Presentation is loading. Please wait.

Presentation is loading. Please wait.

Failure Detectors n motivation n failure detector properties n failure detector classes u detector reduction u equivalence between classes n consensus.

Similar presentations


Presentation on theme: "Failure Detectors n motivation n failure detector properties n failure detector classes u detector reduction u equivalence between classes n consensus."— Presentation transcript:

1 Failure Detectors n motivation n failure detector properties n failure detector classes u detector reduction u equivalence between classes n consensus  solving with S  solving with  S n corollaries and other results

2 Why Failure Detectors n consensus in asynchronous systems is impossible even if a single process crashes u (pure) asynchronous systems are not useful for fault tolerance studies n asynchronous system is a generic model for reasoning about distributed algorithms n how can asynchronous systems be augmented to enable consensus?

3 Notation T – state numbers in a computation (logical clock ticks) failure pattern is a function F(t) that denotes the set of processes that have crashed so far  F: T  2 P  F is monotonic: (p  F(t))  (p  F(t' > t))  crashed(F) are the processes that crash at some time correct(F) = P - crashed(F) F once the process crashes it does not recover n failure detector is a module of a process that outputs the set of processes that it currently suspects to have crashed failure detector history H is the output of a failure detector u H: P  T  2 P  H(p, t) is the set of processes that p suspects at time t.  q  H(p, t) means " p suspects q at time t ". failure detector D maps F to a set of H.

4 Failure Detector Properties completeness n strong – every process that never crashes eventually suspects every process that does crash   F,  H  D(F),  t  T,  p  crashed(F),  q  correct(F),  t'  t: p  H(q, t') n weak – some process that never crashes eventually suspects every process that does crash u  F,  H  D(F),  t  T,  p  crashed(F),  q  correct(F),  t'  t: p  H(q, t') (perpetual) accuracy n strong – no process is suspected before it crashes   F,  H  D(F),  t  T,  p, q  P  F(t): p  H(q, t) n weak – some correct process is never suspected   F,  H  D(F),  p  correct(F),  t  T,  q  P  F(t): p  H(q, t) eventual accuracy u eventual versions of (weak and strong) accuracy require that the property holds only eventually u ex: eventual strong accuracy:  F,  H  D(F),  t  T,  t’>t,  p, q  P  F(t): p  H(q, t’)

5 Failure Detector Classes the properties define eight detector classes

6 Detector Reduction reduction algorithm T D  D’ transforms D into D’  T uses D to maintain variable output p for every process p  every history T D  D’ of is a history of D’ if algorithm A requires D’, but only D is available, A can use T D  D’ if exists T D  D’ – D provides at least as much info as D’  D’ is weaker than D  D’ is reducible to D  D  D’ n reducibility relation is transitive if D>D’ and D’>D then D  D ’: D and D’ are equivalent n reducibility and equivalence applies to classes of detectors as well

7 Relation between Weak and Strong Completeness observe that strongly complete detectors trivially emulate weak, thus P  Q, S  W,  P   Q,  S   W n however, weakly complete detectors can also emulate strong ones  in the algorithm T D  D’ each process broadcasts the list of suspects  T D  D’ F transforms weak into strong completeness F preserves perpetual (weak and strong) accuracy F preserves eventual (weak and strong) accuracy n Thus, P  Q, S  W,  P   Q,  S   W u need to consider only strongly complete detectors

8 Consensus with Failure Detectors primitives at each process propose( v )propose a value v for consensus decide( v )decide on a consensus value v properties n termination – each correct process eventually decides on a value n uniform integrity – each process decides at most once n agreement – no two correct processes decide differently u uniform agreement – no two (correct or faulty) processes decide differently uniform validity – if a process decides on v, then some process proposed v

9 Solving Consensus using S tolerates up to n-1 crashes, satisfies uniform agreement three phases first – n-1 rounds of disseminating each process’ value n second – processes agreeing on the vector of values correctness proof c – correct process that is never suspected Theorem: the algorithm solves consensus using S

10 Solving Consen- sus using  S assumptions n majority of processes are correct each process knows the id of coordinator at round r Theorem: the algorithm solves consensus using  S

11 Corollaries and Other Results from detector classes equivalence consensus is solvable with W with up to n-1 crashes consensus is solvable using  W with less than  n/2  crashes other results consensus is not solvable even with  P with if maximum number of crashes is at least  n/2  crashes  W is the weakest failure detector to solve consensus with less than  n/2  crashes  that is for any detector D, there exists T D  W


Download ppt "Failure Detectors n motivation n failure detector properties n failure detector classes u detector reduction u equivalence between classes n consensus."

Similar presentations


Ads by Google