Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fault Tolerance and Adaptation in Large Scale, Heterogeneous, Soft Real-Time Systems RTES Collaboration (NSF ITR grant ACI-0121658) Paul Sheldon Vanderbilt.

Published byAgatha Hopkins Modified over 8 years ago

Similar presentations

Presentation on theme: "Fault Tolerance and Adaptation in Large Scale, Heterogeneous, Soft Real-Time Systems RTES Collaboration (NSF ITR grant ACI-0121658) Paul Sheldon Vanderbilt."— Presentation transcript:

1 Fault Tolerance and Adaptation in Large Scale, Heterogeneous, Soft Real-Time Systems RTES Collaboration (NSF ITR grant ACI-0121658) Paul Sheldon Vanderbilt University Paul Sheldon Vanderbilt University

2 16 March 2005 CMS Week 2 Introduction The Problem Goals and Deliverables Demonstration system Comments

3 16 March 2005 CMS Week 3 A 20 TeraHz Real-Time System: BTeV Trigger… some similarities to CMS Input: 800 GB/s (2.5 MHz) Level 1  Lvl1 processing: 190  s rate of 396 ns  528 “8 GHz” G5 CPUs (factor of 50 event reduction)  high performance interconnects Level 2/3:  Lvl 2 processing: 5 ms (factor of 10 event reduction)  Lvl 3 processing: 135 ms (factor of 2 event reduction)  1536 “12 GHz” CPUs commodity networking Output: 200 MB/s (4 kHz) = 1-2 Petabytes/year

4 16 March 2005 CMS Week 4 The Problem: Early Project Review “Given the very complex nature of this system where thousands of events are simultaneously and asynchronously cooking, issues of data integrity, robustness, and monitoring are critically important and have the capacity to cripple a design if not dealt with at the outset…” “BTeV [needs to] supply the necessary level of “self-awareness” in the trigger system.” [June 2000 Project Review]

5 16 March 2005 CMS Week 5 Chap. 9 & Appendix E, DAQ/HLT TDR …demonstrate that the current system and its associated protocols are such that all transient faults are handled in real-time and that, after relatively short periods of time, the system resumes its correct operation. The implementation of the established fault-tolerant protocols is tested by using prototype software and hardware developed in the context of the CMS-DAQ R&D. This the step where fault-injection tests are carried out. [Fault Injection] is particularly important because fault-handling code is exercised only when a fault occurs. Given that the occurrence of faults should be the exception, rather than the rule, such code is therefore either not tested, or is only minimally tested. To establish the correctness and scaling of the fault handling mechanisms in the design, fault injection at the level of the prototype Event Builder and in a simulation of the full CMS system is used to establish the correctness of the actual implementation.

6 16 March 2005 CMS Week 6 For lack of a better name: RTES The Real Time Embedded Systems Group  A collaboration of five institutions: University of Illinois University of Pittsburgh University of Syracuse Vanderbilt University (PI) Fermilab NSF ITR grant ACI-0121658 Funds Computer Scientists/Electrical Engineers with expertise in:  High performance, real-time system software and hardware,  Reliability and fault tolerance,  System specification, generation, and modeling tools. RTES Graduate Students

7 16 March 2005 CMS Week 7 RTES Goals High availability  Fault handling infrastructure capable of Accurately identifying problems (where, what, and why) Compensating for problems (shift the load, changing thresholds) Automated recovery procedures (restart / reconfiguration) Accurate accounting Extensibility (capturing new detection/recovery procedures) Policy driven monitoring and control Dynamic reconfiguration  adjust to potentially changing resources

8 16 March 2005 CMS Week 8 RTES Goals (continued) Faults must be detected/corrected ASAP  semi-autonomously with as little human intervention as possible  distributed & hierarchical monitoring and control Life-cycle maintainability and evolvability  to deal with new algorithms, new hardware and new versions of the OS

9 16 March 2005 CMS Week 9 The RTES Solution Analysis Runtime Configuration, Design and Analysis Algorithms Fault Behavior Resource Synthesis Performance Diagnosability Reliability Experiment Control Interface Synthesis Feedback Modeling Reconfigure Logical Data Net Region Operations Mgr L2,3/CISC/RISCL1/DSP Region Fault Mgr Logical Data Net Logical Control Network Global Fault Manager Global Operations Manager Soft Real Time Hard

10 16 March 2005 CMS Week 10 RTES Deliverables A hierarchical fault management system and toolkit:  Model Integrated Computing [Vanderbilt] GME (Generic Modeling Environment) system modeling tools  and application specific “graphic languages” for modeling system configuration, messaging, fault behaviors, user interface, etc.  ARMORs (Adaptive, Reconfigurable, and Mobile Objects for Reliability) [Illinois] Robust framework for detection and reaction to faults in processes  VLAs (Very Lightweight Agents for limited resource environments) [Syracuse and Pittsburgh] To monitor/mitigate at every level  DSP, Supervisory nodes, Linux farm, etc.

11 16 March 2005 CMS Week 11 GME: Configuration through Modeling Multi-aspect tool, separate views of  Hardware – components and physical connectivity  Executables – configuration and logical connectivity  Fault handling behavior using hierarchical state machines Model interpreters can generate the system image  At the code fragment level (for fault handling)  Download scripts and configuration Modeling “languages” are application specific  Shapes, properties, associations, constraints  Appropriate to application/context System model Messaging Fault mitigation GUI, etc.

12 16 March 2005 CMS Week 12 Modeling Environment  Fault handling  Process dataflow  Hardware Configuration

13 16 March 2005 CMS Week 13 ARMOR Adaptive Reconfigurable Mobile Objects of Reliability:  Multithreaded processes composed of replaceable building blocks  Provide error detection and recovery services to user applications Hierarchy of ARMOR processes form runtime environment:  System management, error detection, and error recovery services distributed across ARMOR processes.  ARMOR Runtime environment is itself self checking. 3-tiered ARMOR support of user application  Completely transparent and external support  Enhancement of standard libraries  Instrumentation with ARMOR API

14 16 March 2005 CMS Week 14 ARMOR Scaleable Design ARMOR processes designed to be reconfigurable:  Internal architecture structured around event-driven modules called elements.  Elements provide functionality of the runtime environment, error- detection capabilities, and recovery policies.  Deployed ARMOR processes contain only elements necessary for required error detection and recovery services. ARMOR processes resilient to errors by leveraging multiple detection and recovery mechanisms:  Internal self-checking mechanisms to prevent failures from occurring and to limit error propagation.  State protected through checkpointing.  Detection and recovery of errors. ARMOR runtime environment fault-tolerant and scalable:  1-node, 2-node, and N-node configurations.

15 16 March 2005 CMS Week 15 Execution ARMOR in Worker Worker Exec ARMOR Filter 1Filter 2Event Builder ARMOR Microkernel Msg table Named pipe Msg routing Process mgmt App id mgmt Crash detection Infrastructure elements Elvin/Armor msg converter Hang detection Node status report Filter crash report Bad data report Execution time report Custom elements Memory leak report

16 16 March 2005 CMS Week 16 Very Lightweight Agents Minimal footprint Platform independence  Employable everywhere in the system! Monitors hardware and software Handles fault detection & communications with higher level entities Physics Application Hardware OS Kernel (Linux) VLA L2/L3 Manager Nodes (Linux) Physics Application Level 2/3 Farm Nodes (Linux) Network API

17 16 March 2005 CMS Week 17 Demonstration System Demonstrate fault mitigation and recovery in a “large” cluster (64 node)  54 worker nodes (108 CPUs) divided into 9 “regions”  9 regional managers  1 Global manager Distributed and hierarchical monitoring and error handling Inject errors and watch for appropriate behavior Real-Time and Embedded Technology & Applications Symposium (IEEE) San Francisco, March 7-10, 2005

18 16 March 2005 CMS Week 18 The Demonstration System Architecture Iron Ganglia public private laptop Matlab Elvin laptop Matlab Elvin Boulder Elvin Global RC, ARMOR Regional RC, ARMOR Worker RC, VLA, ARMOR FilterApp Worker RC, VLA, ARMOR FilterApp … Regional RC, ARMOR Worker RC, VLA, ARMOR FilterApp Worker RC, VLA, ARMOR FilterApp … Regional RC, ARMOR Worker RC, VLA, ARMOR FilterApp … DataSource file reader

19 16 March 2005 CMS Week 19 Prototype Trigger Farms at Fermilab 16-node Apple G5 farm Infiniband switch L2/3 Trigger Racks F1-F5 L2/3 Trigger WorkersL1 Trigger Farm

20 16 March 2005 CMS Week 20 L2/3 Prototype Farm Components Using PC’s from old PC Farms at Fermilab  3 dual-CPU Manager PCs boulder (1 GHz P3) - meant for data server iron (2.8 GHz P4) - httpd, BB and Ganglia gmetad slate (500 MHz P3) - httpd, BB  Managers have a private network through 1 Gbps link bouldert, iront, slatet  15 dual-CPU (500 MHz P3) workers (btrigw2xx)  84 dual-CPU (1GHz P3) PC workers (btrigw1xx) No plans to add more, but may replace with faster ones  Ideal for RTES 11 workers already have problems! A Heterogeneous Mix of Aging Systems!

21 16 March 2005 CMS Week 21 Errors Types “Bad event” corrupt event data detected by filter application, message sent for logging/counting Kill a filter application  ARMOR detects its absence restarts it Hang a filter application  Time-out message from event source triggers killing  Filter restarted by its ARMOR Exponential slowing of filter  Detected by VLA, notifies ARMOR, kills filter application  ARMOR restarts filter app

22 16 March 2005 CMS Week 22 …Errors Types Increase in memory usage (memory leak)  Detected by VLA, notifies ARMOR, kills filter application  ARMOR restarts filter app Regional growth in filter execution time (all or many filter processes slow)  Regional ARMOR takes corrective action: increases threshholds in filter

23 16 March 2005 CMS Week 23 Near term goals Run 65 node demo 24/6/365 Use to debug/shake down tools (ARMORs, VLAs, modeling) Improve/update Use as a running experiment!  Measure/characterize performance of tools Improve monitoring interface: system info provided to human operator More realistic faults, and more complete set Filter feedback

24 16 March 2005 CMS Week 24 Comments This is an integrated approach – from hardware to physics applications  Standardization of resource monitoring, management, error reporting, and integration of recovery procedures can make operating the system more efficient and make it possible to comprehend and extend. There are real-time constraints that must be met  Scheduling and deadlines  Numerous detection and recovery actions The product of this research will  Automatically handle simple problems that occur frequently  Be as smart as the detection/recovery modules plugged into it

25 16 March 2005 CMS Week 25 Comments (continued) The product can lead to better or increased  System uptime by compensating for problems or predicting them instead of pausing or stopping the experiment  Resource utilization the system will use resources that it needs  Understanding of the operating characteristics of the software  Ability to debug and diagnose difficult problems

26 16 March 2005 CMS Week 26 Further Information General information about RTES  www-btev.fnal.gov/public/hep/detector/rtes/ General information about BTeV  www-btev.fnal.gov/ Information about GME and the Vanderbilt ISIS group  www.isis.vanderbilt.edu/

27 16 March 2005 CMS Week 27 Further Information (continued) Information about ARMOR technology  www.crhc.uiuc.edu/DEPEND/projectsARMORs.htm Talks from our workshops  false2002.vanderbilt.edu/  www.ecs.syr.edu/faculty/oh/FALSE2005/ Wiki (internal, today)  whcdf03.fnal.gov/BTeV-wiki/DemoSystem2004 Elvin publish/subscribe networking  www.mantara.com

28 16 March 2005 CMS Week 28

29 16 March 2005 CMS Week 29 Backup Slides

30 16 March 2005 CMS Week 30 The Problem Chapter 9 & Appendix E of the CMS DAQ/HLT TDR provide an excellent description. Monitoring, Fault Tolerance/Mitigation are crucial  In a cluster of this size, processes and daemons are constantly hanging/failing, becoming corrupted, etc. Software reliability & performance depends on  Physics detector-machine performance  Program testing procedures, implementation, and design quality  Behavior of the electronics (front-end and within the trigger) Hardware failures will occur!  one to a few per week… maybe more?

31 16 March 2005 CMS Week 31 ARMOR System: Basic Configuration Heartbeat ARMOR Detects and recovers FTM failures Fault Tolerant Manager Highest ranking manager in the system Daemons Detect ARMOR crash and hang failures ARMOR processes Provide a hierarchy of error detection and recovery. ARMORS are protected through checkpointing and internal self-checking. Execution ARMOR Oversees application process (e.g. the various Trigger Supervisor/Monitors) Daemon Fault Tolerant Manager (FTM) Daemon Heartbeat ARMOR Daemon Exec ARMOR App Process network

32 16 March 2005 CMS Week 32 ARMOR: Internal Structure Daemon TCP Connection Mgmt. Named Pipe Mgmt. Process Mgmt. Detection Policy ARMOR Microkernel Process Mgmt. Network Daemon Remote daemons Node 1Node 2 Node 3 ARMOR Microkernel Recovery Policy Local Manager ARMOR Trigger Application Execution Controller Adaptive, Reconfigurable, and Mobile Objects for Reliability

33 16 March 2005 CMS Week 33 T he Demonstration System Components Matlab as GUI engine  GUI defined by GME models Elvin publish/subscribe networking (everywhere)  Messages defined by GME models RunControl (RC) state machines  Defined by GME models ARMORs  Custom elements defined by GME models FilterApp, DataSource  Actual physics trigger code  File-reader supplies physics/simulation data to the FilterApp Demo “faults” encoded onto Source-Worker data messages for execution on the Worker

Download ppt "Fault Tolerance and Adaptation in Large Scale, Heterogeneous, Soft Real-Time Systems RTES Collaboration (NSF ITR grant ACI-0121658) Paul Sheldon Vanderbilt."

Similar presentations

MicroKernel Pattern Presented by Sahibzada Sami ud din Kashif Khurshid.

MicroKernel Pattern Presented by Sahibzada Sami ud din Kashif Khurshid.
Remus: High Availability via Asynchronous Virtual Machine Replication

Remus: High Availability via Asynchronous Virtual Machine Replication
Distributed Processing, Client/Server and Clusters

Distributed Processing, Client/Server and Clusters
Technology Drivers Traditional HPC application drivers – OS noise, resource monitoring and management, memory footprint – Complexity of resources to be.

Technology Drivers Traditional HPC application drivers – OS noise, resource monitoring and management, memory footprint – Complexity of resources to be.
Experimental Evaluation of a SIFT Environment for Parallel Spaceborne Applications K. Whisnant, Z. Kalbarczyk, R.K. Iyer, P. Jones Center for Reliable.

Experimental Evaluation of a SIFT Environment for Parallel Spaceborne Applications K. Whisnant, Z. Kalbarczyk, R.K. Iyer, P. Jones Center for Reliable.
Network Management Overview IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Network Management Overview IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Technical Architectures

Technical Architectures
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
Camilo Lara KIP HLT Production Readiness Review 1 HLT Cluster Management.

Camilo Lara KIP HLT Production Readiness Review 1 HLT Cluster Management.
CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.

CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.
Chapter 13 Embedded Systems

Chapter 13 Embedded Systems
SensIT PI Meeting, April 17-20, 2001 1 Distributed Services for Self-Organizing Sensor Networks Alvin S. Lim Computer Science and Software Engineering.

SensIT PI Meeting, April 17-20, Distributed Services for Self-Organizing Sensor Networks Alvin S. Lim Computer Science and Software Engineering.
Software Issues Derived from Dr. Fawcett’s Slides Phil Pratt-Szeliga Fall 2009.

Software Issues Derived from Dr. Fawcett’s Slides Phil Pratt-Szeliga Fall 2009.
5/24/011 Advanced Tool Integration for Embedded Systems Assurance Insup Lee Department of Computer and Information Science University of Pennsylvania.

5/24/011 Advanced Tool Integration for Embedded Systems Assurance Insup Lee Department of Computer and Information Science University of Pennsylvania.
Undergraduate Poster Presentation Match 31, 2015 Department of CSE, BUET, Dhaka, Bangladesh Wireless Sensor Network Integretion With Cloud Computing H.M.A.

Undergraduate Poster Presentation Match 31, 2015 Department of CSE, BUET, Dhaka, Bangladesh Wireless Sensor Network Integretion With Cloud Computing H.M.A.
Course Instructor: Aisha Azeem

Course Instructor: Aisha Azeem
Issues on Software Testing for Safety-Critical Real-Time Automation Systems Shahdat Hossain Troy Mockenhaupt.

Issues on Software Testing for Safety-Critical Real-Time Automation Systems Shahdat Hossain Troy Mockenhaupt.
1 Autonomic Computing An Introduction Guenter Kickinger.

1 Autonomic Computing An Introduction Guenter Kickinger.
Research & Development Roadmap 1. Outline A New Communication Framework Giving Bro Control over the Network Security Monitoring for Industrial Control.

Research & Development Roadmap 1. Outline A New Communication Framework Giving Bro Control over the Network Security Monitoring for Industrial Control.
1 BTEC HNC Systems Support Castle College 2007/8 Systems Analysis Lecture 9 Introduction to Design.

1 BTEC HNC Systems Support Castle College 2007/8 Systems Analysis Lecture 9 Introduction to Design.

Similar presentations

Ads by Google