consensus
play

CONSENSUS Fall 2012 Ken Birman Consensus a classic problem - PowerPoint PPT Presentation

Aug 25, 2023 •149 likes •511 views

IMPOSSIBILITY OF CONSENSUS Fall 2012 Ken Birman Consensus a classic problem Consensus abstraction underlies many distributed systems and protocols N processes They start execution with inputs {0,1} Asynchronous,

  1. IMPOSSIBILITY OF CONSENSUS Fall 2012 Ken Birman

  2. Consensus… a classic problem  Consensus abstraction underlies many distributed systems and protocols  N processes  They start execution with inputs  {0,1}  Asynchronous, reliable network  At most 1 process fails by halting (crash)  Goal: protocol whereby all “decide” same value v , and v was an input

  3. Distributed Consensus Jenkins, if I want another yes- man, I’ll build one! Lee Lorenz, Brent Sheppard

  4. Asynchronous networks  No common clocks or shared notion of time (local ideas of time are fine, but different processes may have very different “clocks”)  No way to know how long a message will take to get from A to B  Messages are never lost in the network

  5. Quick comparison… Asynchronous model Real world Reliable message passing, Just resend until acknowledged; unbounded delays often have a delay model No partitioning faults (“wait until May have to operate “during” over”) partitioning No clocks of any kinds Clocks but limited sync Crash failures, can’t detect Usually detect failures with reliably timeout

  6. Fault-tolerant protocol  Collect votes from all N processes  At most one is faulty, so if one doesn’t respond, count that vote as 0  Compute majority  Tell everyone the outcome  They “decide” (they accept outcome)  … but this has a problem! Why?

  7. What makes consensus hard?  Fundamentally, the issue revolves around membership  In an asynchronous environment, we can’t detect failures reliably  A faulty process stops sending messages but a “slow” message might confuse us  Yet when the vote is nearly a tie, this confusing situation really matters

  8. Fischer, Lynch and Patterson  A surprising result  Impossibility of Asynchronous Distributed Consensus with a Single Faulty Process  They prove that no asynchronous algorithm for agreeing on a one-bit value can guarantee that it will terminate in the presence of crash faults  And this is true even if no crash actually occurs!  Proof constructs infinite non-terminating runs

  9. Core of FLP result  They start by looking at a system with inputs that are all the same  All 0’s must decide 0, all 1’s decides 1  Now they explore mixtures of inputs and find some initial set of inputs with an uncertain (“bivalent”) outcome  They focus on this bivalent state

  10. Self-Quiz questions  When is a state “univalent” as opposed to “bivalent”?  Can the system be in a univalent state if no process has actually decided?  What “causes” a system to enter a univalent state?

  11. Self-Quiz questions  Suppose that event e moves us into a univalent state, and e happens at p .  Might p decide “immediately?  Now sever communications from p to the rest of the system. Both event e and p ’s decision are “hidden”  Does this matter in the FLP model?  Might it matter in real life?

  12. Bivalent state S * denotes bivalent state S 0 denotes a decision 0 state S 1 denotes a decision 1 state System starts in S * Events Events can take it can take it to state S 0 to state S 1 Sooner or later all executions Sooner or later all executions decide 0 decide 1

  13. Bivalent state e is a critical event that System takes us from a bivalent to a univalent state: starts in S * eventually we’ll “decide” 0 e Events Events can take it can take it to state S 0 to state S 1

  14. Bivalent state They delay e and show System that there is a situation in which the system will starts in S * return to a bivalent state Events Events can take it can take it to state S 0 to state S 1 S ’ *

  15. Bivalent state System starts in S * In this new state they show that we can deliver e and that now, the new Events Events state will still be bivalent! can take it can take it to state S 0 to state S 1 S ’ * e S ’’ *

  16. Bivalent state System starts in S * Notice that we made the system do some work and yet it ended up back in an “uncertain” state. We can Events Events do this again and again can take it can take it to state S 0 to state S 1 S ’ * e S ’’ *

  17. Core of FLP result in words  In an initially bivalent state, they look at some execution that would lead to a decision state, say “0”  At some step this run switches from bivalent to univalent, when some process receives some message m  They now explore executions in which m is delayed

  18. Core of FLP result  Initially in a bivalent state  Delivery of m would cause a decision, but we delay m  They show that if the protocol is fault-tolerant there must be a run that leads to the other univalent state  And they show that you can deliver m in this run without a decision being made

  19. Core of FLP result  This proves the result: a bivalent system can be forced to do some work and yet remain in a bivalent state.  We can “pump” this to generate indefinite runs that never decide  Interesting insight: no failures actually occur (just delays). FLP attacks a fault-tolerant protocol using fault-free runs!

  20. Intuition behind this result?  Think of a real system trying to agree on something in which process p plays a key role  But the system is fault-tolerant: if p crashes it adapts and moves on  Their proof “tricks” the system into treating p as if it had failed, but then lets p resume execution and “rejoin”  This takes time… and no real progress occurs

  21. Constable’s version of the FLP result  He reworks the FLP proof, but using the NuPRL logic  A completely constructive (“intuitionist”) logic  A proof takes the form of code that computes the property that was proved to hold  In this constructive FLP proof, we actually see the system reconfigure to disseminate a kind of configuration: “Colin is faulty, don’t count his vote”

  22. Constable’s version of the FLP result  Now Colin resumes communication but Theo goes silent… we need to tolerate 1 failure (Theo) and are required to count Colin’s vote  Constable shows that FLP must reconfigure for this new state before it can decide  These steps take time… and this proves the result!

  23. But what did “impossibility” mean?  So… consensus is impossible!  In formal proofs, an algorithm is totally correct if  It computes the right thing  And it always terminates  When we say something is possible, we mean “there is a totally correct algorithm” solving the problem

  24. But what did “impossibility” mean?  FLP proves that any fault-tolerant algorithm solving consensus has runs that never terminate  These runs are extremely unlikely (“probability zero”)  … but imply that we can’t find a totally correct solution  “consensus is impossible ” thus means “consensus is not always possible ”

  25. Solving consensus  Systems that “solve” consensus often use a group membership service: a “GMS”  This GMS functions as an oracle, a trusted status reporting function  GMS service implements a protocol such as Paxos.  In the resulting virtual world, failure is a notification event reliably delivered by the GMS to the system members  FLP still applies to the combined system

  26. Chandra and Toueg  This work formalizes the notion of a failure detection service  We have a failure detection component that reports on “suspected” failures. Implementation is a black box  Consensus protocol that consumes these events and seeks to achieve a consensus decision, fault-tolerantly  Can we design a protocol that makes progress “whenever possible”?  What is the weakest failure detector for which consensus is always achieved?

  27. Motivation 27 Process Process Consensus Consensus Unreliable Unreliable Failure Failure Detector Detector part. synchronous network asynchronous network

  28. Introduction and system model 28  Unreliable Failure Detector: distributed oracle that provides (possibly incorrect) hints about the operational status of other processes  Abstractly characterized in terms of two properties: completeness and accuracy  Completeness characterizes the degree to which failed processes are suspected by correct processes  Accuracy characterizes the degree to which correct processes are not suspected, i.e., restricts the false suspicions that a failure detector can make

  29. Introduction and system model 29

  30. Introduction and system model 30  System model:  partially synchronous distributed system  finite set of processes  = {p1, p2, ..., pn}  crash failure model (no recovery). A process is correct if it never crashes  communication only by message-passing (no shared memory)  reliable channel connecting every pair of processes (fully connected system)

  31. Introduction and system model 31  Chandra- Toueg’s implementation of  P:  each process periodically sends an I-AM-ALIVE message to all the processes  upon timeout, suspect. If, later on, a message from a suspected process is received, then stop suspecting it and increase its timeout period  Performance analysis (n processes, C correct):  Number of messages sent in a period: n*(n-1)  Size of messages:  ( log n) bits to represent id’s  Information exchanged in a period:  (n 2 log n) bits

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Consensus and Dissent or: Meta - Consensus Consensus about what we have consensus

Consensus and Dissent or: Meta - Consensus Consensus about what we have consensus

Consensus and Dissent or: Meta - Consensus Consensus about what we have consensus on Building on Bitcoin Lisboa, Portugal -- 4 July 2018 Paul Sztorc Twitter: @truthcoin paul@tierion.com 16C8 1597 E76E 86E6 C01E F037 AA4B 3330

619 views • 37 slides
Consensus Building Consensus is Consensus is finding an acceptable proposal that all members

Consensus Building Consensus is Consensus is finding an acceptable proposal that all members

Consensus Building Consensus is Consensus is finding an acceptable proposal that all members can support. Consensus is not A unanimous vote A majority vote Everyone 100% satisfied Consensus requires Time Active

351 views • 7 slides
Distributed Algorithms (PhD course) Consensus SARDAR MUHAMMAD SULAMAN Consensus The

Distributed Algorithms (PhD course) Consensus SARDAR MUHAMMAD SULAMAN Consensus The

Distributed Algorithms (PhD course) Consensus SARDAR MUHAMMAD SULAMAN Consensus The processes use consensus to agree on a common value out of values they initially propose Reaching consensus is one of the most fundamental problems in

591 views • 38 slides
1 What makes consensus hard? Fischer, Lynch and Patterson Fundamentally, the issue revolves

1 What makes consensus hard? Fischer, Lynch and Patterson Fundamentally, the issue revolves

Consensus a classic problem Consensus, impossibility Consensus abstraction underlies many results and Paxos distributed systems and protocols N processes They start execution with inputs { 0,1} Ken Birman Asynchronous,

255 views • 8 slides
When Aeron Met Raft Martin Thompson - @mjpt777 What does Consensus mean? consensus

When Aeron Met Raft Martin Thompson - @mjpt777 What does Consensus mean? consensus

Cluster Consensus When Aeron Met Raft Martin Thompson - @mjpt777 What does Consensus mean? consensus noun \ k n- sen(t)-s s \ : general agreement : unanimity Source: http://www.merriam-webster.com/ consensus noun \ k

1.14k views • 68 slides
Lecture 21: Consensus - 1 1 Consensus is agreement. A question is seen as settled. Sometimes a

Lecture 21: Consensus - 1 1 Consensus is agreement. A question is seen as settled. Sometimes a

HPSC 1001/1901/2101/2901 WHAT IS THIS THING CALLED SCIENCE? Semester 2, 2020 Lecture 21: Consensus - 1 1 Consensus is agreement. A question is seen as settled. Sometimes a topic is no longer discussed, as the evidence is agreed to be

456 views • 33 slides
Consensus in Distributed Systems Jeff Chase Duke University Consensus P 1 P 1 v 1 d 1

Consensus in Distributed Systems Jeff Chase Duke University Consensus P 1 P 1 v 1 d 1

Consensus in Distributed Systems Jeff Chase Duke University Consensus P 1 P 1 v 1 d 1 Unreliable Consensus multicast algorithm P 2 P 3 P 2 P 3 v 2 d 2 v 3 d 3 Step 1 Step 2 Propose. Decide. Generalizes to N nodes/processes.

334 views • 10 slides
Distributed Algorithms (PhD course) Consensus SARDAR MUHAMMAD SULAMAN Consensus (Recapitulation)

Distributed Algorithms (PhD course) Consensus SARDAR MUHAMMAD SULAMAN Consensus (Recapitulation)

Distributed Algorithms (PhD course) Consensus SARDAR MUHAMMAD SULAMAN Consensus (Recapitulation) A consensus abstraction is specified in terms of two events: 1. Propose ( propose | v ) Each process has an initial value v that it proposes

636 views • 45 slides
Consensus: Paxos Haobin Ni Oct 22, 2018 What is consensus? A group of people go to the same

Consensus: Paxos Haobin Ni Oct 22, 2018 What is consensus? A group of people go to the same

Consensus: Paxos Haobin Ni Oct 22, 2018 What is consensus? A group of people go to the same place for the same meal. A set of nodes have the same value for the same variable. X=7 X=7 X=7 Why is it important? In state machine replication

1.1k views • 46 slides
FLP Impossibility & Weakest Failure Detector Consensus Protocols in Theory Philip Daian -

FLP Impossibility & Weakest Failure Detector Consensus Protocols in Theory Philip Daian -

FLP Impossibility & Weakest Failure Detector Consensus Protocols in Theory Philip Daian - 10/25 slides influenced by Birman FA12 slides Consensus! Courtesy of https://rethinkdb.com Consensus Example Clients Storage Leader Consensus

1.53k views • 78 slides
Consensus Variants Usman Mazhar Mirza 6/17/2013 1 Consensus Variants In the variants we

Consensus Variants Usman Mazhar Mirza 6/17/2013 1 Consensus Variants In the variants we

Consensus Variants Usman Mazhar Mirza 6/17/2013 1 Consensus Variants In the variants we consider here, just like in consensus, the processes need to make consistent decisions, such as agreeing on one common value. Most of the

590 views • 35 slides
Proof of Luck: an Efficient Blockchain Consensus Protocol Mitar Milutinovic, Warren He, Howard

Proof of Luck: an Efficient Blockchain Consensus Protocol Mitar Milutinovic, Warren He, Howard

Proof of Luck: an Efficient Blockchain Consensus Protocol Mitar Milutinovic, Warren He, Howard Wu, Maxinder Kanwal Outline Background: blockchains, consensus, and SGX Existing consensus mechanisms Our paper: 3 basic consensus primitives Proof

527 views • 50 slides
Consensus vanilladb.org Consensus Uses: bebBroadcast PerfectFailureDetection

Consensus vanilladb.org Consensus Uses: bebBroadcast PerfectFailureDetection

Consensus vanilladb.org Consensus Uses: bebBroadcast PerfectFailureDetection Properties Termination Every correct process eventually decides some value. Validity If a process decides v , then v was proposed by some

464 views • 21 slides
Hybrid Consensus: Efficient Consensus in the Permissionless Model Rafael Pass and Elaine Shi

Hybrid Consensus: Efficient Consensus in the Permissionless Model Rafael Pass and Elaine Shi

Hybrid Consensus: Efficient Consensus in the Permissionless Model Rafael Pass and Elaine Shi IC3 1 Blockchains Satoshi Nakamoto, 2009 Public database Shared & maintained between network participants Blockchain agreement protocol

296 views • 15 slides
Distributed Systems CS425/ECE428 03/06/2020 Todays agenda Consensus Consensus in

Distributed Systems CS425/ECE428 03/06/2020 Todays agenda Consensus Consensus in

Distributed Systems CS425/ECE428 03/06/2020 Todays agenda Consensus Consensus in synchronous systems Chapter 15.4 Impossibility of consensus in asynchronous systems Impossibility of Distributed Consensus with One Faulty

714 views • 40 slides
Failures and Consensus Failures and Consensus Coordination Coordination If the solution to

Failures and Consensus Failures and Consensus Coordination Coordination If the solution to

Failures and Consensus Failures and Consensus Coordination Coordination If the solution to availability and scalability is to decentralize and replicate functions and data, how do we coordinate the nodes? data consistency update

712 views • 36 slides
Synchronous Batching: From Cascades to Free Routes Roger Dingledine The Free Haven Project

Synchronous Batching: From Cascades to Free Routes Roger Dingledine The Free Haven Project

Synchronous Batching: From Cascades to Free Routes Roger Dingledine The Free Haven Project Vitaly Shmatikov Paul Syverson SRI International Naval Research Laboratory Presented at PET 2004, May 27, 2004 Reminder: What does a mix do?

677 views • 28 slides
Lecture 4: Checking properties in NuSMV B. Srivathsan Chennai Mathematical Institute Model

Lecture 4: Checking properties in NuSMV B. Srivathsan Chennai Mathematical Institute Model

Lecture 4: Checking properties in NuSMV B. Srivathsan Chennai Mathematical Institute Model Checking and Systems Verification January - April 2016 1 / 43 Outline Module 1: Synchronous Vs Asynchronous composition Module 2: More examples

1.11k views • 90 slides
Consensus with Partial Synchrony Pedro Ferreira do Souto Departamento de Engenharia Informtica

Consensus with Partial Synchrony Pedro Ferreira do Souto Departamento de Engenharia Informtica

Consensus with Partial Synchrony Pedro Ferreira do Souto Departamento de Engenharia Informtica Faculdade de Engenharia Universidade do Porto Pedro F. Souto (FEUP) Consensus with Partial Synchrony 1 / 55 Outline Failure Detection 1

588 views • 57 slides
Linux Kernel Co-Scheduling For Bulk Synchronous Parallel Applications ROSS 2011 Tucson, AZ Ter

Linux Kernel Co-Scheduling For Bulk Synchronous Parallel Applications ROSS 2011 Tucson, AZ Ter

Linux Kernel Co-Scheduling For Bulk Synchronous Parallel Applications ROSS 2011 Tucson, AZ Ter erry J y Jones ones Oak Ridge National Laboratory 1 Managed by UT-Battelle Terry Jones ROSS 2011 for the U.S. Department of Energy Outline

367 views • 19 slides
Unit-12: Modeling timing constraints B. Srivathsan Chennai Mathematical Institute NPTEL-course

Unit-12: Modeling timing constraints B. Srivathsan Chennai Mathematical Institute NPTEL-course

Unit-12: Modeling timing constraints B. Srivathsan Chennai Mathematical Institute NPTEL-course July - November 2015 1 / 20 Traffic lights controller Flight control Automatic gear control Pacemaker ATM Controllers need to adhere to strict

1.37k views • 55 slides
Shaahin Hessabi Department of Computer Engineering Sharif University of Technology D Design for

Shaahin Hessabi Department of Computer Engineering Sharif University of Technology D Design for

Shaahin Hessabi Department of Computer Engineering Sharif University of Technology D Design for Reuse i f R Design for reuse is an absolute necessity to: maintain productivity levels, keep the design time within reasonable

589 views • 21 slides
A multiplexer implementation Sum of products form: i 1 .c + i 0 .c Can be implemented

A multiplexer implementation Sum of products form: i 1 .c + i 0 .c Can be implemented

Lecture 7: Logic design Binary digital logic circuits: Two voltage levels (ground and supply voltage) for 0 and 1 Built from transistors used as on/off switches Analog circuits not very suitable for generic computing Digital

318 views • 17 slides
Introduction to Electrical Systems Course Code: EE 111 Course Code: EE 111 Department: Electrical

Introduction to Electrical Systems Course Code: EE 111 Course Code: EE 111 Department: Electrical

Introduction to Electrical Systems Course Code: EE 111 Course Code: EE 111 Department: Electrical Engineering Department: Electrical Engineering Instructor Name: B G Fernandes Instructor Name: B.G. Fernandes E mail id: bgf@ee iitb ac in E

217 views • 19 slides

More recommend