470 likes | 496 Views
Explore the nuances of data store consistency levels in declarative programming over eventually consistent data stores. Learn about strong consistency, linearizability, and serializability in application invariants. Can we automate mapping requirements to consistency levels? Our solution offers a classification scheme and a specification language for expressing store consistency guarantees. Dive into replicated data store systems and primitive relations like visibility and session order. Also, discover a Haskell library for Eventually Consistent Data Stores with case studies and evaluation.
E N D
Declarative Programming over Eventually Consistent Data Stores Gowtham Kaki Suresh Jagannathan KC Sivaramakrishnan
Http Http Http Http Stateless AppServer AppServer AppServer Cache Cache Cache Cache Consistency, Integrity, Durability, Availability, etc.
Account balances should be non-negative Usernames should be unique Only bona fide bids are accepted in an auction. Application invariants Strong consistency Linearizability & Serializability
INTERNET ☐ Strongly consistent, but not “always on” ☐ Be “always on”, but no strong consistency Eventual Consistency ∞ (convergence)
Session 1 //init balance = 0 deposit(100) ? get_balance() Store Consistency Levels Basic eventual Read-my-writes Read-my-writes Causal Read committed Monotonic writes Parallel Snapshot Isolation Bounded staleness Eventually Consistent Data Stores INTERNET
Session 1 Session 1 //init balance = 0 deposit(100) 0 get_balance() //init balance = 0 deposit(100) ??? get_balance() Replica 1 Replica 1 bal=0 bal=100 bal=100 bal=0 Replica 2 Eventual Consistency Read-my-writes consistency Replica 2 Store Consistency Levels Basic eventual Read-my-writes Read-my-writes Causal Read committed Monotonic writes Parallel Snapshot Isolation Bounded staleness Eventually Consistent Data Stores INTERNET
Session 1 Session 1 //init balance = 0 deposit(100) 0 get_balance() //init balance = 0 deposit(100) 100 get_balance() Replica 1 Replica 1 bal=100 bal=100 bal=100 bal=0 Replica 2 Eventual Consistency Read-my-writes consistency Replica 2 Store Consistency Levels Basic eventual Read-my-writes Read-my-writes Causal Read committed Monotonic writes Parallel Snapshot Isolation Bounded staleness Eventually Consistent Data Stores INTERNET
Application invariants deposit() withdraw() tweet() bid() Store Consistency Levels Basic eventual Read-my-writes Causal Read committed Monotonic writes Parallel Snapshot Isolation Bounded staleness Eventually Consistent Data Stores INTERNET
Application invariants deposit() withdraw() tweet() bid() Can we automate the process of mapping application requirements to store consistency levels? Store Consistency Levels Basic eventual Read-my-writes Causal Read committed Monotonic writes Parallel Snapshot Isolation Bounded staleness Eventually Consistent Data Stores INTERNET
Our solution … Classification Scheme An algorithm to … Application requirements Store consistency guarantees Map • Sound. • Optimal • Unique usernames. • Non-negative balance. • Bona fide bids. • Read-my-writes consistency • Causal consistency • Read committed isolation level • Repeatable read isolation level SpecificationLanguage A common medium to express both.
Prelims - System Model Replicated Data Store Replica 1 Replica n Deposit(200) Withdraw(10) …… Deposit(200) Withdraw(20) Withdraw(10) …… Visibility (Vis) …… Vis getBalance getBalance Session 1 Session n v1 = getBalance(); …… v2 = getBalance(); …… Session Order (SO)
Specification Language • Axiomatically capture set of valid executions • Associate with each operationa single abstract effect • Express relationshipbetween effects • Visibility (vis), Session order (so), Same object (sameobj) Primitive relations Happens-before
Replicated Bank Account (1) balance >= 0 violated vis a b Session 2 Session 1 vis //init balance = 100 withdraw(70); //init balance = 100 withdraw(70);
Bank Account Contracts (2) vis b a vis vis c getbalance () 50 getbalance () Session 1 Session 2 Session 3 deposit(100) withdraw(50) -50 A.getbalance ()
Capturing Store Consistency Levels Eventual Consistency Causal Consistency Strong Consistency
Classification Scheme Decidable Automatically discharged with the help of Z3 SMT solver. Eventual Consistency Causal Consistency • deposit EC • withdraw SC • getBalance CC Strong Consistency
Transactions • Generalizing to transactions is easy. • Add single primitive relation - sametxn(a,b) • Derived relation: • Isolation guarantees of stores can now be specified. Read Committed oper2(…) oper3(…) Txn 1 (current) Txn 2 (committed) vis a b oper1(…) oper2(…) vis c
Read Committed Monotonic atomic view Repeatable Read
Haskell library for Eventually Consistent Data Stores (ECDS) • Definition language define operations and transactions on replicated data. • Specification language specify consistency and isolation requirements. GHC DEFS + Quelea Data Store
Evaluation • Correctness with classification vs without classification • How do they compare in terms of availability? • StrongRep: Strong Replication • NoRep: No Replication • Experimental Setup: • Amazon EC2; 5 replicas (StrongRep& Quelea); 1 replica (NoRep) • Gradually increased # of concurrent clients from 128 to 1024.
Conclusion • Quelea Haskell-library for programming ECDS • Automatic classification of operation and transaction contracts through SMT solver • Leveraging off-the-shelf ECDS • Avoid re-engineering complex systems • Makes it practical! http://kcsrk.info/Quelea
State Summarization • Summarization is essential to check the unbounded growth of the log. • How is summarization done? • Ask developer for summarization semantics. • Replace (many) original effects with (few) summary effects.
Monotonic Reads … like “monotonic reads” (roughly requiring that time doesn’t appear to go backward) . … So, if we want to build an available system providing the monotonic reads session guarantee, we can ensure that read operations only return writes when the writes are present on all servers.
In the paper • Stronger eventual consistency • Highly available transaction support • Summarization
System Model Quelea Data Store Effects R1 R2 Rn A {d10,w2} B {d9} A {d10,w2} B {d9} A {d10,w2} B {d9} Alice Bob …… Session 2 Session n Session 1 d5 …… B.deposit($5) B.withdraw($6) Session Order w6
System Model Quelea Data Store R1 R2 Rn A {d10,w2} B {d9} A {d10,w2} B {d9} A {d10,w2} B {d9} Alice Bob …… Session n Session 1 Session 2 d5 …… B.deposit($5) B.withdraw($6) Session Order w6
System Model Quelea Data Store R1 R2 Rn A {d10,w2} B {d9,d5} A {d10,w2} B {d9} A {d10,w2} B {d9,w6} Alice Bob …… w6 d5 Session 2 Session 1 Session n d5 …… B.deposit($5) B.withdraw($6) Session Order w6
System Model Quelea Data Store R1 R2 Rn A {d10,w2} B {d3,d5,w6} A {d10,w2} B {d3,d5,w6} A {d10,w2} B {d3,d5,w6} Alice Bob …… Session 2 Session n Session 1 d5 …… B.deposit($5) B.withdraw($6) Session Order w6
System Model Quelea Data Store A {d10,w2} B {d3,d5,w6} R1 …… Alice Bob gb vis Session 1 d5 …… B.deposit($5) B.withdraw($6) v1 = B.getBalance() w6 gb
System Model Quelea Data Store A {d10,w2} B {d3,d5,w6} R1 …… Alice Bob gb vis Session 1 d5 …… B.deposit($5) B.withdraw($6) v1 = $3+$5–$6 = $2 w6 gb
System Model Replicated Data Store Replica 1 Replica n Deposit(200) Withdraw(10) Deposit(10) …… Deposit(200) Withdraw(20) Withdraw(10) …… …… Session 1 Session n getBalance; …… withdraw(6); …… Session Order (SO)
Replicated Bank Account (2) vis b a vis vis c 50 getbalance () getbalance () Session 1 Session 2 Session 3 deposit(100) withdraw(50) -50 getbalance ()
Replicated Bank Account (1) Session 1 Session 2 bal = A.getBalance(); If (bal ≥ 70) A.withdraw(70); A.withdraw(70);
Replicated Bank Account (1) SO b a Session 1 c Session 2 Session 1 Session 2 100 = A.getBalance(); If (100 ≥ 70) A.withdraw(70); a A.withdraw(70); c b
Replicated Bank Account (1) SO b a Session 1 VIS c Session 2 Session 2 Session 1 100 = A.getBalance(); If (100 ≥ 70) A.withdraw(70); a A.withdraw(70); c b
Replicated Bank Account (1) Required invariant: balance >= 0 SO b a Session 1 VIS c Session 2
Replicated Bank Account (1) Session 2 Session 1 //init balance = 100 withdraw(70); //init balance = 100 withdraw(70);
Transactions • Allows compositionof operations. • Serializable transactions are unavailable • Highly available transactions (HAT) • Atomic, but relaxed Isolation. • Isolation levels: read committed, repeatable read, monotonic atomic view, etc. • Express foreign key constraints, secondary indexesetc. • Choosing the correct isolation guarantee is an error-prone process • Automate it through specifications and classification! • sametxn(a,b)
Case Study - RUBiS • Application Invariants: • Canceling a bid must not violate data integrity • A bidder must see all bids placed in the current session • … • An “e-Bay”-like auction site
INTERNET ☐ Strongly consistent, but not “always on” ☐ Be “always on”, but no strong consistency Eventual Consistency ∞ (convergence)