PERSPECTIVES ON THE CAP THEOREM

Slides:



Advertisements
Similar presentations
Fault Tolerance. Basic System Concept Basic Definitions Failure: deviation of a system from behaviour described in its specification. Error: part of.
Advertisements

Impossibility of Distributed Consensus with One Faulty Process
Brewer’s Conjecture and the Feasibility of Consistent, Available, Partition-Tolerant Web Services Authored by: Seth Gilbert and Nancy Lynch Presented by:
Failure Detection The ping-ack failure detector in a synchronous system satisfies – A: completeness – B: accuracy – C: neither – D: both.
6.852: Distributed Algorithms Spring, 2008 Class 7.
Synchronization Chapter clock synchronization * 5.2 logical clocks * 5.3 global state * 5.4 election algorithm * 5.5 mutual exclusion * 5.6 distributed.
Consensus Hao Li.
BREWER’S CONJECTURE AND THE FEASIBILITY OF CAP WEB SERVICES (Eric Brewer) Seth Gilbert Nancy Lynch Presented by Kfir Lev-Ari.
The Need for Language Support for Fault-Tolerant Distributed Systems Cezara Dr ă goi, INRIA ENS CNRS Thomas A. Henzinger, IST Austria Damien Zufferey,
Database Replication techniques: a Three Parameter Classification Authors : Database Replication techniques: a Three Parameter Classification Authors :
 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 7: Failure Detectors.
Distributed Systems Fall 2009 Replication Fall 20095DV0203 Outline Group communication Fault-tolerant services –Passive and active replication Highly.
 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 6: Impossibility.
 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 12: Impossibility.
 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 7: Failure Detectors.
Computer Science Lecture 16, page 1 CS677: Distributed OS Last Class:Consistency Semantics Consistency models –Data-centric consistency models –Client-centric.
Composition Model and its code. bound:=bound+1.
Time, Clocks, and the Ordering of Events in a Distributed System Leslie Lamport (1978) Presented by: Yoav Kantor.
Paxos Made Simple Jinghe Zhang. Introduction Lock is the easiest way to manage concurrency Mutex and semaphore. Read and write locks. In distributed system:
1 A Modular Approach to Fault-Tolerant Broadcasts and Related Problems Author: Vassos Hadzilacos and Sam Toueg Distributed Systems: 526 U1580 Professor:
Bringing Paxos Consensus in Multi-agent Systems Andrei Mocanu Costin Bădică University of Craiova.
Distributed Algorithms – 2g1513 Lecture 9 – by Ali Ghodsi Fault-Tolerance in Distributed Systems.
Consensus and Its Impossibility in Asynchronous Systems.
CAP + Clocks Time keeps on slipping, slipping…. Logistics Last week’s slides online Sign up on Piazza now – No really, do it now Papers are loaded in.
Distributed systems Consensus Prof R. Guerraoui Distributed Programming Laboratory.
Chap 15. Agreement. Problem Processes need to agree on a single bit No link failures A process can fail by crashing (no malicious behavior) Messages take.
SysRép / 2.5A. SchiperEté The consensus problem.
Hwajung Lee.  Improves reliability  Improves availability ( What good is a reliable system if it is not available?)  Replication must be transparent.
Fault tolerance and related issues in distributed computing Shmuel Zaks GSSI - Feb
Fundamentals of Fault-Tolerant Distributed Computing In Asynchronous Environments Paper by Felix C. Gartner Graeme Coakley COEN 317 November 23, 2003.
1 AGREEMENT PROTOCOLS. 2 Introduction Processes/Sites in distributed systems often compete as well as cooperate to achieve a common goal. Mutual Trust/agreement.
EEC 688/788 Secure and Dependable Computing Lecture 10 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Exercises for Chapter 11: COORDINATION AND AGREEMENT
The consensus problem in distributed systems
CS 440 Database Management Systems
When Is Agreement Possible
Distributed Systems – Paxos
8.2. Process resilience Shreyas Karandikar.
Byzantine Fault Tolerance
Outline Distributed Mutual Exclusion Distributed Deadlock Detection
Implementing Consistency -- Paxos
Alternating Bit Protocol
EECS 498 Introduction to Distributed Systems Fall 2017
CS 440 Database Management Systems
Outline Announcements Fault Tolerance.
Distributed Systems, Consensus and Replicated State Machines
EECS 498 Introduction to Distributed Systems Fall 2017
Replication Improves reliability Improves availability
Active replication for fault tolerance
Fault-tolerance techniques RSM, Paxos
EEC 688/788 Secure and Dependable Computing
EEC 688/788 Secure and Dependable Computing
Cary G. Gray David R. Cheriton Stanford University
IS 651: Distributed Systems Fault Tolerance
Consensus, FLP, and Paxos
Distributed Transactions
EEC 688/788 Secure and Dependable Computing
EECS 498 Introduction to Distributed Systems Fall 2017
Distributed Systems CS
Transaction Properties: ACID vs. BASE
EEC 688/788 Secure and Dependable Computing
EEC 688/788 Secure and Dependable Computing
EEC 688/788 Secure and Dependable Computing
EEC 688/788 Secure and Dependable Computing
EEC 688/788 Secure and Dependable Computing
EEC 688/788 Secure and Dependable Computing
Implementing Consistency -- Paxos
Distributed systems Consensus
IS 698/800-01: Advanced Distributed Systems Crash Fault Tolerance
Sisi Duan Assistant Professor Information Systems
Presentation transcript:

PERSPECTIVES ON THE CAP THEOREM Seth Gilbert, National U of Singapore Nancy A. Lynch, MIT

Paper highlights The CAP theorem as a negative result Cannot have Consistency + Availability + Partition Tolerance Tradeoffs between safety and liveness in unreliable systems Asynchronous systems Synchronous systems Asynchronous systems with failure detectors Some practical compromises

Redefining the terms Consistency Distributed system operates as if it was fully centralized One single view of the state of the system Availability System remains able to process requests in the presence of partial failures Partition tolerance System remains able to process requests in the presence of communication failures

The CAP theorem A distributed service cannot provide Consistency Availability Partition tolerance at the same time

Proof (I) Assume the service consists of servers p1, p2, ..., pn, along with an arbitrary set of clients. Consider an execution in which the servers are partitioned into two disjoint sets: {p1} and {p2, ..., pn}. p1 … pn p2

Proof (II) Some client sends a read request to server p2 Consider the following two cases: A previous write of value v1 has been requested of p1, and p1 has sent an ok response. A previous write of value v2 has been requested of p1, and p1 has sent an ok response No matter how long p2 waits, it cannot distinguish these two cases It cannot determine whether to return response v1 or v2.

The triangle Partition tolerance yes yes Consistency Availability yes

An example Taking reservations for a concert Distributed system Clients send to local server a reservation request Server returns the reserved seat(s).

A system that is consistent and available Use write all available/read any policy All operational servers are always up to date When a site crashes, it does no process requests until it has uploaded the state of the system from one of the running servers Works very well as long as there are no network partitions p1 p2 p3

A system that is consistent and tolerates partitions Require all read and writes to involve a majority of the servers Majority consensus voting (MCV) System with 2k + 1 servers can tolerate the failure or the isolation of up to k of its servers p3 p1 p2

A system that is highly available and tolerates partitions Distribute the seats among the servers according to expected demand Tolerates partitions No coherent global state p2 p3 p1

Comments The theorem states that we have to choose between consistency and availability But only in the presence of network partitions. Otherwise we can have both.

Generalization A safety property Must always hold Such as Consistency Liveness means that the system will make progress Theorem states we cannot guarantee both safety and liveness in the presence of network partitions .

Asynchronous systems (I) Two main characteristics Non–blocking sends and receive Unbounded message transmission times Define consensus as Agreement among all processes on a single output value Validity: That value must have proposed by some process Termination: That value will eventually be output by all processes

Asynchronous systems (II) Fischer, Lynch and Paterson (1985) No consensus protocol is totally correct in spite of one fault. There will always be circumstances under which the protocol remains forever indecisive.

Synchronous systems (I) Three conditions Every process has a clock and all clocks are synchronized Every message is delivered within a fixed and known amount of time Every process takes steps at a fixed and known rate Can assume that all communications proceed in rounds In each round a process may send all the messages it requires while receiving all messages that were sent to it in that round

Synchronous systems (II) Lamport and Fischer (1984); Lynch (1996) Consensus requires f + 1 rounds, if up to f servers can crash. Dwork, Lynch and Stockmeyer (1988) Eventual synchrony System can experience periods of asynchrony but will eventually maintain synchrony long enough to achieve consensus Consensus requires f + 2 rounds of synchrony

Synchronous systems (III) Assuming no tie-breaking rule. Still limited by partitioning risk System with n nodes can tolerate < n/2 crash failures

Failure detectors Chandra et al. (1996) Detect node failure and crashes Hello protocol, exchanging heartbeats Allow consensus in asynchronous failure-prone systems

Set agreement Can have up to k distinct correct outputs k-set agreement Not covered

Practical implications

Best effort availability Put consistency ahead of availability Chubby Distributed database with primary + backup design Based on Lamport’s Paxos protocol Provides strong consistency among the servers using a replicated state machine protocol Can operate as long as half the servers remain available and the network is reliable

Best effort consistency Sacrifice consistency to maintain availability Akamai System of distributed web caches Store images and videos contained in web pages Cache updates are not instantaneous Service does its best to provide up-to-date contents Does not guarantee all users will always get the same version of the cached data

Balancing consistency and availability Put limits on how out-of-date some data may be Can make the constraint tunable TACT Yu and Vadat (2006) Airline reservation system Can rely on slightly out-of-date data as long as there are enough empty seats Not so true otherwise

Segmenting consistency and availability (I) Data partitioning Some data must be kept more consistent than others In an online shopping service User can tolerate slightly inconsistent inventory data Not true for checkout, billing and shipping records!

Segmenting consistency and availability (II) Operational partitioning Maintain read access while preventing updates during a network partition Write all-read any policy

Segmenting consistency and availability (III) Functional partitioning Have different requirements for different subservices Chubby Strong consistency for coarse-grained locks Weaker consistency for DNS requests

Segmenting consistency and availability (IV) User partitioning Not covered Hierarchical partitioning

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.