2.3分布式算法(3)-容错一致性

Crash: at some point the processor stops taking steps

at the processor's final step, it might succeed in sending only a subset of the messages it is supposed to send
16
配置的价


The valence of a configuration C is the set of all values decided by a nonfaulty processor in some configuration reachable from C by an admissible (failure-sparse) execution. Bivalent: set contains 0 and 1. Univalent: set contains only one value
10
Execution of Algorithm
•
round 1:
– – –
Relation to Formal Model
in channels initially deliver events compute events due to previous compute events deliver events compute events
11
算法正确性证明
Termination: By the code, finish in round f+1.
Validity: Holds since processors do not introduce spurious messages: if all inputs are the same, then that is the only value ever in circulation.
q1
round 1
q2
round 2
…
qf
round f
qf+1
round f+1
pj
pi

There are f + 1 faulty processors in this chain, a contradiction.
13
Performance of Crash Consensus Algorithm
send my input receive round 1 msgs compute value for v send v (if this is a new value) receive round 2 msgs compute value for v
•
round 2:
– – –
• •
… round f + 1:
9
损毁故障的一致性算法
Code for each processor:
v := my input at each round 1 through f+1: if I have not yet sent v then send v to all wait to receive messages for this round v := minimum among all received values and current value of v if this is round f+1 then decide on v
15
故障稀疏的执行



Bad behavior for the crash algorithm was when there was one crash per round. A failure-sparse execution has at most one crash per round. We will deal exclusively with failure-sparse executions in this proof.

In synchronous case: once a faulty processor fails to take a step in a round, it takes no more steps.

In a faulty processor's last step, an arbitrary subset of the processor's outgoing messages make it into the channels.
– – – –
send v (if this is a new value) receive round f + 1 msgs compute value for v decide v
due to previous compute events deliver events compute events part of compute events


Number of processors n > f f + 1 rounds at most n2 •|V| messages, where V is the input set.
14
轮数下界
Assumptions: n > f + 1 every processor is supposed to send a message to every other processor in every round Input set is {0,1}

Atomic Broadcast


All processes receive the same set of messages coming from correct processes only Can be used to implement consensus, vice versa
2
Processor Failures in Message Passing


Multi-valued inputs:

input vector 1,2,3,2,1

decision can be 1 or 2 or 3
5
Modeling Crash Failures
Biblioteka Baidu

Modify failure-free definitions of admissible execution to accommodate crash failures: All but a set of at most f processors (the faulty ones) taken an infinite number of steps.
total number of processors message size
f+1
f+1 polynomial
8
f+1
3f + 1 polynomial
Overview of Consensus Results


Impossible in asynchronous case. Even if we only want to tolerate a single crash failure. True both for message passing and shared read-write memory.
4
一致性的例子

Binary inputs:

input vector 1,1,1,1,1

decision must be 1

input vector 0,0,0,0,0

decision must be 0
decision can be either 0 or 1

input vector 1,0,0,1,0

0-valent configuration

A configuration in which every reachable decided configuration is a 0-decide

1-valent configuration

A configuration in which every reachable decided configuration is a 1-decide

0-valent or 1-valent
17
配置的价

0-decided configuration

A configuration with decide ”0” on some process

1-decided configuration

A configuration with decide ”1” on some process
6
Modeling Byzantine Failures


Modify failure-free definitions of admissible execution to accommodate Byzantine failures: A set of at most f processors (the faulty ones) can send messages with arbitrary content and change state arbitrarily (i.e., not according to their transition functions).

Byzantine: processor changes state arbitrarily and sends messages with arbitrary content
3
一致性问题



Every processor has an input. Termination: Eventually every nonfaulty processor must decide on a value. Agreement: All decisions by nonfaulty processors must be the same. Validity: If all inputs are the same, then the decision of a nonfaulty processor must equal the common input.
分布协同计算基础
第二章:
容错一致性
张锡哲 副教授 计算机应用技术研究所 东北大学信息科学与工程学院
Consensus problems

Consensus problems very important in DS

Distributed Databases


All processes must agree whether to commit or abort a transaction If any process says abort, all processes should abort
7
Overview of Consensus Results

Synchronous system At most f faulty processors Tight bounds for message passing:
crash failures Byzantine failures
number of rounds

Bivalent configuration

A configuration which can reach a 0-decided and 1-decided configuration
18
Definitions Illustrated 1(4)

0-decided configuration
12
算法正确性证明
Agreement: Suppose in contradiction pj decides on a smaller value, x, than does pi. Then x was hidden from pi by a chain of faulty processors:

A configuration with decide ”0” on some process
0-decided configuration { STATE2, P1 state2 P2 state5 P3 decide0
At least of one them is in state DECIDE-0