Recovery Guarantees for General Multi-Tier Applications

Roger Barga, David Lomet, and Gerhard Weikum


Database recovery does not mask failures to applications

and users. Recovery is needed that considers data,

messages, and application components. Special cases

have been studied, but clear principles for recovery

guarantees in general multi-tier applications such as

web-based e-services are missing. We develop a framework

for recovery guarantees that masks almost all

failures. The main concept is an interaction contract

between two components, a pledge as to message and

state persistence, and contract release. Contracts are

composed into system-wide agreements so that a set of

components is provably recoverable with exactly-once

message delivery and execution, except perhaps for

crash interrupted user input or output. Our implementation

techniques reduce logging cost, allow effective

log truncation, and provide independent recovery for

critical server components. Interaction contracts form

the basis for our Phoenix/COM project on persistent

components. Our framework’s utility is demonstrated

with a case study of a web-based e-service.


Publication typeInproceedings
Published inICDE Conference
PublisherIEEE Computer Society
> Publications > Recovery Guarantees for General Multi-Tier Applications