PBFT instance-level checkpoints #113
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
matejpavlovic
force-pushed
the
pbft-local-chkp
branch
2 times, most recently
from
ae98c14
to
6089c25
Compare
sergefdrv
reviewed
Jun 23, 2022
matejpavlovic
force-pushed
the
pbft-local-chkp
branch
3 times, most recently
from
1147b8b
to
01da17e
Compare
sergefdrv
reviewed
Jun 24, 2022
matejpavlovic
force-pushed
the
pbft-local-chkp
branch
2 times, most recently
from
e57e26c
to
12a6104
Compare
Signed-off-by: Matej Pavlovic <matopavlovic@gmail.com>
Signed-off-by: Matej Pavlovic <matopavlovic@gmail.com>
Signed-off-by: Matej Pavlovic <matopavlovic@gmail.com>
These checkpoints are necessary for liveness. Each SB instance must be live independently of the other instances. In particular, even instances that delivered all slots in a segment must keep running until a global stable checkpoint is reached. Otherwise the system might get stuck. Signed-off-by: Matej Pavlovic <matopavlovic@gmail.com>
Signed-off-by: Matej Pavlovic <matopavlovic@gmail.com>
sergefdrv
reviewed
Jun 29, 2022
sergefdrv
reviewed
Jun 29, 2022
sergefdrv
reviewed
Jun 29, 2022
Signed-off-by: Matej Pavlovic <matopavlovic@gmail.com>
matejpavlovic
force-pushed
the
pbft-local-chkp
branch
from
12a6104
to
eab2a46
Compare
Sending stable checkpoints to nodes that are suspected of having fallen behind now happens periodically. The number of old epochs to keep is now configurable. Only epochs that are older than the latest stable checkpoint minus a configuration parameter are garbage-collected. Signed-off-by: Matej Pavlovic <matopavlovic@gmail.com>
Signed-off-by: Matej Pavlovic <matopavlovic@gmail.com>
sergefdrv
reviewed
Jul 6, 2022
sergefdrv
reviewed
Jul 6, 2022
Signed-off-by: Matej Pavlovic <matopavlovic@gmail.com>
sergefdrv
approved these changes
Jul 7, 2022
sergefdrv
reviewed
Jul 7, 2022
Co-authored-by: Sergey Fedorov <serge.fdrv@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
If correct nodes stop participating in the SB instance protocol immediately after having delivered all batches in a segment,
a minority of nodes might get stuck in higher views if they did not deliver all batches yet,
never finding enough support for finishing a view change.
The high-level checkpoints (encompassing all segments) are not enough to resolve this problem,
because multiple segments can block each other, each with its own majority of nodes that finish it,
but with too few nodes that finished all segments.
If, for example, each segment only has one node that fails to complete it, no high-level checkpoint can be constructed,
as too few nodes will have delivered everything from all the segments.
Thus, local instance-level checkpoints are required, so nodes can catch up on each segment separately.