Remote Procedure Call (RPC) and Transparency

Similar documents
Network File System (NFS)

Network File System (NFS)

CHAPTER - 4 REMOTE COMMUNICATION

Distributed Systems. How do regular procedure calls work in programming languages? Problems with sockets RPC. Regular procedure calls

Distributed Systems 8. Remote Procedure Calls

416 Distributed Systems. Distributed File Systems 1: NFS Sep 18, 2018

CS 162 Operating Systems and Systems Programming Professor: Anthony D. Joseph Spring Lecture 22: Remote Procedure Call (RPC)

416 Distributed Systems. RPC Day 2 Jan 11, 2017

Operating Systems. 18. Remote Procedure Calls. Paul Krzyzanowski. Rutgers University. Spring /20/ Paul Krzyzanowski

CSCI-1680 RPC and Data Representation. Rodrigo Fonseca

Remote Procedure Calls

Remote Procedure Calls (RPC)

416 Distributed Systems. RPC Day 2 Jan 12, 2018

Last Class: RPCs. Today:

Lecture 15: Network File Systems

CSCI-1680 RPC and Data Representation John Jannotti

Building up to today. Remote Procedure Calls. Reminder about last time. Threads - impl

NFS: Naming indirection, abstraction. Abstraction, abstraction, abstraction! Network File Systems: Naming, cache control, consistency

CSCI-1680 RPC and Data Representation. Rodrigo Fonseca

Administrivia. Remote Procedure Calls. Reminder about last time. Building up to today

Distributed Objects and Remote Invocation. Programming Models for Distributed Applications

REMOTE PROCEDURE CALLS EE324

Remote Procedure Call

C 1. Recap: Finger Table. CSE 486/586 Distributed Systems Remote Procedure Call. Chord: Node Joins and Leaves. Recall? Socket API

Today CSCI Communication. Communication in Distributed Systems. Communication in Distributed Systems. Remote Procedure Calls (RPC)

Dr. Robert N. M. Watson

Distributed File Systems: Design Comparisons

CSci Introduction to Distributed Systems. Communication: RPC

416 Distributed Systems. Distributed File Systems 2 Jan 20, 2016

MODELS OF DISTRIBUTED SYSTEMS

GFS: The Google File System

How do modules communicate? Enforcing modularity. Modularity: client-server organization. Tradeoffs of enforcing modularity

RMI: Design & Implementation

Lecture 8: February 19

DISTRIBUTED FILE SYSTEMS & NFS

Network File Systems

NFS Design Goals. Network File System - NFS

Announcements. P4: Graded Will resolve all Project grading issues this week P5: File Systems

MODELS OF DISTRIBUTED SYSTEMS

The RPC abstraction. Procedure calls well-understood mechanism. - Transfer control and data on single computer

Network Communication and Remote Procedure Calls

Background: I/O Concurrency

Distributed Systems Theory 4. Remote Procedure Call. October 17, 2008

Lecture 06: Distributed Object

DISTRIBUTED COMPUTER SYSTEMS

Lecture 5: Object Interaction: RMI and RPC

Network File System (NFS)

Distributed Systems Lecture 2 1. External Data Representation and Marshalling (Sec. 4.3) Request reply protocol (failure modes) (Sec. 4.

A Report on RMI and RPC Submitted by Sudharshan Reddy B

Filesystems Lecture 13

CS 417 9/18/17. Paul Krzyzanowski 1. Socket-based communication. Distributed Systems 03. Remote Procedure Calls. Sample SMTP Interaction

Distributed Systems. 03. Remote Procedure Calls. Paul Krzyzanowski. Rutgers University. Fall 2017

Background: Operating Systems

Distributed File Systems

Page 1. Goals for Today" Remote Procedure Call" Raw messaging is a bit too low-level for programming! RPC Details"

Middleware. Adapted from Alonso, Casati, Kuno, Machiraju Web Services Springer 2004

03 Remote invoaction. Request-reply RPC. Coulouris 5 Birrel_Nelson_84.pdf RMI

Two Phase Commit Protocol. Distributed Systems. Remote Procedure Calls (RPC) Network & Distributed Operating Systems. Network OS.

Lecture 8: February 17

NETWORKED STORAGE AND REMOTE PROCEDURE CALLS (RPC)

EI 338: Computer Systems Engineering (Operating Systems & Computer Architecture)

Filesystems Lecture 11

Distributed file systems

Protection and System Calls. Otto J. Anshus

RMI & RPC. CS 475, Spring 2019 Concurrent & Distributed Systems

Chapter 11: Implementing File

Communication. Distributed Systems Santa Clara University 2016

Distributed Systems. Lecture 06 Remote Procedure Calls Thursday, September 13 th, 2018

Chapter 12: File System Implementation

SYSTEM CALL IMPLEMENTATION. CS124 Operating Systems Fall , Lecture 14

Outline. EEC-681/781 Distributed Computing Systems. The OSI Network Architecture. Inter-Process Communications (IPC) Lecture 4

Chapter 11: Implementing File Systems. Operating System Concepts 9 9h Edition

struct foomsg { u_int32_t len; }

Chapter 3: Client-Server Paradigm and Middleware

OPERATING SYSTEM. Chapter 12: File System Implementation

Sandboxing Untrusted Code: Software-Based Fault Isolation (SFI)

Distributed Systems. The main method of distributed object communication is with remote method invocation

Remote Procedure Call

Today: Distributed Objects. Distributed Objects

CS454/654 Midterm Exam Fall 2004

ECE454 Tutorial. June 16, (Material prepared by Evan Jones)

Chapter 12: File System Implementation. Operating System Concepts 9 th Edition

Chapter 11: Implementing File Systems

Chapter 12: File System Implementation

Lecture 14: Distributed File Systems. Contents. Basic File Service Architecture. CDK: Chapter 8 TVS: Chapter 11

Chapter 10: File System Implementation

Large Systems: Design + Implementation: Communication Coordination Replication. Image (c) Facebook

Overview. Communication types and role of Middleware Remote Procedure Call (RPC) Message Oriented Communication Multicasting 2/36

6.033 Spring 2004, Quiz 1 Page 1 of Computer Systems Engineering: Spring Quiz I

Remote Invocation. Today. Next time. l Overlay networks and P2P. l Request-reply, RPC, RMI

What is a file system

OPERATING SYSTEMS II DPL. ING. CIPRIAN PUNGILĂ, PHD.

Outline. Interprocess Communication. Interprocess Communication. Communication Models: Message Passing and shared Memory.

Reliable Transport I: Concepts and TCP Protocol


Operating Systems 2010/2011

Operating Systems (2INC0) 2018/19. Introduction (01) Dr. Tanir Ozcelebi. Courtesy of Prof. Dr. Johan Lukkien. System Architecture and Networking Group

Operating Systems Design Exam 3 Review: Spring Paul Krzyzanowski

Da-Wei Chang CSIE.NCKU. Professor Hao-Ren Ke, National Chiao Tung University Professor Hsung-Pin Chang, National Chung Hsing University

Lecture 12 RPC RPC RPC. Writing an RPC Program. Sun RPC RPC. February 9+11, 2005

Transcription:

Remote Procedure Call (RPC) and Transparency Brad Karp UCL Computer Science CS GZ03 / M030 10 th October 2014

Transparency in Distributed Systems Programmers accustomed to writing code for a single box Transparency: retain feel of writing for one box, when writing code that runs distributedly Goals: Preserve original, unmodified client code Preserve original, unmodified server code RPC should glue together client and server without changing behavior of either Programmer shouldn t have to think about network 2

Transparency in Distributed Systems Programmers accustomed to writing code for a How achievable is true transparency? single box We will use NFS as a case study. Transparency: retain feel of writing for one But first, an introduction to RPC itself. box, when writing code that runs distributedly Goals: Preserve original, unmodified client code Preserve original, unmodified server code RPC should glue together client and server without changing behavior of either Programmer shouldn t have to think about network 3

Remote Procedure Call: Central Idea Within a single program, running on a single box, well-known notion of procedure call (aka function call): Caller pushes arguments onto stack Jumps to address of callee function Callee reads arguments from stack Callee executes, puts return value in register Callee returns to next instruction in caller RPC aim: let distributed programming look no different from local procedure calls 4

RPC Abstraction Library makes an API available to locally running applications Let servers export their local APIs to be accessible over the network, as well On client, procedure call generates request over network to server On server, called procedure executes, result returned in response to client 5

RPC Implementation Details Data types may be different sizes on different machines (e.g., 32-bit vs. 64-bit integers) Little-endian vs. big-endian machines Big-endian: 0x11223344 is 0x11, 0x22, 0x33, 0x44 Little-endian is 0x44, 0x33, 0x22, 0x11 Need mechanism to pass procedure parameters and return values in machine-independent fashion Solution: Interface Description Language (IDL) 6

Interface Description Languages Compile interface description, produces: Types in native language (e.g., Java, C, C++) Code to marshal native data types into machine-neutral byte streams for network (and vice-versa) Stub routines on client to forward local procedure calls as requests to server For Sun RPC, IDL is XDR (external Data Representation) 7

Example: Sun RPC and XDR Define API for procedure calls between client and server in XDR file, e.g., proto.x Compile: rpcgen proto.x, producing proto.h: RPC procedure prototypes, argument and return value data structure definitions proto_clnt.c: per-procedure client stub code to send RPC request to remote server proto_svc.c: server stub code to dispatch RPC request to specified procedure proto_xdr.c: argument and result marshaling/ unmarshaling routines, host-network/networkhost byte order conversions 8

Example: Sun RPC and XDR Define API for procedure calls between client and server in XDR file, e.g., proto.x Compile: rpcgen proto.x, producing proto.h: RPC procedure prototypes, argument and return value data structure definitions Let s proto_clnt.c: consider a simple per-procedure example client stub code to send RPC request to remote server proto_svc.c: server stub code to dispatch RPC request to specified procedure proto_xdr.c: argument and result marshaling/ unmarshaling routines, host-network/networkhost byte order conversions 9

Sun RPC and XDR: Programming Caveats Server routine return values must always be pointers (e.g., int *, not int) should declare return value static in server routine Arguments to server-side procedures are pointers to temporary storage to store arguments beyond procedure end, must copy data, not merely pointers in these cases, typically allocate memory for copy of argument using malloc() If new to C, useful background in Mark Handley s C for Java programmers tutorial: https://moodle.ucl.ac.uk/mod/resource/view.php? id=430247 2.9 2.13 describe memory allocation 10

Sun RPC and XDR: Programming Caveats Server routine return values must always be pointers (e.g., int *, not int) should declare return value static in server routine Arguments to server-side procedures are pointers to temporary storage to store arguments beyond procedure end, must copy data, not merely pointers Now, back to our NFS case study in these cases, typically allocate memory for copy of argument using malloc() If new to C, useful background in Mark Handley s C for Java programmers tutorial: https://moodle.ucl.ac.uk/mod/resource/view.php? id=430247 2.9 2.13 describe memory allocation 11

Non-Distributed NFS Applications Syscalls Kernel filesystem implementation Local disk RPC must split up the above Where does NFS make the split? 12

NFS Structure on Client NFS splits client at vnode interface, below syscall implementation Client-side NFS code essentially stubs for system calls: Package up arguments, send them to server 13

NFS and Syntactic Transparency Does NFS preserve the syntax of the client function call API (as seen by applications)? Yes! Arguments and return values of system calls not changed in form or meaning 14

NFS and Server-Side Transparency Does NFS require changes to pre-existing filesystem code on server? Some, but not much. NFS adds in-kernel threads (to block on I/O, much like user-level processes do) Server filesystem implementation changes: File handles over wire, not file descriptors Generation numbers added to on-disk i-nodes User IDs carried as arguments, rather than implicit in process owner Support for synchronous updates (e.g., for WRITE) 15

NFS and File System Semantics You don t get transparency merely by preserving the same API System calls must mean the same thing! If they don t, pre-existing code may compile and run, but yield incorrect results! Does NFS preserve the UNIX filesystem s semantics? No! Let us count the ways 16

NFS s New Semantics: Server Failure On one box, open() only fails if file doesn t exist Now open() and all other syscalls can fail if server has died! Apps must know how to retry or fail gracefully Or open() could hang forever never the case before! Apps must know how to set own timeouts if don t want to hang This is not a quirk of NFS it s fundamental! 17

NFS s New Semantics: close() Might Fail Suppose server out of disk space But client WRITEs asynchronously, only on close(), for performance Client waits in close() for WRITEs to finish close() never returns error for local fs! Apps must check not only write(), but also close(), for disk full! Reason: NFS batches WRITEs If WRITEs were synchronous, close() couldn t fill disk, but performance would be awful 18

NFS s New Semantics: Errors Returned for Successful Operations Suppose you call rename( a, b ) on file in NFSmounted fs Suppose server completes RENAME, crashes before replying NFS client resends RENAME a doesn t exist; error returned! Never happens on local fs Side effect of statelessness of NFS server: Server could remember all ops it s completed, but that s hard Must keep that state consistent and persistent across crashes (i.e., on disk)! Update the state first, or perform the operation first? 19

NFS s New Semantics: Deletion of Open Files Client A open()s file for reading Client B deletes it while A has it open Local UNIX fs: A s subsequent reads work NFS: A s subsequent reads fail Side effect of statelessness of NFS server: Could have fixed this server could track open()s AFS tracks state required to solve this problem 20

Semantics vs. Performance Insight: preserving semantics produces poor performance e.g., for write() to local fs, UNIX can delay actual write to disk Gather writes to multiple adjacent blocks, and so write them with one disk seek If box crashes, you lose both the running app and its dirty buffers in memory Can we delay WRITEs in this way on NFS server? 21

NFS Server and WRITE Semantics Suppose WRITE RPC stores client data in buffer in memory, returns success to client Now server crashes and reboots App doesn t crash in fact, doesn t notice! And written data mysteriously disappear! Solution: NFS server does synchronous WRITEs Doesn t reply to WRITE RPC until data on disk If write() returns on client, even if server crashes, data safe on disk Per previous lecture: 3 seeks, 45 ms, 22 WRITES/s, 180 KB/s max throughput! < 10% of max disk throughput NFS v3 and AFS fix this problem (more complex) 22

Semantics vs. Performance (2) Insight: improving performance changes consistency semantics! Suppose clients cache disk blocks when they read them But writes always go through to server Not enough to get consistency! Write editor buffer on one box, make on other Do make/compiler see changes? Ask server has file changed? at every read()? Almost as slow as just reading from server 23

NFS: Semantics vs. Performance NFS solution: close-to-open consistency Ask server has file changed? at each open() Don t ask on each read() after open() If B changes file while A has it open, A doesn t see changes OK for emacs/make, but not always what you want: make > make.log (on server) tail f make.log (on my desktop) Side effect of statelessness of NFS server Server could track who has cached blocks on reads Send invalidate messages to clients on changes 24

Security Radically Different Local system: UNIX enforces read/write protections per-user Can t read my files without my password How does NFS server authenticate user? Easy to send requests to NFS server, and to forge NFS replies to client Does it help for server to look at source IP address? So why aren t NFS servers ridiculously vulnerable? Hard to guess correct file handles! 25

Security Radically Different Local system: UNIX enforces read/write protections per-user Can t read my files without my password How does NFS server authenticate user? Easy to send requests to NFS server, and to forge NFS replies to client Does it help for server to look at source IP address? Fixable: So why SFS, aren t AFS, NFS some servers NFS versions ridiculously use cryptography vulnerable? to authenticate client Hard to guess correct file handles! Very hard to reconcile with statelessness! 26

NFS Still Very Useful People fix programs to handle new semantics Must mean NFS useful enough to motivate them to do so! People install firewalls for security NFS still gives many advantages of transparent client/server 27

Multi-Module Distributed Systems NFS in fact rather simple: One server, one data type (file handle) What if symmetric interaction, many data types? Say you build system with three modules in one address space: Web front end, customer DB, order DB Represent user connections with object: class connection { int fd; int state; char *buf; } Easy to pass object references among three modules (e.g., pointer to current connection) 28

Multi-Module Distributed Systems NFS in fact rather simple: One server, one data type (file handle) What if symmetric interaction, many data types? What if we split system into three separate servers? Say you build system with three modules in one address space: Web front end, customer DB, order DB Represent user connections with object: class connection { int fd; int state; char *buf; } Easy to pass object references among three modules (e.g., pointer to current connection) 29

Multi-Module Systems: Challenges How do you pass class connection between servers? Could RPC stub just send object s elements? What if processing flow for connection goes: order DB -> customer DB -> front end to send reply? Front end only knows contents of passed connection object; underlying connection may have changed! Wanted to pass object references, not object contents NFS solution: file handles No support from RPC to help with this! 30

RPC: Failure Happens New failure modes not seen in simple, samehost procedure calls: Remote server failure Communication (network) failure RPCs can return failure instead of results Possible failure outcomes: Procedure didn t execute Procedure executed once Procedure executed multiple times Procedure partially executed Generally, at most once semantics preferred 31

Achieving At-Most-Once Semantics Risk: Request message lost Client must retransmit requests when no reply received Risk: Reply message lost Client may retransmit previously executed request OK when operations idempotent; some aren t, though (e.g., charge customer ) Server can keep replay cache to reply to repeated requests without re-executing them 32

Summary: RPC Non-Transparency Partial failure, network failure Latency Efficiency/semantics tradeoff Security rarely transparent! Pointers: write-sharing, portable object references Concurrency (if multiple clients) Solutions: Expose remoteness of RPC to application, or Work harder to achieve transparent RPC 33

Conclusions Of RPC s goals, automatic marshaling most successful Mimicking procedure call interface in practice not so useful Attempt at full transparency mostly a failure! (You can try hard: consider Java RMI) Next time: implicit communication through distributed shared memory! 34

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback