Transcript unreliable

(Yet another)
Replicated Web Server
Alberto Bartoli
Bologna






Austro-Hungarian Empire
Italy
Germany
Yugoslavia
Allied Administration
Italy
1918
June 1945
1954
Previous work in the area
 Enriched Virtual Synchrony
(  group communication for on-line state transfer)
“old stuff”; IEEE ToC 1997; with Ozalp
 On-line reconfiguration of replicated databases based on
group communication
“algorithm”; DSN 2001; with Bettina and Ozalp
Probably not very useful / applicable for Adapt
Main interests / On-going work
 Service replication with sequential consistency in
unreliable networks
“algorithm”; unpublished; with Ozalp
Implemented in a replicated Tomcat in Trieste
 Group communication support for replicated databases
“algorithm”; unpublished; with Bettina
Hope they will be useful for Adapt !
Service Replication:
Scenario
Unreliable Network
C
S
 C connected with only one server at a time
 Reads executed locally
 Writes executed at several servers (without C being involved)
 If C does not receive a response (e.g., TCP connection breaks),
C may send the very same request to any server
Unreliable
Network
Service Replication:
Guarantees
Unreliable Network
C
S
“Sequential Consistency”
 Each write is executed only once
Unreliable
 Each read issued by C reflects all previous writes issued by C Network
Recall:
 Even across different connections to possibly different servers
Really Useful ?




Connected with one server at a time
Can retransmit to any server until seeing a response
Always sees the effect of previous requests
Exactly-once
 Useful for users that navigate the web
Crucial for integration of remote applications
(if we want them to be reliable)
 Web services  Adapt
A note on existing solutions
They do not provide those guarantees automatically
1) The service is “reliable only if you are lucky”,
or,
2) Programmers must implement suitable support
My ultra-strong belief:
 We will have unreliable services
 Even services supposed to be reliable
(see my FuDiCo talk: http://www.cs.unibo.it/fudico/)
Status (I)
Trieste has a working prototype of this stuff:
Tomcat with in-memory session replication
 Client: Browser




Connected with one server at a time
Can retransmit to any server until seeing a response
Always sees the effect of previous requests
Exactly-once
 Server: “normal servlets”
 Each session object is replicated
 “Reads”: On the local replica (if up-to-date, otherwise HTTP redirect)
 “Writes”: On all replicas in the primary partition
 Reintegration (state transfer):
Blind
On-line and negotiated
Status (II)
Classes of distributed web servers:
1) Each server has its own IP address
2) Each server has its own IP address, but this is not visible to the outside
(load-balancing switch in front: clients only see this IP address)
3) All servers share the same IP address
 We use 1, but it should work also with 2
 Substantial redesign required for 3
Load balancing (for 1)
 Mechanism: Each server can communicate a “load index” to
all other servers (quick, very efficient)
 Policy: Not yet investigated
Status (III)
Tomcat
Session Replication
Load Balancing
“Nicer” GC Interface
Group Communication
Developed at Johns Hopkins
JMiramare
JBora
Spread
GC for RepDB (I)
“Improvement” of GC interface suitable for replicated databases
Key issues:
 Site reintegration cannot occur instantaneously
 The traditional notion of primary partition is not sufficient
(building a totally-ordered sequence of views does not allow you
to recover from a total failure)
Useful for Adapt ?
Probably its “dynamic voting portion”...
GC for RepDB (II)
Tomcat
Signal whether a view is Primary
Majority-based choice
(not very Adapt -able)
JMiramare
JBora
We should base it on dynamic voting
(much more Adapt -able)
Spread
Human Resources Available /
Constraints
 1 programmer (hired Sept. 1st)
 Maybe a PhD student starting next January (maybe)
 Master-level students
Computer Science in Trieste:
 Full professors:
 Associate professors:
 Research associates:
 PhD students:
 EEUU-funded projects in CS:
1 “almost retired”
1 “computer artist”, 1 has never done any research
1 very good... in signal processing and robotics
1 in robotics
0
Related “Projects”
Collaboration with a research group in Pisa (CNUCE-CNR):
 Very good at performance analysis by simulation
 A PhD student has been working for 2 years on
 QoS-based load balancing
 Geographically replicated, read-only web servers
 Next year he should work on load balancing for “JMiramare”
 Useful for Adapt ?
 If we obtain interesting results, they could be additional selling points
What we can contribute
Tomcat
JMiramare
 Replacement / Extension to JMiramare for
stateful web services ?
JBora
 Session passivation ?
 Partial replication ?
 Geographical replication ?
 Messaging layer ?
Spread