1 © P. Kouznetsov On the weakest failure detector for non-blocking atomic commit Rachid Guerraoui Petr Kouznetsov Distributed Programming Laboratory Swiss.

Slides:



Advertisements
Similar presentations
Impossibility of Distributed Consensus with One Faulty Process
Advertisements

N-Consensus is the Second Strongest Object for N+1 Processes Eli Gafni UCLA Petr Kuznetsov Max Planck Institute for Software Systems.
© 2005 P. Kouznetsov Computing with Reads and Writes in the Absence of Step Contention Hagit Attiya Rachid Guerraoui Petr Kouznetsov School of Computer.
The weakest failure detector question in distributed computing Petr Kouznetsov Distributed Programming Lab EPFL.
A General Characterization of Indulgence R. Guerraoui EPFL joint work with N. Lynch (MIT)
Teaser - Introduction to Distributed Computing
6.852: Distributed Algorithms Spring, 2008 Class 7.
Distributed Systems Overview Ali Ghodsi
P. Kouznetsov, 2006 Abstracting out Byzantine Behavior Peter Druschel Andreas Haeberlen Petr Kouznetsov Max Planck Institute for Software Systems.
Failure detector The story goes back to the FLP’85 impossibility result about consensus in presence of crash failures. If crash can be detected, then consensus.
(c) Oded Shmueli Distributed Recovery, Lecture 7 (BHG, Chap.7)
CS 603 Handling Failure in Commit February 20, 2002.
Nummenmaa & Thanish: Practical Distributed Commit in Modern Environments PDCS’01 PRACTICAL DISTRIBUTED COMMIT IN MODERN ENVIRONMENTS by Jyrki Nummenmaa.
Computer Science 425 Distributed Systems CS 425 / ECE 428 Consensus
1 © R. Guerraoui Implementing the Consensus Object with Timing Assumptions R. Guerraoui Distributed Programming Laboratory.
UPV / EHU Efficient Eventual Leader Election in Crash-Recovery Systems Mikel Larrea, Cristian Martín, Iratxe Soraluze University of the Basque Country,
Byzantine Generals Problem: Solution using signed messages.
Failure Detectors. Can we do anything in asynchronous systems? Reliable broadcast –Process j sends a message m to all processes in the system –Requirement:
E-Transactions: End-to-End Reliability for Three-Tier Architectures Svend Frølund and Rachid Guerraoui.
Failure Detectors & Consensus. Agenda Unreliable Failure Detectors (CHANDRA TOUEG) Reducibility ◊S≥◊W, ◊W≥◊S Solving Consensus using ◊S (MOSTEFAOUI RAYNAL)
Distributed systems Module 2 -Distributed algorithms Teaching unit 1 – Basic techniques Ernesto Damiani University of Bozen Lesson 3 – Distributed Systems.
Sergio Rajsbaum 2006 Lecture 3 Introduction to Principles of Distributed Computing Sergio Rajsbaum Math Institute UNAM, Mexico.
 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 7: Failure Detectors.
Asynchronous Consensus (Some Slides borrowed from ppt on Web.(by Ken Birman) )
Systems of Distributed Systems Module 2 -Distributed algorithms Teaching unit 3 – Advanced algorithms Ernesto Damiani University of Bozen Lesson 6 – Two.
Non-blocking Atomic Commitment Aaron Kaminsky Presenting Chapter 6 of Distributed Systems, 2nd edition, 1993, ed. Mullender.
1 Secure Failure Detection in TrustedPals Felix Freiling University of Mannheim San Sebastian Aachen Mannheim Joint Work with: Marjan Ghajar-Azadanlou.
Distributed Systems Non-Blocking Atomic Commit
Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 5: Synchronous Uniform.
Distributed systems Module 2 -Distributed algorithms Teaching unit 1 – Basic techniques Ernesto Damiani University of Bozen Lesson 4 – Consensus and reliable.
Distributed systems Module 2 -Distributed algorithms Teaching unit 1 – Basic techniques Ernesto Damiani University of Bozen Lesson 2 – Distributed Systems.
 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 12: Impossibility.
1 Failure Detectors: A Perspective Sam Toueg LIX, Ecole Polytechnique Cornell University.
Distributed Systems Tutorial 4 – Solving Consensus using Chandra-Toueg’s unreliable failure detector: A general Quorum-Based Approach.
On the Cost of Fault-Tolerant Consensus When There are no Faults Idit Keidar & Sergio Rajsbaum Appears in SIGACT News; MIT Tech. Report.
Systems of Distributed systems Module 2 - Distributed algorithms Teaching unit 2 – Properties of distributed algorithms Ernesto Damiani University of Bozen.
Distributed Systems Terminating Reliable Broadcast Prof R. Guerraoui Distributed Programming Laboratory.
 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 7: Failure Detectors.
Efficient Algorithms to Implement Failure Detectors and Solve Consensus in Distributed Systems Mikel Larrea Departamento de Arquitectura y Tecnología de.
Composition Model and its code. bound:=bound+1.
CMPT Dr. Alexandra Fedorova Lecture XI: Distributed Transactions.
1 A Modular Approach to Fault-Tolerant Broadcasts and Related Problems Author: Vassos Hadzilacos and Sam Toueg Distributed Systems: 526 U1580 Professor:
Distributed Consensus Reaching agreement is a fundamental problem in distributed computing. Some examples are Leader election / Mutual Exclusion Commit.
Distributed Consensus Reaching agreement is a fundamental problem in distributed computing. Some examples are Leader election / Mutual Exclusion Commit.
Failure detection and consensus Ludovic Henrio CNRS - projet OASIS Distributed Algorithms.
1 © P. Kouznetsov A Note on Set Agreement with Omission Failures Rachid Guerraoui, Petr Kouznetsov, Bastian Pochon Distributed Programming Laboratory Swiss.
Distributed Algorithms – 2g1513 Lecture 9 – by Ali Ghodsi Fault-Tolerance in Distributed Systems.
Consensus and Its Impossibility in Asynchronous Systems.
Consensus with Partial Synchrony Kevin Schaffer Chapter 25 from “Distributed Algorithms” by Nancy A. Lynch.
1 © R. Guerraoui Regular register algorithms R. Guerraoui Distributed Programming Laboratory lpdwww.epfl.ch.
BFTW 3 workshop (Sep 22, 2009)© 2009 Andreas Haeberlen 1 The Fault Detection Problem Andreas Haeberlen MPI-SWS Petr Kuznetsov TU Berlin / Deutsche Telekom.
CS294, Yelick Consensus revisited, p1 CS Consensus Revisited
CS 425/ECE 428/CSE424 Distributed Systems (Fall 2009) Lecture 9 Consensus I Section Klara Nahrstedt.
Distributed systems Consensus Prof R. Guerraoui Distributed Programming Laboratory.
Hwajung Lee. Reaching agreement is a fundamental problem in distributed computing. Some examples are Leader election / Mutual Exclusion Commit or Abort.
Chap 15. Agreement. Problem Processes need to agree on a single bit No link failures A process can fail by crashing (no malicious behavior) Messages take.
SysRép / 2.5A. SchiperEté The consensus problem.
1 © R. Guerraoui Distributed algorithms Prof R. Guerraoui Assistant Marko Vukolic Exam: Written, Feb 5th Reference: Book - Springer.
Revisiting failure detectors Some of you asked questions about implementing consensus using S - how does it differ from reaching consensus using P. Here.
Failure Detectors n motivation n failure detector properties n failure detector classes u detector reduction u equivalence between classes n consensus.
Multi-phase Commit Protocols1 Based on slides by Ken Birman, Cornell University.
On the Performance of Consensus Algorithms: Theory and Practice Idit Keidar Technion & MIT.
Fundamentals of Fault-Tolerant Distributed Computing In Asynchronous Environments Paper by Felix C. Gartner Graeme Coakley COEN 317 November 23, 2003.
Unreliable Failure Detectors for Reliable Distributed Systems Tushar Deepak Chandra Sam Toueg Presentation for EECS454 Lawrence Leinweber.
© 2007 P. Kouznetsov On the Weakest Failure Detector Ever Petr Kouznetsov (Max Planck Institute for SWS) Joint work with: Rachid Guerraoui (EPFL) Maurice.
Distributed Systems, Consensus and Replicated State Machines
Distributed Algorithms for Failure Detection in Crash Environments
Failure Detectors motivation failure detector properties
Distributed systems Consensus
Distributed Systems Terminating Reliable Broadcast
Presentation transcript:

1 © P. Kouznetsov On the weakest failure detector for non-blocking atomic commit Rachid Guerraoui Petr Kouznetsov Distributed Programming Laboratory Swiss Institute of Technology in Lausanne (EPFL)

2 Contribution r We consider the Non-Blocking Atomic Commit (NBAC) problem [Skeen81] in an asynchronous system with failure detectors [FLP85, CT96] r We define the weakest (timeless) failure detector to solve NBAC

3 Roadmap 1.Background 2.Non-blocking atomic commit (NBAC) 3.Conjecture: ?P+  is the weakest for NBAC 4.A reduced problem: weakest timeless failure detector to solve NBAC 5.Open issues

4 Model: processes and failures Asynchronous message-passing system with crash failures r No time bounds on message communication or process relative speeds r Communication by message-passing through reliable channels r Processes can fail by crashing Correct processes never crash A majority of processes is correct Agreement problems are not solvable in an asynchronous model if at least one process can crash [FLP85]

5 Model: failure detectors [CT96] Synchrony assumptions are encapsulated in the failure detectors: r Each process has a failure detector module that gives hints (maybe wrong) on the state of other processes. r The information provided by failure detectors does not depend on anything but failures. Example: Perfect failure detector P: eventually, every correct process detects a crash, and no crash is detected before it occurs.

6 Weakest failure detector [CHT96] A failure detector D is the weakest to solve problem M iff it is: r Sufficient: D solves M (there is an algorithm that solves M using D) r Necessary: D is weaker than any failure detector D’ that solves M (there is an algorithm that implements D using D’)

7 Weakest failure detector for Consensus Processes propose values and decide on some final values so that: Agreement no two processes decide differently Termination every correct process eventually decides Validity: a decided value is a proposed value  : eventually, the same correct process is elected by correct processes [CHT96]. p1 p2 p3 [p1] [p2] [p3] [p1] [p2] [p1] ……

8 Roadmap 1.Background 2.Non-blocking atomic commit (NBAC) 3.Conjecture: ?P+  is the weakest for NBAC 4.A reduced problem: weakest timeless failure detector to solve NBAC 5.Open issues

9 Problem: NBAC Atomic transactions: processes vote yes or no and take decisions (commit or abort) so that: r Agreement: no two processes decide differently r Termination: every correct process eventually decides r Commit-Validity: abort cannot be decided if every process is correct and votes yes r Abort-Validity: commit cannot be decided if some process votes no

10 Problem: weakest FD for NBAC r P is sufficient to solve NBAC (3PC algorithm [Skeen81]). r Is P necessary to solve NBAC? [SM95,FRT99] r Failure detector that is necessary and sufficient to solve NBAC?

11 Anonymous failure detector ?P Process pi: r Initially output 0 r If (and only if) there is a failure, then, eventually, output forever 1 Necessary to solve NBAC: it can be emulated by any algorithm that solves NBAC. [Gue02]

12 Roadmap 1.Background 2.Non-blocking atomic commit (NBAC) 3.Conjecture: ?P+  is the weakest for NBAC 4.A reduced problem: weakest timeless failure detector to solve NBAC 5.Open issues

13 A candidate ?P+  r Good news: There is an algorithm that transforms Consensus into NBAC using ?P [Gue02]. ?P+  <P r Bad news: there exists a failure detector B that solves NBAC and B is incomparable with ?P+ , so ?P+  cannot be the weakest to solve NBAC

14 Stillborn failure detector B Process pi: r Initially output  r If there is a process crashed at time 0, then, eventually, output forever pi r Otherwise, eventually, output forever a set of suspected processes “behaves like” the perfect failure detector P

15 But B is rather strange B is strongly time-dependent : t=0 (1) p1 p2 [p1] (2) p1 p2 [p2] ? t=  We can generalize B for any time t  0 (B[t]) [][] [][]

16 A filter (timeless failure detectors) to get rid of time-based detectors like B r Timeless failure detectors A cannot imply any information about global time: a failure occurred at time t and a failure occurred at time t+d can be reported in the same way. r , P, ?P  A r B[t]  A

17 Roadmap 1.Background 2.Non-blocking atomic commit (NBAC) 3.Conjecture: ?P+  is the weakest for NBAC 4.A reduced problem: weakest timeless failure detector to solve NBAC 5.Open issues

18 A reduced problem r What is the weakest failure detector in A to solve NBAC? r Conjecture: ?P+  is the one r More precisely: any failure detector D  A that solves NBAC can emulate  (the proof is extending the technique of [CHT96] and is rather technically involved)

19 Extending [CHT96] r The idea: to achieve non-triviality of any execution of an NBAC algorithm N using a timeless failure detector r The technique: every process maintains an imaginary failure-free partial run assumed preceding the current real run r The result: simulating N over the constructed run, the correct processes eventually agree on a single correct process: 

20 Open Issues r Weakest failure detector for NBAC in general? r Optimality of A: can we make it bigger? r No majority? r Indulgent algorithms: is ?P+  the weakest to allow indulgent solution?

21 Questions?