experiences in building and operating epost a reliable
play

Experiences in Building and Operating ePOST, a Reliable Peer-to-Peer - PowerPoint PPT Presentation

Feb 27, 2023 •185 likes •618 views

Experiences in Building and Operating ePOST, a Reliable Peer-to-Peer Application Alan Mislove Ansley Post Andreas Haeberlen Peter Druschel Max Planck Institute for Software Systems Rice University 1 Reliable P2P

  1. Experiences in Building and Operating ePOST, a Reliable Peer-to-Peer Application Alan Mislove †‡ Ansley Post †‡ Andreas Haeberlen †‡ Peter Druschel † † Max Planck Institute for Software Systems ‡ Rice University 1

  2. Reliable P2P Systems: Myth or Reality? • For the past few years, much research interest in p2p • Highly scalable in nodes and data • Utilization of underused resources • Robust to large range of workloads and failures • Most deployed systems are not reliable [Kazaa, Skype, etc] • None attempt to store data reliably, durably, or securely • Lead some to conclude p2p can’t support reliable applications • Question: Can peer-to-peer systems provide reliable service? 2 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 2

  3. Demonstration Application: ePOST • ePOST is an email service built using decentralized components • Completely decentralized, no ‘email servers’ • Email one of the most important Internet applications • Privacy • Integrity • Durability • Availability • Wanted to develop system to a point where people rely on it 3 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 3

  4. ePOST: Deployment • Built and deployed ePOST within our group • Running for over 2 years • Processed well over 500,000 email messages • Built ePOST to be more reliable than existing email systems • 16 users used ePOST as primary email • Even my advisor! • Many challenges found by building the system • After challenges solved, provides reliable service • Robust; numerous times ePOST was only mail service working 4 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 4

  5. Rest of Talk • ePOST in detail • Challenges faced in building and deploying ePOST • Conclusion 5 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 5

  6. ePOST: Architecture • Each participating node runs mail Node servers for the local user Email • Email service looks the same to users IMAP • Data stored cooperatively on POP3 SMTP SMTP participating machines • Machines form overlay • Replicated for redundancy • All data encrypted and signed IMAP SMTP • Prevents others from reading your IMAP email SMTP 6 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 6

  7. ePOST: Architecture • Each participating node runs mail Node servers for the local user Email • Email service looks the same to users • Data stored cooperatively on participating machines • Machines form overlay • Replicated for redundancy • All data encrypted and signed • Prevents others from reading your email 6 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 6

  8. ePOST: Metadata Storage • Folders represented using logs Log Head • Entries represent changes Log Entry • All entries self-authenticating • Log head points to most recent entry Add Email #3 • Signed by owner due to mutability • Only local node has key material Delete Email #2 • All writes performed by owner Mark #2 Read • Map multi-access problem to single- Add Email #2 writer 7 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 7

  9. ePOST: Metadata Storage • Folders represented using logs Log Head • Entries represent changes Log Entry • All entries self-authenticating Add Email #4 • Log head points to most recent entry Add Email #3 • Signed by owner due to mutability • Only local node has key material Delete Email #2 • All writes performed by owner Mark #2 Read • Map multi-access problem to single- Add Email #2 writer 7 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 7

  10. ePOST: Metadata Storage • Folders represented using logs Log Head • Entries represent changes Log Entry • All entries self-authenticating Add Email #4 • Log head points to most recent entry Add Email #3 • Signed by owner due to mutability • Only local node has key material Delete Email #2 • All writes performed by owner Mark #2 Read • Map multi-access problem to single- Add Email #2 writer 7 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 7

  11. Challenges Faced 8 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 8

  12. Challenges Faced • Network partitions • Complex failure modes • NATs and firewalls • Very unsynchronized clocks • Routing anomalies • Lost key material • Node churn • Disconnected nodes • Correlated failures • Power failures • Resource consumption • Resource exhaustion • Data storage • Spam attacks on relays • Slow nodes • Java eccentricities • Hidden single points of failure • Congested links • Data corruption • PlanetLab slice deletion • Comatose nodes • ... 8 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 8

  13. Challenges Faced • Network partitions • Network partitions • Complex failure modes • NATs and firewalls • Very unsynchronized clocks • Very unsynchronized clocks • Routing anomalies • Routing anomalies • Lost key material • Node churn • Disconnected nodes • Correlated failures • Correlated failures • Power failures • Resource consumption • Resource consumption • Resource exhaustion • Data storage • Spam attacks on relays • Slow nodes • Java eccentricities • Hidden single points of failure • Congested links • Data corruption • PlanetLab slice deletion • Comatose nodes • ... 8 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 8

  14. Challenge: Network Partitions • Overlay originally had no special Node provisions for network partitions • Did not envision partitions as a significant problem • When a network failure occurs, nodes detect others to be dead • Multiple overlays reform • Network usually fails at access links • Generally one large overlay and one small overlay 9 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 9

  15. Challenge: Network Partitions • Overlay originally had no special Node provisions for network partitions • Did not envision partitions as a significant problem • When a network failure occurs, nodes detect others to be dead • Multiple overlays reform • Network usually fails at access links • Generally one large overlay and one small overlay 9 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 9

  16. Challenge: Network Partitions • Overlay originally had no special Node provisions for network partitions • Did not envision partitions as a significant problem • When a network failure occurs, nodes detect others to be dead • Multiple overlays reform • Network usually fails at access links • Generally one large overlay and one small overlay 9 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 9

  17. How frequent are partitions? 6 5 Number of Partitions 4 3 2 1 0 0 10 20 30 40 50 60 70 80 90 Time (days) • Partitions occur often in PlanetLab • Usually a single subnet (PlanetLab site) becomes partitioned 10 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 10

  18. Impact of Network Partitions Node • Tradeoff between consistency and Email availability under partitions Log Head • Well-known tradeoff • ePOST resolves this in favor of availability • Partitions cause consistency problems • Small partitions have data inaccessibility • Mutable data can diverge • Partitions persist unless action is taken 11 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 11

  19. Impact of Network Partitions Node • Tradeoff between consistency and Email availability under partitions Log Head • Well-known tradeoff • ePOST resolves this in favor of availability • Partitions cause consistency problems • Small partitions have data inaccessibility • Mutable data can diverge • Partitions persist unless action is taken ? 11 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 11

  20. Partitions: Overlay Reintegration • To reintegrate overlay Node • Nodes remember recently deceased nodes • Periodically query these nodes, and integrate missing nodes into overlay • Protocol is periodic, and therefore stable • Tested on simulated failures as well as Planetlab • Overlay heals as expected 12 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 12

  21. Partitions: Overlay Reintegration • To reintegrate overlay Node • Nodes remember recently deceased nodes • Periodically query these nodes, and integrate missing nodes into overlay • Protocol is periodic, and therefore stable • Tested on simulated failures as well as Planetlab • Overlay heals as expected 12 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 12

  22. Partitions: Data Divergence • In ePOST, log-based data structure Log Entry • Forked logs must be merged • Data divergence unlikely due to single-writer behavior • To repair logs, merge entries, cancel destructive operations Add Email #3 • Ensures no data loss Delete Email #2 Mark #2 Read Add Email #2 13 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 13

  23. Partitions: Data Divergence • In ePOST, log-based data structure Log Entry • Forked logs must be merged • Data divergence unlikely due to single-writer behavior Mark #4 Read Delete Folder Add Email #4 • To repair logs, merge entries, cancel destructive operations Add Email #3 • Ensures no data loss Delete Email #2 Mark #2 Read Add Email #2 13 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 13

Recommend

Valid and Reliable Assessment of Uncommon Learning Experiences Kim Carter

Valid and Reliable Assessment of Uncommon Learning Experiences Kim Carter

Valid and Reliable Assessment of Uncommon Learning Experiences Kim Carter kcarter@qedfoundation.org Extended Learning Opportunities Small learning environments Hands-on learning Real world, relevant learning experiences Extended

370 views • 12 slides
CS 423 Operating System Design: Reliable Storage Tianyin Xu CS 423: Operating Systems Design

CS 423 Operating System Design: Reliable Storage Tianyin Xu CS 423: Operating Systems Design

CS 423 Operating System Design: Reliable Storage Tianyin Xu CS 423: Operating Systems Design Storage is hard ; - ( In each cluster's first year, it's typical that 1,000 individual machine failures will occur; thousands of hard drive

645 views • 45 slides
CS 423 Operating System Design: Reliable Storage Professor Adam Bates CS 423: Operating

CS 423 Operating System Design: Reliable Storage Professor Adam Bates CS 423: Operating

CS 423 Operating System Design: Reliable Storage Professor Adam Bates CS 423: Operating Systems Design Storage is hard ; - ( In each cluster's first year, it's typical that 1,000 individual machine failures will occur; thousands of hard

506 views • 33 slides
Capacity Building Experiences in Least Developed Countries The Gambia Experiences Abdoulie Jammeh

Capacity Building Experiences in Least Developed Countries The Gambia Experiences Abdoulie Jammeh

Capacity Building Experiences in Least Developed Countries The Gambia Experiences Abdoulie Jammeh Ministry of Trade Introduction The Gambia participated in the past CDP DESA activities relating to: The survey on ISMs Specific to LDCs,

379 views • 11 slides
Experiences with the Amoeba Distributed Operating System (Andrew Tanenbaum, Robbert van Renesse,

Experiences with the Amoeba Distributed Operating System (Andrew Tanenbaum, Robbert van Renesse,

Faculty of Computer Science Institute for System Architecture, Operating Systems Group Experiences with the Amoeba Distributed Operating System (Andrew Tanenbaum, Robbert van Renesse, Hans van Staveren, Gregory J. Sharp) presented by Bjoern

522 views • 15 slides
CS 5150 So(ware Engineering 20. Verifica6on, Tes6ng, and Bugs William Y. Arms Building Reliable

CS 5150 So(ware Engineering 20. Verifica6on, Tes6ng, and Bugs William Y. Arms Building Reliable

Cornell University Compu1ng and Informa1on Science CS 5150 So(ware Engineering 20. Verifica6on, Tes6ng, and Bugs William Y. Arms Building Reliable Systems: Two Principles For a so:ware system to be reliable: Each stage of development must be

589 views • 37 slides
Operating a Resilient & Reliable Network Edinburgh International Conference Centre, 5 th

Operating a Resilient & Reliable Network Edinburgh International Conference Centre, 5 th

Operating a Resilient & Reliable Network Edinburgh International Conference Centre, 5 th March 2019 Welcome & Housekeeping Name Badge Agenda Welcome and housekeeping Introduction Dave McKay, Director of Operations

422 views • 24 slides
SeerSuite: Developing a Scalable and Reliable Application Framework for Building Digital

SeerSuite: Developing a Scalable and Reliable Application Framework for Building Digital

SeerSuite: Developing a Scalable and Reliable Application Framework for Building Digital Libraries by Crawling the Web Pradeep Teregowda*, Isaac Councill # , Juan Fernandez*, Shuyi Zheng*, Madian Khabsa*, C. Lee Giles* * Pennsylvania State

586 views • 31 slides
What is Unix? Unix is a multi-user Operating System Pros Intro To Unix Powerful, reliable,

What is Unix? Unix is a multi-user Operating System Pros Intro To Unix Powerful, reliable,

What is Unix? Unix is a multi-user Operating System Pros Intro To Unix Powerful, reliable, stable, secure CS-121 Cons Designed for programmers (ie not regular people) Difficult to learn at first (though not all versions) Since Then Lot

646 views • 8 slides
ABS CAPACITY-BUILDING EXPERIENCES IN SOUTH EAST ASIA ELPIDIO V. PERIA ACB-NBA Coordinator,

ABS CAPACITY-BUILDING EXPERIENCES IN SOUTH EAST ASIA ELPIDIO V. PERIA ACB-NBA Coordinator,

ABS CAPACITY-BUILDING EXPERIENCES IN SOUTH EAST ASIA ELPIDIO V. PERIA ACB-NBA Coordinator, ASEAN Center for Biodiversity 3rd Meeting of the Informal Advisory Committee on Capacity-Building to the Nagoya Protocol Montreal, Canada, 20-22

425 views • 14 slides
11/05/2016 R3TOS IN A N UTSHELL R3TOS is a Reliable Reconfigurable Real-Time Operating System.

11/05/2016 R3TOS IN A N UTSHELL R3TOS is a Reliable Reconfigurable Real-Time Operating System.

11/05/2016 R3TOS IN A N UTSHELL R3TOS is a Reliable Reconfigurable Real-Time Operating System. R3TOS O VERVIEW AND A RCHITECTURE It ease the exploitation of online specialization offered by partially reconfigurable FPGAs, combining computation

651 views • 21 slides
Course Approach You will be building your own operating system You will do it in steps

Course Approach You will be building your own operating system You will do it in steps

Course Approach You will be building your own operating system You will do it in steps INF 3150/3160 Operating Systems For each step Well define what your OS should achieve for this step Well provide you with a

705 views • 11 slides
some cRiteRia foR building Reliable bibliometRic indicatoRs foR measuRing ReseaRch peRfoRmance

some cRiteRia foR building Reliable bibliometRic indicatoRs foR measuRing ReseaRch peRfoRmance

some cRiteRia foR building Reliable bibliometRic indicatoRs foR measuRing ReseaRch peRfoRmance on data souRces, data quality and caveats in designing and applying indicatoRs wolfgang glnzel Centre for R&D Monitoring and Dept MSI, KU

465 views • 42 slides
Experiences Building InfluxDB in Go Paul Dix paul@influxdb.com @pauldix Who am I? informs my

Experiences Building InfluxDB in Go Paul Dix paul@influxdb.com @pauldix Who am I? informs my

Experiences Building InfluxDB in Go Paul Dix paul@influxdb.com @pauldix Who am I? informs my experience working with a language like Go co-founder, CEO, programmer Author Languages worked with Professionally in order VBScript Delphi

965 views • 49 slides
results and experiences Sebastian Frank Santiago Vidal SQuAT Case Study Experiences Results

results and experiences Sebastian Frank Santiago Vidal SQuAT Case Study Experiences Results

Universidad Nacional del Centro (UNICEN) Institute of Software Technology ISISTAN Research Institute Reliable Software Systems Software Engineering Group Using the CoCoME We already community case study attended for evaluating the SSP

490 views • 20 slides
Celebrating 25 years of International Collaboration and Capacity Building nSight-1: a Reliable

Celebrating 25 years of International Collaboration and Capacity Building nSight-1: a Reliable

Celebrating 25 years of International Collaboration and Capacity Building nSight-1: a Reliable nano-satellite platform for Remote Sensing Capacity Building Sias Mostert sias@scs-space.com 1 25 years of International Collaboration Satellite

756 views • 39 slides
How citizen science could contribute to building resilient communities - Recent experiences from

How citizen science could contribute to building resilient communities - Recent experiences from

How citizen science could contribute to building resilient communities - Recent experiences from Japan - Setsuko Saya Director, International Cooperation, Disaster Management Bureau Cabinet Office 15 January 2019 CSTD 2018-2019 Inter

195 views • 7 slides
Experiences with Building Domain-Specifjc Compilation Plugins in Graal ManLang17 , 28 Sep 2017

Experiences with Building Domain-Specifjc Compilation Plugins in Graal ManLang17 , 28 Sep 2017

Experiences with Building Domain-Specifjc Compilation Plugins in Graal ManLang17 , 28 Sep 2017 Colin Barrett Christos Kotselidis Foivos S. Zakkak Nikos Foutris Mikel Lujn Except where otherwise noted, this presentation is licensed under

501 views • 24 slides
Insights in building real-time experiences with WebRTC @VictorSanchez victor@mashme.tv ? What

Insights in building real-time experiences with WebRTC @VictorSanchez victor@mashme.tv ? What

Insights in building real-time experiences with WebRTC @VictorSanchez victor@mashme.tv ? What is Social video-collaboration platform Based in the cloud Integrates many tools Startup spin-off from UPM 2 ? How big is 800.000+ users in 72

384 views • 25 slides
Investor Presentation Building Reliable Kridhan Infra Limited Foundations for Tomorrow Private

Investor Presentation Building Reliable Kridhan Infra Limited Foundations for Tomorrow Private

Investor Presentation Building Reliable Kridhan Infra Limited Foundations for Tomorrow Private & Confidential Safe Harbour This presentation contains forward-looking statements which may be identified by their use of words like

438 views • 27 slides
182.704 Building Reliable Distributed Systems LU Matthias Fgger, Alexander Kler, Ulrich

182.704 Building Reliable Distributed Systems LU Matthias Fgger, Alexander Kler, Ulrich

182.704 Building Reliable Distributed Systems LU Matthias Fgger, Alexander Kler, Ulrich Schmid WS 2014 course Wireless Nodes, nesC, TinyOS The target systems Wireless motes cluster ATAVRRZ200 demonstration kit from Atmel >= 4 motes

668 views • 43 slides
Building Modern Land Administration Systems in Developed Economies Aspects and Experiences

Building Modern Land Administration Systems in Developed Economies Aspects and Experiences

Univ.-Prof. Dr.-Ing. Holger Magel Director of Institute of Geodesy, GIS and Land Management, TU Munich FIG-President on: Building Modern Land Administration Systems in Developed Economies Aspects and Experiences from Germany* at the

533 views • 32 slides
Experiences with Building an Endourology Service in Belize Dr Victor Lizarraga BCM Urology BCM

Experiences with Building an Endourology Service in Belize Dr Victor Lizarraga BCM Urology BCM

Experiences with Building an Endourology Service in Belize Dr Victor Lizarraga BCM Urology BCM Urology and Belize A long healthy relationship Over 10 years of regular visits Many patients served in the OR and in clinic Many

1.19k views • 16 slides
WHAT IS IN OUR ANNUAL OPERATING PLAN? Included: Operating Repair and Sponsored Total

WHAT IS IN OUR ANNUAL OPERATING PLAN? Included: Operating Repair and Sponsored Total

WHAT IS IN OUR ANNUAL OPERATING PLAN? Included: Operating Repair and Sponsored Total Rehabilitation Programs Operating (Including (R&R) (SPS) Budget Debt) Not Included: Capital (New Endowment Agency Funds Building and (Gifts

287 views • 11 slides

More recommend