Configurable fault-tolerant distributed services

Abstract

Fault tolerance--that is, the ability of a system to continue providing its specified service despite failures--is becoming more important as computers are increasingly used in application areas such as process control, air-traffic control, and banking. Distributed systems, consisting of computers connected by a network, are an important platform for many fault-tolerant systems. Unfortunately, it is difficult to construct fault-tolerant distributed software, so communication services such as multicast, RPC, membership, and transactions have been proposed as simplifying abstractions. However, although numerous versions of these services have been defined, no single implementation provides a perfect match for all applications and all execution environments. This dissertation presents an approach to constructing highly configurable fault-tolerant services. A new model is proposed where a service is composed out of microprotocol objects, each of which implements an individual semantic property of the overall service. This makes it easy to construct different customized versions of a service with properties tailored to the specifics of an application. The model allows micro-protocols to cooperate using user-definable events and shared variables, making the model more flexible than existing approaches. Three prototype implementations of the model are also described. In addition, a new approach is introduced for specifying abstract properties of services using temporal logic over message ordering graphs, which are abstract representations of collections of messages on each site. Furthermore, the problem of which combinations of properties or corresponding micro-protocols are feasible is addressed by defining relations that identify those combinations that result in a functioning service. Dependency and configuration graphs are presented as tools for constructing operational configurations. This new approach is used to develop configurable membership and group RPC services. Furthermore, the system diagnosis problem is contrasted with membership, and new membership and system diagnosis algorithms are derived based on the observations. Finally, the dissertation presents an application of the event-driven model to adaptive systems that dynamically change their behavior as a result of changes in the execution environment or user requirements.