Presentation is loading. Please wait.

Presentation is loading. Please wait.

Add Fault Tolerance – order & time Time, Clocks, and the Ordering of Events in a Distributed System Leslie Lamport Optimal Clock Synchronization T.K. Srikanth.

Published byBonnie Goodman Modified over 9 years ago

Similar presentations

Presentation on theme: "Add Fault Tolerance – order & time Time, Clocks, and the Ordering of Events in a Distributed System Leslie Lamport Optimal Clock Synchronization T.K. Srikanth."— Presentation transcript:

1 Add Fault Tolerance – order & time Time, Clocks, and the Ordering of Events in a Distributed System Leslie Lamport Optimal Clock Synchronization T.K. Srikanth and Sam Toueg Presenter: Feng Shao (Some slides borrowed from Lamport)

2 Why do we care about the “Time” in a distributed system? l May need to know the time of day at which some event happens on a specific computer l external clock synchronization l For two events that happened on different computers l May need to know the relative order l May need to know time interval l internal clock synchronization

3 Physical Clocks l Every computer contains a physical clock l A clock is an electronic device that counts oscillations in a crystal at a particular frequency l Count is typically divided and stored in a computer register l Clock can be programmed to generate interrupts at regular intervals. l This value can be used to timestamp an event on that computer l Two events will have different timestamps only if clock resolution is sufficiently small l Many applications are interested only in the order of events, not the exact time of day at which they occurred.

4 Physical Clocks in Distributed Systems l Does this work? l Synchronize all the clocks to some known high degree of accuracy, and then l Measure time relative to each local clock to determine order between two events l Well, there are some problems… l It’s difficult to synchronize the clocks l Crystal-based clocks tend to drift over time-count time at different rates, and diverge from each other l Physical variations in the crystals, temperature variations, etc. l Drift is small, but adds up over time l For quartz crystal time, typical drift rate is about one second every 10 6 seconds=11.6days l Best atomic clocks have drift rate of one second in 10 13 seconds = 300,000 years

5 Logical Clocks l Idea — abandon idea of physical time l For many purposes, it is sufficient to know the order in which events occurred l Lamport (1978) — introduce logical (virtual) time, to provide consistent event ordering

6 TIME, CLOCKS AND THE ORDERING OF EVENTS IN A DISTRIBUTED SYSTEM Leslie Lamport

7 THE PAPER l Handles the problem of clock drift in distributed systems l Identify main function of computer clocks l How to order events l Indicates which conditions clocks must satisfy to fulfill their role l Introduces logical clocks

8 ORDERING EVENTS l Event ordering linked with concept of causality: l Saying that event a happened before event b is same as saying that event a could have affected the outcome of event b l If events a and b happen on processes that do not exchange any data, their exact ordering is not important

9 Relation “has happened before” (I) l Smallest relation satisfying the three conditions: l If a and b are events in the same process and a comes before b, then a  b l If a is the sending of a message by a process and b its receipt by another process then a  b l If a  b and b  c then a  c.

10 Example (I) Process i Process k Process jX X X X X a c b d e

11 Example (II) l From first condition l a  d l c  e l From second condition l a  c l b  e l From third condition l a  e

12 Relation “has happened before” (II) l We cannot always order events: relation “has happened before” is only a partial order l If a did not happen before b, it cannot causally affect b.

13 Logical clocks l Verify the clock condition: l if a  b then C and the two sub-conditions: l if a and b are events in process P i and a comes before b, then C i, l if a is the sending of a message by P i and b its receipt by P j then C i,

14 Implementation rules l Each process P i increments its clock C i between two consecutive events, l If a is the sending of a message m by P i then m includes a timestamp T m = C i when P j receives m, it sets its clock to a value greater than or equal to its present value and greater than T m.

15 Defining a total order l We can define a total ordering on the set of all system events a  b if either C i or C i = C j and P i < P j. l This ordering is not unique

16 Anomalous behaviors l Logical clocks have anomalous behaviors in the presence of outside interactions l carrying a diskette from one machine to another l dictating file changes over the phone l Must use physical clocks

17 Example Process i Process k Process jX X X X X a c b d e outside interaction

18 Strong clock condition Let S be set of all systems events plus the relevant external events For any events a, b in S, if a  b then C

19 Physical clock conditions l There is a constant k << 1 such that for all i: |d C i (t)/dt - 1| < k The clock is neither too fast nor too slow l There is a constant  such that for all i, j: l |C i (t) - C j (t)| <  The clocks are more or less synchronized

20 Observations l Like logical clocks, physical clocks cannot be rolled back l Required accuracy of a physical clock depends on the minimum transmission delay of outside interactions l If it takes 20 minutes to carry a diskette between two machines their clocks can be off by up to 20 minutes

21 Example Process i Process jX X X 11:30 am d OK 11:15 am X 11:30 am NO 20 minutes

22 Optimal Clock Synchronization T. K. Srikanth and Sam Toueg

23 Why do clock synchronization? l Time-based computations on multiple machines l Applications that measure elapsed time l Agreeing on deadlines l Real time processes may need accurate timestamps l Many applications require that clocks advance at similar rates l Real time scheduling events based on processor clock l Setting timeouts and measuring latencies l Ability to infer potential causality from timestamps

24 Famous example l Scud rockets launched by Iraq towards Israel l Ground-based Patriot missiles fire back l But missiles always missed the warhead! l Why?

25 Famous example l Scud rockets launched by Iraq towards Israel l Ground-based Patriot missiles fire back l But missiles always missed the warhead! l Why? l After 72 hours of waiting control system was out of sync relative to Patriot guidance system l “be at (x,y,z) at time t” was misinterpreted!

26 Synchronization with failures A process is faulty if its behavior deviates from that prescribed by the algorithm it is running. 1. Crash: The process stops and does nothing from that point. 2. Send omission: The process crashes or omits to send messages that it is supposed to send. 3. Receive omission: The process crashes or does not receive messages sent to it. 4. General omission: The faulty process is subject to send omissions, receive omissions, or both. 5. Arbitrary (sometimes called Byzantine ): The faulty process can exhibit any behavior, including malicious actions that will cause the system to fail.

27 The System Model l Hardware clocks l Physical clock of process q designated R q (t) l Clocks have a drift rate ρ: l (1+ ρ) -1 (t 2 -t 1 )  R p (t 2 )- R p (t 1 )  (1+ ρ) (t 2 -t 1 ) l Implies that rate of drift is bounded by d r = ρ(2+ ρ)/(1+ ρ) l For time t, general bounds: (1- ρ)t  (1+ ρ) -1 t  R(t)  (1+ ρ)t  (1- ρ) -1 t l There is a limit t del on message latency

28 Clock synchronization goals l A clock synchronization protocol implements a virtual clock function mapping real time t to C p (t) l Agreement condition: l |C p (t) - C q (t)|  D max for all correct p, q l D max bounds the difference between two virtual clocks running on different processors l Accuracy condition: l (1+  ) -1 t + a  C p (t)  (1+  )t +b, for constants a, b,  l Says that p’s clock must be within a linear envelope of “real time”

29 Clocks and True Time True Time  Clock Time  Ideal Clock Virtual Clock: C p (t) (1+  ) -1 t + a (1+  )t +b ab

30 Authenticated Algorithm //(not a sequential program) if received f+1 signed messages (round k) (“accept”)  C k (t):=kP+a; relay all f+1 signed messages to all fi coend cobegin if C k-1 (t) = kP  sign and broadcast (round k) fi l Solution for system of n processes, at most f of which are faulty

31 Observations l Why relay? l Faulty processes do not necessarily broadcast. l Why N > 2f? faulty processes correct processes N = 4, f = 2, suppose faulty processes get stuck and p, q want to resynchronize p q p, q cannot resynchronize !

32 Achieving Optimal Accuracy l Bound on accuracy: for any synchronization, even in the absence of faults, accuracy cannot exceed that of the underlying hardware clocks l Why algorithm 1 is not optimal? l Uncertainty of t del introduces a difference in the logical time between resyn.

33 Optimality (informal description) l Solution: compensate for the uncertainty of t del : If a process accepts a (round k) message early, it delays the starting of the kth clock by t del /2(1+ ρ). If it accepts the message late, it advances the starting of kth clock by t del /2(1+ ρ). l Suppose process i accepts (round k) message at time t, and let T=C k-1 (t), ß = t del /2(1+ ρ) l early: T <= kP + ß l late: T > kP+ ß l Proof of correctness: remarkably tricky, ignored here

34 Unauthenticated algorithm l The authenticated algorithm relies on properties of the message system: l Correctness: If at least f+1 correct processes broadcast round k messages by time t, then every correct process accepts a message by time t+t del l Unforgeability: If no correct process broadcasts a round k message by time t, then no correct process accepts the message by time t or earlier l Relay: If a correct process accepts the message round k at time t, then every correct process does so by time t+t del

35 Unauthenticated algorithm (II) l A broadcast primitive which has the three properties To broadcast a (round k) message, a correct process sends (init, round k) to all. for each correct process: if received (init, round k) from at least f+ 1 distinct processes  send (echo, round k) to all; received (echo, round k) from at least f+ 1 distinct processes  send (echo, round k) to all; fi if received (echo, round k) from at least 2f+ 1 distinct processes  accept (round k) fi l Requires n > 3f+1, in order to accept

36 N > 3f +1 faulty processes correct processes N = 5, f = 2, suppose faulty processes get stuck, all three correct processes want to resynchronize p q p, q, r never receive 2f +1 ( echo, round k), thus not accept r

37 Simulating Authentication l Nonauthenticated algorithm for clock synchronization for process p for round k cobegin if C k-1 (t) = kP /* ready to start Ck */  broadcast (round k) fi /* using the broadcast primitive*/ // if accepted the message (round k) /* according to the primitive */  C k (t) := kP + a fi /* start Ck */ coend Message overhead : O(n 2 )

38 Restricted Models of failure l Now assume arbitrary failure l For other types of failures, including crash, sr-omission, the algorithm can be easily modified to achieve the optimality in the number of fault processes.

39 Summary l A unified solution for synchronizing clocks. l In practice, quality of synchronization remains relatively poor l At best synchronization will be limited by quality of physical clocks, rates of physical clock drift, and uncertainty in latencies

40 ??? //

Download ppt "Add Fault Tolerance – order & time Time, Clocks, and the Ordering of Events in a Distributed System Leslie Lamport Optimal Clock Synchronization T.K. Srikanth."

Similar presentations

Time, Clocks, and the Ordering of Events in a Distributed System

Time, Clocks, and the Ordering of Events in a Distributed System
Chapter 8 Fault Tolerance

Chapter 8 Fault Tolerance
Synchronization.

Synchronization.
Failure detector The story goes back to the FLP’85 impossibility result about consensus in presence of crash failures. If crash can be detected, then consensus.

Failure detector The story goes back to the FLP’85 impossibility result about consensus in presence of crash failures. If crash can be detected, then consensus.
Computer Science 425 Distributed Systems CS 425 / ECE 428 Consensus

Computer Science 425 Distributed Systems CS 425 / ECE 428 Consensus
The Byzantine Generals Problem Boon Thau Loo CS294-4.

The Byzantine Generals Problem Boon Thau Loo CS294-4.
Time and Clock Primary standard = rotation of earth De facto primary standard = atomic clock (1 atomic second = 9,192,631,770 orbital transitions of Cesium.

Time and Clock Primary standard = rotation of earth De facto primary standard = atomic clock (1 atomic second = 9,192,631,770 orbital transitions of Cesium.
Byzantine Generals Problem: Solution using signed messages.

Byzantine Generals Problem: Solution using signed messages.
Computer Science 425 Distributed Systems CS 425 / ECE 428  2013, I. Gupta, K. Nahrtstedt, S. Mitra, N. Vaidya, M. T. Harandi, J. Hou.

Computer Science 425 Distributed Systems CS 425 / ECE 428  2013, I. Gupta, K. Nahrtstedt, S. Mitra, N. Vaidya, M. T. Harandi, J. Hou.
Distributed Systems Spring 2009

Distributed Systems Spring 2009
Time in Embedded and Real Time Systems Lecture #6 David Andrews

Time in Embedded and Real Time Systems Lecture #6 David Andrews
CS 582 / CMPE 481 Distributed Systems Fault Tolerance.

CS 582 / CMPE 481 Distributed Systems Fault Tolerance.
Distributed systems Module 2 -Distributed algorithms Teaching unit 1 – Basic techniques Ernesto Damiani University of Bozen Lesson 3 – Distributed Systems.

Distributed systems Module 2 -Distributed algorithms Teaching unit 1 – Basic techniques Ernesto Damiani University of Bozen Lesson 3 – Distributed Systems.
Teaching material based on Distributed Systems: Concepts and Design, Edition 3, Addison-Wesley 2001. Copyright © George Coulouris, Jean Dollimore, Tim.

Teaching material based on Distributed Systems: Concepts and Design, Edition 3, Addison-Wesley Copyright © George Coulouris, Jean Dollimore, Tim.
Randomized Byzantine Agreements (Sam Toueg 1984).

Randomized Byzantine Agreements (Sam Toueg 1984).
Synchronization Clock Synchronization Logical Clocks Global State Election Algorithms Mutual Exclusion.

Synchronization Clock Synchronization Logical Clocks Global State Election Algorithms Mutual Exclusion.
Replication Management using the State-Machine Approach Fred B. Schneider Summary and Discussion : Hee Jung Kim and Ying Zhang October 27, 2005.

Replication Management using the State-Machine Approach Fred B. Schneider Summary and Discussion : Hee Jung Kim and Ying Zhang October 27, 2005.
2/23/2009CS50901 Implementing Fault-Tolerant Services Using the State Machine Approach: A Tutorial Fred B. Schneider Presenter: Aly Farahat.

2/23/2009CS50901 Implementing Fault-Tolerant Services Using the State Machine Approach: A Tutorial Fred B. Schneider Presenter: Aly Farahat.
Clock Synchronization Ken Birman. Why do clock synchronization?  Time-based computations on multiple machines Applications that measure elapsed time.

Clock Synchronization Ken Birman. Why do clock synchronization?  Time-based computations on multiple machines Applications that measure elapsed time.
Josef WidderBooting Clock Synchronization1 The  - Model, and how to Boot Clock Synchronization in it Josef Widder Embedded Computing Systems Group

Josef WidderBooting Clock Synchronization1 The  - Model, and how to Boot Clock Synchronization in it Josef Widder Embedded Computing Systems Group

Similar presentations

Ads by Google