NonBlocking Atomic Commit Ali Ghodsi UC BerkeleyKTH aligatcs
Non-Blocking Atomic Commit Ali Ghodsi – UC Berkeley/KTH alig(at)cs. berkeley. edu
Atomic Commit Problem n Problem from distributed databases q q n Atomicity of Transactions q n Want single system image (SSI) for data managers Atomic execution of transactions (A in ACID) Either all of a transaction executed or none Challenging in distributed systems q Partial failures: one node crashes midway 9/26/2021 Ali Ghodsi, alig(at)cs. berkeley. edu 2
Two Phase Commit n Two Phase Commit (2 PC) q q q n Phase 1: TM asks all DMs to prepare transaction T q n Due to Jim Gray (first Berkeley CS Ph. D) Involves a centralized transaction manager (TM) Involves a set of data managers (DM) TMs all log and flush T and reply commit/abort Phase 2: TM collects all replies q q q If every vote is commit, then send COMMIT to all DMs Else (an abort vote or failure) send ABORT to all DMs implement instruction 9/26/2021 Ali Ghodsi, alig(at)cs. berkeley. edu 3
2 PC idea and problem n Advantage of 2 PC q q q n 2 PC is partially fault-tolerant q n A DM that voted commit is ready to commit DM fails: DM replays log and commit after recovery Phase 2 is just to ensure everyone is ready to commit Can tolerate the failure of any DM 2 PC is blocking q q If TM fails and 1 DM fails before phase 2 Cannot proceed, DM maybe have committed 9/26/2021 Ali Ghodsi, alig(at)cs. berkeley. edu 4
Non-Blocking Atomic Commit n Non-Blocking Atomic Commit (NBAC) q n Three Phase Commit (3 PC) q n Resilient to failures Adds a phase to avoid 1 TM and 1 DM failure case 3 PC assumes perfect FD q q Fail-stop model (synchronous system) Too strong assumption 9/26/2021 Ali Ghodsi, alig(at)cs. berkeley. edu 5
NBAC interface n Module: q n Events q q n Name: NB-atomic-commit, as nbac Request: nbac, vote | v n Called by all nodes. v is either yes or no Indication: decide| v n v is either yes or no Property: q NBAC 1 -NBAC 4 9/26/2021 Ali Ghodsi, alig(at)cs. berkeley. edu 6
NBAC properties n NBAC 1: Termination q Every correct node eventually decides abort or commit n NBAC 2: Uniform Agreement q No two nodes decide different values n NBAC 3: Uniform validity q If commit decided, then all nodes voted yes q �if a node voted no, then abort is decided n NBAC 4: Non-triviality q If all nodes vote yes and no failures occur then decide commit q �if abort decided, then either node voted no or failure occurred 9/26/2021 Ali Ghodsi, alig(at)cs. berkeley. edu 7
![NBAC vs Consensus n Are the comparable? Equivalent? [d] n Consensus reducible (≼) to](http://slidetodoc.com/presentation_image_h2/c00ebc471d0b50b8d93537d1a7f5a5a8/image-8.jpg "NBAC vs Consensus n Are the comparable? Equivalent? [d] n Consensus reducible (≼) to")
NBAC vs Consensus n Are the comparable? Equivalent? [d] n Consensus reducible (≼) to NBAC q n Any NBAC algorithm is solving Consensus Is NBAC reducible (≼) to Consensus? q Can Consensus algorithms be used to solve NBAC? 9/26/2021 Ali Ghodsi, alig(at)cs. berkeley. edu 8
NBAC is harder than Consensus solvable with S, P, S n NBAC cannot be solved with S, P q q Cannot be solved with equiv FDs: Q, W Cannot be solved with weaker FDs: S, W Q P W S W S 9/26/2021 Ali Ghodsi, alig(at)cs. berkeley. edu 9
NBAC not solvable with P, S n Proof by contradiction, q q q n Assume it’s solvable with P (or S) Assume every node votes yes Assume p 1 immediately crashes before sending msgs Termination requires p 2 to decide abort or commit p 2 decides at time t (prefix P) in execution E Case 1: p 2 decides commit q q q Modify E to E’ so P 1 votes no, but crashes immediately Indistinguishable from original execution Validity violated (commit despite no-vote) 9/26/2021 Ali Ghodsi, alig(at)cs. berkeley. edu 10
NBAC not solvable with P, S (2) n Case 2: p 2 decides abort q Modify E to E’ so P 1 is correct after time t (prefix P) n q E’ is a valid execution with P (or S, respectively) n n n q After t, no FD suspects P 1 E’ satisfies completeness (no crash introduced) If P used, E’ satisfies eventual accuracy, P 1 never suspected after t, otherwise same accuracy as E If S used, E’ satisfies weak accuracy, only P 1 different in E’ and P 1 crashed in E, so some other node accurate in E and E’ E same as E’ until time t, must decide abort at time t n 9/26/2021 Violated non-triviality in E’, all yes, no failures, but aborted Ali Ghodsi, alig(at)cs. berkeley. edu 11
Proof intuition n Received “yes” from all but one node p 1 q n Must know p 1’s “status” accurately q q q n What to do? [d] If crashed, may decide commit or abort If voted yes and alive, must decide commit If voted no and alive, must decide abort Need accurate information about p 1 9/26/2021 Ali Ghodsi, alig(at)cs. berkeley. edu 12
Weakening NBAC to solve it n Weaken Non-Triviality n NBAC 4: Non-Triviality q n NBAC 4’: Weak Non-Triviality q n If every node votes yes, and no failures occur, commit will be decided If every node votes yes, and no failures detected, commit will be decided May abort if failure detector inaccurate q q Must still abort if DM votes “no”, (safety OK) But might abort even if DMs all vote “yes” (affects liveness) 9/26/2021 Ali Ghodsi, alig(at)cs. berkeley. edu 13
NBAC with Uniform Consensus (1) module weak_nbac(vote) (2) for i: =1 to N do (3) send<vote> to i (4) (5) (6) (7) 9/26/2021 for i: =1 to N do alive: =receive<v> from i if v=abort or alive=false (8) v: =uniform_consensus(abort) return(v) (9) (10) v: =uniform_consensus(commit) return(v) Ali Ghodsi, alig(at)cs. berkeley. edu 14
NBAC with Uniform Consensus (2) (1) module weak_nbac(vote) (2) for i: =1 to N do (3) send<vote> to i (4) (5) (6) (7) n (8) v: =uniform_consensus(abort) return(v) (9) (10) v: =uniform_consensus(commit) return(v) Termination q q q for i: =1 to N do alive: =receive<v> from i if v=abort or alive=false Nothing blocks Consensus terminates FD’s satisfy completeness (eventually detect crashes) 9/26/2021 Ali Ghodsi, alig(at)cs. berkeley. edu 15
NBAC with Uniform Consensus (3) (1) module weak_nbac(vote) (2) for i: =1 to N do (3) send<vote> to i (4) (5) (6) (7) n for i: =1 to N do alive: =receive<v> from i if v=abort or alive=false (8) v: =uniform_consensus(abort) return(v) (9) (10) v: =uniform_consensus(commit) return(v) Uniform agreement q Only decide uniform consensus outcome, which uniformly agrees 9/26/2021 Ali Ghodsi, alig(at)cs. berkeley. edu 16
NBAC with Uniform Consensus (3) (1) module weak_nbac(vote) (2) for i: =1 to N do (3) send<vote> to i (4) (5) (6) (7) n for i: =1 to N do alive: =receive<v> from i if v=abort or alive=false (8) v: =uniform_consensus(abort) return(v) (9) (10) v: =uniform_consensus(commit) return(v) Uniform validity q q If commit decided, some node voted commit (9) Must have got yes from everyone 9/26/2021 Ali Ghodsi, alig(at)cs. berkeley. edu 17
NBAC with Uniform Consensus (3) (1) module weak_nbac(vote) (2) for i: =1 to N do (3) send<vote> to i (4) (5) (6) (7) n for i: =1 to N do alive: =receive<v> from i if v=abort or alive=false (8) v: =uniform_consensus(abort) return(v) (9) (10) v: =uniform_consensus(commit) return(v) Weak Non-Triviality q q If no suspicions and everyone votes “yes”, then every node votes “commit”, line (9) Non-triviality of Consensus ensures “commit” 9/26/2021 Ali Ghodsi, alig(at)cs. berkeley. edu 18
Conclusion n Atomic Commit important for distributed DBs n 2 PC solves Atomic Commit q n Non-Blocking Atomic Commit (NBAC) q q n But is blocking 3 PC solves it, but infeasible (synchronous model) NBAC strictly harder than Consensus Practical weakening equivalent to Consensus q Allow “aborts” when timeouts occur 9/26/2021 Ali Ghodsi, alig(at)cs. berkeley. edu 19
- Slides: 19
