distributed resources in cyberspace joel crichlow, ph.d
TRANSCRIPT
Distributed Resources in Cyberspace
Joel Crichlow, Ph.D
Management issues
Naming and AddressingSharingAvailability and ReliabilityReplicationPrivacy and Security
Accessing issues
CommunicationConcurrencyTimeFailure
Naming and AddressingIdentify•node/group/user•root-directory/sub-directory/filename
Locate/FindLocation IndependenceMappingName Servers
Name servers Allocate the address translation responsibilities to a name server
Users use symbolic names with which they interact with the client machines
The clients communicate with a name server which does the name to address resolution
Client
Other
server
Name
Server 1
2
3
Domain Name SystemDistributed Name ServiceMulti-level set of domainsPartitioningReplicationCachingIPv4 (32 bits), IPv6 (128 bits)
DNSIpv4 address Formats
8 bits 8 bits 8 bits 8 bits Class A
0 Network Host Class B
10 Network Host Class C
110 Network Host Class D
1110 Multicast address Class E
11110 Reserved for future use
DNS A slow but steady transition to IPv6 is taking place IPv6 is not interoperable with IPv4 therefore a transition technology is needed
Tunneling places IPv6 packets within IPv4 packets
The Dual-stack implementation allows both protocols to run in the same network
v6 v6 V4 v6
Sharing
Access ControlSchedulingAllocationSharing Primary Memory
SharingAccess Control List – ACL
Per resource list
R – Read, W – Write, E – Execute
ACL for Resource 0
Staff RE
System RWE
Student R
SharingCapability List – CL
R – Read, W – Write, E – Execute
System Class CL Resource 0 CL
Resource0 Capability with RWE Capability with RWE
Resource1 Capability with RE Capability with RE
Resource2 Capability with E Capability with E
SharingScheduling• Pool of identical resources• Only one resource
Allocation• Local vs remote resources• Mutually exclusive access• Indefinite postponement
HardwareSoftware• Consistency
Sharing Primary MemoryDistributed Shared MemoryShareable Unit• Physical block• Logical block
SynchronizationConsistency
Availability and Reliability
PerformanceService OutcomesHow ReachableLANWAN
Availability and ReliabilityWAN
◦ The number of possible routes through the network between user and resource
◦ The channel capacity through the various communication links
◦ The communication protocols employed
Availability and ReliabilityProcessor and Memory Upgrades
◦Faster Processor◦More Memory◦Caches◦Secondary Memory
Caching
Locality principleCache consistencyCacheable and non-cacheable dataMemcached
Availability and Reliability
Software Design
SERVER
queue
client client client
Availability and ReliabilityDatabases
◦ Partitioning◦ Replication◦ Replicated Dictionary◦ Queries and Sub-queries
Example QueryMake a reservation for Dorothy Swift on a red sports car to be picked up in New York on (date and time given), a small hatch-back to be picked up by Jill Plain in Los Angeles on (date and time given) and a station wagon for Jack Baggage in London on (date and time given).
Availability and Reliability• Find the relevant relations (or objects) quickly.• A replicated dictionary is required.• Once the relations (objects) are located, a decision must be
made quickly on what should be shipped.• The request can be split into three sub-queries.
ReplicationMaintaining copies of resources at separate nodes in the network can:• Improve the pattern of communication traffic• Help load sharing• Reduce response times• Offer an alternative when a resource becomes
unavailable
Replication How many Copies?
Replicas as members of a Group
Membership Service◦ CreateGroup◦ JoinGroup◦ LeaveGroup◦ A member may leave the group voluntarily or through
failure
Privacy and SecurityProtectionCryptographySecret Key CryptographyPublic Key CryptographyDigital Signatures
CryptographyBlock diagram of cryptographic message transfer from A to B
Secret Key Distribution
Public Key Authentication
key, plaintext
Encryption algo.
ciphertext
Principal A
ciphertext
Decryption algo.
plaintext
Principal B
key
Digital SignaturesVerification of electronic documentPublic key cryptography provides a simple mechanism for digital signaturesPrincipal A can send a signed message M to principal B with two levels of encryption as follows: EKB{DKA{M}}
CommunicationRemote Procedure Call (RPC)Remote Method Invocation (RMI)Message Passing• MPI
Sockets and Streams
Remote Procedure Call (RPC)RPC with five modules: • Client, Client-stub, Server, Server-stub and Communications Package
Synchronous
Parameter marshalling
Client
Client
stub
Server
Server
stub Com. package
Com. package
Client Machine Server Machine
Message Passing
a b
Port 1Port2 Kernel
• A sends message to B via Port 2.• B sends message to A via Port 1.• A and B each polls its port to receive
message.
ConcurrencyCritical SectionsDistributed DeadlockTimestampsTwo-Phase LockReplica Control• Pessimistic• Optimistic
Concurrency Timestamps
◦ Time stamping is a mechanism for enforcing ordered access to shared resources
Two-Phase Lock◦ In the first phase a process must acquire locks on all the
required resources◦ In the second phase the locks are released◦ Centralized Lock Controller
ConcurrencyReplica ControlPessimistic, OptimisticMajority ConsensusVotingPrimary Node
TimeLogical Clocks
◦ Happened before◦ Within any sequential process it can be observed that an
event a happened before an event b◦ If event a is the sending of a message from one process
and event b is the receiving of that message by another process then a happened before b
TimePhysical ClocksUniversal Coordinated Time (UTC)Time ServerCristian’s algorithmThe Berkeley algorithmNetwork Time Protocol (NTP)
FailureLost MessagesFailed Nodes• Stateless Node• Atomic Update• Available Copies
Partitioning
Lost messagesA message is considered lost by the sender if an outcome associated with the receipt of that message has not materialized.The lost of messages is normally dealt with by setting time-out intervals and re-sending the message some number of times.Sequentially numbering (or timestamping) the messages is a useful technique that can be employed to distinguish messages.
Lost messagesWhat is the allowable range of sequence numbers?For how long can a message get stuck somewhere in the network and then turn up at your ‘doorstep’?How many timestamps of received messages will have to be saved in order to be able to spot the duplicate messages?What if a node crashes and loses its record of numbers?
Failed nodesCrash failure while participating in a ‘resource access’ operationFailed node is a coordinator or leaderStateless nodeAtomic update• Two phase commit
Available copies (AC) protocol• Allows read access to any copy and write access to all
available copies
FailurePartitioning
broken link
a
c
b
d e
failed
node
e d
c
a b
FailurePartitioning
◦ Distinguished Partition◦ Quorum or Vote adjustment◦ Dynamic Voting◦ Dynamic Linear◦ Optimistic schemes
Conclusion We looked at:
Managing Distributed Resources◦ Naming and Addressing◦ Sharing◦ Availability and Reliability◦ Replication◦ Privacy and Security
Accessing Distributed Resources◦ Communication◦ Concurrency◦ Time◦ Failure