Introducing Ark: A Consensus Algorithm For TokuMX and MongoDB (opens in new tab)

(tokutek.com)

37 pointszardosht11y ago16 comments

16 comments

Does Tokutek intend to patent this consensus algorithm? If there's any possibility at all - I'm asking because of your track record - we're legally better off not reading about it at all, which is sad.

leif11y ago

It won't be patented. We hope others find it helpful and consider implementing it in similar systems.

fintler11y ago

Is there a TLA+ or Coq model available for this?

leif11y ago

No, none of us know how to use those. :(

If you're interested in building one and you have experience with them, get in touch and we can work through it together. I think the biggest challenge would be modeling the semantics of write concern, but I'm not that familiar with proof assistants, maybe that isn't too hard.

lumpypua11y ago

It looks like you've read the Call Me Maybe series of posts over at aphyr.com. He tests a number of distributed systems (Mongo, Riak, Cassandra, etc) and their behavior under network partitions and almost all of them fuck up and lose data. A summary of results can be found at [1].

Amazon has used a TLA+ model for their distributed systems and found a bunch of bugs [2].

Seriously, everybody fucks this up. Please please learn a model checker and check your algorithm.

[1] In the "Summary of Jepsen Test Results" section: http://blog.foundationdb.com/call-me-maybe-foundationdb-vs-j...

[2] https://research.microsoft.com/en-us/um/people/lamport/tla/a...

2 more replies

sseveran11y ago

If you have not used a model checker you don't have a proof. Please don't say that you have one. You are just hoping for the best.

See this to get yourself started: http://research.microsoft.com/en-us/um/people/lamport/tla/by...

2 more replies

yid11y ago

Interesting -- sounds like once implemented, you could leverage the consensus algorithm to implement atomic multi-document/multi-table transactions too?

leif11y ago

Multi-document and multi-collection transactions are already a part of TokuMX[1]. Since commit of the oplog insert is atomic together with the actual operation's changes to documents, atomicity is also guaranteed in replication. Atomicity and MVCC in a sharded system is something we're working on, but it's unrelated to Raft/Ark.

Ark is just about making replication as a whole trustworthy. The jepsen post on MongoDB[2] shows MongoDB losing data even with majority write concern, which if used properly, is supposed to make MongoDB a CP system. But because of the design flaws in the election algorithm, you can't rely on it perfectly. The changes we made in Ark fix the election algorithm to make majority write concern actually able to guarantee data safety, so you can treat it as a fully CP system.

[1]: http://docs.tokutek.com/tokumx/tokumx-transactions.html

[2]: http://aphyr.com/posts/284-call-me-maybe-mongodb

lumpypua11y ago

Ark is just about making replication as a whole trustworthy.

Then you need a formal model.

yourad_io11y ago

I believe this is officially one name too many matching /ar[ck]/

http://en.wikipedia.org/wiki/Ark#Technology

http://en.wikipedia.org/wiki/Arc#Computing_and_gaming

j / k navigate · click thread line to collapse

16 comments

justin6611y ago

leif11y ago

It won't be patented. We hope others find it helpful and consider implementing it in similar systems.

fintler11y ago

Is there a TLA+ or Coq model available for this?

leif11y ago

No, none of us know how to use those. :(

lumpypua11y ago

Amazon has used a TLA+ model for their distributed systems and found a bunch of bugs [2].

Seriously, everybody fucks this up. Please please learn a model checker and check your algorithm.

[1] In the "Summary of Jepsen Test Results" section: http://blog.foundationdb.com/call-me-maybe-foundationdb-vs-j...

[2] https://research.microsoft.com/en-us/um/people/lamport/tla/a...

2 more replies

sseveran11y ago

If you have not used a model checker you don't have a proof. Please don't say that you have one. You are just hoping for the best.

See this to get yourself started: http://research.microsoft.com/en-us/um/people/lamport/tla/by...

2 more replies

yid11y ago

Interesting -- sounds like once implemented, you could leverage the consensus algorithm to implement atomic multi-document/multi-table transactions too?

leif11y ago

[1]: http://docs.tokutek.com/tokumx/tokumx-transactions.html

[2]: http://aphyr.com/posts/284-call-me-maybe-mongodb

lumpypua11y ago

Ark is just about making replication as a whole trustworthy.

Then you need a formal model.

yourad_io11y ago

I believe this is officially one name too many matching /ar[ck]/

http://en.wikipedia.org/wiki/Ark#Technology

http://en.wikipedia.org/wiki/Arc#Computing_and_gaming

j / k navigate · click thread line to collapse