verifying strong eventual consistency in crdts
play

Verifying Strong Eventual Consistency in -CRDTs Taylor Blau - PowerPoint PPT Presentation

Feb 02, 2024 •347 likes •2.35k views

Verifying Strong Eventual Consistency in -CRDTs Taylor Blau University of Washington June, 2020 Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in -CRDTs June, 2020 1 / 50 Introduction Contributions This

  1. Motivation Distributed Consensus Algorithms Definition (Distributed Consensus Algorithm, Howard and Mortier [2020]) An algorithm is said to solve distributed consensus if it has the following three safety requirements: 1 Non-triviality : The decided value must have been proposed by a participant. 2 Safety : Once a value has been decided, no other value will be decided. 3 Safe learning : If a participant learns a value, it must learn the decided value. In addition, it must satisfy the following two progress requirements: 1 Progress : Under previously agreed-upon liveness conditions, if a value is proposed by a participant, then a value is eventually decided. 2 Eventual learning : Under the same conditions as above, if a value is decided, then that value must be eventually learned. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 5 / 50

  2. Motivation Distributed Consensus Algorithms Definition (Distributed Consensus Algorithm, Howard and Mortier [2020]) An algorithm is said to solve distributed consensus if it has the following three safety requirements: 1 Non-triviality : The decided value must have been proposed by a participant. 2 Safety : Once a value has been decided, no other value will be decided. 3 Safe learning : If a participant learns a value, it must learn the decided value. In addition, it must satisfy the following two progress requirements: 1 Progress : Under previously agreed-upon liveness conditions, if a value is proposed by a participant, then a value is eventually decided. 2 Eventual learning : Under the same conditions as above, if a value is decided, then that value must be eventually learned. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 5 / 50

  3. Motivation Distributed Consensus Algorithms Definition (Distributed Consensus Algorithm, Howard and Mortier [2020]) An algorithm is said to solve distributed consensus if it has the following three safety requirements: 1 Non-triviality : The decided value must have been proposed by a participant. 2 Safety : Once a value has been decided, no other value will be decided. 3 Safe learning : If a participant learns a value, it must learn the decided value. In addition, it must satisfy the following two progress requirements: 1 Progress : Under previously agreed-upon liveness conditions, if a value is proposed by a participant, then a value is eventually decided. 2 Eventual learning : Under the same conditions as above, if a value is decided, then that value must be eventually learned. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 5 / 50

  4. Motivation Distributed Consensus Algorithms Two of the most popular algorithms in this field: Paxos [Lamport, 1998] Raft [Ongaro and Ousterhout, 2014] ...are notoriously difficult to implement in practice [Howard and Mortier, 2020]. Often the subject of advanced undergraduate-level courses in Distributed Systems (CSE 452). Subject of much mechanized verification effort [Wilcox et al., 2015, Woos et al., 2016]. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 6 / 50

  5. Motivation Distributed Consensus Algorithms Two of the most popular algorithms in this field: Paxos [Lamport, 1998] Raft [Ongaro and Ousterhout, 2014] ...are notoriously difficult to implement in practice [Howard and Mortier, 2020]. Often the subject of advanced undergraduate-level courses in Distributed Systems (CSE 452). Subject of much mechanized verification effort [Wilcox et al., 2015, Woos et al., 2016]. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 6 / 50

  6. Motivation Distributed Consensus Algorithms Two of the most popular algorithms in this field: Paxos [Lamport, 1998] Raft [Ongaro and Ousterhout, 2014] ...are notoriously difficult to implement in practice [Howard and Mortier, 2020]. Often the subject of advanced undergraduate-level courses in Distributed Systems (CSE 452). Subject of much mechanized verification effort [Wilcox et al., 2015, Woos et al., 2016]. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 6 / 50

  7. Motivation Distributed Consensus Algorithms Two of the most popular algorithms in this field: Paxos [Lamport, 1998] Raft [Ongaro and Ousterhout, 2014] ...are notoriously difficult to implement in practice [Howard and Mortier, 2020]. Often the subject of advanced undergraduate-level courses in Distributed Systems (CSE 452). Subject of much mechanized verification effort [Wilcox et al., 2015, Woos et al., 2016]. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 6 / 50

  8. Motivation Distributed Consensus Algorithms Why? ...one possible answer: safety . 1 Coordinating a shared value between multiple replicas is difficult. 2 Unreliable networks make this task even more difficult. 3 Ensuring that all nodes learn the same value makes this even more difficult still. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 7 / 50

  9. Motivation Distributed Consensus Algorithms Why? ...one possible answer: safety . 1 Coordinating a shared value between multiple replicas is difficult. 2 Unreliable networks make this task even more difficult. 3 Ensuring that all nodes learn the same value makes this even more difficult still. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 7 / 50

  10. Motivation Distributed Consensus Algorithms Why? ...one possible answer: safety . 1 Coordinating a shared value between multiple replicas is difficult. 2 Unreliable networks make this task even more difficult. 3 Ensuring that all nodes learn the same value makes this even more difficult still. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 7 / 50

  11. Motivation Distributed Consensus Algorithms Why? ...one possible answer: safety . 1 Coordinating a shared value between multiple replicas is difficult. 2 Unreliable networks make this task even more difficult. 3 Ensuring that all nodes learn the same value makes this even more difficult still. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 7 / 50

  12. Background Consistency Classes Eventual Consistency Eventual consistency captures the informal notion that if all clients stop submitting updates to the system, all replicas in the system eventually reach the same value. More formally: Definition (Eventual Consistency [Shapiro et al., 2011]) 1 Eventual delivery . An update delivered at some correct replica is eventually delivered at all replicas. ∀ r 1 , r 2 . f ∈ (delivered r 1 ) ⇒ ♦ f ∈ (delivered r 2 ) 2 Convergence . Correct replicas which have received the same set of updates eventually reflect the same state. ∀ r 1 , r 2 . � (delivered r 1 ) = (delivered r 2 ) ⇒ ♦ � q ( r 1 ) = q ( r 2 ) 3 Termination . All method executions terminate. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 8 / 50

  13. Background Consistency Classes Eventual Consistency Eventual consistency captures the informal notion that if all clients stop submitting updates to the system, all replicas in the system eventually reach the same value. More formally: Definition (Eventual Consistency [Shapiro et al., 2011]) 1 Eventual delivery . An update delivered at some correct replica is eventually delivered at all replicas. ∀ r 1 , r 2 . f ∈ (delivered r 1 ) ⇒ ♦ f ∈ (delivered r 2 ) 2 Convergence . Correct replicas which have received the same set of updates eventually reflect the same state. ∀ r 1 , r 2 . � (delivered r 1 ) = (delivered r 2 ) ⇒ ♦ � q ( r 1 ) = q ( r 2 ) 3 Termination . All method executions terminate. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 8 / 50

  14. Background Consistency Classes Eventual Consistency Eventual consistency captures the informal notion that if all clients stop submitting updates to the system, all replicas in the system eventually reach the same value. More formally: Definition (Eventual Consistency [Shapiro et al., 2011]) 1 Eventual delivery . An update delivered at some correct replica is eventually delivered at all replicas. ∀ r 1 , r 2 . f ∈ (delivered r 1 ) ⇒ ♦ f ∈ (delivered r 2 ) 2 Convergence . Correct replicas which have received the same set of updates eventually reflect the same state. ∀ r 1 , r 2 . � (delivered r 1 ) = (delivered r 2 ) ⇒ ♦ � q ( r 1 ) = q ( r 2 ) 3 Termination . All method executions terminate. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 8 / 50

  15. Background Consistency Classes Eventual Consistency Eventual consistency captures the informal notion that if all clients stop submitting updates to the system, all replicas in the system eventually reach the same value. More formally: Definition (Eventual Consistency [Shapiro et al., 2011]) 1 Eventual delivery . An update delivered at some correct replica is eventually delivered at all replicas. ∀ r 1 , r 2 . f ∈ (delivered r 1 ) ⇒ ♦ f ∈ (delivered r 2 ) 2 Convergence . Correct replicas which have received the same set of updates eventually reflect the same state. ∀ r 1 , r 2 . � (delivered r 1 ) = (delivered r 2 ) ⇒ ♦ � q ( r 1 ) = q ( r 2 ) 3 Termination . All method executions terminate. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 8 / 50

  16. Background Consistency Classes Shortcomings of Eventual Consistency EC is a relatively weak form of consistency: 1 EC systems will sometimes execute an update immediately only to discover that it produces a conflict with some future update, and so frequent roll-backs may be performed [Shapiro et al., 2011]. 2 EC is merely a liveness guarantee. It does not impose any restriction on nodes which have received the same set or even sequence of messages. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 9 / 50

  17. Background Consistency Classes Shortcomings of Eventual Consistency EC is a relatively weak form of consistency: 1 EC systems will sometimes execute an update immediately only to discover that it produces a conflict with some future update, and so frequent roll-backs may be performed [Shapiro et al., 2011]. 2 EC is merely a liveness guarantee. It does not impose any restriction on nodes which have received the same set or even sequence of messages. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 9 / 50

  18. Background Consistency Classes Strong Eventual Consistency Definition (Strong Eventual Consistency [Shapiro et al., 2011]) 1 The system is EC, as previously described. 2 Strong convergence . Any pair of replicas which have received the same set of messages must return the same value when queried immediately. ∀ r 1 , r 2 . (delivered r 1 ) = (delivered r 2) ⇒ q ( r 1 ) = q ( r 2 ) Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 10 / 50

  19. Background Consistency Classes Strong Eventual Consistency Definition (Strong Eventual Consistency [Shapiro et al., 2011]) 1 The system is EC, as previously described. 2 Strong convergence . Any pair of replicas which have received the same set of messages must return the same value when queried immediately. ∀ r 1 , r 2 . (delivered r 1 ) = (delivered r 2) ⇒ q ( r 1 ) = q ( r 2 ) Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 10 / 50

  20. Background Consistency Classes Strong Eventual Consistency Why is SEC an appealing model? No requirements on replicas which have not received the same sequence/set of updates. Trade linearizability for the ability to let replicas drift. Allow replicas which haven’t yet received all updates to return an earlier value of the computation. Practical (in certain applications): offline synchronization (iOS Notes), Facebook “like” counters, Cassandra, etc. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 11 / 50

  21. Background Consistency Classes Strong Eventual Consistency Why is SEC an appealing model? No requirements on replicas which have not received the same sequence/set of updates. Trade linearizability for the ability to let replicas drift. Allow replicas which haven’t yet received all updates to return an earlier value of the computation. Practical (in certain applications): offline synchronization (iOS Notes), Facebook “like” counters, Cassandra, etc. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 11 / 50

  22. Background Consistency Classes Strong Eventual Consistency Why is SEC an appealing model? No requirements on replicas which have not received the same sequence/set of updates. Trade linearizability for the ability to let replicas drift. Allow replicas which haven’t yet received all updates to return an earlier value of the computation. Practical (in certain applications): offline synchronization (iOS Notes), Facebook “like” counters, Cassandra, etc. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 11 / 50

  23. Background Consistency Classes Strong Eventual Consistency Why is SEC an appealing model? No requirements on replicas which have not received the same sequence/set of updates. Trade linearizability for the ability to let replicas drift. Allow replicas which haven’t yet received all updates to return an earlier value of the computation. Practical (in certain applications): offline synchronization (iOS Notes), Facebook “like” counters, Cassandra, etc. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 11 / 50

  24. Background Consistency Classes Strong Eventual Consistency Why is SEC an appealing model? No requirements on replicas which have not received the same sequence/set of updates. Trade linearizability for the ability to let replicas drift. Allow replicas which haven’t yet received all updates to return an earlier value of the computation. Practical (in certain applications): offline synchronization (iOS Notes), Facebook “like” counters, Cassandra, etc. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 11 / 50

  25. Background Conflict-free Replicated Datatypes Conflict-free Replicated Datatypes CRDTs are a class of replicated datatypes which implement SEC Shapiro et al. [2011]. There exist two broad classes: 1 State-based CRDTs. States form a join lattice, progress is made by sharing states with other replicas and merging with local state. 2 Operation-based CRDTs. Operations are serialized and delivered to all replicas in order. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 12 / 50

  26. Background Conflict-free Replicated Datatypes Conflict-free Replicated Datatypes CRDTs are a class of replicated datatypes which implement SEC Shapiro et al. [2011]. There exist two broad classes: 1 State-based CRDTs. States form a join lattice, progress is made by sharing states with other replicas and merging with local state. 2 Operation-based CRDTs. Operations are serialized and delivered to all replicas in order. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 12 / 50

  27. Background state-based CRDTs State-based CRDTs A state-based CRDT is a 5-tuple ( S , s 0 , q , u , m ): 1 Individual CRDT replicas each have some state s i ∈ S for i ≥ 0, and is initially s 0 . 2 The value may be queried by any client or other replica by invoking q . 3 It may be updated with u , which has a unique type per CRDT object. 4 Finally, m merges the state of some other remote replica. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 13 / 50

  28. Background state-based CRDTs Example state-based CRDT Grow-only counter: increments a (grow-only) shared value over time, supports queries of the last-known value.  S : N |I|  0    s 0 : [0 , 0 , · · · , 0]      �  q : λ s . s ( i ) G-Counter s =  i ∈I     u : λ s , i . s { i �→ s ( i ) + 1 }      m : λ s 1 , s 2 . [max { s 1 ( i ) , s 2 ( i ) } : i ∈ dom( s 1 ) ∪ dom( s 2 )] Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 14 / 50

  29. Background state-based CRDTs state-based properties 1 Crucially, the states of a given state-based CRDT form a partially-ordered set � S , ⊑� . This poset is used to form a join semi-lattice, where any finite subset of elements has a natural least upper-bound. 2 For every state-based CRDT whose states S form some join semi-lattice (with join operator ⊔ ), we assume that: m ( s 1 , s 2 ) = s 1 ⊔ s 2 Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 15 / 50

  30. Background state-based CRDTs state-based properties 1 Crucially, the states of a given state-based CRDT form a partially-ordered set � S , ⊑� . This poset is used to form a join semi-lattice, where any finite subset of elements has a natural least upper-bound. 2 For every state-based CRDT whose states S form some join semi-lattice (with join operator ⊔ ), we assume that: m ( s 1 , s 2 ) = s 1 ⊔ s 2 Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 15 / 50

  31. Background state-based CRDTs state-based properties of ⊔ ⊔ must satisfy three mathematical identities: The operator is commutative , i.e., that s 1 ⊔ s 2 = s 2 ⊔ s 1 , or that order does not matter. The operator is idempotent , i.e., that ( s 1 ⊔ s 2 ) ⊔ s 2 = s 1 ⊔ s 2 , or that repeated updates reach a fixed point. Finally, the operator is associative , i.e., that s 1 ⊔ ( s 2 ⊔ s 3 ) = ( s 1 ⊔ s 2 ) ⊔ s 3 , or that grouping of arguments does not matter. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 16 / 50

  32. Background state-based CRDTs state-based properties of ⊔ ⊔ must satisfy three mathematical identities: The operator is commutative , i.e., that s 1 ⊔ s 2 = s 2 ⊔ s 1 , or that order does not matter. The operator is idempotent , i.e., that ( s 1 ⊔ s 2 ) ⊔ s 2 = s 1 ⊔ s 2 , or that repeated updates reach a fixed point. Finally, the operator is associative , i.e., that s 1 ⊔ ( s 2 ⊔ s 3 ) = ( s 1 ⊔ s 2 ) ⊔ s 3 , or that grouping of arguments does not matter. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 16 / 50

  33. Background state-based CRDTs state-based properties of ⊔ ⊔ must satisfy three mathematical identities: The operator is commutative , i.e., that s 1 ⊔ s 2 = s 2 ⊔ s 1 , or that order does not matter. The operator is idempotent , i.e., that ( s 1 ⊔ s 2 ) ⊔ s 2 = s 1 ⊔ s 2 , or that repeated updates reach a fixed point. Finally, the operator is associative , i.e., that s 1 ⊔ ( s 2 ⊔ s 3 ) = ( s 1 ⊔ s 2 ) ⊔ s 3 , or that grouping of arguments does not matter. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 16 / 50

  34. Background state-based CRDTs state-based properties of ⊔ ⊔ must satisfy three mathematical identities: The operator is commutative , i.e., that s 1 ⊔ s 2 = s 2 ⊔ s 1 , or that order does not matter. The operator is idempotent , i.e., that ( s 1 ⊔ s 2 ) ⊔ s 2 = s 1 ⊔ s 2 , or that repeated updates reach a fixed point. Finally, the operator is associative , i.e., that s 1 ⊔ ( s 2 ⊔ s 3 ) = ( s 1 ⊔ s 2 ) ⊔ s 3 , or that grouping of arguments does not matter. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 16 / 50

  35. Background state-based CRDTs state-based properties of ⊔ ...why place these restrictions on ⊔ ? Because: Commutativity means that updates can be delivered from other replicas in any order. Idempotency means that updates can be delivered any number of times without changing the effect. Associativity means that updates can be applied in any grouping (useful for causality-preserving CRDTs, but not studied further here). Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 17 / 50

  36. Background state-based CRDTs state-based properties of ⊔ ...why place these restrictions on ⊔ ? Because: Commutativity means that updates can be delivered from other replicas in any order. Idempotency means that updates can be delivered any number of times without changing the effect. Associativity means that updates can be applied in any grouping (useful for causality-preserving CRDTs, but not studied further here). Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 17 / 50

  37. Background state-based CRDTs state-based properties of ⊔ ...why place these restrictions on ⊔ ? Because: Commutativity means that updates can be delivered from other replicas in any order. Idempotency means that updates can be delivered any number of times without changing the effect. Associativity means that updates can be applied in any grouping (useful for causality-preserving CRDTs, but not studied further here). Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 17 / 50

  38. Background state-based CRDTs state-based properties of ⊔ ...why place these restrictions on ⊔ ? Because: Commutativity means that updates can be delivered from other replicas in any order. Idempotency means that updates can be delivered any number of times without changing the effect. Associativity means that updates can be applied in any grouping (useful for causality-preserving CRDTs, but not studied further here). Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 17 / 50

  39. Background state-based CRDTs Example state-based CRDT Grow-only counter: increments a (grow-only) shared value over time, supports queries of the last-known value.  S : N |I| Each element in the lattice a vector of naturals.  0   s 0 : [0 , 0 , · · · , 0]       �   q : λ s . s ( i )  G-Counter s = i ∈I   u : λ s , i . s { i �→ s ( i ) + 1 }      m : λ s 1 , s 2 . [max { s 1 ( i ) , s 2 ( i ) } : i ∈ dom( s 1 ) ∪ dom( s 2 )]      Least upper bound ⊔ defined by the element-wise maximum. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 18 / 50

  40. Background state-based CRDTs Example state-based CRDT Grow-only counter: increments a (grow-only) shared value over time, supports queries of the last-known value.  S : N |I| Each element in the lattice a vector of naturals.  0   s 0 : [0 , 0 , · · · , 0]       �   q : λ s . s ( i )  G-Counter s = i ∈I   u : λ s , i . s { i �→ s ( i ) + 1 }      m : λ s 1 , s 2 . [max { s 1 ( i ) , s 2 ( i ) } : i ∈ dom( s 1 ) ∪ dom( s 2 )]      Least upper bound ⊔ defined by the element-wise maximum. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 18 / 50

  41. Background state-based CRDTs Example state-based CRDT Grow-only counter: increments a (grow-only) shared value over time, supports queries of the last-known value.  S : N |I| Each element in the lattice a vector of naturals.  0   s 0 : [0 , 0 , · · · , 0]       �   q : λ s . s ( i )  G-Counter s = i ∈I   u : λ s , i . s { i �→ s ( i ) + 1 }      m : λ s 1 , s 2 . [max { s 1 ( i ) , s 2 ( i ) } : i ∈ dom( s 1 ) ∪ dom( s 2 )]      Least upper bound ⊔ defined by the element-wise maximum. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 18 / 50

  42. Background state-based CRDTs Example state-based CRDT Grow-only set: replicated monotonic (supports ∪ , but not \ ) set, query q defines a unary relation over items in the set.  S : P ( X ) Each element in the latice is some subset of X .    s 0 : {}     G-Set s ( X ) = q : λ x . x ∈ s   u : λ x . s ∪ { x } The set is updated by replacing the current set with the union.      m : λ s 1 , s 2 . s 1 ∪ s 2 The union of sets defines a least-upper bound in the lattice. The lattice-of-sets (for some family of items X ) is �P ( X ) , ⊆� , and the least-upper bound is defined by ∪ . Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 19 / 50

  43. Background state-based CRDTs Example state-based CRDT Grow-only set: replicated monotonic (supports ∪ , but not \ ) set, query q defines a unary relation over items in the set.  S : P ( X ) Each element in the latice is some subset of X .    s 0 : {}     G-Set s ( X ) = q : λ x . x ∈ s   u : λ x . s ∪ { x } The set is updated by replacing the current set with the union.      m : λ s 1 , s 2 . s 1 ∪ s 2 The union of sets defines a least-upper bound in the lattice. The lattice-of-sets (for some family of items X ) is �P ( X ) , ⊆� , and the least-upper bound is defined by ∪ . Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 19 / 50

  44. Background state-based CRDTs Example state-based CRDT Grow-only set: replicated monotonic (supports ∪ , but not \ ) set, query q defines a unary relation over items in the set.  S : P ( X ) Each element in the latice is some subset of X .    s 0 : {}     G-Set s ( X ) = q : λ x . x ∈ s   u : λ x . s ∪ { x } The set is updated by replacing the current set with the union.      m : λ s 1 , s 2 . s 1 ∪ s 2 The union of sets defines a least-upper bound in the lattice. The lattice-of-sets (for some family of items X ) is �P ( X ) , ⊆� , and the least-upper bound is defined by ∪ . Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 19 / 50

  45. Background op-based CRDTs op-based CRDTs An op-based CRDT is a 6-tuple ( S , s 0 , q , t , u , P ). S , s 0 , and q retain the same meaning as for the state-based CRDTs. S need not necessairly form a semi-lattice. Operations are communicated instead of state. To deliver an operation: The prepare-update implementation t is applied at the locally to prepare a representation of 1 the operation. The effect-update implementation u is applied at the local and remote replicas if and only if 2 the delivery precondition P is met, causing the desired update to take effect. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 20 / 50

  46. Background op-based CRDTs op-based CRDTs An op-based CRDT is a 6-tuple ( S , s 0 , q , t , u , P ). S , s 0 , and q retain the same meaning as for the state-based CRDTs. S need not necessairly form a semi-lattice. Operations are communicated instead of state. To deliver an operation: The prepare-update implementation t is applied at the locally to prepare a representation of 1 the operation. The effect-update implementation u is applied at the local and remote replicas if and only if 2 the delivery precondition P is met, causing the desired update to take effect. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 20 / 50

  47. Background op-based CRDTs op-based CRDTs An op-based CRDT is a 6-tuple ( S , s 0 , q , t , u , P ). S , s 0 , and q retain the same meaning as for the state-based CRDTs. S need not necessairly form a semi-lattice. Operations are communicated instead of state. To deliver an operation: The prepare-update implementation t is applied at the locally to prepare a representation of 1 the operation. The effect-update implementation u is applied at the local and remote replicas if and only if 2 the delivery precondition P is met, causing the desired update to take effect. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 20 / 50

  48. Background op-based CRDTs op-based CRDTs An op-based CRDT is a 6-tuple ( S , s 0 , q , t , u , P ). S , s 0 , and q retain the same meaning as for the state-based CRDTs. S need not necessairly form a semi-lattice. Operations are communicated instead of state. To deliver an operation: The prepare-update implementation t is applied at the locally to prepare a representation of 1 the operation. The effect-update implementation u is applied at the local and remote replicas if and only if 2 the delivery precondition P is met, causing the desired update to take effect. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 20 / 50

  49. Background op-based CRDTs op-based CRDTs An op-based CRDT is a 6-tuple ( S , s 0 , q , t , u , P ). S , s 0 , and q retain the same meaning as for the state-based CRDTs. S need not necessairly form a semi-lattice. Operations are communicated instead of state. To deliver an operation: The prepare-update implementation t is applied at the locally to prepare a representation of 1 the operation. The effect-update implementation u is applied at the local and remote replicas if and only if 2 the delivery precondition P is met, causing the desired update to take effect. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 20 / 50

  50. Background op-based CRDTs Example op-based CRDT To illustrate the difference between state- and op-based CRDTs, here the analogue to G-Set s :  S : P ( X )    s 0 : {}     G-Set o ( X ) = q : λ x . x ∈ s   t : λ x . (ins , x ) Representation of the operation.      u : λ p . s ∪ { (snd p ) } Application of the operation. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 21 / 50

  51. Background op-based CRDTs Example op-based CRDT To illustrate the difference between state- and op-based CRDTs, here the analogue to G-Set s :  S : P ( X )    s 0 : {}     G-Set o ( X ) = q : λ x . x ∈ s   t : λ x . (ins , x ) Representation of the operation.      u : λ p . s ∪ { (snd p ) } Application of the operation. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 21 / 50

  52. Background op-based CRDTs Example op-based CRDT To illustrate the difference between state- and op-based CRDTs, here the analogue to G-Set s :  S : P ( X )    s 0 : {}     G-Set o ( X ) = q : λ x . x ∈ s   t : λ x . (ins , x ) Representation of the operation.      u : λ p . s ∪ { (snd p ) } Application of the operation. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 21 / 50

  53. Background op-based CRDTs Example op-based CRDT To illustrate the difference between state- and op-based CRDTs, here the analogue to G-Counter s :  S : N |I|   S : N 0 0      s 0 : [0 , 0 , · · · , 0]   s 0 : 0         �  q : λ s . s ( i ) G-Counter o = q : λ s . s G-Counter ′ o =    i ∈I t : inc         t : (inc , i )   u : λ s , p . s + 1     u : λ s , p . s { i �→ s ( i ) + 1 } Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 22 / 50

  54. Background op-based CRDTs Example op-based CRDT To illustrate the difference between state- and op-based CRDTs, here the analogue to G-Counter s :  S : N |I|   S : N 0 0      s 0 : [0 , 0 , · · · , 0]   s 0 : 0         �  q : λ s . s ( i ) G-Counter o = q : λ s . s G-Counter ′ o =    i ∈I t : inc         t : (inc , i )   u : λ s , p . s + 1     u : λ s , p . s { i �→ s ( i ) + 1 } Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 22 / 50

  55. Background op-based CRDTs Example op-based CRDT To illustrate the difference between state- and op-based CRDTs, here the analogue to G-Counter s :  S : N |I|   S : N 0 0      s 0 : [0 , 0 , · · · , 0]   s 0 : 0         �  q : λ s . s ( i ) G-Counter o = q : λ s . s G-Counter ′ o =    i ∈I t : inc         t : (inc , i )   u : λ s , p . s + 1     u : λ s , p . s { i �→ s ( i ) + 1 } Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 22 / 50

  56. Background op-based CRDTs op- and state-based trade-offs state-based CRDTs are resilient to degenerate network behaviors, such as delaying, dropping, and reordering messages in transit, but suffer from large payload size op-based CRDTs have relatively small payload size, but require that the network deliver messages at-most-once Is there a middle ground? Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 23 / 50

  57. Background op-based CRDTs op- and state-based trade-offs state-based CRDTs are resilient to degenerate network behaviors, such as delaying, dropping, and reordering messages in transit, but suffer from large payload size op-based CRDTs have relatively small payload size, but require that the network deliver messages at-most-once Is there a middle ground? Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 23 / 50

  58. Background op-based CRDTs op- and state-based trade-offs state-based CRDTs are resilient to degenerate network behaviors, such as delaying, dropping, and reordering messages in transit, but suffer from large payload size op-based CRDTs have relatively small payload size, but require that the network deliver messages at-most-once Is there a middle ground? Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 23 / 50

  59. Background op-based CRDTs op- and state-based trade-offs state-based CRDTs are resilient to degenerate network behaviors, such as delaying, dropping, and reordering messages in transit, but suffer from large payload size op-based CRDTs have relatively small payload size, but require that the network deliver messages at-most-once Is there a middle ground? Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 23 / 50

  60. δ -state CRDTs δ -state CRDTs Like state-based CRDTs, a δ -state CRDT is a 5-tuple: ( S , s 0 , q , u δ , m δ ) [Almeida et al., 2018]. u δ produces an δ -mutation , which is representative of the update. m δ is capable of merging a state s ∈ S with the δ -mutation produced by u δ . Goal: the size of a δ mutation should be smaller than the state. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 24 / 50

  61. δ -state CRDTs Example δ -state CRDT Recall the original state-based G-Set, and consider how it might be represented as a δ -state CRDT:  S : P ( X )    s 0 : {}     G-Set s ( X ) = q : λ x . x ∈ s   u : λ x . s ∪ { x }      m : λ s 1 , s 2 . s 1 ∪ s 2 Observe that both u : S → S → S and u δ : S → S → S . Standard requirement from Almeida et al. [2018] (they let S for the G-Counter be S : I ֒ → N ). Not a requirement in this work. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 25 / 50

  62. δ -state CRDTs Example δ -state CRDT Recall the original state-based G-Set, and consider how it might be represented as a δ -state CRDT:  S : P ( X )    s 0 : {}      q : λ x . x ∈ s G-Set δ ( X ) =  u δ : λ x . { x }       m δ : λ s 1 , s 2 . s 1 ∪ s 2  Observe that both u : S → S → S and u δ : S → S → S . Standard requirement from Almeida et al. [2018] (they let S for the G-Counter be S : I ֒ → N ). Not a requirement in this work. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 25 / 50

  63. δ -state CRDTs Example δ -state CRDT Recall the original state-based G-Set, and consider how it might be represented as a δ -state CRDT:  S : P ( X )    s 0 : {}      q : λ x . x ∈ s G-Set δ ( X ) =  u δ : λ x . { x }       m δ : λ s 1 , s 2 . s 1 ∪ s 2  Observe that both u : S → S → S and u δ : S → S → S . Standard requirement from Almeida et al. [2018] (they let S for the G-Counter be S : I ֒ → N ). Not a requirement in this work. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 25 / 50

  64. δ -state CRDTs Example δ -state CRDT Recall the original state-based G-Set, and consider how it might be represented as a δ -state CRDT:  S : P ( X )    s 0 : {}      q : λ x . x ∈ s G-Set δ ( X ) =  u δ : λ x . { x }       m δ : λ s 1 , s 2 . s 1 ∪ s 2  Observe that both u : S → S → S and u δ : S → S → S . Standard requirement from Almeida et al. [2018] (they let S for the G-Counter be S : I ֒ → N ). Not a requirement in this work. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 25 / 50

  65. δ -state CRDTs Example δ -state CRDT Recall the original state-based G-Set, and consider how it might be represented as a δ -state CRDT:  S : P ( X )    s 0 : {}      q : λ x . x ∈ s G-Set δ ( X ) =  u δ : λ x . { x }       m δ : λ s 1 , s 2 . s 1 ∪ s 2  Observe that both u : S → S → S and u δ : S → S → S . Standard requirement from Almeida et al. [2018] (they let S for the G-Counter be S : I ֒ → N ). Not a requirement in this work. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 25 / 50

  66. δ -state CRDTs Example δ -state CRDT (G-Counter) Let’s consider the state- and δ -state encodings of the G-Counter:  S : N |I|   0   s 0 : [0 , 0 , · · · , 0]       � q : λ s . s ( i ) G-Counter s =  i ∈I     u : λ s , i . s { i �→ s ( i ) + 1 }      m : λ s 1 , s 2 . [max { s 1 ( i ) , s 2 ( i ) } : i ∈ dom( s 1 ) ∪ dom( s 2 )] Use the notation { i �→ x } to encode an update (index, new value) in the vector. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 26 / 50

  67. δ -state CRDTs Example δ -state CRDT (G-Counter) Let’s consider the state- and δ -state encodings of the G-Counter:  S : N |I|   0   s 0 : [0 , 0 , · · · , 0]       � q : λ s . s ( i ) G-Counter s =  i ∈I     u : λ s , i . s { i �→ s ( i ) + 1 }      m : λ s 1 , s 2 . [max { s 1 ( i ) , s 2 ( i ) } : i ∈ dom( s 1 ) ∪ dom( s 2 )] Use the notation { i �→ x } to encode an update (index, new value) in the vector. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 26 / 50

  68. δ -state CRDTs Example δ -state CRDT (G-Counter) Let’s consider the state- and δ -state encodings of the G-Counter:  S : N |I|  0    s 0 : [0 , 0 , · · · , 0]      �  q : λ s . s ( i ) G-Counter δ =  i ∈I   u δ : λ s , i . { i �→ s ( i ) + 1 }       m δ : λ s 1 , s 2 . [max { s 1 ( i ) , s 2 ( i ) } : i ∈ dom( s 1 ) ∪ dom( s 2 )]  Use the notation { i �→ x } to encode an update (index, new value) in the vector. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 26 / 50

  69. δ -state CRDTs SEC & δ -CRDTs? 1 We have a “best-of-both-worlds” CRDT: the δ -state CRDT. 2 Small update payload (more like O (size of update) instead of O ( |I| )). 3 m δ is still elegant: commutative, associative, and idempotent ⇒ weak network requirements (opposed to op-based CRDTs). Big question: does it satisfy SEC? Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 27 / 50

  70. δ -state CRDTs SEC & δ -CRDTs? 1 We have a “best-of-both-worlds” CRDT: the δ -state CRDT. 2 Small update payload (more like O (size of update) instead of O ( |I| )). 3 m δ is still elegant: commutative, associative, and idempotent ⇒ weak network requirements (opposed to op-based CRDTs). Big question: does it satisfy SEC? Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 27 / 50

  71. δ -state CRDTs SEC & δ -CRDTs? 1 We have a “best-of-both-worlds” CRDT: the δ -state CRDT. 2 Small update payload (more like O (size of update) instead of O ( |I| )). 3 m δ is still elegant: commutative, associative, and idempotent ⇒ weak network requirements (opposed to op-based CRDTs). Big question: does it satisfy SEC? Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 27 / 50

  72. δ -state CRDTs SEC & δ -CRDTs? 1 We have a “best-of-both-worlds” CRDT: the δ -state CRDT. 2 Small update payload (more like O (size of update) instead of O ( |I| )). 3 m δ is still elegant: commutative, associative, and idempotent ⇒ weak network requirements (opposed to op-based CRDTs). Big question: does it satisfy SEC? Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 27 / 50

  73. δ -state CRDTs SEC & δ -CRDTs? 1 We have a “best-of-both-worlds” CRDT: the δ -state CRDT. 2 Small update payload (more like O (size of update) instead of O ( |I| )). 3 m δ is still elegant: commutative, associative, and idempotent ⇒ weak network requirements (opposed to op-based CRDTs). Big question: does it satisfy SEC? Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 27 / 50

  74. δ -state CRDTs The rest of the talk 1 Answer the question of “do δ -state CRDTs achieve SEC?” in the affirmative, with a mechanically checked proof. 2 Build our proofs on the work of Gomes et al. [2017], verification library in Isabelle/HOL for op-based CRDTs. 3 State two reductions for viewing state- and δ -state based CRDTs as op-based. 4 Overview of our proofs. 5 Future directions. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 28 / 50

  75. δ -state CRDTs The rest of the talk 1 Answer the question of “do δ -state CRDTs achieve SEC?” in the affirmative, with a mechanically checked proof. 2 Build our proofs on the work of Gomes et al. [2017], verification library in Isabelle/HOL for op-based CRDTs. 3 State two reductions for viewing state- and δ -state based CRDTs as op-based. 4 Overview of our proofs. 5 Future directions. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 28 / 50

  76. δ -state CRDTs The rest of the talk 1 Answer the question of “do δ -state CRDTs achieve SEC?” in the affirmative, with a mechanically checked proof. 2 Build our proofs on the work of Gomes et al. [2017], verification library in Isabelle/HOL for op-based CRDTs. 3 State two reductions for viewing state- and δ -state based CRDTs as op-based. 4 Overview of our proofs. 5 Future directions. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 28 / 50

  77. δ -state CRDTs The rest of the talk 1 Answer the question of “do δ -state CRDTs achieve SEC?” in the affirmative, with a mechanically checked proof. 2 Build our proofs on the work of Gomes et al. [2017], verification library in Isabelle/HOL for op-based CRDTs. 3 State two reductions for viewing state- and δ -state based CRDTs as op-based. 4 Overview of our proofs. 5 Future directions. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 28 / 50

  78. δ -state CRDTs The rest of the talk 1 Answer the question of “do δ -state CRDTs achieve SEC?” in the affirmative, with a mechanically checked proof. 2 Build our proofs on the work of Gomes et al. [2017], verification library in Isabelle/HOL for op-based CRDTs. 3 State two reductions for viewing state- and δ -state based CRDTs as op-based. 4 Overview of our proofs. 5 Future directions. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 28 / 50

  79. CRDT reductions Reduction I: state- to op-based We have a type mismatch: want to verify properties of δ -state CRDTs, but library is designed for verifying op-based CRDTs. Design a reduction from δ -state CRDTs to op-based. Convince ourselves of its correctness. Encode δ -state CRDTs as op-based in Isabelle, write proofs over the encoded CRDTs. Two reductions: state- to op-based, then δ - to op-based. Call these φ state → op and φ δ → op , respectively. First is a “warm-up” to illustrate the general shape of these reductions. Latter is the reduction we use in our proofs. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 29 / 50

  80. CRDT reductions Reduction I: state- to op-based We have a type mismatch: want to verify properties of δ -state CRDTs, but library is designed for verifying op-based CRDTs. Design a reduction from δ -state CRDTs to op-based. Convince ourselves of its correctness. Encode δ -state CRDTs as op-based in Isabelle, write proofs over the encoded CRDTs. Two reductions: state- to op-based, then δ - to op-based. Call these φ state → op and φ δ → op , respectively. First is a “warm-up” to illustrate the general shape of these reductions. Latter is the reduction we use in our proofs. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 29 / 50

  81. CRDT reductions Reduction I: state- to op-based We have a type mismatch: want to verify properties of δ -state CRDTs, but library is designed for verifying op-based CRDTs. Design a reduction from δ -state CRDTs to op-based. Convince ourselves of its correctness. Encode δ -state CRDTs as op-based in Isabelle, write proofs over the encoded CRDTs. Two reductions: state- to op-based, then δ - to op-based. Call these φ state → op and φ δ → op , respectively. First is a “warm-up” to illustrate the general shape of these reductions. Latter is the reduction we use in our proofs. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 29 / 50

  82. CRDT reductions Reduction I: state- to op-based We have a type mismatch: want to verify properties of δ -state CRDTs, but library is designed for verifying op-based CRDTs. Design a reduction from δ -state CRDTs to op-based. Convince ourselves of its correctness. Encode δ -state CRDTs as op-based in Isabelle, write proofs over the encoded CRDTs. Two reductions: state- to op-based, then δ - to op-based. Call these φ state → op and φ δ → op , respectively. First is a “warm-up” to illustrate the general shape of these reductions. Latter is the reduction we use in our proofs. Taylor Blau (University of Washington) Verifying Strong Eventual Consistency in δ -CRDTs June, 2020 29 / 50

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Eventual Consistency In the real world or Why You Already Know Eventual Consistency or

Eventual Consistency In the real world or Why You Already Know Eventual Consistency or

Eventual Consistency In the real world or Why You Already Know Eventual Consistency or Eventual Consistency is better* than Eventual Availability *depending on the use case @roder Matt Heitzenroder We <3 Distributed Systems Basho

423 views • 38 slides
Eventual Consistency Eventual Consistency In the real world In the real world or Why you

Eventual Consistency Eventual Consistency In the real world In the real world or Why you

Eventual Consistency Eventual Consistency In the real world In the real world or Why you already know Eventual Consistency /usr/bin/whoami Chris Molozian Client Services Engineer, Basho EMEA Basho Technologies cmolozian@basho.com 03

371 views • 34 slides
Beyond Peter Bailis and Ali Ghodsi, UC Berkeley - Nomchin Banga Outline Eventual

Beyond Peter Bailis and Ali Ghodsi, UC Berkeley - Nomchin Banga Outline Eventual

Eventual Consistency Today: Limitations, Extensions and Beyond Peter Bailis and Ali Ghodsi, UC Berkeley - Nomchin Banga Outline Eventual Consistency: History and Concepts How eventual is eventual consistency? Programming eventual

734 views • 21 slides
Consistent Storage or Scalable Storage Why Not Both? CONSISTENCY Strong Consistency

Consistent Storage or Scalable Storage Why Not Both? CONSISTENCY Strong Consistency

Consistent Storage or Scalable Storage Why Not Both? CONSISTENCY Strong Consistency Eventual Consistency "Consistency in database systems refers to the requirement that any given database transaction must change affected data only in

668 views • 54 slides
Consistency without consensus: CRDTs in production at SoundCloud Consistency without

Consistency without consensus: CRDTs in production at SoundCloud Consistency without

Consistency without consensus: CRDTs in production at SoundCloud Consistency without consensus: CRDTs in production at SoundCloud Me Some guy Embedded, sensor networks Distributed systems SoundCloud infrastructure Theory Distributed

1.12k views • 86 slides
E ff ortless Eventual Consistency Gossip, CRDTs, and Weave Mesh weave works - Outline Theory

E ff ortless Eventual Consistency Gossip, CRDTs, and Weave Mesh weave works - Outline Theory

E ff ortless Eventual Consistency Gossip, CRDTs, and Weave Mesh weave works - Outline Theory Practice Extension weave works - Outline Theory Gossip CRDT Practice Weave Mesh Weave Net Extension

2.05k views • 185 slides
Fear No More: Embrace Eventual Consistency Sean Cribbs @seancribbs Distributed Systems Experts

Fear No More: Embrace Eventual Consistency Sean Cribbs @seancribbs Distributed Systems Experts

Fear No More: Embrace Eventual Consistency Sean Cribbs @seancribbs Distributed Systems Experts FEAR Photo from Wikimedia ACID vs. BASE ACID vs. BASE Strong consistency Weak consistency Isolation Availability first Focus

775 views • 43 slides
Strong Consistency & CAP Theorem CS 240: Computing Systems and Concurrency Lecture 15 Marco

Strong Consistency & CAP Theorem CS 240: Computing Systems and Concurrency Lecture 15 Marco

Strong Consistency & CAP Theorem CS 240: Computing Systems and Concurrency Lecture 15 Marco Canini Credits: Michael Freedman and Kyle Jamieson developed much of the original material. Consistency models 2PC / Consensus Eventual

654 views • 29 slides
https://www.ucu.org.uk/why-we-are-taking-action-over-USS For details, see our paper at

https://www.ucu.org.uk/why-we-are-taking-action-over-USS For details, see our paper at

https://www.ucu.org.uk/why-we-are-taking-action-over-USS For details, see our paper at https://doi.org/10.1145/3133933 Victor B. F. Gomes, Martin Kleppmann, Dominic P. Mulligan, and Alastair R. Beresford: Verifying Strong Eventual Consistency in

1.13k views • 102 slides
On Verifying Causal Consistency Ahmed Bouajjani, Constantin Enea, Rachid Guerraoui, Jad Hamza

On Verifying Causal Consistency Ahmed Bouajjani, Constantin Enea, Rachid Guerraoui, Jad Hamza

On Verifying Causal Consistency Ahmed Bouajjani, Constantin Enea, Rachid Guerraoui, Jad Hamza IRIF, Universit e Paris Diderot May 2017 Geo-Replicated Data Structures Strong (sequential) consistency 1 S. Gilbert and N. A. Lynch. Brewers

1.6k views • 95 slides
eventual consistency ftw david craelius, cto Klarna in short - Independent, founders still

eventual consistency ftw david craelius, cto Klarna in short - Independent, founders still

eventual consistency ftw david craelius, cto Klarna in short - Independent, founders still majority owners - Delivering online payments not built on top of the traditional VISA/MC stack - Aim to double each year - > 100M turnover 2012

347 views • 22 slides
CRDTs in Practice Marc Shapiro Inria & UPMC Nuno Preguia U. NOVA Cloud to the edge

CRDTs in Practice Marc Shapiro Inria & UPMC Nuno Preguia U. NOVA Cloud to the edge

CRDTs in Practice Marc Shapiro Inria & UPMC Nuno Preguia U. NOVA Cloud to the edge Social, web, e-commerce: shared mutable data Scalability replication consistency issues 2 [CRDTs in practice CodeMesh 2015] Cloud to

876 views • 49 slides
Eventual Consistency: Bayou CS 240: Computing Systems and Concurrency Lecture 13 Marco Canini

Eventual Consistency: Bayou CS 240: Computing Systems and Concurrency Lecture 13 Marco Canini

Eventual Consistency: Bayou CS 240: Computing Systems and Concurrency Lecture 13 Marco Canini Credits: Michael Freedman and Kyle Jamieson developed much of the original material. Selected content adapted from B. Karp, R. Morris. Availability

627 views • 47 slides
Footloose: A Case for Physical Footloose: A Case for Physical Eventual Consistency and Eventual

Footloose: A Case for Physical Footloose: A Case for Physical Eventual Consistency and Eventual

Footloose: A Case for Physical Footloose: A Case for Physical Eventual Consistency and Eventual Consistency and Selective Conflict Resolution Selective Conflict Resolution Justin Mazzola Mazzola Paluska Paluska Justin David Saff Saff, Tom

498 views • 22 slides
Robustness against Parallel Snapshot Isolation Giovanni Bernardi jointly with Andrea Cerone

Robustness against Parallel Snapshot Isolation Giovanni Bernardi jointly with Andrea Cerone

Robustness against Parallel Snapshot Isolation Giovanni Bernardi jointly with Andrea Cerone Alexey Gotsman 1 / 22 strong consistency weak consistency Eventual Consistency, Sequential DB Causal Consistency, Parallel Snapshot Isolation

361 views • 22 slides
Papers INES Sombra @ Randommood Caitie McCaffrey @ Caitie Distributed Systems academic

Papers INES Sombra @ Randommood Caitie McCaffrey @ Caitie Distributed Systems academic

We hear you like Papers INES Sombra @ Randommood Caitie McCaffrey @ Caitie Distributed Systems academic Papers our Journey today Eventual Consistency System Verification Eventual Consistency Thinking Consistency 1995 2002

806 views • 58 slides
Replication Distilled: Hazelcast Deep Dive Ensar Basri Kahveci Hazelcast Hazelcast The

Replication Distilled: Hazelcast Deep Dive Ensar Basri Kahveci Hazelcast Hazelcast The

Replication Distilled: Hazelcast Deep Dive Ensar Basri Kahveci Hazelcast Hazelcast The leading open source Java IMDG Distributed Java collections, concurrency primitives, ... Distributed computations, messaging, ... In-Memory

542 views • 40 slides
Consistency, Completeness, and Classicality Adam P renosil Institute of Computer Science,

Consistency, Completeness, and Classicality Adam P renosil Institute of Computer Science,

Consistency, Completeness, and Classicality Adam P renosil Institute of Computer Science, Academy of Sciences of the Czech Republic 18 June 2015, Hejnice Logica 2015 Adam P renosil Consistency, Completeness, and Classicality 1 / 20

571 views • 32 slides
Using Word Embeddings to Enforce Document-Level Lexical Consistency in Machine Translation Eva

Using Word Embeddings to Enforce Document-Level Lexical Consistency in Machine Translation Eva

Using Word Embeddings to Enforce Document-Level Lexical Consistency in Machine Translation Eva Martnez Garcia Carles Creus Cristina Espaa-Bonet Llus Mrquez EAMT 2017 May 30th Prague Outline Motivation 1 Lexical Consistency

808 views • 47 slides
8. Ordinary Differential Equations Indispensable for many technical applications! 8. Ordinary

8. Ordinary Differential Equations Indispensable for many technical applications! 8. Ordinary

Introduction Approximation of IVP with FD Consistency and Convergence Multistep Methods Stiff Problems Applications 8. Ordinary Differential Equations Indispensable for many technical applications! 8. Ordinary Differential Equations

575 views • 30 slides
(In)consistency of the combinatorial codifferential Gantumur Tsogtgerel (McGill University) Joint

(In)consistency of the combinatorial codifferential Gantumur Tsogtgerel (McGill University) Joint

(In)consistency of the combinatorial codifferential Gantumur Tsogtgerel (McGill University) Joint work with Douglas Arnold, Richard Falk, Johnny Guzmn Joint Mathematics Meetings San Diego Friday January 11, 2013 The question Recall the

458 views • 14 slides
NETWORK MODELS ECE 422 DATA COMMUNICATION & COMPUTER NETWORKS Wednesday, 12 February 2020

NETWORK MODELS ECE 422 DATA COMMUNICATION & COMPUTER NETWORKS Wednesday, 12 February 2020

NETWORK MODELS ECE 422 DATA COMMUNICATION & COMPUTER NETWORKS Wednesday, 12 February 2020 1 WHAT IS A COMPUTER NETWORK? 1. A Computer network is a combination of hardware and software that sends data from one location to another. 2. A

638 views • 31 slides
RFC 821 SIMPLE MAIL TRANSFER PROTOCOL Jonathan B. Postel August 1982 Information Sciences

RFC 821 SIMPLE MAIL TRANSFER PROTOCOL Jonathan B. Postel August 1982 Information Sciences

RFC 821 SIMPLE MAIL TRANSFER PROTOCOL Jonathan B. Postel August 1982 Information Sciences Institute University of Southern California 4676 Admiralty Way Marina del Rey, California 90291 (213) 822-1511 RFC 821

1.3k views • 72 slides
Airspace Seminar and NMB Public Meeting Thursday 7 December 2017 Andy Sinclair HEAD AIRSPACE

Airspace Seminar and NMB Public Meeting Thursday 7 December 2017 Andy Sinclair HEAD AIRSPACE

Airspace Seminar and NMB Public Meeting Thursday 7 December 2017 Andy Sinclair HEAD AIRSPACE STRATEGY & ENGAGEMENT 1 Programme 0930-1000 Introduction and welcome Andy Sinclair, Head of Airspace Strategy 1000-1030 Noise Management

412 views • 20 slides

More recommend