Page 1CS162Operating Systems andSystems ProgrammingLecture 23Network Communication Abstractions /Remote Procedure CallApril 28, 2008Prof. Anthony D. Josephhttp://inst.eecs.berkeley.edu/~cs162Lec 23.24/28/08 Joseph CS162 ©UCB Spring 2008Review: Reliable Networking• Layering: building complex services from simpler ones• Datagram: an independent, self-contained network message whose arrival, arrival time, and content are not guaranteed• Performance metrics– Overhead: CPU time to put packet on wire– Throughput: Maximum number of bytes per second– Latency: time until first bit of packet arrives at receiver• Arbitrary Sized messages:– Fragment into multiple packets; reassemble at destination• Ordered messages:– Use sequence numbers and reorder at destination• Reliable messages:– Use Acknowledgements– Want a window larger than 1 in order to increase throughputLec 23.34/28/08 Joseph CS162 ©UCB Spring 2008Review: Using Acknowledgements• How to ensure transmission of packets?– Detect garbling at receiver via checksum, discard if bad– Receiver acknowledges (by sending “ack”) when packet received properly at destination– Timeout at sender: if no ack, retransmit• Some questions:– If the sender doesn’t get an ack, does that mean the receiver didn’t get the original message?» No– What it ack gets dropped? Or if message gets delayed?» Sender doesn’t get ack, retransmits. Receiver gets message twice, acks each.BABATimeoutLec 23.44/28/08 Joseph CS162 ©UCB Spring 2008Goals for Today• Distributed Decision Making– Two-phase commit/Byzantine Commit• Remote Procedure Call• Examples of Distributed File SystemsNote: Some slides and/or pictures in the following areadapted from slides ©2005 Silberschatz, Galvin, and Gagne Note: Some slides and/or pictures in the following areadapted from slides ©2005 Silberschatz, Galvin, and Gagne. Many slides generated from my lecture notes by Kubiatowicz.Page 2Lec 23.54/28/08 Joseph CS162 ©UCB Spring 2008• General’s paradox: – Constraints of problem: » Two generals, on separate mountains» Can only communicate via messengers» Messengers can be captured– Problem: need to coordinate attack» If they attack at different times, they all die» If they attack at same time, they win– Named after Custer, who died at Little Big Horn because he arrived a couple of days too early• Can messages over an unreliable network be used to guarantee two entities do something simultaneously?– Remarkably, “no”, even if all messages get through– No way to be sure last message gets through!General’s ParadoxLec 23.64/28/08 Joseph CS162 ©UCB Spring 2008Two-Phase Commit• Since we can’t solve the General’s Paradox (i.e. simultaneous action), let’s solve a related problem– Distributed transaction: Two machines agree to do something, or not do it, atomically • Two-Phase Commit protocol does this– Use a persistent, stable log on each machine to keep track of whether commit has happened» If a machine crashes, when it wakes up it first checks its log to recover state of world at time of crash– Prepare Phase:» The global coordinator requests that all participants will promise to commit or rollback the transaction» Participants record promise in log, then acknowledge» If anyone votes to abort, coordinator writes “Abort” in its log and tells everyone to abort; each records “Abort” in log– Commit Phase:» After all participants respond that they are prepared, then the coordinator writes “Commit” to its log» Then asks all nodes to commit; they respond with ack» After receive acks, coordinator writes “Got Commit” to log– Log can be used to complete this process such that all machines either commit or don’t commitLec 23.74/28/08 Joseph CS162 ©UCB Spring 2008Two phase commit example• Simple Example: AWellsFargo Bank, BBank of America– Phase 1: Prepare Phase» A writes “Begin transaction” to logAB: OK to transfer funds to me?» Not enough funds:BA: transaction aborted; A writes “Abort” to log» Enough funds:B: Write new account balance & promise to commit to logBA: OK, I can commit– Phase 2: A can decide for both whether they will commit» A: write new account balance to log» Write “Commit” to log» Send message to B that commit occurred; wait for ack» Write “Got Commit” to log• What if B crashes at beginning? – Wakes up, does nothing; A will timeout, abort and retry• What if A crashes at beginning of phase 2?– Wakes up, sees that there is a transaction in progress; sends “Abort” to B• What if B crashes at beginning of phase 2?– B comes back up, looks at log; when A sends it “Commit”message, it will say, “oh, ok, commit”Lec 23.84/28/08 Joseph CS162 ©UCB Spring 2008Distributed Decision Making Discussion• Why is distributed decision making desirable?– Fault Tolerance!– A group of machines can come to a decision even if one or more of them fail during the process» Simple failure mode called “failstop” (different modes later)– After decision made, result recorded in multiple places• Undesirable feature of Two-Phase Commit: Blocking– One machine can be stalled until another site recovers:» Site B writes “prepared to commit” record to its log, sends a “yes” vote to the coordinator (site A) and crashes» Site A crashes» Site B wakes up, check its log, and realizes that it has voted “yes” on the update. It sends a message to site A asking what happened. At this point, B cannot decide to abort, because update may have committed» B is blocked until A comes back– A blocked site holds resources (locks on updated items, pages pinned in memory, etc) until learns fate of update• Alternative: There are alternatives such as “Three Phase Commit” which don’t have this blocking problem• What happens if one or more of the nodes is malicious?– Malicious: attempting to compromise the decision makingPage 3Lec 23.94/28/08 Joseph CS162 ©UCB Spring 2008Byzantine General’s Problem• Byazantine General’s Problem (n players):– One General– n-1 Lieutenants– Some number of these (f) can be insane or malicious• The commanding general must send an order to his n-1 lieutenants such that:– IC1: All loyal lieutenants obey the same order– IC2: If the commanding general is loyal, then all loyal lieutenants obey the order he
View Full Document
Unlocking...