Tardigrade: Leveraging Lightweight Virtual Machines to Easily and Efficiently Construct Fault-Tolerant Services

Many services need to survive machine failures, but designing and deploying fault-tolerant services can be difficult and error-prone. In this work, we present Tardigrade, a system that deploys an existing, unmodified binary as a fault-tolerant service. Tardigrade replicates the service on several machines so that it continues running even when some of them fail. Yet, it keeps the service states synchronized so clients see strongly consistent results. To achieve this efficiently, we use lightweight virtual machine replication. A lightweight virtual machine is a process sandboxed so that its external dependencies are completely encapsulated, enabling it to be migrated across machines. To let unmodified binaries run within such a sandbox, the sandbox also contains a library OS providing the expected API. We evaluate Tardigrade's performance and demonstrate its applicability to a variety of services, showing that it can convert these services into fault-tolerant ones transparently and efficiently.

[1]  Alan L. Cox,et al.  TreadMarks: shared memory computing on networks of workstations , 1996 .

[2]  Andrew Warfield,et al.  RemusDB: transparent high availability for database systems , 2011, The VLDB Journal.

[3]  Ganesh Venkitachalam,et al.  The design of a practical system for fault-tolerant virtual machines , 2010, OPSR.

[4]  Jon Howell,et al.  Flat Datacenter Storage , 2012, OSDI.

[5]  Dutch T. Meyer,et al.  Remus: High Availability via Asynchronous Virtual Machine Replication. (Best Paper) , 2008, NSDI.

[6]  Ollie Whitehouse An Analysis of Address Space Layout Randomization on Windows Vista , 2007 .

[7]  Garth A. Gibson,et al.  RAID: high-performance, reliable secondary storage , 1994, CSUR.

[8]  Andrew Warfield,et al.  Live migration of virtual machines , 2005, NSDI.

[9]  Irving L. Traiger,et al.  The Recovery Manager of the System R Database Manager , 1981, CSUR.

[10]  Tzi-cker Chiueh,et al.  Fast memory state synchronization for virtualization-based fault tolerance , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[11]  Mahadev Konar,et al.  ZooKeeper: Wait-free Coordination for Internet-scale Systems , 2010, USENIX ATC.

[12]  Harrick M. Vin,et al.  A fault-tolerant java virtual machine , 2003, 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings..

[13]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[14]  Jon Howell,et al.  The SMART way to migrate replicated stateful services , 2006, EuroSys.

[15]  Jason Nieh,et al.  Proceedings of the 5th Symposium on Operating Systems Design and Implementation , 2022 .

[16]  Jun Zhu,et al.  Optimizing the Performance of Virtual Machine Synchronization for Fault Tolerance , 2011, IEEE Transactions on Computers.

[17]  Jason Flinn,et al.  Speculative execution in a distributed file system , 2005, SOSP '05.

[18]  Yang Wang,et al.  All about Eve: Execute-Verify Replication for Multi-Core Servers , 2012, OSDI.

[19]  Miguel Castro,et al.  Practical byzantine fault tolerance and proactive recovery , 2002, TOCS.

[20]  Brett D. Fleisch,et al.  The Chubby lock service for loosely-coupled distributed systems , 2006, OSDI '06.

[21]  Leslie Lamport,et al.  Distributed snapshots: determining global states of distributed systems , 1985, TOCS.

[22]  Wei Dong,et al.  Improving the performance of hypervisor-based fault tolerance , 2010, 2010 IEEE International Symposium on Parallel & Distributed Processing (IPDPS).

[23]  Fred B. Schneider,et al.  Hypervisor-based fault tolerance , 1996, TOCS.

[24]  Fred Douglis,et al.  Transparent process migration: Design alternatives and the sprite implementation , 1991, Softw. Pract. Exp..

[25]  George Varghese,et al.  Difference engine , 2010, OSDI.

[26]  Leslie Lamport,et al.  Vertical paxos and primary-backup replication , 2009, PODC '09.

[27]  Michael Burrows,et al.  The Chubby Lock Service for Loosely-Coupled Distributed Systems , 2006, OSDI.

[28]  Roy Friedman,et al.  Transparent fault-tolerant Java virtual machine , 2003, 22nd International Symposium on Reliable Distributed Systems, 2003. Proceedings..

[29]  Miguel Castro,et al.  Farsite: federated, available, and reliable storage for an incompletely trusted environment , 2002, OPSR.

[30]  Jon Howell,et al.  Leveraging Legacy Code to Deploy Desktop Applications on the Web , 2008, OSDI.

[31]  Reuben Olinsky,et al.  Composing OS extensions safely and efficiently with Bascule , 2013, EuroSys '13.

[32]  Carl A. Waldspurger,et al.  Memory resource management in VMware ESX server , 2002, OSDI '02.

[33]  Donald E. Porter,et al.  Rethinking the library OS from the top down , 2011, ASPLOS XVI.