100 likes | 203 Views
SA Я VS. Scalable Available Reliable Voting System. Architecture. System Components. Touch Screens Terminals: With GUI to enable citizens to enter their NID and chooses a candidate. Load Balancers:
E N D
SAЯVS Scalable Available Reliable Voting System
System Components • Touch Screens Terminals: • With GUI to enable citizens to enter their NID and chooses a candidate. • Load Balancers: • Distributes requests between different Business Nodes even in different racks (just in case a whole rack is down). • Business Nodes: • Cheap commodity servers, used to host the business layer of the system. • Communicating to external services (i.e. National ID DB interface). • Perform onsite validation related to the request in hand. • Obliterate user’s identity. • By replacing user’s NID with a corresponding hash code. • Push the request farther to be persisted.
System Components • Persistence Master: • Manages the Data Source Nodes to provide highly available, scalable, reliable persistence model. • Provide and monitor leases between the Alfa DSN and BN. • In Memory Data Structure: • Tracks the DSN and BN leases. • Tracks each Alfa DSN and its secondary replicas (location, status, etc..). • Tracks and monitor the utilization percentage of each Alfa DSN. • Operation Log: • Is the persisted version of the in memory data structure • Incase of a failure in the Persistence Master, a mirrored machine can be started and be fully aware of the environment status through replaying the operation logs.
System Components • Data Source Nodes: • Used to persist the requests received from the BN. • Each Alfa Data Source Node has two more secondary replicas. • The BN communicates directly with the Alfa DSN (to avoid creating a bottle nick at the PM). • The Alfa DSN is responsible of updating its own replicas with the requests it receives.
How it all fits together • User enters his NID and chooses his candidate via the touch screens terminals. • Request is sent to a load balancer. • Business nodes (BN) starts the validation process. • Connect to the national DB interface. • Validate the person to be alive and any other validation related to the civil state (i.e. biometrics validation). • Validation fails, error is reported back to touch screen terminals, and the process ends here. • If it is the first time that BN persists a vote, the BN will request a lease to one of the Alfa Data Source Nodes (ADSN) via the Persistence Master (PM).
How it all fits together • Choice of the lease will be heavily dependent on the following: • Utilization of ADSN (as a start each DSN is configured to hold up to 5M records). • Each successful vote persistence is sent to the PM to keep tack of the utilization percentage of each ADSN. • Nearest ADSN to the BN. • The number of live secondary replicas. • Lease is provided to the BN and notification is sent to the ADSN. • BN caches the lease information and starts communicating directly to the ADSN. • The PM can break the lease if the ADSN became over-utilized, and provide a new lease for an under-utilized one.
How it all fits together • Alfa DSN receives the request and persist it and resend the request to the secondary replicas to do the same. • If the Alfa is down, and error is sent to the BN. • BN notifies the PM. • PM leases immediately another Alfa DSN to the BN so it can proceed normally. • PM starts a concurrent process to promote one of the secondary replicas to be an Alfa. • Demotes the Alfa to be a secondary replica. • All the secondary replicas replies with a success, the Alfa DSN sends a success response to the BN and the BN propagates the message to the Touch screen terminals. • If one of the replicas is down, the Alfa replica notifies the PM. • PM creates a missing operation log with the failed replica name, so that once this replica is up and running the missing operation log is replayed at its side to catch up with the other replicas.
How it all fits together • Once the vote is over the PM is asked to consolidate all the data from the Alfas DSN. • At this steps any replicated records can be detected and reported to the authorities. • With a court order the hash code can be reversed to reveal the identity of the person who voted more than once.
Q&A • Any Q?