Argus Papers We Love

Transcript

1. Distributed Programming in Argus Barbara Liskov Papers We Love SF

   - January 2017

2. Caitie McCaffrey @caitie Distributed Systems Engineer CaitieM.com

3. 1988

4. “Technological advances have made it cost effective to construct large

   systems from collections of computer connected via networks. To support such systems, there is a growing need for effective way to organize and maintain distributed programs” Guardians and Actions: Linguistic Support for Robust, Distributed Programs

5. Atomicity RPC &

6. Guardians and Actions: Linguistic Support for Robust, Distributed Programs “We

   believe that the most desirable form of communication is the paired send and reply” Remote Procedure Calls

7. Guardians and Actions: Linguistic Support for Robust, Distributed Programs “We

   believe the form of communication that is needed is remote procedure call with at-most-once semantics” Remote Procedure Calls

8. Argus RPC In

9. “a special kind of abstract object whose purpose is to

   encapsulate a resource” Guardians Distributed Programming in Argus

10. “it permits its resource to be accessed by means of

    special procedures, called handlers” Handlers Distributed Programming in Argus

11. Argus Banking with

12. Branch Guardian Open (a: account_number) Close (a: account_number) Deposit (a:

    account_number, amt: int) Withdraw (a: account_number, amt: int) Total() Handlers

13. Branch A Branch B Account 123 : $100 Account 456:

    $50 Account 789: $250 Open (123) Deposit(123, 100) Open (456) Deposit(456, 50) Open (789) Deposit(789, 250)

14. Atomicity RPC &

15. “An adequate language must provide a modular, reasonably automatic method

    for achieving consistency ” Atomicity Distributed Programming in Argus

16. Guardians and Actions: Linguistic Support for Robust, Distributed Programs “Our

    solution to the problem of maintaining consistent distributed data in the face of concurrent, potentially interfering activities, and in the face of system failures such as node crashes and network disruptions while these activities are running is to make activities atomic” Atomicity

17. Argus Atomicity In

18. Serializable Actions Total (abort or commit)

19. Atomic Abstract Data Type Atomic Objects Argus Provides: atomic arrays,

    records, variants, characters, and integers

20. Read Write Lock Locking Rules Multiple Readers are Allowed Readers

    Exclude Writers Writer Exclude other Writers & Readers

21. Distributed Programing in Argus “Computation in Argus starts as a

    top action at some guardian. The computation spreads to other guardians by means of handler calls. Execution of a handler call may cause some objects at the handler’s guardian to be modified, and may in turn lead to further calls”

22. Argus Banking with

23. Branch A Branch B Account 123 : $100 Account 456:

    $50 Account 789: $250 Transfer( amt: int, from: account_number, to: account_number)

24. Branch B Account 789: $250 Branch A Account 123 :

    $100 Account 456: $50 SubAction: Deposit (123, 50) Transfer Action SubAction: Withdraw(789, 50) Transfer Deposit Withdraw

25. Branch B Account 789: $250 Branch A Account 123 :

    $100 Account 456: $50 SubAction: Deposit (123, 50) Transfer Action SubAction: Withdraw(789, 50) Transfer Deposit Withdraw enter topaction coenter action branchA.Deposit(123, 50) action branchB.Withdraw(789, 50) end end

26. Branch B Account 789: $250 Branch A Account 123 :

    $100 Account 456: $50 Deposit (123, 50) Transfer Action Withdraw(789, 50)

27. Branch B Account 789: $250 Branch A Account 123 :

    $100 Account 456: $50 Deposit (123, 50) Transfer Action Withdraw(789, 50) Account 123 : $150 Account 789: $200 V1 V1

28. Branch B Account 789: $250 Branch A Account 123 :

    $100 Account 456: $50 Deposit Success Transfer Action Withdraw Success Account 123 : $150 Account 789: $200 V1 V1

29. Branch B Account 789: $250 Branch A Account 123 :

    $100 Account 456: $50 Transfer Action Account 123 : $150 Account 789: $200 V1 V1 Commit Top Level Action 2PC Transfer Deposit Withdraw

30. Branch B Branch A Prepare Transfer Action Prepare Commit Top

    Level Action 2PC: Phase 1 V1 V1 Account 789: $250 Account 123 : $100 Account 456: $50 Account 123 : $150 Account 789: $200

31. Branch B Branch A Prepare Success Transfer Action Prepare Success

    Commit Top Level Action 2PC: Phase 1 V1 V1 Account 789: $250 Account 123 : $100 Account 456: $50 Account 123 : $150 Account 789: $200

32. Branch B Branch A Account 456: $50 Commit Transfer Action

    Commit Account 123 : $150 Account 789: $200 Commit Top Level Action 2PC : Phase 2

33. Branch B Branch A Account 456: $50 Commit Success Transfer

    Action Commit Success Account 123 : $150 Account 789: $200 Commit Top Level Action 2PC : Complete

34. Argus Banking with

35. Branch B Account 789: $200 Branch A Account 123 :

    $150 Account 456: $50 SubAction: Deposit (123, 100) Transfer Action SubAction: Withdraw(456, 100) Transfer Deposit Withdraw

36. Branch B Account 789: $200 Branch A Account 123 :

    $150 Account 456: $50 Deposit (123, 100) Transfer Action Withdraw(456, 100)

37. Branch B Account 789: $200 Branch A Account 123 :

    $150 Account 456: $50 Deposit Success Transfer Action Withdraw Abort V1 Account 123 : $250 Transfer Deposit Withdraw

38. Branch B Account 789: $200 Branch A Account 123 :

    $150 Account 456: $50 Abort Deposit Transfer Action V1 Account 123 : $250 Abort Top Level Action 2PC : Abort

39. Branch B Account 789: $200 Branch A Account 123 :

    $150 Account 456: $50 Deposit Aborted Transfer Action Abort Top Level Action 2PC : Abort

40. Branch B Account 789: $200 Branch A Account 123 :

    $150 Account 456: $50 Transfer Action

41. Sub-Actions “Argus allows actions to be nested; thus an action

    can have one or more sub-actions“ Distributed Programming in Argus Transfer Deposit Withdraw

42. Sub-Actions Replicate Action Replica A Replica B

43. Sub-Actions Replicate Deposit Replica A Replica B Transfer Deposit Withdraw

    Replicate Withdraw Replica A Replica B

44. Sub-Actions Replicate Deposit Replica A Replica B Transfer Deposit Withdraw

    Replicate Withdraw Replica A Replica B

45. Sub-Actions Replicate Deposit Replica A Replica B Transfer Deposit Withdraw

    Replicate Withdraw Replica A Replica B

46. Sub-Actions Replicate Deposit Replica A Replica B Transfer Deposit Withdraw

    Replicate Withdraw Replica A Replica B Abort

47. Sub-Actions Replicate Deposit Replica A Replica B Transfer Deposit Withdraw

    Replicate Withdraw Replica A Replica B

48. Sub-Actions Replicate Deposit Replica A Replica B Transfer Deposit Withdraw

    Replicate Withdraw Replica A Replica B

49. Sub-Actions Replicate Deposit Replica A Replica B Transfer Deposit Withdraw

    Replicate Withdraw Replica A Replica B 2PC: Abort

50. Sub-Actions “Argus runs every handler call as a sub-action…this extra

    action ensures that calls have a zero or one semantics.“ Distributed Programming in Argus

51. What if Sub-Actions try to access the same atomic object?

52. What if Sub-Actions try to access the same atomic object?

53. Read Lock: All holders of write locks on x must

    be ancestors of S Write Lock: All holders of write locks on x must be ancestors of S. Locking Rules for Sub-Actions Distributed Programming in Argus

54. Commit: S’s parent acquires S’s lock on x. If S

    holds a write lock on x, then S’s version becomes S’s parent version Abort: S’s lock and version (if any) are discarded Version Management Rules for Sub Actions Distributed Programming in Argus

55. Sub Action Locking Account Balance Object $200 Value X Y

    Z 1.5% Interest 2% Interest Read Balance

56. Account Balance Object $200 V1 $203 Value X Y Z

    1.5% Interest 2% Interest Read Balance X: Write Lock (V1) Sub Action Locking

57. Account Balance Object $200 V1 $203 V2 $207.06 Value X

    Y Z 1.5% Interest 2% Interest Read Balance X: Write Lock (V1) Y: Write Lock (V2) Sub Action Locking

58. Account Balance Object $200 V1 $203 V2 $207.06 Value X

    Y Z W 1.5% Interest 2% Interest Read Balance .5% Interest X: Write Lock (V1) Y: Write Lock (V2) Z: Read Lock (V2) Sub Action Locking

59. Account Balance Object $200 V1 $203 V2 V3 $207.06 $208.10

    Value X Y Z W 1.5% Interest 2% Interest Read Balance .5% Interest X: Write Lock (V1) Y: Write Lock (V2) Z: Read Lock (V2) W: Write Lock (V3) Sub Action Locking

60. Account Balance Object $200 V1 $203 X: Write Lock (V1)

    V2 V3 $207.06 $208.10 Value Y: Write Lock (V2) Z: Write Lock (V3) X Y Z W 1.5% Interest 2% Interest Read Balance .5% Interest Sub Action Locking

61. Account Balance Object $200 V1 $203 X: Write Lock (V1)

    V2 V3 $207.06 $208.10 Value Y: Write Lock (V3) X Y Z W 1.5% Interest 2% Interest Read Balance .5% Interest Sub Action Locking

62. Account Balance Object $200 V1 $203 X: Write Lock (V3)

    V2 V3 $207.06 $208.10 Value X Y Z W 1.5% Interest 2% Interest Read Balance .5% Interest Sub Action Locking

63. Account Balance Object $200 V1 $203 X: Write Lock (V3)

    V2 V3 $207.06 $208.10 Value Y: Write Lock (V3) Z: Write Lock (V3) X Y Z W 1.5% Interest 2% Interest Read Balance .5% Interest Sub Action Locking Two Phase Commit

64. Account Balance Object $208.10 Value X Y Z W 1.5%

    Interest 2% Interest Read Balance .5% Interest Sub Action Locking

65. Problems with Argus

66. “The concurrency that is built in to the mail system

    can lead to a number of deadlock situations” Guardians and Actions: Linguistic Support for Robust, Distributed Programs “As implemented most of the handlers can deadlock with other concurrent operations” Distributed Programming in Argus Deadlocks

67. Deadlocks “The programmer must think about deadlocks and starvation and

    implement the code to avoid them when possible" Distributed Programming in Argus

68. Blocking Calls “A new process is created to perform an

    incoming handler call …[so guardians can] have the ability to execute many request concurrently … if the guardian is running on a single-processor node, then only one process will be running at a time” Guardians and Actions: Linguistic Support for Robust, Distributed Programs

69. Blocking Calls “A new process is created to perform an

    incoming handler call …[so guardians can] have the ability to execute many request concurrently … if the guardian is running on a single-processor node, then only one process will be running at a time” Guardians and Actions: Linguistic Support for Robust, Distributed Programs Promises: linguistic support for efficient asynchronous procedure calls in distributed systems B. Liskov, L.Shrira 1988

70. So where do we go from here?

71. “Guardians allow programs to be decomposed into units of tightly

    coupled data and processing” Distributed Programming in Argus Guardians

72. Microservices

73. “Atomic actions are an important tool both for understanding what

    a system should do and for implementing it correctly” Distributed Programming in Argus

74. 2014

75. Halo 4: Statistics Service

76. 2015

77. 2015 “We focus our study on the common use of

    feral or a pplication-level, mechanisms for maintaining database integrity”

78. 2015

79. CRDT * Stolen from Chris Meiklejohn in practice

80. 2012

81. 2012 “ Spanner is the first system to distribute data

    at global scale and support externally-consistent distributed transaction”

82. 2016

83. None

84. Conclusion

85. Thank You! @caitie