Implementing Fault-Tolerant Services Using State Machines Vijay K. Garg Electrical and Computer Engineering The University of Texas at Austin Email: [email protected]Disc’2010 Implementing Fault-Tolerant Services Using State Machines : Beyond Replication
42
Embed
Implementing Fault-Tolerant Services Using State Machines
Implementing Fault-Tolerant Services Using State Machines. : Beyond Replication. Implementing Fault-Tolerant Services Using State Machines. Vijay K. Garg Electrical and Computer Engineering The University of Texas at Austin Email: [email protected]. Disc’2010. - PowerPoint PPT Presentation
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Implementing Fault-Tolerant Services Using State Machines
user: int initially 0;// resource idlewaiting: queue of int initially null;
On receiving acquire from client pid if (user == 0) { send(OK) to client pid; user = pid; } else waiting.append(pid);On receiving release if (waiting.isEmpty()) user = 0; else { user = waiting.head(); send(OK) to user; waiting.removeHead(); }
Complex Data Structures: Fused Queue
16
a1 a2
a3
a4
a5a6a7
a8
b1
b2b3b4
b5
head
tail tail
head
(i) Primary Queue A (i) Primary Queue B
HeadA
a2a3 + b1
a4 + b2
a5 + b3
a6 + b4
a7 + b5a8 + b6
a1
HeadB
tailA tailB
(iii) Fused Queue F
Fused Queue that can tolerate one crash fault
Fused Queues: Circular Arrays
17
Resource Allocation: Fused Processes
18
OutlineCrash Faults
Space savingsMessage savings Complex Data Structures
Goals for Byzantine Fault ToleranceEfficient during error-free operationsEfficient detection of faults
No need to decode for fault detectionEfficient in space requirements
21
Byzantine Fault Tolerance: Fusion
22
13 8 45
13 8 45
66
P(i)
Q(i)
F(1)
11
Byzantine Faults (f=1)
Assume n primary state machine P(1)..P(n), each with an O(1) data structure.
Theorem 2: There exists an algorithm with additional n+1 backup machines withsame overhead as replication during normal operations additional O(n) overhead during recovery.
23
Byzantine FT: O(m) data
24
P(i)
Q(i)
F(1)
a1 a2
a3
a4
a5a6a7
a8
a1 a2
a3
a4
a5a6a7
a8
b1
b2b3b4
b5
b1
b2b3b4
b5HeadA
a2a3 + b1
a4 + b2
a5 + b3
a6 + b4a7 + b5a8 + b6
a1
HeadB
tailA tailB
g
x
Crucial location
Byzantine Faults (f=1), O(m)Theorem 3: There exists an algorithm with additional
n+1 backup machines such thatnormal operations : same as replication additional O(m+n) overhead during recovery.
No need to decode F(1)
25
Byzantine Fault Tolerance: Fusion
26
3 1 4
3 8 4
P(i)
F(1)
1
3 1 4
3 1 4
8 17 43 F(3)
1*3 + 2*1 + 3*41*3+4*1+9*45
5
3Single mismatched primary
10
1*3+1*1+1*4
Byzantine Fault Tolerance: Fusion
27
3 7 4
3 8 4
P(i)
F(1)
1
3 1 4
3 1 4
8 17 43 F(3)
5
5
3Multiple mismatched primary
8
1
Byzantine Faults (f>1), O(1) data
Theorem 4: Algorithm with additional fn+f state machines for f Byzantine faults with same overhead as replication during normal operations.
28
Liar Detection (f > 1), O(m) data Z := set of all f+1 unfused copiesWhile (not all copies in Z identical) do
w := first location where copies differUse fused copies to find v, the correct value of state[w]Delete unfused copies with state[w] != v
Invariant: Z contains a correct machine.
No need to decode the entire fused state machine!
29
Fusible Structures
Fusible Data Structures[Garg and Ogale, ICDCS 2007]Linked Lists, Stacks, Queues, Hash tablesData structure specific algorithmsPartial Replication for efficient updatesMultiple faults tolerated using Reed-Solomon Coding
Fusible Finite State Machines [Ogale, Balasubramanian, Garg IPDPS 09]Automatic Generation of minimal fused state machines
30
Conclusions
31
Coding Replication Fusion
Crash Faults n+nf n+f
Byzantine Faults n+2nf n+nf+f
Replication: recovery and updates simple, tolerates f faults for each of the primaryFusion: space efficient
Can combine them for tradeoffs
n: the number of different servers
Future Work
Optimal Algorithms for Complex Data StructuresDifferent Fusion OperatorsConcurrent Updates on Backup Structures
32
Thank You!
33
Questions?Crash Faults
Event Counters: Space savingsMutex Algorithm: Message savingsResource Allocator: Complex Data Structures
Byzantine FaultsSingle Fault (f=1), Detection and CorrectionLiar DetectionMultiple Faults (f>1)
Conclusions & Future Work
34
Backup Slides
35
Event Counter: Proof Sketch
36
ModelThe servers (primary and backups) execute
independently (in parallel)Primaries and backups do not operate in lock-stepEvents/Updates are applied on all the serversAll backups act on the same sequence of events
37
Model contd…Faults:
Fail Stop (crash): Loss of current stateByzantine: Servers can `lie` about their current state
For crash faults, we assume the presence of a failure detector
For Byzantine faults, we provide detection algorithmsInfrequent Faults
38
Byzantine Faults (f=1), O(m)Theorem 3: There exists an algorithm with additional n+1 backup
machines such thatnormal operations : same as replication additional O(m+n) overhead during recovery.
Proof Sketch:Normal Operation: Responses by P(i) and Q(i), identical Detection: P(i) and Q(i) differ for any response Correction: Use liar detectionO(m) time to determine crucial locationUse F(1) to determine who is correctNo need to decode F(1)
39
Byzantine Faults (f>1)Proof Sketch:
f copies of each primary state machine and f overall fused machines
Normal Operation: all f+1 unfused copies result in the same output
Case 1: single mismatched primary state machine Use liar detection
Case 2: multiple mismatched primary state machinesUnfused copy with the largest tally is correct