brewer’s conjecture and the feasibility of consistent, available, partition-tolerant web services
DESCRIPTION
Brewer’s Conjecture and the Feasibility of Consistent, Available, Partition-Tolerant Web Services. Authored by: Seth Gilbert and Nancy Lynch Presented by: Karl Smith. Introduction. CAP Consistency Availability Partition-Tolerance - PowerPoint PPT PresentationTRANSCRIPT
Brewer’s Conjecture and the Feasibility of Consistent, Available,
Partition-Tolerant Web ServicesAuthored by: Seth Gilbert
and Nancy LynchPresented by: Karl Smith
CAP Consistency Availability Partition-Tolerance
Three desirable, and expected properties of real-world services
Brewer states that it is impossible to guarantee all three
Introduction
Most web services attempt to provide strongly consistent data
Most use ACID databases Atomic Consistent Isolated Durable
Web services also need fault-tolerance Handle crashing nodes, and network partitioning
ACID
Formal Model
Data should maintain atomic consistency There must exist a total order on all
operations such that each operation looks as if it were completed at a single instant
This is not the same as the Atomic requirement in ACID
Atomic Data Objects
Every request received by a non-failing node in the system must result in a response
No time requirement Difficult because even in severe network
failures, every request must terminate Brewer originally only required almost all
requests get a response, this has been simplified to all
Available Data Objects
When the network is partitioned all messages sent from nodes in one partition to nodes in another partition are lost
This causes the difficulty because Every response must be atomic even though
arbitrary messages might not be delivered Every node must respond even though arbitrary
messages may be lost No failure other then total network failure is
allowed to cause incorrect responses
Partition Tolerance
Asynchronous Networks There is no clock Nodes must make decisions based only on
messages received and local computation Partially Synchronous Networks
Each system has a clock Clocks increase at the same rate Clocks my not be synchronized
Different Networks
It is impossible to provide the following in all fair executions (included those in which messages are lost) Availability Atomic Consistency
Proven by contradiction
Asynchronous Network Impossible
Let the system be made of two nodes(G1,G2) that are partitioned separately such that all messages between G1 and G2 are lost
If a write occurs on G1, then later a read occurs on G2, G2 cannot return the data written as a result of the write to G1
Impossible Proof
No solution exists to meet all three requirements, but any two can be accommodated
Partial Solutions
Ignore all requests Alternate solution: each data object is hosted
on a single node and all actions involving that object are forwarded to the node hosting the object
Atomic & Partition Tolerant
If no partitions occur it is clearly possible to provided atomic, available data
Systems that run on intranets and LANs are an example of these algorithms
Atomic & Available
The service can return the initial value for all requests
The system can provide weakened consistency, this is similar to web caches
Available & Partition Tolerant
It is impossible to provide the following in all fair executions (included those in which messages are lost) Availability Atomic Consistency
Proven by contradiction (This is very similar to the synchronous slide)
Partially Synchronous NetworkStill Impossible
Let the system be made of two nodes(G1,G2) that are partitioned separately such that all messages between G1 and G2 are lost
If a write occurs on G1, then later a read occurs on G2, G2 cannot return the data written as a result of the write to G1
(This seems familiar)
Impossible Proof
By allowing stale data to be returned when messages are lost it is possible to maintain a weaker consistency
Delayed-t consistency- there is an atomic order for operations only if there was an interval between the operations in which all messages were delivered
Weaker Consistency Conditions
1. P is a partial order that orders all write operations, and orders all read operations with respect to the write operations.
2. The value returned by every read operation is exactly the one written by the previous write operation in P (or the initial value, if there is no such previous write in P).
3. The order in P is consistent with the order of read and write requests submitted at each node.
4. (Atomicity) If all messages in the execution are delivered, and an operation θ completes before an operation Φ begins, then Φ does not precede θ in the partial order P,
5. (Weakly Consistent) Assume there exists an interval of time longer than t in which no messages are lost. Further, assume an operation, θ, completes before the interval begins, and another operation, Φ, begins after the interval ends. Then Φ does not precede θ in the partial order
Definition
1. A sends a request to C for the most recent value.
2. If A receives a response from C, save the value and send it to the client.
3. If A concludes that a message was lost (i.e. a timeout occurs), then return the value with the highest sequence number received from C (see below), or the initial-value (if no value has yet been received from C).
Read
1. A sends a message to C with the new value.2. If A receives an acknowledgement from C, then A
sends an acknowledgement to the client, and stops.3. If A concludes a message was lost (i.e. a timeout
occurs), then A sends an acknowledgement to the client.
4. If A has not yet received an acknowledgement from C, then A sends a message to C with the new value.
5. If A concludes a message was lost (i.e. a timeout occurs), A repeats step 4 within t − 4 * t timeout seconds.
Write
1. C increments its sequence number by 1.2. C sends out the new value and the sequence
number to every node.3. If C concludes a message was lost (i.e. a
timeout occurs), then C resends the value and sequence number to the missing node within time t − 2 * t timeout seconds.
4. Repeat step 3 until every node has acknowledged the value.
New Value
Proved that CAP is impossible to provide Any two properties can be maintained It is possible to achieve a compromise
between consistency and availability in a partially synchronous network
Conclusion