Papers We Love SF - Sagas - Speaker Deck

Tweet

Tweet

Slide 1

Slide 1 text

Sagas Papers We Love SF

Slide 2

Slide 2 text

Caitie McCaffrey Distributed Systems Engineer @Caitie CaitieM.com

Slide 3

Slide 3 text

No content

Slide 4

Slide 4 text

• Why Sagas? • Sagas Paper • Distributed Sagas • Sagas in Halo 4

Slide 5

Slide 5 text

Systems Used to Be Simple

Slide 6

Slide 6 text

Serializability & ACID

Slide 7

Slide 7 text

SOA/Microservices

Slide 8

Slide 8 text

Two Phase Commit

Slide 9

Slide 9 text

2PC: Prepare Phase

Slide 10

Slide 10 text

2PC: Commit Phase

Slide 11

Slide 11 text

2PC Doesn’t Scale • O(n^2) Messages • Coordinator: Single Point of Failure • Reduced Throughput

Slide 12

Slide 12 text

Spanner Google’s Globally-Distributed Database Corbett et. al.

Slide 13

Slide 13 text

–Corbett et al. “Spanner is Google’s scalable, multi-version, globally distributed, and synchronously- replicated database. It is the first system to distribute data at global scale and support externally-consistent distributed transactions.”

Slide 14

Slide 14 text

“The key enabler of these properties is a new TrueTime API and its implementation…using multiple modern clock references (GPS and atomic clocks).” –Corbett et al.

Slide 15

Slide 15 text

Spanner is Expensive & Proprietary • Custom Hardware & Data-Centers • Synchronization Not Solved

Slide 16

Slide 16 text

Distributed Transactions are Hard & Expensive

Slide 17

Slide 17 text

Can We Do Better?

Slide 18

Slide 18 text

Can We Do Better?

Slide 19

Slide 19 text

Sagas Hector Garcia-Molina, Kenneth Salem Princeton University 1987

Slide 20

Slide 20 text

Sagas are Long Lived Transactions

Slide 21

Slide 21 text

“A Saga is a Long Lived Transaction that can be written as a sequence of transactions that can be interleaved. All transactions in the sequence complete successfully or compensating transactions are ran to amend a partial execution.”

Slide 22

Slide 22 text

A Saga is a Collection of Sub-Transactions T1, T2 … Tn

Slide 23

Slide 23 text

Each Sub-Transaction has a Compensating Transaction C1, C2 … Cn

Slide 24

Slide 24 text

Cn Semantically Undoes Tn

Slide 25

Slide 25 text

Saga Guarantee Either • T1, T2 … Tn or • T1, T2 … Tj, Cj, … C2, C1

Slide 26

Slide 26 text

Trade-Off: Atomicity for Availability

Slide 27

Slide 27 text

Sagas are a Failure Management Pattern

Slide 28

Slide 28 text

Large Single Transaction

Slide 29

Slide 29 text

• Book Hotel (T1 ) • Book Car (T2 ) • Book Flight (T3 ) • Cancel Hotel (C1 ) • Cancel Car (C2 ) • Cancel Flight (C3 ) Sagas

Slide 30

Slide 30 text

Saga Execution Coordinator (SEC)

Slide 31

Slide 31 text

Saga Log • Begin Saga • End Saga • Abort Saga • Begin Ti • End Ti • Begin Ci • End Ci

Slide 32

Slide 32 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) End Book Car Rental (T2 ) Start Book Flight (T3 ) End Book Flight (T3 ) End Saga Successful Saga

Slide 33

Slide 33 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) End Book Car Rental (T2 ) Start Book Flight (T3 ) End Book Flight (T3 ) End Saga Successful Saga

Slide 34

Slide 34 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) End Book Car Rental (T2 ) Start Book Flight (T3 ) End Book Flight (T3 ) End Saga Successful Saga

Slide 35

Slide 35 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) End Book Car Rental (T2 ) Start Book Flight (T3 ) End Book Flight (T3 ) End Saga Successful Saga

Slide 36

Slide 36 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) End Book Car Rental (T2 ) Start Book Flight (T3 ) End Book Flight (T3 ) End Saga Successful Saga

Slide 37

Slide 37 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) End Book Car Rental (T2 ) Start Book Flight (T3 ) End Book Flight (T3 ) End Saga Successful Saga

Slide 38

Slide 38 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) End Book Car Rental (T2 ) Start Book Flight (T3 ) End Book Flight (T3 ) End Saga Successful Saga

Slide 39

Slide 39 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) End Book Car Rental (T2 ) Start Book Flight (T3 ) End Book Flight (T3 ) End Saga Successful Saga

Slide 40

Slide 40 text

Unsuccessful Saga Backwards Recovery

Slide 41

Slide 41 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) Abort Saga Start Compensate Car Rental (C2 ) End Compensate Car Rental (C2 ) Start Compensate Book Hotel (C1 ) End Compensate Book Hotel (C1 ) End Saga Unsuccessful Saga

Slide 42

Slide 42 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) Abort Saga Start Compensate Car Rental (C2 ) End Compensate Car Rental (C2 ) Start Compensate Book Hotel (C1 ) End Compensate Book Hotel (C1 ) End Saga Unsuccessful Saga

Slide 43

Slide 43 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) Abort Saga Start Compensate Car Rental (C2 ) End Compensate Car Rental (C2 ) Start Compensate Book Hotel (C1 ) End Compensate Book Hotel (C1 ) End Saga Unsuccessful Saga

Slide 44

Slide 44 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) Abort Saga Start Compensate Car Rental (C2 ) End Compensate Car Rental (C2 ) Start Compensate Book Hotel (C1 ) End Compensate Book Hotel (C1 ) End Saga Unsuccessful Saga

Slide 45

Slide 45 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) Abort Saga Start Compensate Car Rental (C2 ) End Compensate Car Rental (C2 ) Start Compensate Book Hotel (C1 ) End Compensate Book Hotel (C1 ) End Saga Unsuccessful Saga

Slide 46

Slide 46 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) Abort Saga Start Compensate Car Rental (C2 ) End Compensate Car Rental (C2 ) Start Compensate Book Hotel (C1 ) End Compensate Book Hotel (C1 ) End Saga Unsuccessful Saga

Slide 47

Slide 47 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) Abort Saga Start Compensate Car Rental (C2 ) End Compensate Car Rental (C2 ) Start Compensate Book Hotel (C1 ) End Compensate Book Hotel (C1 ) End Saga Unsuccessful Saga

Slide 48

Slide 48 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) Abort Saga Start Compensate Car Rental (C2 ) End Compensate Car Rental (C2 ) Start Compensate Book Hotel (C1 ) End Compensate Book Hotel (C1 ) End Saga Unsuccessful Saga

Slide 49

Slide 49 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) Abort Saga Start Compensate Car Rental (C2 ) End Compensate Car Rental (C2 ) Start Compensate Book Hotel (C1 ) End Compensate Book Hotel (C1 ) End Saga Unsuccessful Saga

Slide 50

Slide 50 text

Begin Saga Start Book Hotel (T1 ) End Book Hotel (T1 ) Start Book Car Rental (T2 ) Abort Saga Start Compensate Car Rental (C2 ) End Compensate Car Rental (C2 ) Start Compensate Book Hotel (C1 ) End Compensate Book Hotel (C1 ) End Saga Unsuccessful Saga

Slide 51

Slide 51 text

–Molina et. al “Due to space limitations, we only discuss Sagas in a centralized System, although clearly they can be implemented in a distributed database system.” Sagas in Distributed Systems

Slide 52

Slide 52 text

SOA/Microservices

Slide 53

Slide 53 text

\ • Book Hotel (T1 ) • Book Car (T2 ) • Book Flight (T3 ) • Cancel Hotel (C1 ) • Cancel Car (C2 ) • Cancel Flight (C3 ) Requests instead of Transactions

Slide 54

Slide 54 text

A Distributed Saga is a Collection of Sub-Requests Each Sub-Request has a Compensating Request T1, T2 … Tn C1, C2 … Cn

Slide 55

Slide 55 text

Begin Saga Start Book Hotel Request (T1 ) End Book Hotel Request (T1 ) Start Book Car Rental Request (T2 ) End Book Car Rental Request (T2 ) Start Book Flight Request (T3 ) End Book Flight Request (T3 ) End Saga Successful Distributed Saga

Slide 56

Slide 56 text

Saga Log Durable & Distributed

Slide 57

Slide 57 text

Saga Execution Coordinator (SEC) • Interprets & Writes to Saga Log • Applies Saga Sub-Requests • Applies Saga Compensating Requests when Necessary

Slide 58

Slide 58 text

No content

Slide 59

Slide 59 text

No content

Slide 60

Slide 60 text

No content

Slide 61

Slide 61 text

No content

Slide 62

Slide 62 text

No content

Slide 63

Slide 63 text

No content

Slide 64

Slide 64 text

No content

Slide 65

Slide 65 text

No content

Slide 66

Slide 66 text

No content

Slide 67

Slide 67 text

Apply Compensating Requests • Aborted Saga Response • Start Request Fails • SEC Crashes (non-safe state)

Slide 68

Slide 68 text

No content

Slide 69

Slide 69 text

No content

Slide 70

Slide 70 text

No content

Slide 71

Slide 71 text

What Happens when Compensating Requests Fail?

Slide 72

Slide 72 text

Compensating Requests Must Be Idempotent & Commutative

Slide 73

Slide 73 text

What Happens when SEC Fails?

Slide 74

Slide 74 text

Safe States • All Executed Sub-Requests are Complete (Start Ti & End Ti both logged) • Saga has been Aborted, Proceed with Compensating Transactions

Slide 75

Slide 75 text

Un-Safe State • Start Ti logged, no End Ti logged Abort Saga Start Compensating Requests

Slide 76

Slide 76 text

Request Messaging Semantics • Sub-Requests (Ti): At Most Once • Compensating Requests (Ci): At Least Once

Slide 77

Slide 77 text

Distributed Saga Guarantee Either • T1, T2 … Tn or • T1, T2 … Tj, Cj, … C2, C1

Slide 78

Slide 78 text

Distributed Sagas • Distributed/Durable Saga Log • SEC Process • Compensating Requests: Idempotent & Commutative

Slide 79

Slide 79 text

Sagas • Long Lived / Distributed Transactions • Trade Atomicity for Availability • Failure Management Pattern

Slide 80

Slide 80 text

Thank You