Virtual SynchronyPapersBackgroundFail StopMotivationProcess GroupsAnonymous GroupsExplicit GroupsBuilding groups over conventional technologyClose SynchronyA synchronous executionSo… what’s wrong with that?Slide 13A few protocols…Four protocols!?!?Slide 16Single updaterSlide 18Causally ordered updatesSlide 20Slide 21Hey… that sped things up!Slide 23Slide 24Three Round MulticastAs a time-line pictureJust one more…Flush protocolStyles of groupsHistorical AsideNames of some famous systemsSounds good… what’s wrong with it?Stable vs DurableOrdering semanticsThe problem with CATOCSIt can’t say “for sure”It can’t say “together”Stock trading exampleCan’t say the “whole story”It can’t say it efficientlyAnd… what of the end to end argument?Classes of distributed applicationsImplementing only part of the messaging?SemanticsScalabilityBuffering growsGroup membership protocolsWho uses ISIS?ISIS-based utilitiesSlide 50Now… somewhat supported…and people actually use it.An ongoing debateReferencesVirtual SynchronyJustin W. HartCS 61411/17/2005PapersThe Process Group Approach to Reliable Distributed Computing. Birman. CACM, Dec 1993, 36(12):37-53.Understanding the Limitations of Causally and Totally Ordered Communication.6 Cheriton and Skeen.6 14th SOSP, 1993.BackgroundChandy-Lamport Logical ClocksConsistent CutsDistributed SnapshotsPublish/SubscribeFail-StopFail StopGroup Membership ServiceProcesses appear to fail by haltingHow does this affect the FLP result?MotivationInformation BackplaneCustomizationHierarchical StructureFault-ToleranceReliabilityProcess GroupsTypes of groupsAnonymous groupsExplicit groupsImplementation RequirementsGroup communicationGroup membership as inputSynchronizationAnonymous GroupsGroup addressingMessages sent exactly once to all or no recipientsOrderingLoggingExplicit GroupsGroup members cooperate directlyMay execute algorithms based on membership knowledgeCommunication is sensitive to membership changesBuilding groups over conventional technologyConventional message passing technologiesGroup addressingLogical time & causal dependencyMessage delivery orderingState transferFault toleranceClose SynchronyClose Synchrony100% lock-step execution modelA synchronous executionpqrstuWith true synchrony executions run in genuine lock-step.So… what’s wrong with that?Under close synchrony, execution is limited by the slowest process in the group!Virtual SynchronyRelax synchronization requirements where possibleBenefit by allowing for asynchronous interactionsDo this where the result is identical to close synchronyA few protocols…fbcastcbcastabcastgbcastFour protocols!?!?…but Justin. The paper only discussed 2 protocols… you’re getting off-topic!A few protocols…fbcastSimple protocol upon which we’ll build the others.Delivery is FIFO ordered, with respect to the original senderAccomplished easily with a logical timestampcbcastabcastgbcastSingle updaterIf p is the only update source, the need is a bit like the TCP “fifo” orderingfbc ast is a good choice for this caseprst1 2 3 4A few protocols…fbcastcbcastReceipt is causally orderedProtocol in paper uses token passingAnother simple protocol uses vector timestampsabcastgbcastCausally ordered updatesSimple protocol based on token passingCausally ordered updatesExample: messages from p and s arrive out of order at tprstVT(a) = [0,0,0,1]VT(b)=[1,0,0,1]VT(c) = [1,0,1,1]c is early: VT(c) = [1,0,1,1] but VT(t)=[0,0,0,1]: clearly we are missing one message from sWhen b arrives, we can deliver both it and message c, in orderCausally ordered updatesEach thread corresponds to a different lockIn effect: red “events” never conflict with green ones!prst1234512Hey… that sped things up!Now I get it! Processes only have to wait for processes that they depend on. Not the slowest in the group!A few protocols…fbcastcbcastabcastAtomic delivery orderingWith respect to other abcastsMore costly than cbcast, but with a stronger ordering propertyISIS builds abcast over cbcastgbcastA few protocols…fbcastcbcastabcastgbcastAtomic delivery orderingWith respect to everythingThree Round MulticastAs a time-line picture2PC initiatorpqrstVote?All vote “commit”Commit!Phase 1 Phase 2Just one more…Flush protocolWe say that a message is unstable if some receiver has it but (perhaps) others don’tFor example, q’s message is unstable at process rIf q fails we want to “flush” unstable messages out of the systemStyles of groupsPeer GroupsProcesses cooperate closelyClient-Server GroupsGroup acts as a serverClient multicasts repeatedly to the groupDiffusion GroupsGroup serves informationClients connect to receive data from groupHierarchical GroupsOffer scalability through a hierarchy of connected groupsHistorical AsideTwo major classes of real systemsVirtual synchronyWeaker properties – not quite “FLP consensus”Much higher performance (orders of magnitude)Requires that majority of system remain connected. Partitioning failures force protocols to wait for repairQuorum-based state machine protocols areCloser to FLP definition of consensus Slower (by orders of magnitude) Sometimes can make progress in partitioning situations where virtual synchrony can’tNames of some famous systemsIsis was first practical virtual synchrony systemLater followed by Transis, Totem, HorusToday: Best options are Jgroups, Spread, EnsembleTechnology is now used in IBM Websphere and Microsoft Windows Clusters products!Paxos was first major state machine systemBASE and other Byzantine Quorum systems now getting attention from the security community(End of Historical aside)Sounds good… what’s wrong with it?Tries to solve state problems at communication levelThis violates the end-to-end argument!Consistency requirements are typically stated with respect to application stateStable vs DurableStable – messages are buffered until received by all group membersDurable – message will be delivered, even if the sender diesOrdering semanticsIncidental OrderingSemantic OrderingPrescriptive OrderingThe problem with CATOCSIt can’t say “for sure”It can’t
View Full Document