Haonan Lu*†, Kaushik Veeraraghavan†, Philippe Ajoux†, Jim Hunt†,

Slides:



Advertisements
Similar presentations
Wyatt Lloyd * Michael J. Freedman * Michael Kaminsky David G. Andersen * Princeton, Intel Labs, CMU Dont Settle for Eventual : Scalable Causal Consistency.
Advertisements

COMP 655: Distributed/Operating Systems Summer 2011 Dr. Chunbo Chu Week 7: Consistency 4/13/20151Distributed Systems - COMP 655.
Linearizability Linearizability is a correctness criterion for concurrent object (Herlihy & Wing ACM TOPLAS 1990). It provides the illusion that each operation.
Replication. Topics r Why Replication? r System Model r Consistency Models r One approach to consistency management and dealing with failures.
CSE 486/586, Spring 2014 CSE 486/586 Distributed Systems Consistency Steve Ko Computer Sciences and Engineering University at Buffalo.
Copyright 2007, Information Builders. Slide 1 Workload Distribution for the Enterprise Mark Nesson, Vashti Ragoonath June, 2008.
1 Countermeasures against Consistency Anomalies in Databases with Relaxed ACID Properties. By Lars Frank Copenhagen Business School.
Distributed Systems Fall 2010 Replication Fall 20105DV0203 Outline Group communication Fault-tolerant services –Passive and active replication Highly.
CPSC 668Set 16: Distributed Shared Memory1 CPSC 668 Distributed Algorithms and Systems Fall 2006 Prof. Jennifer Welch.
Distributed Systems Fall 2009 Replication Fall 20095DV0203 Outline Group communication Fault-tolerant services –Passive and active replication Highly.
GentleRain: Cheap and Scalable Causal Consistency with Physical Clocks Jiaqing Du | Calin Iorgulescu | Amitabha Roy | Willy Zwaenepoel École polytechnique.
Cormac Flanagan UC Santa Cruz Velodrome: A Sound and Complete Dynamic Atomicity Checker for Multithreaded Programs Jaeheon Yi UC Santa Cruz Stephen Freund.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 14: Troubleshooting Windows Server 2003 Networks.
Distributed Data Stores – Facebook Presented by Ben Gooding University of Arkansas – April 21, 2015.
272: Software Engineering Fall 2012 Instructor: Tevfik Bultan Lecture 17: Code Mining.
Distributed Systems Tutorial 11 – Yahoo! PNUTS written by Alex Libov Based on OSCON 2011 presentation winter semester,
Anh Nguyen.  The emergence of continuous consistency model (CCM)  Conit-based CCM  What is it?  Policies  Examples  Discussion Break…  The composability.
Orbe: Scalable Causal Consistency Using Dependency Matrices & Physical Clocks Jiaqing Du, EPFL Sameh Elnikety, Microsoft Research Amitabha Roy, EPFL Willy.
Replication and Consistency. Reference The Dangers of Replication and a Solution, Jim Gray, Pat Helland, Patrick O'Neil, and Dennis Shasha. In Proceedings.
Ahmad Al-Shishtawy 1,2,Tareq Jamal Khan 1, and Vladimir Vlassov KTH Royal Institute of Technology, Stockholm, Sweden {ahmadas, tareqjk,
Web Caching and Content Distribution: A View From the Interior Syam Gadde Jeff Chase Duke University Michael Rabinovich AT&T Labs - Research.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 13: Monitoring and Optimizing Active Directory.
Eiger: Stronger Semantics for Low-Latency Geo-Replicated Storage Wyatt Lloyd * Michael J. Freedman * Michael Kaminsky † David G. Andersen ‡ * Princeton,
IM NTU Distributed Information Systems 2004 Replication Management -- 1 Replication Management Yih-Kuen Tsay Dept. of Information Management National Taiwan.
Service Primitives for Internet Scale Applications Amr Awadallah, Armando Fox, Ben Ling Computer Systems Lab Stanford University.
Linearizability Linearizability is a correctness criterion for concurrent object (Herlihy & Wing ACM TOPLAS 1990). It provides the illusion that each operation.
Declarative Programming over Eventually Consistent Data Stores KC Sivaramakrishnan Gowtham Kaki Suresh Jagannathan.
Software Transactional Memory Should Not Be Obstruction-Free Robert Ennals Presented by Abdulai Sei.
Linearizability Linearizability is a correctness criterion for concurrent object (Herlihy & Wing ACM TOPLAS 1990). It provides the illusion that each operation.
Hwajung Lee.  Improves reliability  Improves availability ( What good is a reliable system if it is not available?)  Replication must be transparent.
Linearizability Linearizability is a correctness criterion for concurrent object (Herlihy & Wing ACM TOPLAS 1990). It provides the illusion that each operation.
Declarative Programming over Eventually Consistent Data Stores KC Sivaramakrishnan Gowtham Kaki Suresh Jagannathan.
CSCE 668 DISTRIBUTED ALGORITHMS AND SYSTEMS Fall 2011 Prof. Jennifer Welch CSCE 668 Set 16: Distributed Shared Memory 1.
CSE 486/586 CSE 486/586 Distributed Systems Consistency Steve Ko Computer Sciences and Engineering University at Buffalo.
CSE 486/586, Spring 2013 CSE 486/586 Distributed Systems Consistency Steve Ko Computer Sciences and Engineering University at Buffalo.
CSE 486/586 Distributed Systems Consistency --- 2
CS6320 – Performance L. Grewe.
Advanced Topics in Concurrency and Reactive Programming: Case Study – Google Cluster Majeed Kassis.
Shuai Mu, Lamont Nelson, Wyatt Lloyd, Jinyang Li
CSE 486/586 Distributed Systems Consistency --- 2
MongoDB Distributed Write and Read
CSE 486/586 Distributed Systems Consistency --- 1
The SNOW Theorem and Latency-Optimal Read-Only Transactions
Consistency and Replication
Strong Consistency & CAP Theorem
Strong Consistency & CAP Theorem
The SNOW Theorem and Latency-Optimal Read-Only Transactions
Strong Consistency & CAP Theorem
Replication and Consistency
I Can’t Believe It’s Not Causal
Consistent Data Access From Data Centers
Replication and Consistency
Linearizability Linearizability is a correctness criterion for concurrent object (Herlihy & Wing ACM TOPLAS 1990). It provides the illusion that each operation.
EECS 498 Introduction to Distributed Systems Fall 2017
Transactions.
CSE 486/586 Distributed Systems Consistency --- 1
Replication Improves reliability Improves availability
EECS 498 Introduction to Distributed Systems Fall 2017
Active replication for fault tolerance
Scalable Causal Consistency
CAP Theorem and Consistency Models
The SNOW Theorem and Latency-Optimal Read-Only Transactions
Distributed Systems CS
COS 418: Distributed Systems Lecture 16 Wyatt Lloyd
Strong Consistency & CAP Theorem
Global Distribution.
CSE 486/586 Distributed Systems Consistency --- 2
CSE 486/586 Distributed Systems Consistency --- 1
Replication and Consistency
Presentation transcript:

Existential Consistency: Measuring and Understanding Consistency at Facebook Haonan Lu*†, Kaushik Veeraraghavan†, Philippe Ajoux†, Jim Hunt†, Yee Jiun Song†, Wendy Tobagus†, Sanjeev Kumar†, Wyatt Lloyd*† *University of Southern California, †Facebook

Consistency Performance

Fundamental Tension Consistency Performance Eliminates anomalies (Oculus example) Lower latency Makes systems easier to program Higher throughput Difficult to quantify Simple to quantify First study of consistency in a large-scale, production system – Facebook TAO

Anomaly: Unexpected Behavior Post Example “Hey, I mentioned you in a post” New post “@Wyatt, you should check out this game!” Read friend’s timeline Old posts

Anomaly: Unexpected Behavior Oculus Example 1. “Mine! yeah~ lucky!” 1. “I wouldn’t mind…” 1. “I wouldn’t mind…” 2. “Mine! yeah~ lucky!”

Does Facebook have consistency anomalies? How many? What type?

TAO: Eventually Consistent Cache Vulnerability window: time during asynchronous replication when anomalies can happen B new post read A C done value old post M

Quantifying Anomalies How often do anomalies occur? Collect trace of requests to TAO What consistency would prevent them? Run anomaly checkers on the trace

Trace Collection Collect trace on web servers Challenges in tracing production system Volume of requests Time skew between web servers Missing requests

Challenge: Volume of Requests Billions of requests per second [ATC ’13] Too many to log Sample on objects Object: vertex in social graph Log all requests to objects in sample Sufficient for local consistency models

Local Property Enables Sampling “… the system as a whole satisfies P whenever each individual object satisfies P.”[1] Local Linearizability Per-Object Sequential Read-After-Write Local consistency models can be checked on a per object basis [1] M. P. Herlihy and J. M. Wing “Linearizability: A Correctness Condition for Concurrent Objects.” ACM TOPLAS, 1990

Challenge: Time Skew Time skew across web servers 99.9 percentile for 1 week: 35ms Add time skew to request’s duration More overlapped requests Eliminates false positives

Logging Details Logged information: Start time Finish time Read or write Value: match read with write Logged information: Start time Finish time Read or write Value: match read with write Sampling rate: 1 out of 1 million objects ~ 100% of requests to sampled objects Determine real time ordering of requests Post (new)

Trace Statistics 12 days (8/20 – 8/31) 17 million objects 3 billion requests

Check Trace for Anomalies Linearizability checker Paxos provides Per-Object Sequential checker PNUTS provides Read-After-Write checker TAO provides within a cluster

Linearizability Strongest non-transactional consistency Real-time constraint Post example Total order constraint Oculus example! Should return “new” Haonan Post (old) Post (new) Haonan Wyatt Read (old)

Linearizability Checker Graph captures state transitions Vertex: write operations Edge: real-time order Merge read with its write Captures state transitions seen by users Anomaly if merge causes a cycle Cycle indicates user’s view ≠ system view

Linearizability Checker Captures real-time constraint Read should return new post instead Post (new) Haonan Wyatt Post (old) Read (old) Should return new post Post (old) Post (new) Read (old) Anomaly

More Complex Cases http://tinyurl.com/sosp15-demo 2 Anomalies w(0)

Result Overview Linearizability Per-Object Sequential Read-After-Write Bounds on non-local consistency models Anomalies found for all consistency models – adopting them would have benefits

Linearizability Results 5 anomalies per million reads Prevented by Paxos-based implementation Upper bound on TAO anomalies Strongest consistency we checked TAO is highly consistent

Linearizability Results Real-Time Constraint Violations 4 per million reads Post (new) Read A B Post (new) starts Post (new) finishes M Replica A: Master M: Vulnerable! Replica B: Read (old)

Linearizability Results Total Order Constraint Violations 1 per million reads A B M Comment(H) Comment(W) H starts H finishes Read (H) Replica A: Vulnerable! Master M: W H Replica B: W starts W finishes Read (W)

Per-Object Sequential Results 1 anomaly per million reads Total order constraint User session constraint (1 per 10 million) Users should see their writes A B M Post(new) Read Old

Infer Bounds on Causal Linearizability 5 per million reads Superset of causal anomalies ≤ 5 per million reads Causal ≥ 1 per million reads Per-Object Sequential 1 per million reads Subset of causal anomalies

Lower Bounds on Transactions Strict Serializability > 5 per million reads Future research should provide transactions Linearizability 5 per million reads Causal with Transactions Causal > 1 per million reads Per-Object Sequential 1 per million reads

Real-Time Consistency Monitor Checkers cannot run in real-time Φ-consistency Measure convergence of replicas A real-time health monitor Alarms when a replica falls behind

Conclusion Benefits of consistency are hard to quantify First study of a large-scale production system Measure Facebook’s TAO system Collect trace and run anomaly checkers Real-world challenges Results TAO is highly consistent Benefits of adopting stronger consistency exist Research should provide transactions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.