Fault tolerance in the Pulsar cluster server

A cluster server is a collection of general-purpose compute nodes connected by a network, used to implement some service, such as file, mail or web service. Cluster servers have several advantages over traditional monolithic servers, including low initial cost, commodity hardware, incremental scalability, and potentially higher availability. However, cluster servers suffer from a number of problems not found in monolithic servers, including network partition, distributed cache coherence, and distributed fault recovery.; This dissertation describes Pulsar, a software system which supports the construction of fault tolerant cluster servers from networks of PCs. Pulsar provides many services: configuration, messaging, group membership, distributed disk storage, mirroring, coherent distributed caching, and a cluster file system. Pulsar implements these services as a series of layers; the more sophisticated services are built using the simpler services, and the application acts as the topmost layer in the system. Pulsar can tolerate and recover from many different kinds of failures, including node crashes, power failures, and network partitions. Pulsar achieves its fault tolerance characteristics by dividing time into periods of stable configuration called epochs. At the beginning of each epoch, Pulsar performs layer-by-layer recovery; when Pulsar has recovered, it notifies the application of the new epoch. The application performs its own recovery, perhaps reconfiguring itself around a failed component, and resumes operation.; The primary contribution of Pulsar is its demonstration that layered services and epoch-based fault tolerance mechanisms provide a clean, simple way to build a full-featured, general-purpose, fault-tolerant cluster server. Other contributions arise from problems solved during the design of Pulsar; these include small-log disk replication, a shared logical disk abstraction, an analysis of a popular cache coherence protocol, dependences for file system metadata write-behind, and an online file system garbage collector.