Operating System - OpenVMS

How to backup a shadowed system disk ?

Go to solution
Occasional Contributor

How to backup a shadowed system disk ?

OpenVMS 7.1-2 , Alpha 4100, Volume Shadowing

System disk is a two member shadow set volume.

Please comment my idea on backing it up:

1. Remove / Dismount the second member from the system shadow set (since the system shadow set will have the primary member, all applications will continue working un-interrupted).

2. Initialize NEW disk and add it (i.e. mount it) into the system shadow set

3. I can keep the removed shadow set member as a disk backup or I can copy/backup to a tape.

Is this correct ?
Will it work ?


Andy Bustamante
Honored Contributor

Re: How to backup a shadowed system disk ?

This will work, although another option would be to change to order, Step 2, Step 1, Step 3. This will ensure you never have a single disk as a potential point of failure.

The other consideration, what is your boot device? You don't want the system booting from a "stale" system disk, or configured to boot from a single disk which may have failed. You might consider bringing a third disk into the shadow set, waiting for the copy operation to finish and dismounting that unit for tape backup.

Andy Bustamante

If you don't have time to do it right, when will you have time to do it over? Reach me at first_name + "." + last_name at sysmanager net
Karl Rohwedder
Honored Contributor

Re: How to backup a shadowed system disk ?


dismounting a shadowset member doesn't close or flush open files. The normal way would be to close applications, dismount member and restart application and then do the backup, but in case of the systemdisk this will not work.
You may risk some lost data doing a BACKUP/IGNORE=INTERLOCK, but this is not supported, the pros and cons are discussed many times.
The supported way would by booting the OS CDROM, mount a memberdisk (which will be mounted readonly), do the backup and reboot.

That said, I have often done the BACKUP/IGNORE and restored the backup to another disk and had no problems booting that thing but ymmv (we have NO application/userdata on the system disk, of course).

Michael Moroney
Frequent Advisor

Re: How to backup a shadowed system disk ?

I would suggest, if possible, adding the new member first, waiting for the copy to complete, then removing the backup member. That way, your shadowset will never go below 2 members, and you are protected from the failure of a single drive.

Look into using minicopy so when you readd the removed member the system won't have to do a full copy to the added member, other than the first time. That way you can add the member, let minicopy complete, then remove the member and copy it to tape or whatever.

Note that since this is a "snapshot", there is the theoretical potential that files open at the time of the member removal may not be internally consistant on the removed member.
Jan van den Ende
Honored Contributor

Re: How to backup a shadowed system disk ?

Tia, (& all),

First, the idea of adding a third member before removing one DEFINITELY has my strong favoring.

Second, the standalone BACKUP may be the only one officially supported, but is very often unpractical.
(and if you want to obtain multi-year uptimes, it is entirely ruled out).

_IF_ you need/want continous uptime, there is all the more reason to need backups, and GOOD backups at that.

One way to get there, is to move as many mutable files off the system disk as you possibly can (using logical names, see sysmgt manual).

Just BEFORE splitting off the 3rd member, for any permanently-open file do a CONVERT/SHARE to a safety-copy of it in the same directory.
Then copy the dismounted member to tape, and re-add it.

Now, if you should need to restore the disk, you DO have a valid fallback copy of any file that turns out invalid (small, but NONzero chance!) Renaming (for safety: better copying) the safety copy back gets you going again.

all those files you moved off the system disk, still deserve a similar protection agains corruption!



Have one on me.

Don't rust yours pelled jacker to fine doll missed aches.
Jon Pinkley
Honored Contributor

Re: How to backup a shadowed system disk ?

Since you are running 7.1-2, using minicopy is not an option. VMS 7.3 was the first version that supported write bitmaps and minicopy.

So every time you dismount a member from the shadowset, it will require a full copy to bring the member back into the shadowset.

The time it takes for a full copy depends on the size and storage type of your system disk and to a lesser extent, on how many differences there are between the member being added and the source shadowset.

Jan's advice about moving files that change off the system disk is good, as it has the side benefit of making frequent backups of the system disk less important.

In any case, dismounting a member of a shadowset creates a "crash consistent" copy, i.e. the state of the disk is as consistent as if the system had crashed. Because VMS uses careful ordering of I/O operations, the disk should be usable. However, files that were open for write will probably not be up to date, as user buffers are not flushed before the disk is removed.

However, using a removed member of a shadowset as the source for backup is always preferable to using /ignore=interlock. The disk is static, so the contents of a file won't change while backup is copying the contents. A static copy also makes it possible to use /verify without spurious compare errors. If the disk is being written to while backup is in use, there will always be verify errors since the contents of the disk has changed since the backup copy was made.

Since minicopy is not being used, you can just mount the removed member, specifying /override=(id,shadow). Once it is mounted privately, you can then change the volume label; dismount the disk, and mount it for shared access. Using mount/override=shadow is something you want to avoid if you are using minicopy, since it invalidates the member's ability to use minicopy when it is added back to the shadowset. Mount/over=shadow resets the shadow generation number.
it depends
John Gillings
Honored Contributor

Re: How to backup a shadowed system disk ?


>Is this correct ?
>Will it work ?

The BACKUP will work, but it's the possible future RESTORE you need to worry about. As others have mentioned, don't reduce any shadowset below two members. But there's a bigger issue here.

Most system disks are mostly static data. The stuff that changes is really quite tiny, BUT it's open all the time. You therefore CANNOT save it using BACKUP. So, the stuff you get you don't need (because it's available on distribution media), and the stuff you need, you don't get (because it's open and therefore not necessarily in a consistent state). What is wrong with this picture?

For a system disk, you best strategy is to take a full IMAGE backup just before and again just after any updates or patches. This will form the basis of your restore.

You then need to understand the volatile files. Things like SYSUAF. Since these are open all the time, you need a different mechanism. My favourite is CONVERT/SHARE to make online copies to a different disk, then save those copies to tape.

For more detail see "OpenVMS Backup Theory and practice" in the OpenVMS Technical Journal V1 http://h71000.www7.hp.com/openvms/journal/v1/index.html

There's a section on system disks.
A crucible of informative mistakes
Regular Advisor

Re: How to backup a shadowed system disk ?

I used to do this all the time and never ran into a problem.

$ init
$ mount/system/shadow=(current_system_shadow_member1,member2,member3>
After shadow catchup completes
$ dismount
$ init
$ backup/ignore=(interlock,nobackup) :.bck

When tape backup complete,

$ mount/shadow= ...

Also, why just shadow your system disc? Why not shadow your application and data discs as well? Are you using an Oracle database?
Robert Gezelter
Honored Contributor

Re: How to backup a shadowed system disk ?


First, I would not reduce the shadow set at any point. Thus, I would concur with the comment to temporarily increase the set by adding a third member, and then possibly removing it for backup.

However, I disagree with a comment that was made concerning the difference between using BACKUP on a running system disk versus disconnecting a shadow of a running system disk. Except for contention, which is debatable, there is little difference. Disconnecting a shadow set member does not inherently close any files and guaranty any consistency.

As has been observed, there are almost always files open (or potentially open) for write on a system disk (e.g., SYSUAF, RIGHTSLIST, Queue Manager). The trick of adding an extra member to a shadow set, and then disconnecting it for processing using BACKUP does not change file handling, it merely provides the opportunity to create the following sequence of events:
- add extra member
- wait for member to come into synchronization
- momentarily quiesce the application to ensure consistency of files
- disconnect extra shadow set member
- reactivate application
- backup now privately mounted extra shadow set member

I hope that the above is helpful.

- Bob Gezelter, http://www.rlgsc.com
Petr Spisek
Regular Advisor

Re: How to backup a shadowed system disk ?

if you want the valid system backup, this is one possibility with two reboots:
(For exapmple the system shadowset DSA1: has two members DKA0: and DKA1:)

- MC SYSGEN !temporarily off shadowing for sysdisk
- reboot system !system will boot from DKA0: or DKA1: ... you have deffined in console params
- MC SYSGEN !set on shadowing for sysdisk
- reboot system again !system disk will be the sahdowset DSA1: with one member
- now you have backup on DKA1: (you'll see its in online state)
- mount/over=shad and backup to tape DKA1:
- dismount DKA1:
- MOUNT DSA1: /SHADOW=(DKA0:,DKA1:) label /SYSTEM !build again two members in shadowset DSA1: