METHOD OF FAILURE DETECTION IN AN OPERATING SYSTEM

Abstract
Method of failure detection in an operating system, the method comprising sending a request from a client to a server through a router, storing a token at the router, carrying out the request at the server, and returning a reply from the server to the client through the router, wherein the method comprises the alternative steps of, in response to a failure in the server, generating at the router an error reply based on the token and returning the error reply from the router to the client.
Description
FIELD OF THE INVENTION

The invention relates to a method of failure detection in an operating system.


BACKGROUND

This section introduces aspects that may be helpful in facilitating a better understanding of the invention. Accordingly, the statements of this section are to be read in this light and are not to be understood as admissions about what is in the prior art or what is not in the prior art.


Many systems use request/reply for communicating between processes (threads, tasks, operating system cores, applications, servers). One entity which we call client sends a request to another entity which we call server; the server carries out (processes, executes) the request and returns a reply to the client. The process of sending/receiving a request followed by sending/receiving the reply is sometimes called a message transaction. The use of message transactions is widespread in operating systems, computer networks and distributed systems.


When message transactions involve communication over a network in which data packets may be lost, or address remote servers whose reliability is not guaranteed, mechanisms need to be used to make them more reliable. A particular concern is that a client sends a request and waits for a reply that never arrives due to packet loss or server crash.


It is this problem of dependably notifying clients of server crashes or packet loss that this invention addresses. It does so in the particular context of an individual computer, the operating system running on it and the applications supported by that operating system. In this context, the general solution (timeout and retransmission, presented in the following section) tends to be too complex to be effective in the setting of high-speed, intra-computer communication.


To deal with the problems caused by packet loss and server crashes, clients and servers typically use the mechanism of timeout and retransmission: When a client sends a request, it starts a timer. When it receives a reply, it cancels the timer. If the timer goes off, the client retransmits the request. When a server receives a retransmitted request, there are three possibilities:


1. The server did not get the original request


2. The server is still processing the original request


3. The server had already sent the reply to the original request


In case 1, the server can start carrying out the retransmitted request. In case 1 and 2, the server can send an acknowledgement back to the client with the meaning “I'm working on your request”. In case 3, the server should retransmit the reply.


There is a fourth possibility and that is that the server has crashed. In this case, the client may receive a failure-to-deliver notice from the system, or the client gives up after a number of unsuccessful retransmissions.


A popular development is to use Content Routing, a technique where a client specifies the name of the object it is looking for (this could be a movie, a web page, a service, a device) and leaves it to the system to find an appropriate server to deliver the request to. Often, finding such a server is a process of gradual refinement, for example, the request is first delivered to the organization that owns the content, then to a data centre that belongs to the organization, then to a specific host in the data centre and then to a server process running on that host. The request gets routed in multiple places, until it finally gets to its destination.


A particular strategy for content routing is presented by Content-Centric Networking, CCN , an idea developed by Van Jacobson and others at PARC. In CCN, a request is called an Interest and a reply is called a Content message. Interests have a hierarchical path name, e.g., com/parc/papers/ccn.pdf which is routed to its destination (e.g., first to parc.com and then to the server that manages papers). These Interests are stored at each of the routers en route to the Interest's destination where they await the return of the matching Content message. Interests can be combined and Content messages can be cached, but this particular aspect of CCN is not important here.


Inside an individual computer, communication is generally implemented in a way that requests and replies do not get lost. It is, however, possible that applications configured as clients or servers crash. In that case, the client must either find out about the crash by using timeout, or it needs to be notified by the system. Server crashes are rare events, but they do happen and timeout is an expensive tool that needs to be started up on every message transaction, but is very rarely called upon to recover from potential client deadlock.


SUMMARY

In one embodiment of the present invention, an approach to failure detection in an operating system is disclosed which may allow for improved effectiveness and efficiency.


A method of failure detection in an operating system according to the embodiment comprises sending a request from a client to a server through a router, storing a token at the router, carrying out the request at the server, and returning a reply from the server to the client through the router, as well as the alternative steps of, in response to a failure in the server, generating at the router an error reply based on the token and returning the error reply from the router to the client.


In another embodiment of the invention, an efficient mechanism is disclosed to keep track of client/server associations during message transactions so that clients can be notified of server crashes.


In yet another embodiment of the invention, a mechanism is disclosed that allows the handling of timeout and retransmission for all applications that run on an operating system and use the network, in just one place, close to, or at the network interface.


The basic idea is that, when a request is routed from client to server, at each routing point in the path, a small token is stored. When the server sends the reply, these tokens can be used to point the way back to the client. They are also removed as the reply passes the routing points. An arrangement is made that, if a server crashes, the router that supplies that server with requests is notified. The router uses the tokens that identify outstanding requests for that server to generate special error replies and returns these back to the clients.


At the network interface, a special interface router receives the requests that come in from the network. For each request, it generates a token before forwarding the request to servers inside the computer. A request generated inside the computer will be routed via the interface router and this router will also store a token for such requests before forwarding them into the network.


The interface router can deal with incoming retransmissions and sets retransmission timers for outgoing requests. In fact, it uses the conventional timeout and retransmission method on behalf of servers and clients inside the computer. This enormously simplifies the management of server and client processes in an operating system, because there need be only one place where timers and retransmissions are handled. The interface router can also cache outgoing requests and replies to satisfy retransmission requests autonomously.


Further embodiments of the invention can be gathered from the following entirety of the herein application.







DESCRIPTION OF THE EMBODIMENTS

The mechanism of the invention is inspired by CCN and virtual-circuit identifiers in ATM networks, but serves a completely different purpose: creating reliable communication.


The main embodiment assumes that each router communicates with at most N other entities—routers or processes (clients or servers)—and that it will learn of crashes in these entities. Well call the direct connection between entities (routers, clients, servers) a link. A router, thus, has at most N links. We assume that, on each link, a router can have at most M outstanding requests.


This implies that a router, for each link, can keep a table of at most M tokens. An entry into this table can be indexed by a non-negative number less than M. We call such an index a tag. A tag is a number between 0 and M-1.


Requests and replies carry tags. On a particular link, the tag of a reply matches that in the associated request.


A router executes the following algorithm:

    • When a request with tag m arrives on link n, a token t is created that contains m and n. Well indicate this by t=(n, m). The router then makes a routing decision (how this is done is not part of the invention) to forward the request on outgoing link n′. It finds an unused entry m in the token table associated with link n′, puts t into that entry, substitutes m′ for m in the request and forwards the request on link n′. In the absence of crashes, a reply will arrive on link n′ with tag
    • When a reply with tag m′ arrives on link n′, the router finds the m′th token t=(n, m) in the token table for link n′, and uses that to substitute token m for m′ in the reply and to forward the modified reply on link n. It then marks the m′th token in the token table for link n as unused.
    • When the entity on the other end of link n′ crashes, the router is notified. For each token t=(n, m) in the token table for link n′, it generates a crash-notification reply, tags it with m and sends it out on link n.
    • When a request arrives to be forwarded to a crashed or no-longer-existent link, a no-such-destination reply with the incoming requests tag is generated and returned on the link of the incoming request.


The tag-substitution technique was used in ATM networks to forward very small messages in a virtual circuit identified by those tags (called virtual-circuit identifiers there).


The idea of requests leaving a trail of tokens behind on their way to their destination is used in CCN networks as a mechanism to allow caching and multicasting content at routers.


They form similar mechanisms for a completely different purpose.


A person of skill in the art would readily recognize that steps of various above-described methods can be performed by programmed computers. Herein, some embodiments are also intended to cover program storage devices, e.g., digital data storage media, which are machine or computer readable and encode machine-executable or computer-executable programs of instructions, wherein said instructions perform some or all of the steps of said above-described methods. The program storage devices may be, e.g., digital memories, magnetic storage media such as magnetic disks and magnetic tapes, hard drives, or optically readable digital data storage media. The embodiments are also intended to cover computers programmed to perform said steps of the above-described methods.


The description merely illustrates the principles of the invention. It will thus be appreciated that those skilled in the art will be able to devise various arrangements that, although not explicitly described or shown herein, embody the principles of the invention and are included within its spirit and scope. Furthermore, all examples recited herein are principally intended expressly to be only for pedagogical purposes to aid the reader in understanding the principles of the invention and the concepts contributed by the inventor(s) to furthering the art, and are to be construed as being without limitation to such specifically recited examples and conditions. Moreover, all statements herein reciting principles, aspects, and embodiments of the invention, as well as specific examples thereof, are intended to encompass equivalents thereof.

Claims
  • 1. (canceled)
  • 2. The method of claim 16 further comprising the step of removing the token as the reply passes the router.
  • 3. The method of claim 16 wherein the operating system is configured to notify the router in response to the failure in the server process.
  • 4. The method of claim 16 wherein the operating system comprises a network interface, and wherein the server is local to the operating system, and the router is associated with the network interface.
  • 5. The method of claim 4 further comprising the step of handling a retransmission of the request at the router.
  • 6. The method of claim 16 wherein the operating system comprises a network interface, and wherein the client is local to the operating system, and the router is associated with the network interface.
  • 7. The method of claim 6 further comprising the step of setting a retransmission timer at the router.
  • 8. The method of claim 6 further comprising the step of caching the request.
  • 9. The method of claim 16 wherein the router is configured to connect through a plurality of links, wherein the router is connected to the client by a first link of the plurality of links and the router is connected to the server by a second link of the plurality of links.
  • 10. The method of claim 9 further comprising the step of maintaining at the router for each link of the plurality of links a table of tokens, each token associated with at least one request of a plurality of requests.
  • 11. The method of claim 10 wherein each entry in the table is associated with an index, wherein the request and the reply carry the index.
  • 12. The method of claim 16 wherein the failure in the server takes the form of a crash of the server.
  • 13. (canceled)
  • 14. A computer program product comprising computer-executable instructions for performing a method when the program is run on a computer, the method comprising the steps of: sending a request from a client process to a server process through a router, wherein the client process, the server process and the router are inside an individual computer;storing a token at the router;carrying out the request at the server process and returning a reply from the server process to the client process through the router when there is no failure in the server process; andgenerating at the router an error reply based on the token and returning the error reply from the router to the client when there is a failure in the server process, wherein the failure is detected by an operating system of the individual computer.
  • 15. (canceled)
  • 16. A method for notification, comprising the steps of: sending a request from a client process to a server process through a router, wherein the client process, the server process and the router are inside an individual computer;storing a token at the router;carrying out the request at the server process and returning a reply from the server process to the client process through the router when there is no failure in the server process; andgenerating at the router an error reply based on the token and returning the error reply from the router to the client when there is a failure in the server process, wherein the failure is detected by an operating system of the individual computer.
  • 17. A digital data storage medium encoding a machine-executable program of instructions to perform a method, the method comprising the steps of: sending a request from a client process to a server process through a router, wherein the client process, the server process and the router are inside an individual computer;storing a token at the router;carrying out the request at the server process and returning a reply from the server process to the client process through the router when there is no failure in the server process; andgenerating at the router an error reply based on the token and returning the error reply from the router to the client when there is a failure in the server process, wherein the failure is detected by an operating system of the individual computer.
Priority Claims (1)
Number Date Country Kind
11306229.3 Sep 2011 EP regional
PCT Information
Filing Document Filing Date Country Kind 371c Date
PCT/EP2012/068991 9/26/2012 WO 00 3/6/2014