experiences in building and operating epost a reliable
play

Experiences in Building and Operating ePOST, a Reliable Peer-to-Peer - PowerPoint PPT Presentation

Feb 27, 2023 •185 likes •618 views

Experiences in Building and Operating ePOST, a Reliable Peer-to-Peer Application Alan Mislove Ansley Post Andreas Haeberlen Peter Druschel Max Planck Institute for Software Systems Rice University 1 Reliable P2P

  1. Experiences in Building and Operating ePOST, a Reliable Peer-to-Peer Application Alan Mislove †‡ Ansley Post †‡ Andreas Haeberlen †‡ Peter Druschel † † Max Planck Institute for Software Systems ‡ Rice University 1

  2. Reliable P2P Systems: Myth or Reality? • For the past few years, much research interest in p2p • Highly scalable in nodes and data • Utilization of underused resources • Robust to large range of workloads and failures • Most deployed systems are not reliable [Kazaa, Skype, etc] • None attempt to store data reliably, durably, or securely • Lead some to conclude p2p can’t support reliable applications • Question: Can peer-to-peer systems provide reliable service? 2 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 2

  3. Demonstration Application: ePOST • ePOST is an email service built using decentralized components • Completely decentralized, no ‘email servers’ • Email one of the most important Internet applications • Privacy • Integrity • Durability • Availability • Wanted to develop system to a point where people rely on it 3 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 3

  4. ePOST: Deployment • Built and deployed ePOST within our group • Running for over 2 years • Processed well over 500,000 email messages • Built ePOST to be more reliable than existing email systems • 16 users used ePOST as primary email • Even my advisor! • Many challenges found by building the system • After challenges solved, provides reliable service • Robust; numerous times ePOST was only mail service working 4 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 4

  5. Rest of Talk • ePOST in detail • Challenges faced in building and deploying ePOST • Conclusion 5 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 5

  6. ePOST: Architecture • Each participating node runs mail Node servers for the local user Email • Email service looks the same to users IMAP • Data stored cooperatively on POP3 SMTP SMTP participating machines • Machines form overlay • Replicated for redundancy • All data encrypted and signed IMAP SMTP • Prevents others from reading your IMAP email SMTP 6 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 6

  7. ePOST: Architecture • Each participating node runs mail Node servers for the local user Email • Email service looks the same to users • Data stored cooperatively on participating machines • Machines form overlay • Replicated for redundancy • All data encrypted and signed • Prevents others from reading your email 6 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 6

  8. ePOST: Metadata Storage • Folders represented using logs Log Head • Entries represent changes Log Entry • All entries self-authenticating • Log head points to most recent entry Add Email #3 • Signed by owner due to mutability • Only local node has key material Delete Email #2 • All writes performed by owner Mark #2 Read • Map multi-access problem to single- Add Email #2 writer 7 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 7

  9. ePOST: Metadata Storage • Folders represented using logs Log Head • Entries represent changes Log Entry • All entries self-authenticating Add Email #4 • Log head points to most recent entry Add Email #3 • Signed by owner due to mutability • Only local node has key material Delete Email #2 • All writes performed by owner Mark #2 Read • Map multi-access problem to single- Add Email #2 writer 7 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 7

  10. ePOST: Metadata Storage • Folders represented using logs Log Head • Entries represent changes Log Entry • All entries self-authenticating Add Email #4 • Log head points to most recent entry Add Email #3 • Signed by owner due to mutability • Only local node has key material Delete Email #2 • All writes performed by owner Mark #2 Read • Map multi-access problem to single- Add Email #2 writer 7 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 7

  11. Challenges Faced 8 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 8

  12. Challenges Faced • Network partitions • Complex failure modes • NATs and firewalls • Very unsynchronized clocks • Routing anomalies • Lost key material • Node churn • Disconnected nodes • Correlated failures • Power failures • Resource consumption • Resource exhaustion • Data storage • Spam attacks on relays • Slow nodes • Java eccentricities • Hidden single points of failure • Congested links • Data corruption • PlanetLab slice deletion • Comatose nodes • ... 8 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 8

  13. Challenges Faced • Network partitions • Network partitions • Complex failure modes • NATs and firewalls • Very unsynchronized clocks • Very unsynchronized clocks • Routing anomalies • Routing anomalies • Lost key material • Node churn • Disconnected nodes • Correlated failures • Correlated failures • Power failures • Resource consumption • Resource consumption • Resource exhaustion • Data storage • Spam attacks on relays • Slow nodes • Java eccentricities • Hidden single points of failure • Congested links • Data corruption • PlanetLab slice deletion • Comatose nodes • ... 8 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 8

  14. Challenge: Network Partitions • Overlay originally had no special Node provisions for network partitions • Did not envision partitions as a significant problem • When a network failure occurs, nodes detect others to be dead • Multiple overlays reform • Network usually fails at access links • Generally one large overlay and one small overlay 9 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 9

  15. Challenge: Network Partitions • Overlay originally had no special Node provisions for network partitions • Did not envision partitions as a significant problem • When a network failure occurs, nodes detect others to be dead • Multiple overlays reform • Network usually fails at access links • Generally one large overlay and one small overlay 9 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 9

  16. Challenge: Network Partitions • Overlay originally had no special Node provisions for network partitions • Did not envision partitions as a significant problem • When a network failure occurs, nodes detect others to be dead • Multiple overlays reform • Network usually fails at access links • Generally one large overlay and one small overlay 9 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 9

  17. How frequent are partitions? 6 5 Number of Partitions 4 3 2 1 0 0 10 20 30 40 50 60 70 80 90 Time (days) • Partitions occur often in PlanetLab • Usually a single subnet (PlanetLab site) becomes partitioned 10 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 10

  18. Impact of Network Partitions Node • Tradeoff between consistency and Email availability under partitions Log Head • Well-known tradeoff • ePOST resolves this in favor of availability • Partitions cause consistency problems • Small partitions have data inaccessibility • Mutable data can diverge • Partitions persist unless action is taken 11 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 11

  19. Impact of Network Partitions Node • Tradeoff between consistency and Email availability under partitions Log Head • Well-known tradeoff • ePOST resolves this in favor of availability • Partitions cause consistency problems • Small partitions have data inaccessibility • Mutable data can diverge • Partitions persist unless action is taken ? 11 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 11

  20. Partitions: Overlay Reintegration • To reintegrate overlay Node • Nodes remember recently deceased nodes • Periodically query these nodes, and integrate missing nodes into overlay • Protocol is periodic, and therefore stable • Tested on simulated failures as well as Planetlab • Overlay heals as expected 12 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 12

  21. Partitions: Overlay Reintegration • To reintegrate overlay Node • Nodes remember recently deceased nodes • Periodically query these nodes, and integrate missing nodes into overlay • Protocol is periodic, and therefore stable • Tested on simulated failures as well as Planetlab • Overlay heals as expected 12 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 12

  22. Partitions: Data Divergence • In ePOST, log-based data structure Log Entry • Forked logs must be merged • Data divergence unlikely due to single-writer behavior • To repair logs, merge entries, cancel destructive operations Add Email #3 • Ensures no data loss Delete Email #2 Mark #2 Read Add Email #2 13 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 13

  23. Partitions: Data Divergence • In ePOST, log-based data structure Log Entry • Forked logs must be merged • Data divergence unlikely due to single-writer behavior Mark #4 Read Delete Folder Add Email #4 • To repair logs, merge entries, cancel destructive operations Add Email #3 • Ensures no data loss Delete Email #2 Mark #2 Read Add Email #2 13 19.04.2006 EuroSys’06 Conference, Leuven, Belgium 13

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Valid and Reliable Assessment of Uncommon Learning Experiences Kim Carter

Valid and Reliable Assessment of Uncommon Learning Experiences Kim Carter

Valid and Reliable Assessment of Uncommon Learning Experiences Kim Carter kcarter@qedfoundation.org Extended Learning Opportunities Small learning environments Hands-on learning Real world, relevant learning experiences Extended

370 views • 12 slides
CS 423 Operating System Design: Reliable Storage Tianyin Xu CS 423: Operating Systems Design

CS 423 Operating System Design: Reliable Storage Tianyin Xu CS 423: Operating Systems Design

CS 423 Operating System Design: Reliable Storage Tianyin Xu CS 423: Operating Systems Design Storage is hard ; - ( In each cluster's first year, it's typical that 1,000 individual machine failures will occur; thousands of hard drive

645 views • 45 slides
CS 423 Operating System Design: Reliable Storage Professor Adam Bates CS 423: Operating

CS 423 Operating System Design: Reliable Storage Professor Adam Bates CS 423: Operating

CS 423 Operating System Design: Reliable Storage Professor Adam Bates CS 423: Operating Systems Design Storage is hard ; - ( In each cluster's first year, it's typical that 1,000 individual machine failures will occur; thousands of hard

506 views • 33 slides
Capacity Building Experiences in Least Developed Countries The Gambia Experiences Abdoulie Jammeh

Capacity Building Experiences in Least Developed Countries The Gambia Experiences Abdoulie Jammeh

Capacity Building Experiences in Least Developed Countries The Gambia Experiences Abdoulie Jammeh Ministry of Trade Introduction The Gambia participated in the past CDP DESA activities relating to: The survey on ISMs Specific to LDCs,

379 views • 11 slides
Experiences with the Amoeba Distributed Operating System (Andrew Tanenbaum, Robbert van Renesse,

Experiences with the Amoeba Distributed Operating System (Andrew Tanenbaum, Robbert van Renesse,

Faculty of Computer Science Institute for System Architecture, Operating Systems Group Experiences with the Amoeba Distributed Operating System (Andrew Tanenbaum, Robbert van Renesse, Hans van Staveren, Gregory J. Sharp) presented by Bjoern

522 views • 15 slides
CS 5150 So(ware Engineering 20. Verifica6on, Tes6ng, and Bugs William Y. Arms Building Reliable

CS 5150 So(ware Engineering 20. Verifica6on, Tes6ng, and Bugs William Y. Arms Building Reliable

Cornell University Compu1ng and Informa1on Science CS 5150 So(ware Engineering 20. Verifica6on, Tes6ng, and Bugs William Y. Arms Building Reliable Systems: Two Principles For a so:ware system to be reliable: Each stage of development must be

589 views • 37 slides
Operating a Resilient & Reliable Network Edinburgh International Conference Centre, 5 th

Operating a Resilient & Reliable Network Edinburgh International Conference Centre, 5 th

Operating a Resilient & Reliable Network Edinburgh International Conference Centre, 5 th March 2019 Welcome & Housekeeping Name Badge Agenda Welcome and housekeeping Introduction Dave McKay, Director of Operations

422 views • 24 slides
SeerSuite: Developing a Scalable and Reliable Application Framework for Building Digital

SeerSuite: Developing a Scalable and Reliable Application Framework for Building Digital

SeerSuite: Developing a Scalable and Reliable Application Framework for Building Digital Libraries by Crawling the Web Pradeep Teregowda*, Isaac Councill # , Juan Fernandez*, Shuyi Zheng*, Madian Khabsa*, C. Lee Giles* * Pennsylvania State

586 views • 31 slides
What is Unix? Unix is a multi-user Operating System Pros Intro To Unix Powerful, reliable,

What is Unix? Unix is a multi-user Operating System Pros Intro To Unix Powerful, reliable,

What is Unix? Unix is a multi-user Operating System Pros Intro To Unix Powerful, reliable, stable, secure CS-121 Cons Designed for programmers (ie not regular people) Difficult to learn at first (though not all versions) Since Then Lot

646 views • 8 slides
ABS CAPACITY-BUILDING EXPERIENCES IN SOUTH EAST ASIA ELPIDIO V. PERIA ACB-NBA Coordinator,

ABS CAPACITY-BUILDING EXPERIENCES IN SOUTH EAST ASIA ELPIDIO V. PERIA ACB-NBA Coordinator,

ABS CAPACITY-BUILDING EXPERIENCES IN SOUTH EAST ASIA ELPIDIO V. PERIA ACB-NBA Coordinator, ASEAN Center for Biodiversity 3rd Meeting of the Informal Advisory Committee on Capacity-Building to the Nagoya Protocol Montreal, Canada, 20-22

425 views • 14 slides
11/05/2016 R3TOS IN A N UTSHELL R3TOS is a Reliable Reconfigurable Real-Time Operating System.

11/05/2016 R3TOS IN A N UTSHELL R3TOS is a Reliable Reconfigurable Real-Time Operating System.

11/05/2016 R3TOS IN A N UTSHELL R3TOS is a Reliable Reconfigurable Real-Time Operating System. R3TOS O VERVIEW AND A RCHITECTURE It ease the exploitation of online specialization offered by partially reconfigurable FPGAs, combining computation

651 views • 21 slides
Course Approach You will be building your own operating system You will do it in steps

Course Approach You will be building your own operating system You will do it in steps

Course Approach You will be building your own operating system You will do it in steps INF 3150/3160 Operating Systems For each step Well define what your OS should achieve for this step Well provide you with a

705 views • 11 slides
some cRiteRia foR building Reliable bibliometRic indicatoRs foR measuRing ReseaRch peRfoRmance

some cRiteRia foR building Reliable bibliometRic indicatoRs foR measuRing ReseaRch peRfoRmance

some cRiteRia foR building Reliable bibliometRic indicatoRs foR measuRing ReseaRch peRfoRmance on data souRces, data quality and caveats in designing and applying indicatoRs wolfgang glnzel Centre for R&D Monitoring and Dept MSI, KU

465 views • 42 slides
Experiences Building InfluxDB in Go Paul Dix paul@influxdb.com @pauldix Who am I? informs my

Experiences Building InfluxDB in Go Paul Dix paul@influxdb.com @pauldix Who am I? informs my

Experiences Building InfluxDB in Go Paul Dix paul@influxdb.com @pauldix Who am I? informs my experience working with a language like Go co-founder, CEO, programmer Author Languages worked with Professionally in order VBScript Delphi

965 views • 49 slides
results and experiences Sebastian Frank Santiago Vidal SQuAT Case Study Experiences Results

results and experiences Sebastian Frank Santiago Vidal SQuAT Case Study Experiences Results

Universidad Nacional del Centro (UNICEN) Institute of Software Technology ISISTAN Research Institute Reliable Software Systems Software Engineering Group Using the CoCoME We already community case study attended for evaluating the SSP

490 views • 20 slides
Celebrating 25 years of International Collaboration and Capacity Building nSight-1: a Reliable

Celebrating 25 years of International Collaboration and Capacity Building nSight-1: a Reliable

Celebrating 25 years of International Collaboration and Capacity Building nSight-1: a Reliable nano-satellite platform for Remote Sensing Capacity Building Sias Mostert sias@scs-space.com 1 25 years of International Collaboration Satellite

756 views • 39 slides
Presenter: Yunfeng Gu Supervisor: Azzedine Boukerche PARADISE Research Laboratory University of

Presenter: Yunfeng Gu Supervisor: Azzedine Boukerche PARADISE Research Laboratory University of

Presenter: Yunfeng Gu Supervisor: Azzedine Boukerche PARADISE Research Laboratory University of Ottawa, Canada Supporting Multi-dimensional Range Query in the P2P Network DS-RT 2011 . P2P A Appli

713 views • 42 slides
MC714: Sistemas Distribu dos Prof. Lucas Wanner Instituto de Computac ao, Unicamp

MC714: Sistemas Distribu dos Prof. Lucas Wanner Instituto de Computac ao, Unicamp

MC714: Sistemas Distribu dos Prof. Lucas Wanner Instituto de Computac ao, Unicamp Aula 22: Sistemas Peer-to-Peer Estruturados: DHT/Chord Distributed Hash Tables (DHT) Chord Consider the organization of many nodes into a logical

256 views • 7 slides
Data Storage Solutions for Decentralized Online Social Networks Anwitaman Datta S* Aspects of

Data Storage Solutions for Decentralized Online Social Networks Anwitaman Datta S* Aspects of

Data Storage Solutions for Decentralized Online Social Networks Anwitaman Datta S* Aspects of Networked & Distributed Systems (SANDS) School of Computer Engineering NTU Singapore iSocial Summer School, KTH Stockholm Research @

1.21k views • 83 slides
Sistemas Distribudos Aula 9 Aula passada Aula de hoje DNS Arquitetura P2P CDN Bittorrent

Sistemas Distribudos Aula 9 Aula passada Aula de hoje DNS Arquitetura P2P CDN Bittorrent

Sistemas Distribudos Aula 9 Aula passada Aula de hoje DNS Arquitetura P2P CDN Bittorrent Distributed Hash Table (DHT) Figueiredo 2016 Aquitetura de Sistemas Distribudo Duas grandes abordagens cliente/servidor: clssica e mais

471 views • 20 slides
Building and verifying a quasi-certification entity over Distributed Hash Tables F. Kordon -

Building and verifying a quasi-certification entity over Distributed Hash Tables F. Kordon -

Building and verifying a quasi-certification entity over Distributed Hash Tables F. Kordon - Universit P. & M. Curie - CC2016 Join work with X. Bonnaire, R. Cortes & O. Marin UPMC (France), UFSM (Chile), NYUS (China)

648 views • 53 slides
Crude-Oil Blend Scheduling Optimization of a Complex Industrial-Sized Refinery: A Discrete-Time

Crude-Oil Blend Scheduling Optimization of a Complex Industrial-Sized Refinery: A Discrete-Time

Crude-Oil Blend Scheduling Optimization of a Complex Industrial-Sized Refinery: A Discrete-Time Benchmark Motivation 1: Replace Full Space MINLP by MILP + NLP decompositions for large problems Motivation 2: Crude-oil scheduling in 1 st feedstock

386 views • 11 slides
Computer Graphics (CS/ECE 545) Lecture 7: Morphology (Part 2) & Regions in Binary Images (Part

Computer Graphics (CS/ECE 545) Lecture 7: Morphology (Part 2) & Regions in Binary Images (Part

Computer Graphics (CS/ECE 545) Lecture 7: Morphology (Part 2) & Regions in Binary Images (Part 1) Prof Emmanuel Agu Computer Science Dept. Worcester Polytechnic Institute (WPI) Recall: Dilation Example For A and B shown below Translation of

1.04k views • 61 slides
CS 4495 Computer Vision Binary images and Morphology Aaron Bobick School of Interactive

CS 4495 Computer Vision Binary images and Morphology Aaron Bobick School of Interactive

Morphology CS 4495 Computer Vision A. Bobick CS 4495 Computer Vision Binary images and Morphology Aaron Bobick School of Interactive Computing Morphology CS 4495 Computer Vision A. Bobick Administrivia PS6 should be working

1.08k views • 46 slides

More recommend