Recovery Guarantees for General Multi-Tier Applications
- Roger Barga ,
- David Lomet ,
- Gerhard Weikum
ICDE Conference |
Published by IEEE Computer Society
Database recovery does not mask failures to applications and users. Recovery is needed that considers data, messages, and application components. Special cases have been studied, but clear principles for recovery guarantees in general multi-tier applications such as web-based e-services are missing. We develop a framework for recovery guarantees that masks almost all failures. The main concept is an interaction contract between two components, a pledge as to message and state persistence, and contract release. Contracts are composed into system-wide agreements so that a set of components is provably recoverable with exactly-once message delivery and execution, except perhaps for crash interrupted user input or output. Our implementation techniques reduce logging cost, allow effective log truncation, and provide independent recovery for critical server components. Interaction contracts form the basis for our Phoenix/COM project on persistent components. Our framework’s utility is demonstrated with a case study of a web-based e-service.
Copyright © 2007 IEEE. Reprinted from IEEE Computer Society.This material is posted here with permission of the IEEE. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to pubs-permissions@ieee.org.By choosing to view this document, you agree to all provisions of the copyright laws protecting it.