Reliable Self-Deployment of Cloud Applications

International audienceCloud applications consist of a set of interconnected software elements distributed over several virtual machines, themselves hosted on remote physical servers. Most existing solutions for deploying such applications require human intervention to configure parts of the system, do not respect functional dependencies among elements that must be respected when starting them, and do not handle virtual machine failures that can occur when deploying an application. This paper presents a self-deployment protocol that was designed to automatically configure a set of software elements to be deployed on different virtual machines. This protocol works in a decentralized way, i.e., there is no need for a centralized server. It also starts the software elements in a certain order, respecting important architectural invariants. This protocol supports virtual machine and network failures, and always succeeds in deploying an application when faced with a finite number of failures. Designing such highly parallel management protocols is difficult, therefore formal modeling techniques and verification tools were used for validation purposes. The protocol was implemented in Java and was used to deploy industrial applications

Paxos Consensus, Deconstructed and Abstracted (Extended Version)

Lamport's Paxos algorithm is a classic consensus protocol for state machine replication in environments that admit crash failures. Many versions of Paxos exploit the protocol's intrinsic properties for the sake of gaining better run-time performance, thus widening the gap between the original description of the algorithm, which was proven correct, and its real-world implementations. In this work, we address the challenge of specifying and verifying complex Paxos-based systems by (a) devising composable specifications for implementations of Paxos's single-decree version, and (b) engineering disciplines to reason about protocol-aware, semantics-preserving optimisations to single-decree Paxos. In a nutshell, our approach elaborates on the deconstruction of single-decree Paxos by Boichat et al. We provide novel non-deterministic specifications for each module in the deconstruction and prove that the implementations refine the corresponding specifications, such that the proofs of the modules that remain unchanged can be reused across different implementations. We further reuse this result and show how to obtain a verified implementation of Multi-Paxos from a verified implementation of single-decree Paxos, by a series of novel protocol-aware transformations of the network semantics, which we prove to be behaviour-preserving.Comment: Accepted for publication in the 27th European Symposium on Programming (ESOP'18

A glimpse into the differential topology and geometry of optimal transport

This note exposes the differential topology and geometry underlying some of the basic phenomena of optimal transportation. It surveys basic questions concerning Monge maps and Kantorovich measures: existence and regularity of the former, uniqueness of the latter, and estimates for the dimension of its support, as well as the associated linear programming duality. It shows the answers to these questions concern the differential geometry and topology of the chosen transportation cost. It also establishes new connections --- some heuristic and others rigorous --- based on the properties of the cross-difference of this cost, and its Taylor expansion at the diagonal.Comment: 27 page

Generalized Ricci Curvature Bounds for Three Dimensional Contact Subriemannian manifolds

Measure contraction property is one of the possible generalizations of Ricci curvature bound to more general metric measure spaces. In this paper, we discover sufficient conditions for a three dimensional contact subriemannian manifold to satisfy this property.Comment: 49 page

Distributed Operating Systems

Distributed operating systems have many aspects in common with centralized ones, but they also differ in certain ways. This paper is intended as an introduction to distributed operating systems, and especially to current university research about them. After a discussion of what constitutes a distributed operating system and how it is distinguished from a computer network, various key design issues are discussed. Then several examples of current research projects are examined in some detail, namely, the Cambridge Distributed Computing System, Amoeba, V, and Eden. © 1985, ACM. All rights reserved

Tracking Service Availability in Long Running Business Activities

Abstract. An important factor in the successful deployment of federated web services-based business activities will be the ability to guarantee reliable distributed operation and execution under scalable conditions. For example advanced failure management is essential for any reliable distributed operation but especially for the target areas of web service architectures, where the activities can be constructed out of services located at different enterprises, and are accessed over heterogeneous networks topologies. In this paper we describe the first technologies and implementations coming out of the Obduro project, which has as a goal to apply the results of scalability and reliability research to global scalable service oriented architectures. We present technology developed for failure and availability tracking of processes involved in long running business activities within a web services coordination framework. The Service Tracker, Coordination Service and related development toolkits are available for public usage. 1

Overview of the InterGroup Protocols

Existing reliable ordered group communication protocols have been developed for local-area networks and do not, in general, scale well to large numbers of nodes and wide-area networks. The InterGroup suite of protocols is a scalable group communication system that introduces a novel approach to handling group membership, and supports a receiver-oriented selection of service. The protocols are intended for a wide-area network, with a large number of nodes, that has highly variable delays and a high message loss rate, such as the Internet. The levels of the message delivery service range from unreliable unordered to reliable group timestamp ordered