Simisystem 362 are translated into appropriate commands for larly, the running states 321 and 331 from the other primary communication to the standard device drivers. While it is computing systems are restored in the form of captured runmost convenient if the standard device drivers be the same for nMg states 322 and 332, respectively. If there were more all captured running state, this is not a requirement if the primary computing systems as represented by ellipses 341, 40 virtualization component is capable of more flexibility in the then the associated captured miming states may be restored to types of standard device drivers the virtualization component the recovery computing system 350 as represented by ellipses will communicate with. 342. The recovery computing system 350 may, but need not, Returning to FIG. 2, a suitable boot order for the primary be structured as described above for computing system 100, computing systems is also identified (act 204). This may be and may be distributed over a network. Furthermore, 45 done at any time. This determination may done by monitoring although there is much discussion herein about multiple runprior boots for the primary computing systems, and identifyning states being restored to a single recovery computing ing the boot order based on those prior boots. For instance, if system, that does not imply that there cannot be other recovthe primary computing systems are booted in a particular ery computing systems in any particular network that also order seventy percent of the time, that boot order may be have one or more running states restored to them. For 50 identified as suitable in act 204. Also, one could use a table of instance, there may be one hundred running states that are the various well known services like DNS, DHCP, AD, etc restored to ten different recovery computing systems. Neverand their dependencies among each other to generate an theless, looking at a single one of those recovery computing approximate boot order. A much more complex example of systems, there may be multiple running states restored to that how a boot order may be derived is described below with single recovery computing system. 55 respect to FIGS. 4 through 8. The boot order derivation Each of the captured running states includes computermethod described below with respect to FIGS. 4 through 8 executable instructions that, when executed by one or more takes into account the various interdependencies of the comprocessors of the recovery computing system, cause the puting services provided across the various computing sysapplications and operating systems for the associated primary tems. Whether the boot order is calculated by monitoring computing system to become operational. For instance, cap- 60 prior boots, or by performing the method described with tured running state 312 includes captured application prorespect to FIGS. 4 through 8, or whether the boot order is grams and data 313 and the captured operating system 314 calculated in some other way, will depend on the environment that operated upon the primary computing system 310. Simiand sensitivity to obtaining a correct boot order. The example larly, captured running state 322 includes captured applicaboot order calculation method of FIGS. 4 through 8 will be tion programs and data 323 and the captured operating system 65 described upon completing the description of FIGS. 2 and 3. 324 that operated upon the primary computing system 320. In the illustrated embodiment, the boot order 353 is provided Finally, captured running state 332 includes captured applito the virtualization component 361.
US 7,480,822 BI 7
The method 200 then boots the captured running slates for each of the primary computing systems in the identified boot order (act 205). For instance, upon identifying the first primary computing system that is to be booted, the virtualization component 361 causes the recovery computing system to execute the BIOS of the recovery computing system. Cornmunications to the operating system are caused to pass to the captured operating system Ibr that associated running state. This process is repeated for subsequent running states in the boot order, until all running states are operational, Returning to FIG. 2, the common virtualization component emulates the network between at least two of the primary computing systems when the captured miming states of the at least two primary computing systems attempt to communicate over the network (act 206). Network infrastructure instructions 354 instruct the virtualization component 361 on the network infrastructure that existed with the primary coinpuling system. For instance, the instructions may specify the address ranges used by each primary computing system. The virtualization component 361 may virtualize network communications between primary computing systems by receiving the network communication from the source running state (using the standard NW device driver for the source running state), interpreting the destination address in light of the network infrastructure instructions 354, and then providing the network communication (using the standard NIC device driver for the destination running state) to the destination miming state. Accordingly, the principles ofth present invention permit e the running states for multiple primary computing systems to be restored to a single recovery computing system. The running states may be made operational on the recovery computing system, and so the functionality of the primary computing systems is recovered prior to the physical hardware associated with the primary computing systems being restored. This permits for faster recovery, thereby reducing downtime. In addition, the principles of the present invention may be practiced even if th primary computing systems continue operae tion. In that case, the operation of the naming states on the recovery computing system allows for testing of the recovery operation without ever losing functionality of the primary computing systems. Having described the principles of the present invention with respect to FIGS. 2 and 3, the description now turns to a method for identifying the boot order for the primary computing systems. This method is one of many methods that may be used to generate the boot order information 353, and will be described in detail with respect to FIGS. 4 through 8. FIG. 4 illustrates an example 400 of the several computing services that may be present on the primary computing systems 310, 320 and 330. Specifically, in this example, primary computing system 310 operates computing service 411, primary computing system 320 operates computing services 421 and 431, and primary computing system 330 operates cornpuling services 422 and 432. The computing services 411, 421, 422, 431 and 432 are shown to illustrate an example of computing services that have dependencies as represented by arrows 441 through 444. Of course, this is just an example. The primary computing systems may operate any different kinds of computing services having various dependencies. To illustrate the kind of dependencies that may occur in a real life situation, an example of the computing service 411 is illustrated as being a Web service, an example of the computing service 421 is a database (DB) server, an example of the computing service 422 is a Domain Name Server (DNS)
8
server, an example of the computing service 431 is a file server, and an example of the computing service 432 is a domain controller. In this example. the Web server typically relies on the 5 database server (as represented by dependency arrow 441) to populate Web pages witb dynamic data. While the Web server may operate without the database server, its operation will not be optimal i f it is unable to populate Web pages with dynamic data. The Web server may also rely on the tile server (as to represented by dependency arrow 443) for some of the resources (e.g., images, video, sounds, executable controls) that it exposes. The Web server may authenticate to the file server using credentials which are validated by the domain controller. IS Thus, the file server cannot provide full services to the Web server until the domain controller is operational (as represented by dependency arrow 444). The Web server finds the database server using data supplied by the DNS server. Thus, the database server cannot 20 provide full services to the database server until the DNS server is operational (as represented by dependency arrow 442). This initialization order for this example system may likely be easy to manually detennine for an experienced Infonna25 lion Technology (IT) professional. However, the example has been kept quite simple in order not to obscure the principles of boot order determination. Ordinary production environments are commonly much more complex. It would be a laborious or practically impossible task for even an experienced IT pro3C) f sional to manually identilY all of the particular dependencies in such a complex network, and to update such a model accurately as the fabric evolves over time. FIG. 5 illustrate a flowchart of a method 500 for automatically deriving an initialization ordering for a number of com35 put' ng services distributed over multiple primary computing systems. As the method 500 of FIG. 5 may be performed on th e example system 400 of FIG. 4, the method 500 will be described with frequent reference to the example system 400. However, the principles of the boot order calculation may be 40 applied to any number of primary computing systems. In one example embodiment referred to here as the "physical boot in embodiment", the computing service is a physical bootable machine, and the initialization of the computing service is the booting of the physical machine. 45 The method 500 includes monitoring initialization timestamps for the computing services for one or more prior iMtializations of the computing services (act 501). If is it desired to derive a current initialization ordering, the most recent initializations may be monitored. If it is desired to determine 50 an acceptable initialization ordering for a prior instant in time, the initializations proximate to that prior instant in time may be evaluated. If it is desired to determine an initialization ordering for a future point in time, then the schedule for computing service initializations proximate that future point 55 in time may be monitored. In the case of FIG. 3, for example, it is desirable to identify a good boot order that existed at the time the primary computing systems had their running state captured. In that case, the initializations proximate to that capture operation may be evaluated in act 501. In the case of 60 the physical boot embodiment, the physical primary computing systems 310, 320 and 330 are themselves the computing services. Accordingly, in the physical boot embodiment, such initialization times may be boot times of the various primary computing systems 310, 320 and 330. 65 Regardless of whether the time is the current time, some prior point in time, of some future point in time, the evaluations may give greater weight for initializations that are closer
US 7,480,822 Bl
10
to the point of time of interest. For instance, initialization that the technical names for the service to the more human-readoccurred five minutes prior to the capture may be given able form of the service name. Minor differences in service greater weight than initializations ten hours prior to the capidentification could also optionally be collapsed by such a ture. mapping, if greater ability to generalize from the data is FIG. 6 is a flowchart of an example method 600 for monidesired. This might be helpful if a service name is modified boring initialization times and represents just one example of slightly as part of an upgrade, for example. a suitable method for performing the monitoring act of act Returning to FIG. 5, initialization dependencies for pairs of 501. For instance, the boot order derivation may involve the computing services in the system are then automatically monitoring one or more initialization event logs for each of estimated based on the initialization events (act 502). In the the bootable computing systems (act 601) that operates a 10 physical boot embodiment, these initialization dependencies computing service in the system. For instance, the Microsoft are really boot dependencies between pairs of computing WINDOWS operating system contains event logs with systems. FIG. 7 illustrates a flpwchart of a method 700 for readable entries. Linux and Unix and many mainframe operestimating initialization dependencies and serves as an ating systems have log files. The event logs may contain more example of one of many methods that may be used to perform than just initialization information. 15 act 502. For multiple event pairs of the initializations of the The boot order derivation may then filter the one or more computing services, the boot order calculation may estimate initialization event logs for events related to initialization of a sequential time-based correlation for the initializations of the computing services under evaluation (act 602). This may each pair of computing services (act 701). In this description be done by reading all entries in the log tile that contain and in the claims, a sequential time-based correlation is a initialization timestamps for the computing services in the 20 value that is a function of which initialization came first in the system under evaluation. Entries that do not relate to the pair of computing services, as well as the time difference initialization of the computing services may be ignored. For between the initializations. instance, an entry in a Microsoft WINDOWS operating For example, for each pair of initialization events, there system event log that shows a firewall starting is not particumight be two sequential time-based correlation values for larly relevant to a machine's role as a file or database server. as computing services abstractly named A and B. The A after B However, entries that show low-level internal failures are value may be, for example, 0.8 on a scale of zero to one, useful to the extent that they may indicate high-level flawed indicating that the initialization of.A often follows the initialinitialization. Such internal failures may be used to devalue ization of B in a time frame that suggests A is dependent on B. the weight Riven to that particular initialization attempt for The B afterA value may be, for example, 0.1 on a scale of zero the computing services. 30 to one, indicating that the initialization of B does not often follow the initialization of B in a time frame that suggest B is The boot order derivation may guarantee comparability of dependent on A. Alternatively, as in Table 2 below, a negative timestamps across these multiple primary computing sysor positive polarity may represent which initialization comes tems. This can be done by performing conventional server first. time synchronization. Alternatively, each machine may be The boot order derivation may then estimate that the pairs queried for their current time reckoning, and then compensa- 35 of Mitialization events with higher sequential time-based corlion factors may be calculated and applied to account for time relation have an initialization dependency (act 702). For reckoning differences across the computing systems, thereby instance, in the above example, if the threshold value for creating synchronized equivalent time entries. determining dependency is 0.7,A is determined to depend on The following Table 1 represents example relevant time entries that may be acquired using the method 600 of FIG. 6 40 B, but B is not determined to depend on A. This threshold value may be adjusted as desired depending on the sample when applied to the example system 400 of FIG. 4. size for each sequential pair of computing services. In one embodiment, the sequential time-based correlation TABLE 1 is weighted with a single-peak time dependency function so Event Order Tnitializqtion Time Machine Service 45 that the correlation tends to be lower if the period of time between initializations of the pair of computing services is 12:03:21 am 330 Domain Controller 1 within a time period that is less than a time period associated 2 12:05:19 am 320 File Server DNS Server 3 04:27:01 am 330 with a maximum suggested correlation, and also tends the 4 04:43:32 pm 330 DNS Server correlation to be lower if the period of time between the 5 05:11:45 pm 320 Database Server 50 initializations of the pair of computing services is longer than 6 05:47:59 pm 310 Web Server the time period associated with the maximum suggested correlation. FIG. 8 represents an example 800 of such a function. In actual implementation, this table may be considerably Referring to FIG. 8, if the time difference between initialmore complex. Events covering many days and hundreds of izations is short (or even simultaneous), this would indicate computing systems could appear. The same service may show 55 that the initialization of A was not dependent on B. Referring up several times in the list, and multiple services could map to to FIG. 8, there is no weight given to a dependency correlation the same physical machine. However, Table 1 has the followin which computing serviceA is initialized within a minute of ing characteristics: computing service B. This is based on the assumption that one 1) It captures an absolute ordering of events; minute is not sufficient time for computing service A to rec2) The events are computing service initializations; 60 ognize the presence of computing service B, and thus the 3) The services are tied to the computing system that hosts close initialization times is more likely the result of a coincithe service; and dence than a real functional dependency. On the other hand, if 4) More than one service can be tied to the same computing the time between initialiZations is too long (in the example, system. more than 60 minutes), this would suggest that the service When evaluating the event logs, the technical names for the 65 that was initialized later does not depend on the service that services may be quite different from the human-readable was initialized earlier. Otherwise, the later-initialized service forms represented above. There could thus be a mapping of would have tried to initialize earlier. Between these two
US 7,480,822 Bl 11
extremes, there are time differences that suggest varying possibilities for the existence of a dependency. In one example, suppose that there were five instances of the initialization of A being after the initialization of B. Suppose that in one of those events, out of coincidence, the 5 initialization of A occurred simultaneous to the initialization of B. This would result in no increase in the dependency factor for that one sample. However, suppose that the other four initializations of A occurred 10 minutes after a corresponding initialization of B. This would result in a heavy to weighting of these events in the dependency factor since 10 minutes suggests the maximum possibility of a dependency between the two using the function of FIG. 8. Of course, the function illustrated in FIG. 8 is completely arbitrary. The precise form of the function may be altered over 15 time as the characteristics of a particular system become better known. The function may also be improved upon through experimentation to see how much predictive behavior the function provides. Alternatively or in addition, the function may be selected by a user, and/or tuned using other 20 measures. ln one embodiment, the function is skewed using, for example, a gamma or lognormal distribution. The following Table 2 illustrates an example matrix that may be constructed using act 701 of FIG. 7 for the initializations often different computing services abstractly referred to 25 as A through J. TABI ,F 2
A A B C D E F G H 1 1 NA -0.30 -0.31 0.93 0.87 -0.24 -0.27 0.93 -0.44 0.89 BCD 0 F GHII
12
5. the primary computing system 330 would be booted first, followed by primary computing system 320, followed by the primary computing system 310. Having described a mechanism for deriving the boot order, an application of the principles of the present invention to the recovery of many primary computing systems to a single recovery computing system will be described with respect to the more complex network site environment 900 illustrated in FIG. 9. The environment 900 may be, for example, a web site that is constantly operational. Such web sites rely on customers having reliable access to the services provided by the web site. Depending on the nature and size of the web site, downtime can result in significant lost revenue. Accordingly, such web sites would benefit by having contingency plans whereby services may be restored as quickly as possible even in the event of a catastrophic failure in which the primary computing systems are no longer physically available. In that case. the recovery computing system may be located some safe distance from the primary computing systems. Referring to FIG 9, the network site 900 includes multiple servers 910 that are connected to a network 930. These servers may include, for example, an Active Directory (AD) server, a Domain Name Server (DNS) server, an e-mail server, a file server, a print server, or the like. In addition, the network site 900 may also include a number of client machines such as desktops and laptops 920. Each of these servers 910 and laptops 920 may be treated as a primary 30 computing system as described above. The web site 900 also includes a recovery computing system 940, which has captured the running state of the servers 910 and clients 920 as of a particu lar point in time. Each of the running states has the injected standard device driver(s) to 35 permit the rumnng state to operate on the recovery computing system 940 even though the recovery computing system 940 regardless of the hardware configuration of the recovery computing system 940. The recovery computing system 940 also has access to the network 930. 40 In case the servers 910 and clients 920 experience a catastrophic failure and are lost, the recovery computing system 940 may quickly take over the operations of the network site 900. This would happen by activating all of the running states in an appropriate order (e.g., honoring the desired boot orders 45 for the servers and clients), and then having the recovery computing system 940 use the various running states to continue operation. This may also be done in a testing scenario in which the servers 910 and clients 920 continue operation. 50 In a disaster event, once the specific hardware for the servers 910 and clients 920 has been replaced, the running states may be restored back to the appropriate replacement server or client. In the meantime, however, the recovery computing system 940 has been operational thereby preventing 55 much lost down tittle. Accordingly, the principles of the present invention allow prompt recovery from the catastrophic failure of primary computing systems even when those primary computing systems are lost, and replacement hardware is not immediately 60 available. The present invention may be embodied in other specific forms without departing from its spirit or essential characteristics. The described embodiments are to be considered in all respects only as illustrative and not restrictive. The scope of the invention is, therefore, indicated by the appended 65 claims rather than by the foregoing description. All changes, which come within the meaning and range of equivalency of the claims, are to be embraced within their scope.
NA 0.85 -0.19 -0.46 0.99 0.94 -0.19 0.83 -0.35
NA -0.16 NA -0_28 0.89 NA 0.86 -0.16 -0.41 NA 0.82 -0.13 -0.42 0.95 NA -0.15 0.55 0.89 -0.16 -0.13 NA 0.96 -0.28 -0.42 0.84 0.84 -0.28 NA -0.21 0.84 0.93 -0.31 -0.38 0.84 -0.38 NA
In Table 2, negative values indicate that the computing service in the row occurs before the computing service in the colunm. Conversely, positive values indicate that the computing service in the column occurs before the computing service in the row. In this case, act 702 may involve simply identify the pair of computing services having an absolute value greater than some threshold amount (e.g., 0.7) as having a dependency. Returning back to FIG. 5, the initialization order is then derived for the computing services in the system based on the estimated initialization dependencies (act 503). Referring back to FIG. 4, the initialization ordering may be constructed based on the following four initialization dependencies: 1) 421 depends on 422; 2) 431 depends on 432; 3) 411 depends on 421; and 4) 411 depends on 431. In the physical boot embodiment, the derivation of an initialization ordering constitutes the derivation of a boot order, since the computing services are the physical primary computing systems, and the initializations of the primary computing systems is the same as a booting of the computing system. However, even outside of the physical boot embodiment, where the computing services are software components, the boot order of the primary computing systems themselves may be derived (act 504) based on the initialization ordering for the computing services. For instance, referred to
US 7,480,822 B1 13
What is claimed and desired secured by United States Letters Patent is: I. A method for restoring access to running states of a plurality of primary computing systems onto a single computing system, the method comprising the following: an act of accessing a captured running state of each of the primary computing systems on the single computing system, wherein the captured running states each include, or are altered to include, at least one device driver that is configured to interface with a common virtualization component that runs on the single computing system, wherein the common virtual izat ion component is configured to at least indirectly interface with hardware on the single computing system that operates at least part of the hardware using a different interface than the at least one device driver is configured to interface with; an act of identifying a boot order for each of the primary computing systems; and an act of booting the captured running states for each of the primary computing systems in the identified boot order on the single computing system. 2. A method in accordance with claim 1, further comprising: an act of capturing the miming states of each of the primary computing systems. 3. A method in accordance with claim 2, further comprising: an act of ensuring that each of the captured running states includes at least one device driver that is configured to interThce with a common virtualization component. 4. A method in accordance with claim 3, wherein the act of capturing occurs before the act of ensuring. 5. A method in accordance with claim 3, wherein the act of capturing occurs after the act of ensuring. 6. A method in accordance with claim 1, wherein the at least one device driver are each the same on each of the captured running states. 7. A method in accordance with claim 1, wherein the act of identifying a boot order for each of the primary computing systems comprises: an act of the single computing system receiving an identification of the boot order from a source external to the single computing system. 8. A method in accordance with claim 1, wherein the act of identifying a boot order for each of the primary computing systems comprises the following: an act of monitoring initialization timestamps for a plurality of computing services that operate on die primary computing systems for one or more prior initializations of the plurality of computing services; an act of automatically estimating one or more initialization dependencies of pairs of the plurality of computing services of the plurality of computing systems based on the act of monitoring; an act of automatically deriving an initialization ordering for the plurality of computing services of the plurality of primary computing systems based on the estimated one or more initialization dependencies; and an act of deriving the boot order based on the act of deriving the initialization ordering for the plurality of computing services of the plurality of primary computing systems. 9. A method in accordance with claim 8, wherein the act of estimating one or more initialization dependencies comprises:
14
for multiple pairs of the plurality of comput ing services, an act of estimating a sequential time-based correlation for the pair of initialization of the computing services; and an act of estimating that the pairs of computing services with higher sequential time-based correlation have an initialization dependency. 10.A method in accordance with claim 8, wherein the act of monitoring initialization times for the plurality of computing services for one or more prior initializations of the plurality of computing services comprises the following: an act of monitoring one or more initialization event logs for each of the plurality of primaiy computing systems; and an act of filtering the one or more initialization event logs for events related to initialization of the plurality of computing services. 11.A method in accordance with claim 1, wherein the act of identifying a boot order for each of the primary computing systems comprises the following: an act of monitoring boot times of the plurality of primary computing systems for one or more prior boots of the plurality of primary computing systems; an act of automatically estimating one or more boot dependencies of the plurality of primary computing systems based on the act of monitoring; and an act of automatically estimating the boot order for the plurality of primary computing systems based on the estimated one or more boot dependencies. 12.A method in accordance with claim 1, wherein each of the running states is an entire volume of the . corresponding primary computing system. 13..A method in accordance with claim 1, further comprising: an act of the common virmalization component emulating the network between at least two of the plurality of primary computing systems when the capture running states of the at least two primary computing systems . attempt to communicate over the network. 14. A method in accordance with claim 1, wherein the common virtualization component is configured to interface with hardware on the single computing system using an operating system of the single computing system. 15. A computer program product comprising one or more computer-readable storage media having thereon computerexecutable instructions that, when executed by one or more processors of a single computing system, cause the single computing system to perform a method for restoring access to running states of a plurality of primary computing systems onto the single computing system, the method comprising the following: an act of accessing a captured running state of each of the primary computing systems on the single computing system, wherein the captured running states each include, or are altered to include, at least one device driver that is configured to interface with a common virtualization component that runs on the single computing system, wherein the common virtualization component is configured to at least indirectly interface with hardware on the single computing system, at least part of the hardware using a different interface than the at least one device driver is configured to interface with; an act of identifying a boot order for each of the primary computing systems; and an act of booting the captured running states for each of the primary computing systems in the identified boot order on the single computing system.
10
15
20
25
30
35
46
45
50
55
60
65
US 7,480,822 Bl 15
16.A computer program product in accordance with claim 15, wherein the one or more computer-readable media are physical memory media. 17. A method for restoring access to running states of a plurality of primary computing systems onto a single computing system, the method comprising the following: an act of capturing the running states of each of the primary computing systems; an act of ensuring that each of the captured running states includes at least one device driver that is configured to interface with a common virtualization component, wherein the common virtualization component is configured to at least indirectly interface with hardware on the single computing system, at least part of the hardware using a different interface than the device driver is configured to interface with; an act of identifying a boot order for each of the primary computing systems; and an act of booting the captured miming states for each of the primary computing systems in the identified boot order on the single computing system. 18. A computing system comprising: one or more processors; at least one hardware component; a device driver that is configured to interface with operating systems using a hardware interface to thereby control the hardware component; one or more computer-readable media having thereon the following: computer-executable instructions that, when executed by the one or more processors, causes the computing system to operating a common virtualization component that is configured to at least indirectly interface with the device driver; a captured running state for each of a plurality of primary computing systems, wherein each capture running state contains, or is altered to contain, at least one device driver, at least some of which operate using a different interface than the hardware interface; and computer-executable instructions that are structured such that, when executed by the one or more processors, they cause the computing system to perform the following: an act of identifying a boot order for each of the primary computing systems; and an act of booting the captured running states for each of the primary computing systems in the identified boot order on the single computing system. 19. A computing system in accordance with claim 18, wherein the computer-readable media are physical memory media.
16
20. A computing system in accordance with claim 18, wherein the one or more computer-readable media further having thereon: computer-executable instructions that are structured such that, when executed by the one or more processors, they cause the computing system to operate the operating system, wherein the common virtualization component interfaces with the device driver through the operating system. 21. A method comprising: inserting a first device driver into a first running state of a first computing system, the first device driver being configured to interface with a virtualization component on a recovery system; inserting second device driver into a second running state of a second computing system, the second device driver being configured to interface with the virtualization component on the recovery system; capturing the first running state of the first computing system; capturing the second running state of the second computing system; including the virtualization component on the recovery computing system; restoring the first running state to the recovery computing system, the first device driver interfacing with hardware of the recovery system through the virtualization component; restoring the second miming state to the recovery computing system, the second device driver interfacing with the hardware of the recovery system through the virtualization component; providing access to the first and second running states. 22. The method of claim 21, further comprising: including an operating system on a recovery computing system, the virtualization component interfacing with the hardware of the recovery system through the operating system. 23. The method of claim 21, further comprising: identifying a boot order for the first and second computing systems; booting the first and second running states in the boot order. 24. The method of claim 23, wherein identifying a boot order further comprises: monitoring initialization timestamps for the first and second computing systems that operate on the computing systems for one or more prior initializations of the computing services. 25. The method of claim 21, further comprising: emulating a network between the first and second computing systems.
10
15
20
25
30
35
40
45
50
EXHIBIT C
1 111111111111111111111 11111111)Ejill! 1 1 1 1111111111111111111111

(12)

Greene et al.
RESTORATION OF GRANULAR APPLICATION DATA
(45)
(10) Patent No.: US 7,831,861 B1 Date of Patent: Nov. 9, 2010

714/19 707/679 711/162 714/6 714/15 1/1 707/639 707/9 7071204 7111162
(54) TECHNIQUES FOR EFFICIENT
(75) Inventors: Christopher Greene, Longwood, FL (US); Derek D. Dickinson, Sanford, FL (US) (73) Assignee: Symantec Corporation, Mountain View, CA (US) * ) Notice: Subject to any disclaimer, the term of this patent is extended or adjusted under 35 U.S.C. 154(b) by 414 days.
7,036.043 B2* 4/2006 Martin et al. 7,051,050 B2* 5/2006 Chen et al. 7,165.156 B1* 1/2007 Cameron et al. 7,437,603 B2* 10/2008 Ebata et al. 7,543.181 B2* 6/2009 Buxton et al. 7,653,612 B1 * 1/2010 Veeraswarny et al. 7,716.183 B2* 5/2010 Lee 2004/0133575 Al * 7/2004 Fanner et al. 2006/0155784 Al* 7/2006 Kusters et al. 2006/0179261 A1* 8/2006 Rajan
OTHER PUBLICATIONS
U.S. Appl. No. 11/967.667, filed Dec. 31, 2007.
* cited by examiner
Primary ExaminerGabriel L Chu (74) Attorney. Agent, or Firm -- -Hunton & Williams, LLP
(21) Appl. No.: 12/027,574 (22) Filed: (51) Int. Cl.

GO6F 11/00 (2006.01) (52) U.S. Cl. (58) Field of Classification Search
714/15; 707/685 Feb. 7, 2008
(57)
ABSTRACT
707/674 679, 707/680, 682, 685 See application file for complete search history.
References Cited
(56)
U.S. PATENT DOCUMENTS

6.016,553 A * 1/2000 Schneider et al. 6,594,781 B1 * 7/2003 Kornasaka et al. 6,957,362 B2* 10/2005 Armangau 714/21 714/19 714/20
Techniques for efficient restoration of granular application data are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for restoring one or more portions of application data comprising virtualizing one or more backup files of the application data into a specified staging area, running a recovery process for the one or more backup files, virtualizing the one or more backup files and the one or more recovery files, instantiating an instance of an application utilizing the virtualized one or more backup files and the virtu al ized one ormore recovery files, and recovering one or more portions of the application data. 19 Claims, 4 Drawing Sheets
Application Server 110 Backup Component 115
Backup Server 150
Recovery Server 160
Storage 140
Stora Application Data 130
iIii
tirik Storage 165 Staging Area 170
Backup Data 145
Backup Server 150
Recovery Server 160
g 140
Storage 125
liiii
Storage 165 Staging Area 170
Backup Data 145
Application Data 130
Fig. .1
i ll198`18 `L
sa
lualucl *S11
Backup Server 150
Appliance 20
Recovery Server 160
Applance 260
iii Storage 125

Storage 165 Application Data 130 Staging Area 170
Storage 140
Backup Data 145
Fig. 2
I ff198`I 8`LSil
Vialud "Sil
U.S. Patent
Nov. 9, 2010
Sheet 3 of 4
US 7,831,861 B1
31
Start 310
315
r\..
Run Backup on Application Server
Export Backup Data 320 r\-]
Create Staging Area 325
330H
Virtualize Backup Data into Staging Area
4,
335H Copy Additional Data into Staging Area
340r\-
"I
Recover Application Writing Recovery Information to a Separate File
V
345 Store Recovery Files and Backup Data
V
350 End
Fig. 3
U.S. Patent
Nov. 9, 2010
Sheet 4 of 4
US 7,831,861 B1
4114
Start 410
415
r\.s
Select Desired Data for Recovery
lir
Create Staging Area 420H
425 r\ -1
Read Backup Data and Recovery Information into Staging Area
430
Ilr Analyze Data Structure for Redundancy 440
435
445
Virtualize Backup data and Recovery Data
450
Open Application Instance Utilizing Virtualized Data
460
r\_,I Obtain Desired Recovery Data

End
465
Fig. 4
US 7,831,861 Bl 2
one carrier by at least one processor and thereby cause the at least one processor to operate so as to vinualize one or more backup files of the application data into a specified staging area, and run a recovery process for the one or more backup FIELD OF THE DISCLOSURE 5 files. The recovery process may include enabling recovery by writing recovery changes to one or more recovery files, The present disclosure relates generally to restoration of wherein writing recovery changes to one or more recovery granular data and, more particularly, to techiques for effifiles allows the one or more backup files to remain unmodicient restoration of granular application data. fied. The recovery process may also include saving the one or BACKGROUND OF THE DISCLOSURE more backup files and the one or more recovery files. The instructions may also be configured to cause the at least one Restoring one or more portions of application data may processor to operate so as to virtualize the one or more backup require a data store to be recovered in order to restore the data. files and the one or more recovery files, instantiate an instance Recovery of a data store may involve ensuring that adequate 15 of an application utilizing the virtu a lized one or more backup space is available for one or more files of the data store. tiles and the virtualized one or more recovery files, and Duplication of the one or more files may require significant recover one or more portions of the application data. space and time. Running a recovery process may require In yet another particular exemplary embodiment, the techwriting transactions from one or more files, such as a log file, to a database being recovered. Thus, the recovery process 20 niques may be realized as a system for restoring one or more may be time consuming as well. The recovery process may portions of application data comprising one or more procesalso require significant processing resources. Additionally, sors communicatively coupled to a server. The server may be recovery processes may fail for one or more reasons. configured to virtualize one or more backup files of the appliA user wishing to restore one portion of application data cation data into a specified staging area, and run a recovery may be required to address the above challenges in order to 25 process for the one or more backup files. The recovery prorestore a file. The recovered application data store may be a cess may include enabling recovery by writing recovery secondary data store in addition to a data store utilized by a changes to one or more recovery files, wherein writing recovproduction instance. It may not be practical, cost efficient or ery changes to one or more recovery tiles allows the one or even possible for a user to pennanently allocate resources to maintain a recovered data store once the desired portions of 30 more backup files to remain unmodified. The recovery prodata have been restored. An administrator or other user may cess may also include saving the one or more backup files and thus eliminate a recovered data store after the desired portions the one or more recovery files. The server may also be conof data have been restored. Subsequent to elimination of the figured to virtualize the one or more backup files and the one recovered data store, the recovery of one or more secondary or more recovery files, instantiate an instance of an applicaportions of data from the same backup files may be desired. 35 tion utilizing the virtualized one or more backup files and the This may require the recovery of the same data store again virtualized one or more recovery tiles, and recover one Or along with another associated delay and usage of resources. more portions of the application data. In view ofthe foregoing, it may be understood that there are The present disclosure will now be described in more detail significant problems and shortcomings associated with current granular application data restoration technologies. 40 with reference to exemplary embodiments thereof as shown in the accompanying drawings. While the present disclosure SUMMARY OF THE DISCLOSURE is described below with reference to exemplary embodiments, it should be understood that the present disclosure is Techniques for efficient restoration of granular application not limited thereto. Those of ordinary skill in the art having data are disclosed. In one particular exemplary embodiment, 45 access to the teachings herein will recognize additional the techniques may be realized as a method for restoring one implementations, modifications, and embodiments, as well as or more portions of application data. The method may comother fields of use, which are within the scope of the present prise virtualizing one or more backup files of the application disclosure as described herein, and with respect to which the data into a specified staging area, and running a recovery present disclosure may be of significant utility. process for the one or more backup files. The recovery pro- so cess may include enabling recovery by writing recovery BRIEF DESCRIPTION OF THE DRAWINGS changes to one or more recovery files, wherein writing recovery changes to one or more recovery files allows the one or In order to facilitate a fuller understanding of the present more backup files to remain unmodified. The recovery process may also include saving the one or more backup files and 55 disclosure, reference is now made to the accompanying drawthe one or more recovery files. The method may also comprise ings, in which like elements are referenced with like numervirtualizing the one or more backup files and the one or more als. These drawings should not be construed as limiting the recovery files, instantiating an instance of an application utipresent disclosure, but are intended to be exemplary only. lizing the virtualized one or more backup files and the virtuFIG. 1 shows a system for the restoration of granular data alized one or more recovery files, and recovering one or more 60 in accordance with an embodiment of the present disclosure. portions of the application data. FIG. 2 shows a system for the restoration of granular data In another particular exemplary embodiment, the techcontained in a continuous data protection environment in niques may be realized as an article of manufacture forrestoraccordance with an embodiment of the present disclosure. ing one or more portions of application data, where the article FIG. 3 shows a method for storing data to enable the resof manufacture comprises at least one processor readable 65 carrier, and instructions carried on the at least one carrier. The toration of granular data in accordance with an embodiment instructions may be configured to be readable from the at least of the present disclosure.
TECHNIQUES FOR EFFICIENT RESTORATION OF GRANULAR APPLICATION DATA
US 7,831,861 B1 3
FIG. 4 shows a method for restoration of granular data in accordance with an embodiment of the present disclosure.
Backup server 150 may process one or more backup requests and may provide backup services to one or more hosts, such as, for example, application server 110. Backup DETAILED DESCRIPTION OF EXEMPLARY server 150 may utilize storage 140 for backup data 145. EMBODIMENTS 5 Backup data 145 may contain logs, tiles, or other data structures containing backed up application data. Backup data 145 Referring to FIG. 1, there is shown a system :100 for the may also contain recovery files whicb may be delta files restoration of granular data in accordance with an embodicontaining changes that would be written to an application ment of the present disclosure. Applicat ion server 110 may be data store or a database during recovery. Backup data 145 a server hosting one or more applications. Backup component to may also contain exported data of a backup target. For 115 may facilitate backup of application server 110. Appliexample, backup data 145 may contain one or more exported cation server 110 may be communicatively coupled to storage snapshots of data associated with application server 110, such 125. Storage 125 may be storage that may be utilized by as snapshots of application data 130. The one or more application server 110 to store application data 130, or other exported snapshots may appear as local disks to backup data associated with application server 110 or backup com- 15 server 150. In some embodiments, application data, such as ponent 115. Application server 110 may be communicatively snapshots of application data 130, may be exported to storage coupled to network 135. One or more additional devices may associated with a separate device for recovery, such as storage be communicatively coupled to network 135, such as backup 165. In some embodiments, backup images of application server 150 and recovery server 160. Backup server 150 may data may be exposed to a backup server 150 as a shared be conmiunicatively coupled to storage 140. Storage 140 may 20 resource. contain backup data 145. Recovery server 160 may be comStorage 140 may host a staging area for recovery, and municatively coupled to storage 165. Storage 165 may conbackup server 150 may run a recovery process. In other tain staging area 170. embodiments, a recovery process may be run on recovery Application server 110 may he a server, a laptop, or other server 160. computer capable of supporting one or more applications. 25 Recovery server 160 may be a separate device, such as a Applications may include, for example, Microsoft server, from application server 110. Recovery server 160 may ExchangeTm, other email applications, workgroup applicaenable a backup server or an application server to avoid the tions, file sharing applications, and other applications processing burden that may be associated with recovery. In enabling the creation of application data. Application server one or more embodiments, recovery server 160 may be a 110 may enable a user to create application data such as, for 30 process and may run on application server 110 or on one or example, an email, a document, a list, an image file, a posting, more additional servers or devices. Recovery server 160 may a web page, xml data, a sound file, and a video file. or other utilize storage 165 to host staging area 170. Recovery server application data. Application server 110 may utilize plat160 may enable the running of one or more recovery proforms or storage mechanisms such as databases or file syscesses and the instantiation of an application utilizing a recovtems which may utilize storage 125. 35 ered data store. Backup component 115 may be a backup process, job, Staging area 170 may represent storage space utilized for device or mechanism utilized to ensure one or more portions the recovery of one or more application data stores. Staging of application data is backed up. In some, embodiments, area 170 may facilitate the restoration of application data backup component 115 may be an input/output (I/O) redirecstores, such as databases. Staging area 170 may enable an tor, a splitter or another device or process utilized to replicate 40 application server or a backup server to avoid the burden transactions directed to storage 125 to one or more secondary associated with storing one or more data files for the restorastorage devices. Backup component 115 may enable snaption of a data store. shots of backup data, exporting of backup data, the running of Referring to FIG. 2, there is shown a system 200 for the backup jobs and other processes ensuring data backup and restoration of granular data contained in a continuous data integrity. 45 protection environment in accordance with an embodiment of Storage 125, 140, and 165 may be local, remote, or a the present disclosure. FIG. 2 is a simplified view of system combination thereof to application server 110. Storage 125, 200 and may include additional elements that are not 140, and 165 may utilize a redundant array of inexpensive depicted.As illustrated, FIG. 2 may contain many of the same disks (RAID), a redundant array of inexpensive nodes elements as discussed in reference to FIG. 1, including appli(RAIN), tape, disk, a storage area network (SAN), or other 50 cation server 110, backup component 115, storage 125, applicomputer accessible storage. Storage 125 may contain application data 130, network 135, recovery server 160, storage cation data 130. 165, staging area 170, backup server 150, storage 140, and Application data 130 may include data written by one or backup data 145. FIG. 2 may additionally include appliance more applications hosted by application server 110. Applica220 and appliance 260. tion data 130 may contain one or more user created data files 55 Appliances 220 and 260 may be continuous data protection such as, for example, a document, a list, an image file, an and replication (CDP/R) devices which may provide continuemail, a posting, a web page, xml data, a sound file, and a ous data protection and replication (CDP/R) services to applivideo file. Application data may be stored in one or more cation server 110. CDP/R services may be provided through formats or data structures. Data structures may be determined the use of a network switch or may be provided through a by an underlying platform or system supporting an applica- 60 continuous data protection and replication appliance. In one tion. or more embodiments, appliances 220 and 260 may be netNetwork 135 may be a local area network (LAN), a wide work switches providing CDP/R services to application area network (WAN), the Internet, a cellular network, a satserver 110. Appliances 220 and 260 may be communicatively ellite network, or other networks that petmit communication coupled to storage 125 and 140, which may be storage area between application server 110 and other devices operatively 65 networks (SAN). connected to network 135, such as recovery server 160 and In one or more embodiments, storage 125 and 140 may backup server 150. represent storage area networks (SAN), internet small coin-
US 7,831,861 Bl
5
puler systems interface (iSCSI) SANs, Fiber Channel SANs. This may enable a recovery process to run and to write common Internet File Systems (CIFS) or network file sysupdates and/or transactions to a recovery file instead of a tems (NFS). database file. At block 345, the recovery files and the backup data may be Referring to FIG. 3, there is shown a method 300 for storing data to enable the restoration of granular application 5 stored. In one or more embodiments, the backup data may be stored as metadata and it may be part of a backup set. The data in accordance with an embodiment of the present disclostorage of recovery tiles may enable one or more instantiasure. At block 310, the method 300 for storing application tions of an application associated with the backup data to data to enable the restoration of granular data may begin. utilize the recovery files and the data files. The Stored recovAt block 315, a backup may be run on an application server. For example, in reference to FIG. 1, a snapshot may be taken 10 ery files may thus enable an application to be started or a database to be mounted utilizing the one or more recovery by backup component 115 of one or more portions of applifiles as explained in reference to FIG. 4 below. cation data 130. In one or more embodiments, a full backup At block 350, the method 300 may end. may be taken of one or more portions of storage associated Referring to FIG. 4, there is shown a method 400 for with a continuous data protection device providing CDP ser15 restoration of granular application data in accordance with an vices to an application server. embodiment of the present disclosure. At block 410, the At block 320, the backup data may be exported to a backup method 400 for restoration of granular application data may server enabling the data to appear as local to the backup begin. server, such as backup server 150. In one or more embodiAt block 415, a user may browse one or more data items of ments, backup images may be exposed to the backup server, such as backup server 150, as a shared resource. In embodi- 20 a backup data set and may specify one or more items for restoration. ments wherein data is exported or exposed to the backup At block 420, a temporary staging area is created. In some server, a staging area may be created on the backup server. In embodiments, an existing temporary staging area may be some embodiments, data may be exported or exposed to a specified. The temporary staging area may be located on a server which may be utilized for recovery, such as recovery 25 backup server, a recovery server or another platform with server 160. adequate resources for the recovery process. At block 325, a staging area may be created. The staging At block 425, backup data and recovery information may area, such as staging area 170, may be created on a backup be placed or read into the staging area. Backup data may server or another server. The location of the staging area may include database files, log files, data store files, check files, be determined by the availability of storage, processing capa- 30 and/or recovery files. bility, and the presence of one or more portions of a data store At block 430, the data structure of one or more data files to be recovered. For example, if storage 140 has adequate may be analyzed for redundancy. For example, a last log file space and already contains a majority of the data store to be and a current log file of a database backup may be compared. recovered, such as multiple log files, the staging area may be The log files may contain a sequence number, a generation created on storage 140. Recovery may be performed by a 35 indicator or another indicator. server which may be associated with the storage of the staging At block 435, the method 400 may determine if the area, such as backup server 150 for staging areas created on sequence, generation number, or other indicator of the data storage 140. files are identical. If they are, method 400 may continue at At block 330, backup data may be virtualized into a staging block 440. If the indicators are different the method may area. Prior to virtualization the method 300 may determine if 40 continue at block 445. a backup file to be virtualized is on the same volume as the At block 440, if the sequence numbers, generation indicastaging area. If a backup file is on the same volume as the tor, or other indicators contain the same number, one of the volume of the staging area, the virtualization process may data files, such as the last log file, may be deleted. hard link the file into the specified staging area. If the backup At block 445, the backup data and the recovery files may be file to be virtualized is on a separate volume from the volume 45 virtualized. Virtualizing the one or more backup data and/or of the staging area the backup file may be virtually linked into the one or more recovery files may emulate a recovered data the specified staging area. store. In one or more embodiments, virtualization may utilize At block 335, additional data may be copied into a staging a virtual file filter driver. area. For example, a current log file and a last log file of an At block 450, virtualization of the one or more portions of application data store to be recovered may be copied into a 50 backup data and/or the one or more recovery files may enable specified staging area. In one or more embodiments, one or running of an application utilizing the data store. The applimore log files, joumal files, and/or files tracking uncommitted cation may behave as if the data store had been fully recovmodifications to application data may be copied into a staging ered and the virtualization may enable the instantiation and area. use of one or more applications utilizing the data store. At block 340, a recovery process may begin and may utilize 55 .At block 460, one or more users may obtain desired data one or more files and/or virtualized files present in the specifrom the application. The data desired for recovery may then fied staging area. The recovery pmcess may utilize a file filter be read, transferred, or otherwise provided to a production which may enable recovery to avoid modification of backup instance, to user specified storage, or to another output. files and may write recovery data to one or more recovery At block 465, the method 400 may end. files. A file filter may enable virtualization of one or more 60 At this point it should be noted that the efficient restoration portions of a file system_ A file filter may intercept one or of granular data in accordance with the present disclosure as more file system requests and may enable the requests to be described above typically involves the processing of input redirected to other file system locations and/or files. For data and the generation of output data to some extent. This example, a recovery process may use a modified virtual file input data processing and output data generation may be filter driver which may read one or more uncommitted trans- 65 implemented in hardware or software. For example, specific actions in one or more log files and may write the desired electronic components may be employed in an application database updates to one or more recovery files as metadata. specific electronic circuit or similar or related circuitry for
US 7,831,861 Bl
7 8
implementing the functions associated with efficient restoraremoving the last log in the event that the current log and tion of granul ar data in accordance with the present disclosure the last log are redundant. as described above. Alternatively, one or more processors 6. The method of claim 1, wherein the staging area is on at operating in accordance with stored instructions may impleleast one oE a backup server and a third server. ment the functions associated with the efficient restoration of 5 7. The method of claim 1. wherein the one or more backup granular data in accordance with the present disclosure as files comprise snapshots of an application server which are described above. If such is the case, it is within the scope of provided to a backup server by at least one oE exporting the the present disclosure that such instructions may be stored on one or more backup files to the backup server and exposing one or more processor readable carriers (e.g., a magnetic disk the one or more backup files as a shared resource. or other storage medium), or transmitted to one or more to 8. The method of claim 1. wherein the one or more backup processors via one or more signals embodied in one or more files are created by performing a full backup of one or more carrier waves. devices enabling continuous data protection of the applicaThe present disclosure is not to be limited in scope by the tion data. specific embodiments described herein. Indeed, other various 9. The method of claim 1, wherein the one or more files embodiments of and modifications to the present disclosure, 15 provided into the specified staging area comprise at least one in addition to those described herein, will be apparent to those oE a log file, a journal file, and a file tracking uncommitted of ordinary skill in the art from the foregoing description and modifications to application data. accompanying drawings. Thus, such other embodiments and 10. The method of claim 1. wherein virtualizing one or modifications are intended to fall within the scope of the more backup files of the application data into a specified present disclosure. Further, although the present disclosure 20 staging location comprises: has been described herein in the context of a particular impledetermining a current location of the one or more backup mentation in a particular environment for a particular purfiles; pose, those of ordinary skill in the art will recognize that its hard linking one or more liles into the specified staging area usefulness is not limited thereto and that the present discloin the event that the one or more files to be hard linked sure may be beneficially implemented in any number of envi- 25 are determined to be on a volume of the specified staging ronments for any number of purposes. Accordingly, the area; and claims set forth below should be construed in view of the full virtually linking one or more files into the specified staging breadth and spirit of the present disclosure as described area in the event that the one or more files to be virtually herein. linked are determined to be on a volume different from The invention claimed is: 30 the volume of the specified staging area. 1. A method for restoring one or more portions of applica11. At least one non-transitory computer processor readtion data comprising: able storage medium for storing a computer program of performing a full backmp; instructions configured to be readable by at least one procesexporting one or more backup files; sor for instructing the at least one processor to execute a creating a specified staging area; 35 computer process for performing the method as recited in virtualizing the one or more backup files of the application claim 1. data into the specified staging area; 12. An article of manufacture for restoring one or more running a recovery process for the one or more backup files portions of application data, the article of Manufacture comwherein the recovery process includes: prising: enabling recovery by writing recovery changes to one or 40 at least one non-transitory computer processor readable more recovery files, wherein writing recovery storage medium; and changes to one or more recovery files allows the one instructions carried on the at least one storage medium; or more backup files to remain unmodified; and wherein the instructions are configured to be readable from saving tbe one or more backup files and the one or more the at least one storage medium by at least one processor recovery files; 45 and thereby cause the at least one processor to operate so virtualizing the one or more backup files and the one or as to: More recovery files; perform a full backup; instantiating an instance of an application utilizing the export one or more backup files; virtualized one or more backup files and tbe virtualized create a specified staging area; one or more recovery files; and 50 virtualize the one or more backup files of the application recovering one or more portions of the application data. - data into the specified staging area; 2. The method of claim 1, wherein virtualizing the one or run a recovery process for the one or more back-up files more backup files and the one or more recovery files emulates wherein the recovery process includes: a recovered data store and enables running of an application enabling recovery by writing recovery changes to one or utilizing the data store. 55 more recovery files, wherein writing recovery 3. The method of claim 2, wherein the emulation of a changes to one or more recovery files allows the one recovered data store enables subsequent restorations of data or more backup files to remain unmodified; and from the data store. saving the one or more backup files and the one or more 4. The method of claim 2, further comprising: recovery files; providing one or more files for the recovery process to the 60 virtualize the one or more backup files and the one or more specified staging area, wherein providing one or more recovery files; files for a recovery process to the specified staging area instantiate an instance of an application utilizing the virtucomprises providing at least one of: a current log and a alized one or more backup files and the virtualized one or last log. more recovery files; and 5. The method of claim 4, further comprising: 65 recover one or more portions of the application data. comparing a current log and a last log prior to virtualiza13. A system for restoring one or more portions of applition, and cation data comprising:
US 7,831,861 Bl 9
one or more processors communicatively coupled to a server; wberein the server is configured to: perform a full backup; export one or more backup files; create a specified staging area; virtualize the one or more backup files of the application data into the specified staging area; run a recovery process for the one or more backup files wherein the recovery process includes: enabling recovery by writing recovery changes to one or more recovery files, wherein writing recovery changes to one or more recovery files allows the one or more backup files to remain unmodified; and saving the one or more backup files and the one or more recovery files; virtualize the one or more backup files and the one or more recovery files; instantiate an instance of an application utilizing the virtualized one or more backup tiles and the virtualized one or more recovery files; and recover one or more portions of the application data. 14. The system of claim 13, wherein virtuali zing the one or more backup files and the one or more recovery files emulates a recovered data store and enables running of an application utilizing the data store.
10
15. The system of claim 14, wherein the emulation of a recovered data store enables subsequent restorations of data from the data store. 16. The system of claim 14, wherein the server is further configured to: provide one or more files for a recovery process to the specified staging area, wherein providing one or more files for the recovery process to the specified staging area comprises providing at least one of: a current log and a last log. 17. The system of claim 16, further comprising: comparing a current log and a last log prior to virtualizaIion. and removing the last log in the event that the current log and the last log are redundant. 18. The system of claim 13, wherein the staging area is on at least one of a backup server and a third server. 19. The system of claim 13, wherein the one or more backup files comprise snapshots of an application server which are provided to a backup server by at least one of: exporting the one or more backup files to the backup server and exposing the one or more backup files as a shared resource.
10
15
20
EXHIBIT D
11111111111111111111111111! 11 ) 111!11111111111111111111111
(12)
ili1

Stringham
(45)
(10) Patent No.: US 8,117,168 B1 Date of Patent: Feb. 14, 2012
(54) METHODS AND SYSTEMS FOR CREATING

AND MANAGING BACKUPS USING VIRTUAL DISKS
(75) Inventor:
Russell Stringham, Orem, UT (US)
(73) Assignee: Symantec Corporation, Mountain View, CA (US)

( )
Notice:
Subject to any disclaimer, the term of this patent is extended or adjusted under 35 U.S.C. 154(b) by 295 days.
Perilli, Alessandro; "Microsoft Vista CompletePC Backup will Use Virtual Server Virtual Disk Format"; Jun. 24, 2006; http://www. virtualization.info/2006/06/microsoft-vista-completepc-backupwill.html. "Explore the features: Windows Backup and Restore Center"; (accessed on May 14, 2009); hup://www.microsofl.comIwindows/ windows-vista/features/backup.aspx. Stevenson, Dan; Backup and Restore in Windows Vista and Windows Server Longhorn; http://download.microsoll.com/download/5/b/9/ 5697017b-e28a-4bae-ba48-174cf47d23cd/BUS107_WH06.ppt. "Windows Vista: A Guide to Windows Vista Backup Technologies"; (accessed May 18, 2009); http://technet.microsoft.com/en-us/magazine/2007.09.backup.aspx. Van Rietschote; "SW virtualization (aka VMware)"; Oct. 25, 2001; Veritas.
(21) Appl. No.: 12/415,278 (22) Filed:

(51) (52) Mar. 31, 2009
* cited by examiner
Primary Examiner Cheryl Lewis Assistant Examiner Scott A Waldron (74) Attorney, Agent. or Firm Advantedge Law Group 707/646; 713/2
(58) (56)
Int. Cl. GO6F 17/30 (2006.01) U.S. Cl. Field of Classification Search
707/648 See application file for complete search history.

References Cited
U.S. PATENT DOCUMENTS

7,266,655 B1 * 9/2007 Escabi et al. 7,356,679 B1 * 4/2008 Le et al. 2010/0049930 Al * 2/2010 Pershin et al. 2010/0153617 A 1 * 6/2010 Miroshnichenko et al. 711/162 713/1 711/162 711/6
OTHER PUBLICATIONS
"VMware Consolidated Backup Product Datasheet". Item Number: 07Q4_VM_CB3-5_DS_EN_R2, VMware, Inc. 2007, pp. 1-2.* "VMware Converter User's Manual", Item Number: VMC-ENGQ407-281, VMware, Inc. 2007, pp. 1-16.*
(57) ABSTRACT A computer-implemented method may, at a first point in time, back up at least a portion of a data-storage entity to a first virtual-disk file. The computer-implemented method may capture, in a second virtual-disk file, at least one change made to data in the data-storage entity after the first point in time. The computer-implemented method may also create a parentchild relationship between the first virtual-disk file and the second virtual-disk file, with first virtual-disk file being a parent of the second virtual-disk file. The computer-implemented method may further copy data stored in the second virtual-disk file to the first virtual-disk file so that the first virtual-disk file includes the at least one change made to data in the data-storage entity after the first point in time. Various other methods, systems, and computer-readable media are also disclosed.
14 Claims, 6 Drawing Sheets
Backup Virtual-Disk File
1211
132
Empty Virtual-Disk File
12a
Em pty Virtual-Disk Fie .131
134
Point in lime
400
Point In Time 412
Point in Time 414
Time
U.S. Patent
Feb. 14, 2012
Sheet 1 of 6
US 8,117,168 B1
System 1QQ
Modules 110
Storage Entities 120
Backup Module 112
Data-Storage Entity 122
Recovery Module 114
Backup Virtual-Disk File 124
Empty Virtual-Disk File 126
130
Ba
Empty Virtual-Disk File 134
FIG. 1
U.S. Patent
200
Feb. 14, 2012
Sheet 2 of 6
US 8,117,168 B1
At a first point in time, backup at least a portion of a data-storage entity to a first virtual-disk file 210
Capture, in a second virtual-disk file, at least one change made to data in the data-storage entity after the first point in time 220
V Create a parent-child relationship between the first virtual-disk file and the second virtual-disk file, the first virtual-disk file being a parent of the second virtual-disk file 230
Copy data stored in the second virtual-disk file to the first virtual-disk file so that the first virtual-disk file includes the at least one change made to data in the data-storage entity after the first point in time 240
FIG. 2
U.S. Patent
Feb. 14, 2012
Sheet 3 of 6
US 8,117,168 B1
300
Start
At a first point in time, back up at least a portion of a data-storage entity to a first virtual-disk file 2.QL
Create a first empty virtual-disk file
310
4'
Create a parent-child relationship between the first virtual-disk file and the first empty virtual-disk file, the first virtual-disk file being a parent of the first empty virtual-disk file 315
Capture, in a second virtual-disk file, at least one change made to data in the data-storage entity after the first point in time
Create a parent-child relationship between the first virtual-disk file and the second virtual-disk file, the first virtual-disk file being a parent of the second virtual-disk file
325
Create a second empty virtual-disk file 330
Create a parent-child relationship between the second virtual-disk file and the second empty virtual-disk file, the second virtual-disk file being a parent of the second empty virtual-disk file 335
Copy data stored in the second virtual-disk file to the first virtual-disk file so that the first virtual-disk file includes the at least one change made to data in the data-storage entity after the first point in time 340
Modify the parent-child relationship of the second empty virtual-disk file such that the second empty virtual-disk file is a child of the first virtual-disk file instead being a child of the second-virtual-disk file
345
Delete the second virtual-disk file and the first empty virtual-disk file
350
End
FIG. 3
128
132
Point in Time
400
41g
Point in Time 412
Point in Time 414
Time
FIG. 4
la 89 1'G1IINSil
9 J O 17P ais
lu alv d *S l
Computing System 510
L>,
Processor A System Memory Memory Controller L$ 1 I/0 Controller 52.Q. Communication Interface 522
V Communication Infrastructure 512 Display Adapter 526 Input Interface 530 Storage Interface 534
Display Device 524
Input Device 528
V Primary Storage Device
Backup Storage Device
532
FIG. 5
Itt89 1`LI V8Sfl
9 Jo i laatIS
ItoTed*S11
rD
ss ts.)
Network Architecture 600
H
V
Device I
660(11

660(N1
H Device I
Server
640
Intelligent Storage Array 5..K
Client
620
Device Server
690(11
Device I
670(1)
a Device
690(N1
I I
FIG. 6
670(N)
DI 89 1 `LI V8
Device I
9 Jo 9 i aaqs
zroz `r i .clad
Walud* S11
US 8,117,168 B 1 2
In some embodiments, the first virtual-disk file may include a hill backup of the data-storage entity, and .the second virtual-disk file may include an incremental backup of the data-storage entity. In other embodiments, the first and 5 second virtual-disk files may both be incremental backups of BACKGROUND the data-storage entity. According to certain embodiments, Backup and recovery are two significant issues fitcing the first and second virtual-disk files may comprise a virtualmachine-disk-thrmat file or a virtual-hard-disk file. Information Technology ("IT") administrators. Whether In various embodiments, the backup module may create an from physical failure, human error, or a system crash, data loss is inevitable without an appropriate backup and recovery to empty virtual-disk file. The backup module may then create a parent-child relationship linking the first virtual-disk file to solution. IT administrators may examine their recovery point the empty virtual-disk file. Some embodiments may include a objectives ("RPO") and recovery time objectives ("RTO") recovery module that may retarget the empty virtual-disk file when considering a proper backup and recovery solution. An IT organization may have a system that allows some data loss Is to enable a virtual machine to boot from the first virtual-disk file. The recovery module may use the first empty virtual-disk and only requires a backup once every day. Another system file to boot a virtual machine from the first virtual-disk file. may require every change to be backed up, allowing data to be Features from any of the above-mentioned embodiments may recovered front any point in time. Some non-critical systems be used in combination with one another in accordance with may allow several days to recover after a failure; however, the general principles described herein. These and other other critical systems, requiring high-availability, may 20 embodiments, features, and advantages will be more fully require immediate failover. understood upon reading the following detailed description in Some IT organizations use physical machines for backup conjunction with the accompanying drawings and claims. and recovery. A physical recovery point may need to be configured with hardware identical to a failed machine to recover BRIEF DESCRIPTlON OF THE DRAWINGS data for the failed machine. Other solutions may allow recov- 25 ery machines and failed machines to have different hardware, The accompanying drawings illustrate a number of exemwhich may necessitate modifying data backed up from the plary embodiments and are a part of the specification. failed machine to allow the data to run On the recovery Together with the following description, these drawings demmachine. onstrate and explain various principles of the instant discloSystems that need short recovery times may include a 30 sure. substantial amount of hardware redundancysometimes up FIG. 1 is a block diagram of an exemplary system for to twice the number of physical machines needed for day-tocreating and managing backups using virtual disks according day operations. The extra machines may contain hot backups to certain embodiments. that allow a failed machine to be replaced instantly. In addiFIG. 2 is a flow diagram of an exemplary method for tion to the extra hardware costs, such disaster recovery sys- 35 creating and managing backups using virtual disks according tems may consume management resources to keep the to certain embodiments. backup machines and the production machines in sync. FIG. 3 is a flow diagram of another exemplary method for IT administrators are increasingly turning to computer syscreating and managing backups using virtual disks according . tem virtualization to better administer and manage their infrato certain embodiments. structures. In some cases, virtualization may reduce overall 40 FIG. 4 is a timeline showing backup events of an exemplary costs, including those associated with backup and recovery. system for creating and managing backups using virtual disks Some traditional backup and recovery systems may impleaccording to certain embodiments. ment virtualization by converting a backup file to a virtualFIG. 5 is a block diagram of an exemplary computing disk file to allow a virtual machine to be booted front the system capable of implementing one or more of the embodivirtual-disk file. Unfortunately, converting backup files to 45 ments described and/or illustrated herein. virtual-disk files may consume additional data storage and FIG. 6 is a block diagram of an exemplary computing may involve substantial input/output (1/0") and processing. network capable of implementing one or more of the embodiments described and/or illustrated herein. SUMMARY Throughout the drawings, identical reference characters 50 and descriptions indicate similar, but not necessarily identiThe instant disclosure is directed to methods and systems cal, elements. While the exemplary embodiments described for creating and managing backups using virtual-disk files. herein are susceptible to various modifications and alternative Embodiments of the instant disclosure may enable an IT forms, specific embodiments have been shown by way of administrator to backup data to a virtual-disk file, capture example in the drawings and will be described in detail incremental changes in an incremental virtual-disk file, and 55 herein. However, the exemplary embodiments described roll the incremental changes into the virtual-disk file. For herein are not intended to be limited to the particular forms example, at a first point in time, a backup module may back up disclosed. Rather, the instant disclosure covers all modificadata from a data-storage entity (e.g., a volume) to a first tions, equivalents, and alternatives falling within the scope of virtual-disk file. At a second point in time, the backup module the appended claims. may capture, in a second virtual-disk file (e.g., an incremental 60 virtual-disk file), a change made to the data in the data-storage DETAILED DESCRIPTION OF EXEMPLARY entity. The backup module may create a parent-child relationEMBODIMENTS ship linking the first and second virtual-disk files. The backup module may then copy the data from the second virtual-disk Embodiments of the instant disclosure provide methods file to the first virtual-disk file so that the first virtual-disk file 65 and systems for creating and managing backups using virtual contains a synthetic full backup of the data from the datadisks. For example, a backup module may backup a datastorage entity as it existed at the second point in time. storage entity, (e.g., a full or incremental backup) to a virtualMETHODS AND SYSTEMS FOR CREATING AND MANAGING BACKUPS USING VIRTUAL DISKS
US 8,117,168 131 3 4
disk file at a first point in time. Later. the backup module may Storage entities 120 may include data-storage entity.122, capture, in a second virtual-disk file, at least one change made backup virtual-disk file 124, an empty virtual-disk file 126, a to data stored in the data-storage entity (e.g., an incremental backup virtual-disk file 128, an empty virtual-disk file 130, a backup virtual-disk file 132. and an empty virtual-disk file backup). The backup module may then copy data from the second virtual-disk file to the first virtual-disk file so that the 5 134. One or more of storage entities 120 in FIG. :1 may represent a portion of one or more computing devices. For first , virtual-disk file contains a backup that represents the example, one or more of storage entities 120 may represent a data-storage entity at the later point in time. A recovery modportion of one or more of computing system 510 in FIG. 5, ule may be programmed to use an empty virtual-disk file for and/or portions of exemplary network architecture 600 in retargeting and/or to use the first empty virtual-disk file to 0 FiG. 6. Alternatively, one or more of storage entities 120 in boot a virtual machine from the first virtual-disk file. FIG. 1 may represent one or more physically separate devices Embodiments described herein may provide one or more capable of being accessed by a computing device, such as one features and/or advantages not provided by traditional backup or more of computing system 510 in FIG. 5, and/or portions of systems. For example, using a virtual-disk file as a backup as exemplary network architecture 600 in FIG. 6. described herein may avoid the costly I/O, processing, and 5 As used herein, the phrases "virtual disk" and "virtual-disk data storage involved in converting backup files to virtualfile" may refer to a disk that may appear to an operating disk files. Furthermore, using a virtual-disk file as a backup system to be a physical disk. In some embodiments, virtual may be advantageous because one or more other appliances, disks may be implemented using a disk emulator. A virtual such as deduplication appliances, may be configured to disk may emulate any type of physical disk, such a hard drive, handle virtual-disk file formats but may not be configured to 2 0 an optical disk, a network -share, and/or any other physical handle one or more other traditional backup file formats. storage entity. FIG. 1 shows an exemplary system for creating and manA backup virtual-disk file may comprise a virtual-maaging backups using virtual disks, FIGS. 2 and 3 show an chine-disk-format file, a virtual-hard-disk file, or any other exemplary method for accomplishing the same. FIG. 4 illusvirtual-disk file format. An example of a virtual-machinetrates a timeline showing backup events, and FIGS. 5 and 6 25 disk-format file is a VMWARE VIRTUAL-MACHINEillustrate an exemplary network and computing system for DISK-FORMAT file ("VMDK"). An example of a virtualimplementing embodiments of the instant disclosure. hard-disk file is a MICROSOFT VIRTUAL-HARD-DISK FIG. 1 illustrates an exemplary backup system 100 for file ("VHD"). In certain embodiments, a backup virtual-disk creating and managing backups using virtual disks. System file may include an incremental virtual-disk file. An incre100 may include modules 110 and storage entities 120. Mod- 30 mental virtual-disk file may include any file that stores increules 110 may include a backup module 112 and a recovery mental changes. An incremental virtual-disk file may store an module 114. Backup module 112 may be programmed to, at incremental backup. Examples of incremental virtual-disk a first point in time, back up at least a portion of data-storage files include MICROSOFT's UNDO file and VMWARE's entity 122 to backup virtual-disk file 124. Backup module 112 REDO file. may also be programmed to capture, in backup virtual-disk 35 FIG. 2 shows an exemplary method for creating and manfile 128, one or more changes made to the data in data-storage aging backups using virtual disks. The steps shown in FIG. 2 entity 122. Backup module 112 may also be programmed to may be performed by any suitable computer executable code create a parent-child relationship between backup virtualand/or computing system. In some embodiments, the steps disk file 124 and backup virtual-disk file 128, where backup shown in FIG. 2 may be performed by one or more of backup virtual-disk file 124 is the parent of backup virtual-disk file 40 module 112 and/orrecovery module 114. For example, at step 128. Backup module 112 may be further programmed to copy 210 backup module 112 may, at a first point in time, back up data stored in backup virtual-disk file 128 to backup virtualat least a portion of data-storage entity 122 to backup virtualdisk file 124 so that backup virtual-disk file 124 contains the disk file 124. Backup module 112 may back up at least a one or more changes made to data-storage entity 122. Recovportion of data-storage entity 122 to virtual-disk file 124 in ery module 114 may be programmed to use an empty virtual- 45 any suitable manner. Backing up at least a portion of the disk file 126 for retargeting and/or to boot a virtual machine data-storage entity may include backing up one or more bytes from backup virtual-disk file 124. from the data-storage entity, backing up one or more blocks In certain embodiments, one or more of modules 110 in from the data-storage entity, backing up one or more sectors FIG. 1 may represent one or more software applications or from the data-storage entity, backing up one or more file-level programs that, when executed by a computing system, may 50 elements (e.g., files, directories, etc.) stored in the data-storcause the computing system to perform one or more steps age entity, and/or backing up any other data unit stored in the disclosed herein. For example, as will be described in greater data-storage entity. detail below, one or more of modules 110 may represent Backup module 112 may backup any data stored in datasoftware modules configured to run on one or more computstorage entity 122. Data may include any computer-readable ing devices, such as computing system 510 in FIG. 5 and/or 55 (i.e. binary) information stored in data-storage entity 122. portions of exemplary network architecture 600 in FIG. 6. Examples of data include files (e.g., program files, registry One or more of modules 110 in FIG. 1 may also represent all files, hidden files, encrypted files, etc.), directories, system or portions of one or more special-purpose computers condescriptions, boot sectors, partition layouts, file metadata, figured to perform one or more of the tasks associated with and system metadata. In some embodiments, data-storage steps disclosed herein. 60 entity 122 may comprise a volume. A volume may include As previously noted, system 100 may include storage entiany storage medium accessible by a single file system. ties 120.As used herein, the phrase "storage entity" may refer Examples of a volume include a hard disk, an optical disk to any physical and/or logical storage entity. For example, a (e.g., DVD-ROM, CD-ROM, etc.), a flash memory drive, a storage entity may include a volume, a physical disk, a virtual floppy disk, a tape medium (e.g., DAT, DDS, LTO, or DLT), disk, a partition on a drive, a set of one or more data entities 65 a partition on a hard disk, a RAID array, a storage area (e.g., files, blocks, clusters), and/or any other data storage network ("SAN"), a network-attached storage ("NAS") area. device, or a virtual disk.
US 8,117,168 B1
5 6
In some embodiments, backup virtual-disk file 124 may virtual-disk files may indicate that the child virtual-disk file contain a full back up of data-storage entity 122. As used holds incremental changes made to data since the parent herein, the phrase "full backup" may refer to any data backup virtual-disk file was created. At step 240. backup module 112 may copy data stored in that includes each data unit (e.g.. block. sector. cluster, file. etc.) in a set of data units. For example, a full backup of a 5 backup virtual-disk file 128 to backup virmal-disk file 124 so that backup virtual-disk file 124 includes the at least one volume may include each block in the volume. In some change made to data in data-storage entity 122 afier the first embodiments, a full backup may include only those clusters point ill time. As a result, virtual-disk file 124 may represent (blocks) that are currently allocated by the file system while data-storage entity 122 at a second point in time. In embodiskipping clusters that are not currently allocated by the file system. In some embodiments, a full backup may include to ments where backup virtual-disk file 124 includes a full backup, backup virtual-disk file 124 may be referred to as a only those files which have been identified for backup, which full synthetic backup of data-storage entity 122. As used means that a full backup may include a subset of the data on herein, the phrase "full synthetic backup" may refer to a full a system or volurne. In other embodiments, a full backup may backup taken at a first point in time that has been updated to include a copy of all data and/or software on a system. For 15 include one or more changes made to a data-storage entity example, a full backup may include an entire data store, through a second point in time. Backup module 112 may regardless of whether or not that data has been changed since transfonn backup virtual-disk file 124 into a fnll synthetic a previous backup was performed. A full backmp may include backup by copying data stored in backup virtual-disk file 128 all data needed for a complete system restoration. A full to backup virtual-disk file 124. backup may be a starting point for other backups (e.g., Mere- 20 Backup module 112 may begin copying data stored in mental backups). backup virtual-disk file 128 to backup virtnal-disk file 124 at In other embodiments, backup virtual-disk file 124 may various points during a backup process. In some embodicontain an incremental backup of data-storage entity 122. An ments, backup module 112 may begin copying data from incremental backup may include only changes made to data backup virtual-disk file 128 to backup virtual-disk file 124 that has already been backed up. For example, an incremental 25 immediately after the data is captured in back-up virtual-disk file 128. In other embodiments, backup module 112 may copy backup may only' include changes made to a data storage data from backup virtual-disk file 128 to backup virtual-disk entity since a previous incremental or full backup. In some file 124 at a predetermined point in time. embodiments, an incremental backup may include data units In some embodiments, backup module 112 may not begin for which an archive bit (or other back-up indicator) is set. At step 220, backup module 112 may capture, in backup 30 copying data stored in backup virtual-disk file 128 to backup virtual-disk file 124 until the capturing of the at least one virtual-disk file 128, at least one change made to data in c bange is complete. That way, if the capturing fails, backup data-storage entity 122 after the first point in time. Backup virtual-disk file 124 may be used as the last successful module 112 may capture the at least one change in any suitable manner. For example, backup module 112 may capture 35 backup. If the capturing succeeds, back-up virtual-disk file 128 may be used as the last successful backup. If backup changes to one or more blocks stored in data-storage entity" module 112 begins to copy data stored in backup virtual-disk 122, changes to one or more sectors stored in data-storage file 128 to backup virtual-disk file 124 before the capturing is entity 122, changes to one or more clusters stored in datacomplete and the capturing fails then backup virtual-disk files storage entity 122, and/or changes to one or more file-level 124 and 128 may no longer be valid backups of data-storage elements stored in data-storage entity 122. The one or more 40 entity 122. changes captured after the first point in time may be referred FIG. 3 shows another exemplary method for creating and to as a snapshot of data-storage entity 122. Backup module managing backups using virtual disks. The steps shown in 112 may capture the at least one change as a full or incremenFIG. 3 may be performed by any suitable computer executtal backup. In some embodiments, backup virtual-disk file able code and/or computing system. In some embodiments, 128 may comprise an incremental backup of data-storage 45 the steps shown in FIG. 3 may be performed by one or more entity 122. In other embodiments, backup virtual-disk file of backup module 112 and/or recovery module 114. For 128 may comprise a full backup of data-storage entity 122.1n example, at step 305 backup module 112 may, at a first point at least one embodiment, backup module 112 may monitor in time, back up at least a portion of data-storage entity 122 to data-storage entity 122 and use a copy-on-write method to backup virtual-disk file 124. capture the at least one change by capturing every write made 50 At step 310, backup module 112 may create empty virtualto data-storage entity 122. disk file 126, which may be an incremental virtual-disk file. Backup module 112 may capture the at least one change At step 315, backup module 112 may create a parent-child made to data in data-storage entity 122 at various intervals, relationship between backup virtual-disk file 124 and empty For example, backup module 112 may capture changes to virtual-disk file 126, with backup virtual-disk file 124 being a data-storage entity 122 once every minute, once every hour, 55 parent of empty virtual-disk file 126. In at least one embodionce every day, or once every week. In other embodiments, ment, recovery module 114 may retarget empty virtual-disk backup module 112 may capture changes to data-storage file 126 to enable a virtual machine to boot from backup entity 122 at irregular intervals. Backup module 112 may also virtual-disk file 124. Retargeting empty virtual-disk file 126 provide continuous data protection by capturing every write may include any action that enables a virtual machine to boot made to data in data-storage entity 122 to a separate backup 60 from back-up virtual-disk file 124. Examples of retargeting file. may include replacing, reconfiguring, and/or installing one or At step 230, backup module 112 may create a parent-child more of the Hardware Abstraction Layer ("HAL"), kernel, relationship between backup virtual-disk file 124 and backup mass storage driver, and/or any other device drivers. virtual-disk file 128, with backup virtual-disk file 124 being a In certain embodiments, recovery module 114 may use parent of backup virtual-disk file 128. Backup module 112 65 empty virtual-disk file 126 to boot a virtual machine from may create and store the parent-child relationship in any backup virtual-disk file 124. The virtual machine may redisuitable manner. A parent-child relationship between two rect future writes to empty virtual-disk file 126, allowing
US 8,117,168 B1 7
8
backup virtual-disk file 124 to remain unchanged. As long as changes made to data in data-storage entity 122 since point in backup virtual-disk file 124 remains unchanged, backup virtime 412. In certain embodiments, backup module 112 may tual-disk file 124 may be used as a base or parent for addicreate a parent-child relationship between backup virtualdisk file 132 and backup virtual-disk file 128, with backup tional incremental backups. At step 320, backup module 112 may capture, in backup 5 virtual-disk file 128 being a parent to backup virtual-disk file 132. Backup module 112 may also create empty virtual-disk virtual-disk file 128, at least one change made to data in file 134 and associate it with backup virtual-disk file 132. data-storage entity 122 after the first point in time. At step Empty virtual-disk file 134 may then be used to enable a 325, backup module 112 may create a parent-child relationvirtual machine to boot from backup virtual-disk file 132. ship between backup virtual-disk file 124 and backup virtualdisk file 128, with backup virtual-disk file 124 being a parent t o Therefore, a virtual machine may access the data stored in data-storage entity 122 as it existed at point in time 414. of backup virtual-disk file 128. After point in time 414, backup module 112 may roll the At step 330, backup module 112 may create empty virtualdata in backup virtual-disk file 132 into backup virtual-disk disk file 130. Then, at step 335, backup module 112 may file 128. After the data is copied from backup virtual-disk file create a parent-child relationship between backup virtual132 to backup virtual-disk file 128, backup module 112 may disk file 128 and empty virtual-disk file 130, with backup 15 update the parent-child relationship between backup virtualvirtual-disk file 128 being a parent of empty virtual-disk file disk file 132 and empty virtual-disk file 134 such that backup 130. Recovery module 114 may retarget empty virtual-disk virtual-disk file 128 is the parent of empty virtual-disk file file 130 and/or use empty virtual-disk file 130 to boot a virtual 134. Backup module 112 may then delete backup virtual-disk machine from backup virtual-disk file 128. file 132 and empty virtual-disk file 130. At this point, backup At step 340, backup module 112 may copy data stored in 20 virtual-disk file 128 may be accessible as a backup that repbackup virtual-disk file 128 to backup virtual-disk file 124 so resents a state of data-storage entity 122 at point in time 414. that backup virtual-disk file 124 includes the at least one Backup module 112 may also roll the data in backup virchange made to data in data-storage entity 122 after the first tual-disk file 128 into backup virtual-disk file 124. After the point in time. After the data stored in backup virtual-disk file data is copied, backup module 112 may update the parent128 is copied to backup virtual-disk file 124, back-up virtual- 25 child relationship between backup virtual-disk file 124 and disk file 124 may no longer be a valid parent of empty virtualempty virtual-disk file 126 such that backup virtual-disk file disk file 126. At the same time, backup virtual-disk file 128 124 is the parent of empty virtual-disk file 134. Backup modmay contain redundant information. Therefore at step 345, ule 112 may then delete backup virtual-disk file 128 and backup module 112 may modify the parent-child relationship empty virtual-disk file 126. At this point, backup virtual-disk of empty virtual-disk file 130 such that empty virtual-disk file 30 file 124 may be accessible as a backup that represents a state 130 is a child of backup virtual-disk file 124 instead of being of data-storage entity 122 at point in time 414. If backup a child of backup virtual-disk file 128. At step 350, backup module 112 were to copy tbe data from virtual-disk file 128 to module 112 may delete backup virtual-disk file 128 and virtual-disk file 124, without having previously copied the empty virtual-disk file 126. data in virtual-disk file 132 into virtual-disk file 128, then FIG. 4 is a timeline showing backup events of an exemplary 35 before deleting virtual-disk file 128, it would also need to system for creating and managing backups using virtual update virtual-disk file 132 so that virtual-disk file 132's disks. FIG. 4 shows timeline 400 containing point in time 410, parent becomes virtual-disk file 124. Similarly, if virtual-disk point in time 412, and point in time 414. Point in time 410, file 128 is copied back into virtual-disk file 124 before virtualpoint in time 412, and point in time 414 may refer to points in disk file 132 is created, then virtual-disk file 132 would be time from steps described and/or illustrated herein. In some 40 created with virtual-disk file 124 as its parent. embodiments, backup module 112 may, at point in time 410, In some embodiments, backup module 112 may, when backup at least a portion of data-storage entity 122 to backup creating parent-child relationships, define backup virtualvirtual-disk file 124. Backup module 112 may then create disk file 124 as the parent of every backup virtual-disk file empty virtual-disk file 126. Backup module 112 may associcreated after point in time 410. These additional backup virate empty virtual-disk file 126 with backup virtual-disk file 45 tual-disk files may be referred to as differential backups. 124 so that a virtual machine may boot backup virtual-disk FIG. 5 is a block diagram of an exemplary computing file 124 and may access the at least a portion of data-storage system 510 capable of implementing one or more of the entity 122 as it existed at point in time 410 without modifying embodiments described and/or illustrated herein. Computing virtual disk file 124. system 510 broadly represents any single or multi-processor At point in time 412, backup module 112 may capture, in 50 computing device or system capable of executing computerbackup virtual-disk file 128, at least one change made to data readable instructions. Examples of computing system 510 in data-storage entity 122. Backup module 112 may create a include, without limitation, workstations, laptops, client-side parent-child relationship between backup virtual-disk file terminals, servers, distributed computing systems, handheld 128 and backup virtual-disk file 124, with backup virtual-disk devices, or any other computing system or device. In its most file 124 being a parent to backup virtual-disk file 128. Backup 55 basic configuration, computing system 510 may comprise at module 112 may also create empty virtual-disk file 130 and least one processor 514 and system memory 516. associate it with backup virtual-disk file 128. Empty virtualProcessor 514 generally represents any type or fonai of disk file 130 may then be used to enable a virtual machine to processing unit capable of processing data or interpreting and boot from backup virtual-disk file 128. Therefore, the virtual executing instructions. In certain embodiments, processor machine may access the at least a portion of data-storage 60 514 may receive instructions from a software application or entity 122 as it existed at point in time 4'12. module. These instructions may cause processor 514 to perBackup module 112 may continue to make any number of form the functions of one or more of the exemplary embodiadditional backups of data-storage entity 122 in a similar ments described and/or illustrated herein. For example, promanner. For example, backup module 112 may capture, in cessor 514 may perform and/or be a means for performing, backup virtual-disk file 132, at least one change made to data 65 either alone or in combination with other elements, one or in data-storage entity 122 at point in time 414. In some more of the backing up, capturing, creating, copying, retarembodiments, the at least one change may include only the geting, using, modifying, and deleting steps described herein.
US 8,117,168 B1
10
Processor 514 may also perform and/or be a means for perserver via a direct link to a network, such as the Internet. forming any other steps, methods, or processes described Communication interl'ace 522 may also indirectly provide and/or illustrated herein. such a connection through, for example, a local area network System memory 516 generally represents any type or form (such as an Ethernet network or a wireless IEEE 802.11 of volatile or non-volatile storage device or medium capable 5 network), a personal area network (such as a BLUETOOTH of storing data and/or other computer-readable instructions. or IEEE Standard 802.15.1-2002 network). a telephone or Examples of system memory 516 include, without limitation, cable network, a cellular telephone connection, a satellite random access memory (RAM), read only memory (ROM), data connection, or any other suitable connection. flash memory, or any other suitable memory device. Although In certain embodiments, communication interface 522 not required, in certain embodiments computing system 510 to may also represent a host adapter configured to facilitate may comprise both a volatile memory unit (such as, for communication between computing system 510 and one or example, system memory 516) and a non-volatile storage more additional network or storage devices via an external device (such as, for example, primary storage device 532, as bus or communications channel. Examples of host adapters described in detail below). include, without limitation, SCSI host adapters. USB host 15 In certain embodiments, exemplary computing system 510 adapters, IEEE 1394 host adapters. SATA and eSATA host may also comprise one or more components or elements in adapters. ATA and PATA host adapters, Fibre Channel interaddition to processor 514 and system memory 516. For face adapters, Ethernet adapters, or the like. Communication example, as illustrated in FIG. 5, computing system 510 may interface 522 may also allow computing system 510 to comprise a memory controller 518, an Input/Output (I/0) 20 engage in distributed or remote computing. For example, controller 520, and a communication interface 522, each of communication interface 522 may receive instructions from a which may be interconnected via a communication infraremote device or send instructions to a remote device for structure 512. Communication infrastructure 512 generally execution. In certain embodiments, communication interface represents any type or form of infrastructure capable of facil 522 may perform and/or be a means for performing, either tating communication between one or more components of a 25 alone or in combination with other elements, one or more of computing device. Examples of communication infrastructhe backing up, capturing, creating, copying, retargeting, ture 512 include, without limitation, a communication bus using, modifying, and deleting steps disclosed herein. Com(such as an ISA, PCI, PCIe, or similar bus) and a network. munication interface 522 may also be used to perform and/or Memory controller 518 generally represents any type or be a means for performing other steps and features set forth in form of device capable of handling memory or data or con- 30 the instant disclosure. trolling communication between one or more components of As illustrated in FIG. 5, computing system 510 may also computing system 510. For example, in certain embodiments comprise at least one display device 524 coupled to commumemory controller 518 may control communication between nication infrastructure 512 via a display adapter 526. Display processor 514, system memory 516, and I/0 controller 520 device 524 generally represents any type or form of device via communication infrastructure 512. In certain embodi- 35 capable of visually displaying information forwarded by disments, memory controller 518 may perform and/or be a play adapter 526. Similarly, display adapter 526 generally means for performing, either alone or in combination with represents any type or form of device configured to forward other elements, one or more of the steps or features described graphics, text, and other data from communication infrastrucand/or illustrated herein, such as backing up, capturing, creture 512 (or from a frame buffer, as known in the art) for ating, copying, retargeting, using, modifying, and deleting. 40 display on display device 524. I/0 controller 520 generally represents any type or form of As illustrated in FIG. 5, exemplary computing system 510 module capable of coordinating and/or controlling the input may also comprise at least one input device 528 coupled to and output functions of a computing device. For example, in commuMcation infrastructure 512 via an input interface 530. certain embodiments I/0 controller 520 may control or faciliInput device 528 generally represents any type or form of tate transfer of data between one or more elements of com- 45 input device capable of providing input, either computer or puting system 510, such as processor 514, system memory human generated, to exemplary computing system 510. 516, communication interface 522, display adapter 526, input Examples of input device 528 include, without limitation, a interface 530, and storage interface 534. I10 controller 520 keyboard, a pointing device, a speech recognition device, or may be used, for example, to perform and/or be a means for any other input device. In at least one embodiment, input backing up, capturing, creating, copying, retargeting, using, 50 device 528 may perform and/or be a means for performing, modifying, and deleting steps described herein. I10 controller either alone or in combination with other elements, one or 520 may also be used to perform and/or be a means for more of the backing up, capturing, creating, copying, retarperforming other steps and features set forth in the instant geting, using, modifying, and deleting steps disclosed herein. disclosure. Input device 528 may also be used to perform and/or be a Communication interface 522 broadly represents any type 55 means for performing other steps and features set forth in the or fonn of communication device or adapter capable of faciliinstant disclosure. tating communication between exemplary computing system As illustrated in FIG. 5, exemplary computing system 510 510 and one or more additional devices. For example, in may also comprise a primary storage device 532 and a backup certain embodiments communication interface 522 may storage device 533 coupled to communication infrastructure facilitate communication between computing system 510 and 60 512 via a storage interface 534. Storage devices 532 and 533 a private or public network comprising additional computing generally represent any type or form of storage device or systems. Examples of communication interface 522 include, medium capable of storing data and/or other computer-readwithout limitation, a wired network interface (such as a netable instructions. For example, storage devices 532 and 533 work interface card), a wireless network interface (such as a may be a magnetic disk drive (e.g., a so-called hard drive), a wireless network interface card), a modem, and any other 65 floppy disk drive, a magnetic tape drive, an optical disk drive, suitable interface. In at least one embodiment, communicaa flash drive, or the like. Storage interface 534 generally tion interface 522 may provi de a direct connection to a remote represents any type or fonn of interface or device for trans-
US 8,117,168 Bl
11 12 ferring data between storage devices 532 and 533 and other generally represent computing devices or systems. such as components of computing system 510. application servers or database servers, configured to provide In certain embodiments, storage devices 532 and 533 may various database services and/or to run certain soft ware applibe configured to read from and/or write to a removable storcations. Network 650 generally represents any telecommuniage unit configured to store computer software, data, or other cation or computer network; including, lbr example, an intracomputer-readable information. Examples of sui table removnet, a wide area network (WAN), a local area network (LAN), able storage units include, without limitation, a floppy disk, a a personal area network (PAN), or the Internet. magnetic tape, an optical disk, a flash memory device, or the As illustrated in FIG. 6, one or more storage devices 660 like. Storage devices 532 and 533 may also comprise other (1)-(N) may be directly attached to server 640. Similarly, one similar structures or devices for allowing computer software, 10 or more storage devices 670(1)-(N) may be directly attached data, or other computer-readable instructions to be loaded to server 645. Storage devices 660(1)-(N) and storage devices into computing system 510. For example, storage devices 532 670(1)-(N) generally represent any type or form of storage and 533 may be configured to read and write software, data, or device or medium capable of storing data and/or other comother computer-readable information. Storage devices 532 puter-readable instructions. In certain embodiments, storage and 533 may also be a part of computing system 510 or may 15 devices 660(1)-(N) and storage devices 670(1)-(N) may repbe a separate device accessed through other interface sysresent network-attached storage (NAS) devices configured to tems. communicate with servers 640 and 645 using various protoStorage devices 532 and 533 may also be used. for cols. such as NFS. SMB, or C1FS. example, to perform and/or be a means for performing, either Servers 640 and 645 may also be connected to a storage alone or in combination with other elements, one or more of 20 area network (SAN) fabric 680. SAN fabric 680 generally the identifying, backing up, capturing, creating, copying, represents any type or form of computer network or architecretargeting, using, modifying, and deleting steps disclosed ture capable of facilitating conununication between a pluralherein. Storage devices 532 and 533 may also be used to ity of storage devices. SAN fabric 680 may facilitate commuperform and/or be a means for performing other steps and nication between servers 640 and 645 and a plurality of features set forth in the instant disclosure. 25 storage devices 690(1)-(N) and/or an intelligent storage array Many other devices or subsystems may be connected to 695. SAN fabric 680 may also facilitate, via network 650 and computing system 510. Conversely, all of the components servers 640 and 645, communication between client systems and devices illustrated in FIG. 5 need not be present to prac610, 620, and 630 and storage devices 690(1)-(N) and/or ti ce the embodiments described and/or illustrated herein. The intelligent storage array 695 in such a manner that devices devices and subsystems referenced above may also be inter- 30 690(1)-(N) and array 695 appear as locally attached devices connected in different ways from that shown in FIG. 5. Cornto client systems 610, 620, and 630. As with storage devices pining system 510 may also employ any number of software, 660(1)-(N) and storage devices 670(1)-(N), storage devices firmware, and/or hardware configurations. For example, one 690(1)-(N) and intelligent storage array 695 generally repreor more of the exemplary embodiments disclosed herein may sent any type or form of storage device or medium capable of be encoded as a computer program (also referred to as corn- 35 storing data and/or other computer-readable instructions. puter software, software applications, computer-readable In certain embodiments, and with reference to exemplary instructions, or computer control logic) on a computer-readcomputing system 510 of FIG. 5, a communication interface, able medium. The phrase "computer-readable medium" gensuch as communication interface 522 in FIG. 5, may be used erally refers to any form of device, carrier, or medium capable to provide connectivity between each client system 610, 620, of storing or carrying computer-readable instructions. 40 and 630 and network 650. Client systems 610, 620, and 630 Examples of computer-readable media include, without limimay be able to access information on server 640 or 645 using, tation, transmission-type media, such as carrier waves, and for example, a web browser or other client software. Such physical media, such as magnetic-storage media (e.g., bard software may allow client systems 610, 620, and 630 to disk drives and floppy disks), optical-storage media (e.g., access data hosted by server 640, server 645, storage devices CD- or DVD-ROMs), electronic-storage media (e.g., solid- 45 660(1)-(N), storage devices 670(1)-(N), storage devices 690 state drives and flash media), and other distribution systems. (1)-(N), or intelligent storage array 695. Although FIG. 6 The computer-readable medium containing the computer depicts the use of a network (such as the Internet) for program may be loaded into computing system 510. All or a exchanging data, the embodiments described and/or illusportion of the computer program stored on the computertrated herein are not limited to the Internet or any particular readable medium may then be stored in system memory 516 50 network-based environment. and/or various portions of storage devices 532 and 533. When In at least one embodiment, all or a portion of one or more executed by processor 514, a computer program loaded into of the exemplary embodiments disclosed herein may be computing system 510 may cause processor 514 to perform encoded as a computer program and loaded onto and executed and/or be a means for performing the functions of one or more by server 640, server 645, storage devices 660(1)-(N), storage of the exemplary embodiments described and/or illustrated 55 devices 670(1)-(N), storage devices 690(1)-(N), intelligent herein. Additionally or alternatively, one or more of the exemstorage array 695, or any combination thereof. All or a portion plary embodiments described and/or illustrated herein may of one or more of the exemplary embodiments disclosed be implemented in firmware and/or hardware. For example, herein may also be encoded as a computer program, stored in computing system 510 may be configured as an application server 640, run by server 645, and distributed to client sysspecific integrated circuit (ASIC) adapted to implement one 60 terns 610, 620, and 630 over network 650. Accordingly, netor more of the exemplary embodiments disclosed herein, work architecture 600 may perform and/or be a means for FIG. 6 is a block diagram of an exemplary network archiperforming, either alone or in combination with other eletecture 600 in which client systems 610, 620, and 630 and ments, one or more of the backing up, capturing, creating, servers 640 and 645 may be coupled to a network 650. Client copying, retargeting, using, modifying, and deleting steps systems 610, 620, and 630 generally represent any type or 65 disclosed herein. Network architecture 600 may also be used form of computing device or system, such as exemplary comto perform and/or be a means for performing other steps and puting system 510 in FIG. 5. Similarly, servers 640 and 645 features set forth in the instant disclosure.
US 8,117,168 B1 13 14
As detailed above, computing system 510 and/or one or data-storage entity after the first point in time. The backup more of components of network architecture 600 may permodule may also create a parent-child relationship between form and/or he a means of performing, either alone or in the first virtual-disk file and the second virtual-disk file, the combination with other elements, one or more steps of the first virtual-disk file being a parent of the second virtual-disk exemplary methods described and/or illustrated herein. For 5 file. The backup module may further copy data stored in the example, a computing system (e.g., computing system 510 second virtual-disk file to the first virtual-disk file so that the and/or one or more ofthe components of network architecture first virtual-disk file includes the at least one change made to 600) may perform a computer-implemented method for credata in the data-storage entity after the first point in time. The ating and managing backups using virtual disks. For example, computing system may include a storage device in commithe computing system may at a first point in time, back up at t() nication with the backup module. The storage device may least a portion of a data-storage entity to a first virtual-disk store the first virtual-disk file and/or the second virtual-disk file. The computing system may capture, in a second virtualfile. The computing system may also include a processor disk file, at least one change made to data in the data-storage configured to execute tbe backup module. entity after the first point in time. In some embodiments, tbe first virtual-disk file may cornThe computing system may also create a parent-child rela- 15 prise a full backup of the data-storage entity. The second tionship between the first virtual-disk file and the second virtual-disk file may comprise an incremental backup of the virtual-disk file, with the first virtual-disk file being a parent data-storage entity. In other embodiments, the first virtualof the second virtual-disk file. The computing system may disk file may comprise a first incremental backup of the further copy data stored in the second virtual-disk file to the data-storage entity, and the second virtual-disk file may comfirst virtual-disk file so that the first virtual-disk file includes 20 prise a second incremental backup of the data-storage entity. the at least one change made to data in the data-storage entity In various embodiments, the backup module may create a first after the first point in time. In some embodiments, the first empty virtual-disk file. The backup module may also create a virtual-disk file may include a full backup of the data-storage parent-child relationship between the first virtual-disk file entity, and the second virtual-disk file may include an increand the first empty virtual-disk file, with the first virtual-disk mental backup of the data-storage entity. In other embodi- 25 file being a parent of the first empty virtual-disk file. ments, the first virtual-disk file may include a first incremenWhile the foregoing disclosure sets forth various embodital backup of the data-storage entity. The second virtual-disk ments using specific block diagrams, flowcharts, and file may include a second incremental backup of the dataexamples, each block diagram component, flowchart step, storage entity. operation, and/or component described and/or illustrated In various embodiments, the computing system may create 30 herein may be implemented, individually and/or collectively, a first empty virtual-disk file. The computing system may using a wide range of hardware, software, or firmware (or any create a parent-child relationship between the first virtualcombination thereof) configurations. In addition, any disclodisk file and the first empty virtual-disk file, with the first sure of components contained within other components virtual-disk file being a parent of the first empty virtual-disk should be considered exemplary in nature since many other file. In some embodiments, the computing system may retar- 35 architectures can be implemented to achieve the same funcget the first empty virtual-disk file to enable a virtual machine tionality. to boot from the first virtual-disk file. In at least one embodiThe process parameters and sequence of steps described ment, the computing system may use the first empty virtualand/or illustrated herein are given by way of example only disk file to boot a virtual machine from the first virtual-disk and can be varied as desired. For example, while the steps file. 40 illustrated and/or described herein may be shown or discussed In some embodiments, the computing system may create a in a particular order, these steps do not necessarily need to be second empty virtual-disk file. The computing system may performed in the order illustrated or discussed. The various also create a parent-child relationship between the second exemplary methods described and/or illustrated herein may virtual-disk file and the second empty virtual-disk file, the also omit one or more of the steps described or illustrated second virtual-disk file being a parent of the second empty 45 herein or include additional steps in addition to those disvirtual-disk file. The computing system may, afler copying closed. data stored in the second virtual-disk file to the first virtualFurthermore, while various embodiments have been disk file, modify the parent-child relationship of the second described and/or illustrated herein in the context of fully empty virtual-disk file such that the second empty virtualfunctional computing systems, one or more of these exemdisk file is a child of the first virtual-disk file instead being a 50 plaiy embodiments may be distributed as a program product child of the second virtual-disk file. in a variety of forms, regardless of the particular type of In various embodiments, the computing system may, after computer-readable media used to actually carry out the discopying data stored in the second virtual-disk file to the first tribution. The embodiments disclosed herein may also be virtual-disk file, delete the second virtual-disk file and the first implemented using software modules that perform certain empty virtual-disk file. In other embodiments, the computing 55 tasks. These software modules may include script, batch, or system may be triggered, by the completion of the capturing other executable files that may be stored on a computerat least one change made to data in the data-storage entity, to readable storage medium or in a computing system. In some copy the data stored in the second virtual-disk file to the first embodiments, these software modules may configure a comvirtual-disk file. In some embodiments the virtual-disk file puting system to perform one or more of the exemplary may include a virtual-machine-disk-format ("VMDK") file so embodiments disclosed herein. or a virtual-hard-disk ("VHD") file. In at least one enibodiThe preceding description has been provided to enable ment, the data-storage entity may comprise a volume. others skilled in the art to best utilize various aspects of the In some embodiments, the computing system may include exemplary embodiments described herein. This exemplary a backup module. The backup module may, at a first point in description is not intended to be exhaustive or to be limited to time, backup at least a portion of a data-storage entity to a first 65 any precise form disclosed. Many modifications and variavirtual-disk file. The backup module may capture, in a second tions are possible without departing from the spirit and scope virtual-disk file, at least one change made to data in the of the instant disclosure. It is desired that the embodiments
US 8,117,168 131 15
described herein be considered in all respects illustrative and not restrictive and that reference be made to the appended claims and their equivalents for determining the scope of the instant disclosure. Unless otherwise noted, the terms "a" or "an." as used in the specification and claims, are to be construed as meaning "at least one of" In addition, for ease of use, the words "including" and "having," as used in the specification and claims, are interchangeable with and have the same meaning as the word "comprising."
16
6. The computer-implemented method of claim 5, further comprising: after copying data stored in the second virtual-disk file to the first virtual-disk file, deleting the second virtual-disk 5 file and the first retargeted virtual-disk file. 7. The computer-implemented method of claim 1, wherein completion of the capturing at least one change made to data in the data-storage entity triggers the copying of data stored in the second virtual-disk file to the first virtual-disk file. 10 8. The computer-implemented method of claim 1, wherein the first and second virtual-disks file comprise at least one of claim: a: 1.A computer-implemented method for backing up data, at virtual-machine-disk-format file; least a portion of the method being performed by a computing system comprising at least one processor, the method com- 15 virtual-hard-disk file. prising: 9. The computer-implemented method of claim I. wherein at a first point in time, backing up at least a portion of a the data-storage entity comprises a volume. data-storage entity to a first virtual-disk file: 10. The computer-implemented method of claim I. capturing, in a second virtual-disk file, at least one change wherein copying the data stored in the second virtual-disk file made to data in the data-storage entity after the first point 20 to the first virtual-disk file comprises copying data stored in in time; the second virtual-disk file to the first virtual disk file so that creating a parent-child relationship between the first virthe first virtual-disk file comprises a synthetic hill backup that tual-disk file and the second virtual-disk file, the first represents the data-storage entity at the time the change was virtual-disk file being a parent of the second virtual-disk captured in the second virtual-disk file. file; 25 11. The computer-implemented method of claim 1, copying data stored in the second virtual-disk file to the wherein storing the first virtual-disk file comprises enabling first virtual-disk file so that the first virtual-disk file the at least one virtual machine to boot from the stored first comprises a synthetic backup that includes the at least virtual-disk file without converting the synthetic backup from one change made to data in the data-storage entity after a different file format to a virtual-disk file. the first point in time; 30 12.A system comprising: storing the first virtual-disk file that comprises the synthetic backup in a manner that enables at least one virtual a backup module programmed to: machine to boot from the stored first virtual-disk file; at a first point in time, back up at least a portion of a creating a first empty virtual-disk file; data-storage entity to a first virtual-disk file; creating a parent-child relationship between the first vir- 35 capture, in a second virtual-disk file, at least one change tual-disk file and the first empty virtual-disk file, the first made to data in the data-storage entity after the first virtual-disk file being a parent of the first empty virtualpoint in time; disk file; create a parent-child relationship between the first virretargeting the first empty virtual-disk file to provide a first tual-disk file and the second virtual-disk file, the first retargeted virtual-disk file and to enable the at least one 40 virtual-disk file being a parent of the second virtualvirtual machine to boot from the first virtual-disk file. disk file; 2. The computer-implemented method of claim 1, wherein: the first virtual-disk file comprises a full backup of the copy data stored in the second virtual-disk file to the first data-storage entity; virtual-disk file so that the first virtual-disk file cornthe second virtual-disk file comprises an incremental 45 prises a synthetic backup that includes the at least one backup of the data-storage entity. change made to data in the data-storage entity after 3. The computer-implemented method of claim 1, wherein: the first point in time; the first virtual-disk file comprises a first incremental store the first virtual-disk file that comprises the synbackup of the data-storage entity; thetic backup in a manner that enables at least one the second virtual-disk file comprises a second incremental 50 virtual machine to boot from the stored first virtualbackup of the data-storage entity. disk file; 4. The computer-implemented method of claim 1, further create a first empty virtual-disk file; comprising using the first retargeted virtual-disk file to boot create a parent-child relationship between the first virthe at least one virtual machine from the first virtual-disk file. tual-disk file and the first empty virtual-disk file, the 5. The computer-implemented method of claim 1, further 55 first virtual-disk file being a parent of the first empty comprising: virtual-disk file; creating a second empty virtual-disk file; creating a parent-child relationship between the second retarget the first empty virtual-disk file to provide a first virtual-disk file and the second empty virtual-disk file, retargeted virtual-disk file and to enable the at least the second virtual-disk file being a parent of the second 60 one virtual machine to boot from the first virtual-disk empty virtual-disk file; file; after copying data stored in the second virtual-disk file to a storage device in communication with the backup module the first virtual-disk file, modifying the parent-child and configured to store at least one of: relationship of the second empty virtual-disk file such the first virtual-disk file; that the second empty virtual-disk file is a child of the 65 the second virtual-disk file; first virtual-disk file instead being a child of the second virtual-disk file. a processor configured to execute the backup module.
US 8,117,168 Bl
17
13. The system of claim 12, wherein the backup module is programmed to: create a second empty virtual-disk file; create a parent-child relationship between the second virtual-disk file and the second empty virtual-disk file, the second virtual-disk file being a parent of the second empty virtual-disk file; after copying data stored in the second virtual-disk file to the first virtual-disk file, modify the parent-child relationship of the second empty virtual-disk file such that the second empty virtual-disk file is a child of the first virtual-disk file instead of being a child of the second virtual-disk file_ 14. A non-transitory computer-readable medium comprising one or more computer-executable instructions that, when executed by a computing device, cause the computing device to: at a first point in time, back up at least a portion of a data-storage entity to a first virtual-disk file; capture, in a second virtual-disk file, at least one change made to data in the data-storage entity after the first point in time;
18
create a parent-child relationship between the first virtualdisk file and the second virtual-disk file, the first virtualdi sk file being a parent of the second virtual-disk file; copy data stored in the second virtual-disk file to the first virtual-disk file so that the first virtual-disk file comprises a synthetic backup that includes the at least one change made to data in the data-storage entity after the first point in time; store the first virtual-disk file that comprises the synthetic backup in a manner that enables at least one virtual machine to boot front the stored first virtual-disk file; create a first empty virtual-disk file; create a parent-child relationship between the first virtualdisk file and the first empty virtual-disk file, the first virtual-disk file being a parent of the first empty virtualdisk file; retarget the first empty virtual-disk file to provide a first retargeted virtual-disk file and to enable the at least one virtual machine to boot from the first virtual-disk file.
10
15
20

Symantec v. Veeam Software

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Symantec v. Veeam Software

Încărcat de

Drepturi de autor:

Formate disponibile

1 QUINN EMANUEL URQUHART & SULLIVAN, LLP 2 Jennifer A. Kash (Bar No. 203679) jenniferkash@quinnemanuel.

COUNT III: INFRINGEMENT OF U.S. PATENT NO. 7,831,861

On information and belief, Veeam's infringement, contributory infringement and/or

8 '861 patent in an amount to be determined at trial. 9

COUNT IV: INFRINGEMENT OF U.S. PATENT NO. 8,117,168

18 may deem just and proper. 19 20 DATED: October 22, 2012 21 22 23 24 25 26 27 28

Respectfully submitted, QUINN EMANUEL URQUHART & SULLIVAN By:

Respectfully submitted, QUINN EMANUEL URQUHART & SULLIVAN

Attorneys for Plaintiff Symantec Corporation

United States Patent

(113) Patent No.: US 7,024,527 B1 Apr. 4, 2006 Date of Patent:

(21) Appl. No.: 10/623,384 (22) Filed: (51) Cl.

Jul. 18, 2003

checks, and atm

Generates, checks, and updates

Backup Storage 116

File server 102 Fire system 110 Restore Application 112

Primary Storage 114

Backup Storage 116

Generates, checks, and updates

File System 110

Generates, checks, and updates

On-demand reqeusts Responses

Restore application 112

Restore Data ,--'"

Backup Storage 116

Primary storage block information

Backup storage block information 124A

Primary storage block information 122B

Backup storage block information 124B

Primary storage block information 122N

Backup storage block information 124N

Disk Mapping/Block requests

Backup Storage 204

Primary Storage 206

11111111111111111111111111pli !i)1 81g!11111 1 1 1 1 1 1 1 1 1 1 li

United States Patent

(10) Patent No.: Date of Patent:

US 7,480,822 B1 Jan. 20, 2009

(21) .Appl. No.: 11/180,412 (22) Filed: (51) Int. Cl.

Jul. 13, 2005

References Cited U.S. PATENT DOCUMENTS

Pnrnary Computing System 310 Running State 311

Primary Compuhng System 320 Running State

Primary Computing System 330 Running State

Standard Device Driver 315

Standard Device Driver 335

Computing System 100 Processor(s) 102

Memory 104 Volatile Non-Volatile

Communication Channels 108

Jan. 20, 2009

Boot Running States In Identification Boot Order

Emulate Network Between Primary Computing Systems

Jan. 20, 2009

Primary Computing System no Running State I

Primary Computing System 330 Running State 331

Virtualization Component 361 Network Infra 354

Recovery C.S. Operating System 362

Recovery C.S. Hardware 363

Jan. 20, 2009

Primary Computing System 320 441 421 (e.g., DB) 442

Primary Computing System 330

422 (e.g., DNS)

(e.g., File) 444