distributed resources in cyberspace joel crichlow, ph.d

Distributed Resources in Cyberspace

Joel Crichlow, Ph.D

Management issues

Naming and AddressingSharingAvailability and ReliabilityReplicationPrivacy and Security

Accessing issues

CommunicationConcurrencyTimeFailure

Naming and AddressingIdentify•node/group/user•root-directory/sub-directory/filename

Locate/FindLocation IndependenceMappingName Servers

Name servers Allocate the address translation responsibilities to a name server

Users use symbolic names with which they interact with the client machines

The clients communicate with a name server which does the name to address resolution

Client

Other

server

Name

Server 1

2

3

Domain Name SystemDistributed Name ServiceMulti-level set of domainsPartitioningReplicationCachingIPv4 (32 bits), IPv6 (128 bits)

DNSIpv4 address Formats

8 bits 8 bits 8 bits 8 bits Class A

0 Network Host Class B

10 Network Host Class C

110 Network Host Class D

1110 Multicast address Class E

11110 Reserved for future use

DNS A slow but steady transition to IPv6 is taking place IPv6 is not interoperable with IPv4 therefore a transition technology is needed

Tunneling places IPv6 packets within IPv4 packets

The Dual-stack implementation allows both protocols to run in the same network

v6 v6 V4 v6

Sharing

Access ControlSchedulingAllocationSharing Primary Memory

SharingAccess Control List – ACL

Per resource list

R – Read, W – Write, E – Execute

ACL for Resource 0

Staff RE

System RWE

Student R

SharingCapability List – CL

R – Read, W – Write, E – Execute

System Class CL Resource 0 CL

Resource0 Capability with RWE Capability with RWE

Resource1 Capability with RE Capability with RE

Resource2 Capability with E Capability with E

SharingScheduling• Pool of identical resources• Only one resource

Allocation• Local vs remote resources• Mutually exclusive access• Indefinite postponement

HardwareSoftware• Consistency

Sharing Primary MemoryDistributed Shared MemoryShareable Unit• Physical block• Logical block

SynchronizationConsistency

Availability and Reliability

PerformanceService OutcomesHow ReachableLANWAN

Availability and ReliabilityWAN

◦ The number of possible routes through the network between user and resource

◦ The channel capacity through the various communication links

◦ The communication protocols employed

Availability and ReliabilityProcessor and Memory Upgrades

◦Faster Processor◦More Memory◦Caches◦Secondary Memory

Caching

Locality principleCache consistencyCacheable and non-cacheable dataMemcached

Availability and Reliability

Software Design

SERVER

queue

client client client

Availability and ReliabilityDatabases

◦ Partitioning◦ Replication◦ Replicated Dictionary◦ Queries and Sub-queries

Example QueryMake a reservation for Dorothy Swift on a red sports car to be picked up in New York on (date and time given), a small hatch-back to be picked up by Jill Plain in Los Angeles on (date and time given) and a station wagon for Jack Baggage in London on (date and time given).

Availability and Reliability• Find the relevant relations (or objects) quickly.• A replicated dictionary is required.• Once the relations (objects) are located, a decision must be

made quickly on what should be shipped.• The request can be split into three sub-queries.

ReplicationMaintaining copies of resources at separate nodes in the network can:• Improve the pattern of communication traffic• Help load sharing• Reduce response times• Offer an alternative when a resource becomes

unavailable

Replication How many Copies?

Replicas as members of a Group

Membership Service◦ CreateGroup◦ JoinGroup◦ LeaveGroup◦ A member may leave the group voluntarily or through

failure

Privacy and SecurityProtectionCryptographySecret Key CryptographyPublic Key CryptographyDigital Signatures

CryptographyBlock diagram of cryptographic message transfer from A to B

Secret Key Distribution

Public Key Authentication

key, plaintext

Encryption algo.

ciphertext

Principal A

ciphertext

Decryption algo.

plaintext

Principal B

key

Digital SignaturesVerification of electronic documentPublic key cryptography provides a simple mechanism for digital signaturesPrincipal A can send a signed message M to principal B with two levels of encryption as follows: EKB{DKA{M}}

CommunicationRemote Procedure Call (RPC)Remote Method Invocation (RMI)Message Passing• MPI

Sockets and Streams

Remote Procedure Call (RPC)RPC with five modules: • Client, Client-stub, Server, Server-stub and Communications Package

Synchronous

Parameter marshalling

Client

Client

stub

Server

Server

stub Com. package

Com. package

Client Machine Server Machine

Message Passing

a b

Port 1Port2 Kernel

• A sends message to B via Port 2.• B sends message to A via Port 1.• A and B each polls its port to receive

message.

ConcurrencyCritical SectionsDistributed DeadlockTimestampsTwo-Phase LockReplica Control• Pessimistic• Optimistic

Concurrency Timestamps

◦ Time stamping is a mechanism for enforcing ordered access to shared resources

Two-Phase Lock◦ In the first phase a process must acquire locks on all the

required resources◦ In the second phase the locks are released◦ Centralized Lock Controller

ConcurrencyReplica ControlPessimistic, OptimisticMajority ConsensusVotingPrimary Node

TimeLogical Clocks

◦ Happened before◦ Within any sequential process it can be observed that an

event a happened before an event b◦ If event a is the sending of a message from one process

and event b is the receiving of that message by another process then a happened before b

TimePhysical ClocksUniversal Coordinated Time (UTC)Time ServerCristian’s algorithmThe Berkeley algorithmNetwork Time Protocol (NTP)

FailureLost MessagesFailed Nodes• Stateless Node• Atomic Update• Available Copies

Partitioning

Lost messagesA message is considered lost by the sender if an outcome associated with the receipt of that message has not materialized.The lost of messages is normally dealt with by setting time-out intervals and re-sending the message some number of times.Sequentially numbering (or timestamping) the messages is a useful technique that can be employed to distinguish messages.

Lost messagesWhat is the allowable range of sequence numbers?For how long can a message get stuck somewhere in the network and then turn up at your ‘doorstep’?How many timestamps of received messages will have to be saved in order to be able to spot the duplicate messages?What if a node crashes and loses its record of numbers?

Failed nodesCrash failure while participating in a ‘resource access’ operationFailed node is a coordinator or leaderStateless nodeAtomic update• Two phase commit

Available copies (AC) protocol• Allows read access to any copy and write access to all

available copies

FailurePartitioning

broken link

a

c

b

d e

failed

node

e d

c

a b

FailurePartitioning

◦ Distinguished Partition◦ Quorum or Vote adjustment◦ Dynamic Voting◦ Dynamic Linear◦ Optimistic schemes

Conclusion We looked at:

Managing Distributed Resources◦ Naming and Addressing◦ Sharing◦ Availability and Reliability◦ Replication◦ Privacy and Security

Accessing Distributed Resources◦ Communication◦ Concurrency◦ Time◦ Failure