reliability at scale
play

Reliability at Scale A tale of Amazon Dynamo Presented by Yunhe Liu - PowerPoint PPT Presentation

Dec 24, 2022 •160 likes •602 views

Reliability at Scale A tale of Amazon Dynamo Presented by Yunhe Liu @ CS6410 Fall19 Slides referenced and borrowed from Max & Zhen P2P Systems: Storage [2017], VanHattum [2018] Dynamo: Amazons Highly Available Key-value Store

  1. Reliability at Scale A tale of Amazon Dynamo Presented by Yunhe Liu @ CS6410 Fall’19 Slides referenced and borrowed from Max & Zhen “P2P Systems: Storage” [2017], VanHattum [2018]

  2. Dynamo: Amazon’s Highly Available Key-value Store Giuseppe DeCandia, Deniz Hastorun, Madan Jampani, Gunavardhan Kakulapati, Avinash Lakshman, Alex Pilchin, Swaminathan Sivasubramanian, Peter Vosshall and Werner Vogels Amazon.com

  3. Authors Giuseppe DeCandia (Cornell Alum: BS & MEng ’99) Deniz Hastorun Madan Jampani Gunavardhan Kakulapati Avinash Lakshman (Authored Cassandra) Alex Pilchin Swaminathan Sivasubramanian (Amazon AI VP) Werner Vogels Cornell → Amazon Peter Vosshall Werner Vogels (Cornell, Amazon VP, CTO)

  4. Motivation: No Service Outage ● Amazon.com, one of the largest e-commerce operations ● Slightest outage has: ○ significant financial consequences Outage... ○ impacts customer trust Image source: https://www.flickr.com/photos/memebinge/15740988434

  5. Challenge: Reliability at Scale A key-value storage system that provide an “always-on” experience at massive scale .

  6. Challenge: Reliability at Scale A key-value storage system that provide an “always-on” experience at massive scale . ● Tens of thousands of servers and network components ● Small and large components fail continuously (extreme case: tornadoes can striking data centers)

  7. Challenge: Reliability at Scale A key-value storage system that provide an “always-on” experience at massive scale . ● Service Level Agreements (SLA): e.g. 99.9th percentile of delay < 300ms ● Users must be able to buy -> always writable!

  8. Challenge: Reliability at Scale A key-value storage system that provide an “always-on” experience at massive scale . ● Given Partition tolerance: has to pick between A and C.

  9. Solution: Sacrifice Consistency ● Eventually consistent ● Always writeable: allow conflicts ● Conflict resolution on reads ○ Defer to applications ○ Defaults to “last write wins”

  10. Design ● Interface ● Partitioning ● Replication ● Sloppy quorum ● Versioning ● Handling permanent failures ● Membership and Failure Detection

  11. Design ● Interface ● Partitioning ● Replication ● Sloppy quorum ● Versioning ● Handling permanent failures ● Membership and Failure Detection

  12. Interface ● Key/value treated as opaque array of bytes. ● Context encodes system metadata, for conflict resolution.

  13. Design ● Interface ● Partitioning ● Replication ● Sloppy quorum ● Versioning ● Handling permanent failures ● Membership and Failure Detection

  14. Partitioning ● Goal: load balancing ● Consistent hashing across ring ● Nodes responsible for regions ○ Region: between the node and its processor. ● Unlike Chord: no fingers

  15. Partitioning ● Advantages: ○ Decentralized find ○ Join, leave have minimum impact (incremental scalability) ● Disadvantages: ○ Random position assignment for (k,v) instead of uniform ○ No server heterogeneity

  16. Partitioning ● To address non-uniform distribution and node heterogeneity: Virtual Nodes ! ● Nodes gets several, smaller key ranges instead of a big one

  17. Design ● Interface ● Partitioning ● Replication ● Sloppy quorum ● Versioning ● Handling permanent failures ● Membership and Failure Detection

  18. Replication ● Coordinator node replicatess k at N - 1 successors ○ N: # of replicas ○ Skip positions to avoid replicas on the same physical node ● Preference list ○ All nodes that stores k ○ More than N in node preference list for fault tolerance

  19. Design ● Interface ● Partitioning ● Replication ● Sloppy quorum ● Versioning ● Handling permanent failures ● Membership and Failure Detection

  20. Sloppy Quorum ● Quorum-like System: R + W > N ○ N - number of replicas ○ R - minimum # of responses for get ○ W - minimum # of responses for put ● Why require R + W > N? ○ What is the implication of having a larger R? ○ What is the implication of having a larger W?

  21. Sloppy Quorum ● “Sloppy quorum” ○ Does not enforce strict quorum membership ○ Ask first N healthy nodes from preference list ○ R and W configurable ● Temporary failure handling ○ Do not block waiting for unreachable nodes ○ Put should always succeed (set W to 1). Again, always writable. ○ Get should have high probability of seeing most recent put(s)

  22. Sloppy Quorum: Conflict Case Can you come up with a conflict case with the following parameters: 1) N = 3, W = 2, W = 2 2) Preference list: B, C, D, E 3) Client0 performs put(k, v) 4) Client1 performs put(k, v’)

  23. Sloppy Quorum: Eventual Consistency ● Allow divergent replica ○ Allow reads to see stale or conflicting data ○ Application can decide the best way to resolve conflict. ○ Resolve multiple versions when failures go away(gossip!)

  24. Design ● Interface ● Partitioning ● Replication ● Sloppy quorum ● Versioning ● Handling permanent failures ● Membership and Failure Detection

  25. Versioning ● Eventual Consistency ○ Updates propagates to all replicas asynchronously ○ A put() can return before all replicas update ○ Subsequent get() may return data without latest updates. ● Versioning ○ Most recent state is not available, write to a state without latest updates. ○ Treat each modification as a new and immutable version of the data. ○ Uses vector clocks to capture causality between different versions of same data.

  26. System design: Versioning ● Vector clock (node, counter) ● Syntactic Reconciliation: ○ Versions has causal order ○ Pick later version ● Semantic Reconciliation: ○ Versions does not have casual order ○ Client application perform reconciliation.

  27. Design ● Interface ● Partitioning ● Replication ● Sloppy quorum ● Versioning ● Handling permanent failures ● Membership and Failure Detection

  28. Handling permanent failures ● Replica becomes unavailable. ○ Replica synchronization is needed.

  29. Handling permanent failures ● Anti-entropy (replica synchronization) protocol ○ Using Merkle trees. ● Merkle Tree ○ Leaf node: Hash of data (individual keys) ○ Parent node: hash of children nodes. ○ Efficient data transfer for comparison: Just the root!

  30. Design ● Interface ● Partitioning ● Replication ● Sloppy quorum ● Versioning ● Handling permanent failures ● Membership

  31. Membership: Adding Node ● Explicit mechanism by admin

  32. Membership: Adding Node ● Explicit mechanism by admin ● Propagated via gossip ○ Pull random peer every 1s

  33. Membership: Adding Node ● Explicit mechanism by admin ● Propagated via gossip ○ Pull random peer every 1s ● “Seeds” to avoid partitions

  34. Membership: Detect/Remove Failed Nodes ● Local failure detection

  35. Membership: Detect/Remove Failed Nodes ● Local failure detection ● Use alternative nodes in preference list

  36. Membership: Detect/Remove Failed Nodes ● Local failure detection ● Use alternative nodes in preference list ● Periodic retry

  37. Design Summary

  38. Evaluation “Experiences & Lessons Learned”

  39. Latency: “Always-on” Experience

  40. Flexible N, R, W ● The main advantage of Dynamo” is flexible N, R, W ● Many internal Amazon clients, varying parameters ○ (N-R-W) ○ (3-2-2) : default; reasonable R/W performance, durability, consistency ○ (3-3-1) : fast W, slow R, not very durable ○ (3-1-3) : fast R, slow W, durable

  41. Balancing

  42. Conclusion 1. Combines well-known systems protocols into highly available database. 2. Achieved reliability at massive-scale. 3. Gives client application high configurability. 4. Conflict resolution not an issue in practice.

  43. Acknowledgement 1. Dynamo (DeCandia et al., 2007) 2. P2P Systems: Storage (Max & Zhen, 2017) 3. P2P Systems: Storage (VanHattum, 2018)

Recommend

Reliability of Cloud-Scale Systems (CS 598) Fall 2018 Tianyin Xu 1 Reliability of Cloud-Scale

Reliability of Cloud-Scale Systems (CS 598) Fall 2018 Tianyin Xu 1 Reliability of Cloud-Scale

Reliability of Cloud-Scale Systems (CS 598) Fall 2018 Tianyin Xu 1 Reliability of Cloud-Scale Systems Reliability of Large-Scale Systems Reliability of Computer Systems (CS 598) Fall 2018 Tianyin Xu 1 Reliability of Cloud-Scale Systems

551 views • 36 slides
Reliability Engineering - Discussions and Clarifications Reliability Engineering VS.

Reliability Engineering - Discussions and Clarifications Reliability Engineering VS.

Mission Success Starts with Safety Reliability Engineering - Discussions and Clarifications Reliability Engineering VS. Probabilistic Risk Assessment (PRA) Reliability Prediction VS. Reliability Demonstration Design Reliability VS. Process

783 views • 20 slides
- Reliability - Reliability What It Is, Why, and How Jason Nicholas, Ph.D. November 13,

- Reliability - Reliability What It Is, Why, and How Jason Nicholas, Ph.D. November 13,

- Reliability - Reliability What It Is, Why, and How Jason Nicholas, Ph.D. November 13, 2008 Objective - Introduction to reliability - Meeting requirements of Body of Evidence guidelines for consistency Evaluation Criteria for Body

914 views • 66 slides
ETL pipeline to achieve reliability at scale By Isabel Lpez Andrade Accounting at Smarkets

ETL pipeline to achieve reliability at scale By Isabel Lpez Andrade Accounting at Smarkets

ETL pipeline to achieve reliability at scale By Isabel Lpez Andrade Accounting at Smarkets Accounting at Smarkets Reports generated daily using transactions from the exchange. In 2013, the average number of daily transactions was under

818 views • 26 slides
Software Reliability Categorizing and specifying the reliability of software systems CS 422

Software Reliability Categorizing and specifying the reliability of software systems CS 422

Chapter 18 Chapter 18 Software Reliability Learning Objective ... Define the basic principles underlying software reliability engineering (metrics, measurement, and prediction) Frederick T Sheldon Assistant Professor of Computer Science

435 views • 14 slides
Reliability Perspectives on Clean Power Plan Implications NERC Reliability Assessments John Moura

Reliability Perspectives on Clean Power Plan Implications NERC Reliability Assessments John Moura

Reliability Perspectives on Clean Power Plan Implications NERC Reliability Assessments John Moura Director, Reliability Assessment and System Analysis June 22, U.S. Energy Association About NERC: Mission To ensure the reliability of the North

507 views • 32 slides
Understanding SSD Reliability in Large-Scale Cloud Systems Erci Xu Mai Zheng Feng Qin Yikang

Understanding SSD Reliability in Large-Scale Cloud Systems Erci Xu Mai Zheng Feng Qin Yikang

Understanding SSD Reliability in Large-Scale Cloud Systems Erci Xu Mai Zheng Feng Qin Yikang Xu Jiesheng Wu Ohio State Iowa State Ohio State Aliyun Aliyun University University University Alibaba Alibaba Flash-Based Solid-Stata

709 views • 23 slides
An Inside Look at Electric Reliability 2018 Electric Reliability Report Stockton, California

An Inside Look at Electric Reliability 2018 Electric Reliability Report Stockton, California

An Inside Look at Electric Reliability 2018 Electric Reliability Report Stockton, California December 13, 2019 Delivering Safe and Reliable Electric Service Steven Calvert P.E. Senior Manager, Electric System Reliability Agenda Safety and

438 views • 22 slides
Macro-Reliability in Win32 Exploits A la conquete du monde... Kostya Kortchinsky

Macro-Reliability in Win32 Exploits A la conquete du monde... Kostya Kortchinsky

Macro-Reliability in Win32 Exploits A la conquete du monde... Kostya Kortchinsky http://www.immunityinc.com/ Agenda Problems with large scale exploitation Immunity's Solutions Common Addresses Remote Language Fingerprinting

874 views • 43 slides
System Reliability Regulation: System Reliability Regulation: A Jurisdictional Survey A

System Reliability Regulation: System Reliability Regulation: A Jurisdictional Survey A

System Reliability Regulation: System Reliability Regulation: A Jurisdictional Survey A Jurisdictional Survey Lawrence Kaufmann, Senior Advisor Pacific Economics Group Stakeholder Conference Reliability Regulation Toronto, Ontario October 15,

567 views • 34 slides
Quest for Reliability Ankush Malhotra VP &amp; GM of Fluke Reliability Speaker Bio Ankush

Quest for Reliability Ankush Malhotra VP &amp; GM of Fluke Reliability Speaker Bio Ankush

Quest for Reliability Ankush Malhotra VP &amp; GM of Fluke Reliability Speaker Bio Ankush Malhotra Vice President &amp; General Manager, Fluke Reliability Solutions 13 years at Fluke Corporation Held positions across the organization, Product,

137 views • 9 slides
Human-friendly DNS powered by Golang We love to work in a casual environment that energizes us to

Human-friendly DNS powered by Golang We love to work in a casual environment that energizes us to

Human-friendly DNS powered by Golang We love to work in a casual environment that energizes us to revolutionize the fitness industry. Site Reliability Engineering @ eGym Scale Site Reliability Engineering @ eGym Site Reliability

518 views • 31 slides
NUC-001-1 Reliability Standard Update April 8, 2008 Keith ONeal Office of Electric

NUC-001-1 Reliability Standard Update April 8, 2008 Keith ONeal Office of Electric

NUC-001-1 Reliability Standard Update April 8, 2008 Keith ONeal Office of Electric Reliability Overview Introduction FERCs role in establishing mandatory Reliability Standards Processing Reliability Standard filings at

95 views • 5 slides
Presentation on Reliability Data Analysis and Modelling Software by Reliasoft &amp; Reliability

Presentation on Reliability Data Analysis and Modelling Software by Reliasoft &amp; Reliability

Presentation on Reliability Data Analysis and Modelling Software by Reliasoft &amp; Reliability Expert Center ME Department is committed to adequate training and preparation of students for their future career in the industry by inviting speakers

369 views • 3 slides
Bayesian Methods in Reliability Engineering ASQ Reliability Division Webinar Program Nov 15 th

Bayesian Methods in Reliability Engineering ASQ Reliability Division Webinar Program Nov 15 th

Bayesian Methods in Reliability Engineering ASQ Reliability Division Webinar Program Nov 15 th 2012 Charles H. Recchia, MBA, PhD Quality Support Group, Inc http://www.qualitysupportgroup.com/ B AYESIAN M ETHODS IN R ELIABILITY E NGINEERING With

759 views • 49 slides
Reliability matters We believe that by listening carefully to customer needs, applying expert

Reliability matters We believe that by listening carefully to customer needs, applying expert

Reliability matters We believe that by listening carefully to customer needs, applying expert experience, implementing world class technology and certified training, we can solve complex reliability problems. rms-reliability.com 3

137 views • 12 slides
The Future of Reliability: Stanton Energy Reliability Center DCBO Bidders Conference

The Future of Reliability: Stanton Energy Reliability Center DCBO Bidders Conference

The Future of Reliability: Stanton Energy Reliability Center DCBO Bidders Conference September 5, 2018 1 Stanton Energy Reliability Center Project Ownership The Stanton Energy Reliability Center (SERC) is being developed by

236 views • 19 slides
Basics of Traditional Reliability Where we are going N Basic Definitions N Life and times of a

Basics of Traditional Reliability Where we are going N Basic Definitions N Life and times of a

Basics of Traditional Reliability Where we are going N Basic Definitions N Life and times of a Fault N Reliability Models N N-Modular redundant systems Definitions N RELIABILITY: SURVIVAL PROBABILITY When repair is costly or function is

411 views • 15 slides
Trends in Managing Data at the Petabyte Scale Steve Kleiman Sr. VP &amp; CTO Before we

Trends in Managing Data at the Petabyte Scale Steve Kleiman Sr. VP &amp; CTO Before we

Trends in Managing Data at the Petabyte Scale Steve Kleiman Sr. VP &amp; CTO Before we begin Disk reliability SIGMETRICS 07: An Analysis of Latent Sector Errors in Disk Drives Lakshmi Bairavasundaram, Garth Goodson, Jiri

684 views • 21 slides
Reliability: Serial interconnections: Thus: Reliability of a generic component i :

Reliability: Serial interconnections: Thus: Reliability of a generic component i :

Evaluate the reliability and the availability of a system composed of three CPUs (working in parallel and whose output is given by a voter), a RAID 1 storage system with 4+4 disks three buses (working in parallel and whose outputs are given by

190 views • 3 slides
Reliability from the ground up Designing for 5 9s Astrid Atkinson, June 2018 What do we mean

Reliability from the ground up Designing for 5 9s Astrid Atkinson, June 2018 What do we mean

Reliability from the ground up Designing for 5 9s Astrid Atkinson, June 2018 What do we mean when we talk about reliability? Reliability, n. - the quality of being trustworthy or of performing consistently well. Resilience, n. - the capacity to

498 views • 31 slides
Methods to Enhance the PUF Reliability of Key Generation from PUFs J.-L.Danger, F . Lozach,

Methods to Enhance the PUF Reliability of Key Generation from PUFs J.-L.Danger, F . Lozach,

Methods to Enhance the PUF Reliability of Key Generation from PUFs J.-L.Danger, F . Lozach, Z. Cherif PROOFS14, Busan, South Korea Introduction to PUF and its reliability Methods to improve the reliability Experimental results

462 views • 22 slides
Reliability Considerations Associated with Envisioning a Low-Carbon 2050 Presented to the NYS

Reliability Considerations Associated with Envisioning a Low-Carbon 2050 Presented to the NYS

Reliability Considerations Associated with Envisioning a Low-Carbon 2050 Presented to the NYS Climate Action Council June 2010 Curt J. Dahl, P.E. New York State Reliability Council 1 1 NYSRC Reliability Concerns Related to Low Carbon 2050

331 views • 16 slides
Roots of all-terminal reliability and node reliability polynomials Lucas Mol Joint work with

Roots of all-terminal reliability and node reliability polynomials Lucas Mol Joint work with

B ACKGROUND B OUNDING THE R OOTS R EALNESS OF THE R OOTS C LOSURE IN THE C OMPLEX P LANE C ONCLUSION Roots of all-terminal reliability and node reliability polynomials Lucas Mol Joint work with Jason Brown (Dalhousie) CanaDAM June 13, 2017

955 views • 68 slides

More recommend