Download Databases 2012 Recovery - Department of Computer Science

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
Document related concepts

Database wikipedia , lookup

Relational model wikipedia , lookup

Microsoft Jet Database Engine wikipedia , lookup

Functional Database Model wikipedia , lookup

Database model wikipedia , lookup

Commitment ordering wikipedia , lookup

Clusterpoint wikipedia , lookup

Object-relational impedance mismatch wikipedia , lookup

Extensible Storage Engine wikipedia , lookup

Serializability wikipedia , lookup

Concurrency control wikipedia , lookup

Transcript 
Databases 2012
Recovery
Christian S. Jensen
Computer Science, Aarhus University
Outline
 Transaction basics
 Logging
 Undo/Redo recovery
• No-Undo/Redo
• Undo/No-Redo
• No-Undo/No-Redo
 Checkpointing
Recovery
2
System Model
Read, Write, Commit, Abort
Transaction
Manager
Read, Write, Commit, Abort
Reset
(Recovery from
system failure)
Scheduler
Read, Write, Commit, Abort
Stable
Database
Log
Recovery
Input,
Output
Recovery
Manager
Fetch,
Flush
Cache
Manager
Read,
Write
Read,
Write
Cache
(volatile)
3
Transactions
 An atomic unit of work – a sequence of SQL
statements
 BEGIN TRANSACTION
• starts a new transaction
 COMMIT
• ends a transaction by committing all changes
to the database
 ROLLBACK
• aborts a transaction, leaving the database unchanged
 These commands are initiated explicitly by the
program or implicitly by the DBMS
Recovery
4
ACID
 An ideal transaction satisfies the ACID properties
Atomic:
• everything or nothing is performed (the system)
Consistent:
• all database constraints are satisfied (the programmer)
Isolated:
• appears to be executed one at a time (the system)
Durable:
• effects survive a crash (the system)
Recovery
5
The Need for Recovery
Update green to red
x
Update program
crashes!
Bad state: half of records are red, half green
Recovery: Gets the database back to a good state
Recovery
6
Atomicity and Durability of Operations
 An atomic operation does one of the following.
• Commits - completes fully
• Aborts - does not happen at all
 Hardware provides low-level atomic operations.
 High-level atomic operations are called transactions.
 The DBMS ensures that a transaction
• either completes and has a permanent result (a committed
transaction)
• or has no effect at all on the database (an aborted transaction).
 Recovery ensures atomicity and durability of transactions
in the presence of system failures.
Recovery
7
A Sample Transaction
 Transfer $50 from account A to account B.
1
2
3
4
5
6
7
8
Transaction starts
Read A
A  A - 50
Write A
Read B
B  B + 50
Write B
Transaction ends
 Sample values of database variables at various points in
execution:
Last Instruction
2
5
7
Recovery
A
180
130
130
B
100
100
150
8
Recovery
 Initial (incorrect) procedures
• Re-execute the transaction
• If the sample transaction crashed after instruction 4 (or later),
incorrect values (A = 130,...) will exist in the database.
• Do not re-execute the transaction
• If the sample transaction crashed before instruction 7, incorrect
values (..., B = 100) will exist in the database.
 Problems
• We do not know which instruction was executed last.
• Multiple, concurrent users
• Buffer management
Recovery
9
Storage Types
 Volatile storage: does not survive system crashes
• Main memory
• Cache memory
 Nonvolatile storage: survives (some) system crashes
• Disk
• Tape
 Stable storage: a (mythical) form of storage that survives
all failures
• Approximated by maintaining multiple copies of distinct
nonvolatile media with independent failure modes.
Recovery
10
Kinds of Failures
 Software Failures
• Logical – transaction dies gracefully due to bad input, overflow,
resource limit exceeded
• System – transaction aborts to escape deadlock
 Hardware Failures
• System – A power failure, volatile storage is lost, non-volatile is not.
• Disk – A head crash, nonvolatile storage is lost
 Non-recoverable failures
• Software – OS deletes critical DB file, some DBMS bugs
• Hardware – Catastrophic failure, nuclear attack (distributed
backup may help to restore much data)
Recovery
11
Storage Operations
 To move blocks with data items between disk and main
memory.
• Input(Q) transfers the block containing data item Q to main
memory.
• Output(Q) transfers the block containing Q to disk and replaces
the appropriate block there.
 To move values between data items and application
variables.
• Read(Q,q) assigns the value of data item Q to variable q.
• An Input(Q) may be necessary.
• No Output(Q) is needed.
• Write(Q,q) assigns the value of variable q to data item Q.
• An Input(Q) may be necessary.
• No Output(Q) is needed!
Recovery
12
Movement of Values
B
Input(B)
A
Input(A)
System Cache
(volatile storage)
A
B
Persistent Database
(nonvolatile storage)
Write(A)
Read(B)
A
Read(B)
B
Application 1 buffer
Recovery
B
Application 2 buffer
13
Log-Based Recovery
 During normal operation, the following occurs.
• When transaction T starts
<T starts>
is written to the log.
• When a transaction T modifies a data item X by Write(X)
<T, X, old: V, new: W>
is written to the log where
•
•
•
•
T is the transaction’s ID,
X is the data item’s name,
V is the old value of the item, and
W new value of the item.
• Recovery Manager also writes the new value of X to the cache.
Recovery
14
Log-based Recovery, Continued
 Cache Manager is independent of Recovery Manager
• Recovery Manager appends log record to log
• Important: Log is stored in stable storage.
• Asynchronous writes: Cache Manager can then write new value to
cache or disk
 When T reaches its last statement,
<T commits>
is written to the log, and T then commits.
• The transaction commits precisely when the commit entry (after all
previous entries for this transaction) is output to the log.
Recovery
15
Buffering of Log Entries and Data Items
 We have so far assumed that log entries are put on stable
storage when they are created.
 Can we lift this restriction and only place log records in the
cache? This would yield better performance!
 Yes!
 We must impose the following restrictions
• Transaction T cannot commit before <T commits> has been output
to stable storage.
• <T commits> cannot be placed on stable storage before all other
entries pertaining to T are on stable storage.
• A block of data items cannot be output to stable storage until all
log entries pertaining to the data items are output.
Recovery
16
Recovery From Failures
 When failures occur, the following operations that
use the log are executed.
• Undo: restore database to state prior to execution.
• Redo: perform the changes to the database over again.
 Examples
• Undo
• Aborted transaction
• Active transactions at the time of crash
• Redo
• Committed transaction whose changes have not been placed
in the database
Recovery
17
Example
 T1 is executed followed by T2
T1:
Read(A)
A  A + 50
Read(B)
B  B + 100
Write(B)
Read(C)
C  2C
Write(C)
AA+B+C
Write (A)
T2:
Read(A)
A  A +10
Write(A)
Read(D)
D  D -10
Read(E)
Read(B)
EE+B
Write(E)
DD+E
Write(D)
 The initial values are:
A=100
Recovery
B=300 C=5
D=60
E=80
18
Example, cont.
 The Log
1. <T1 starts>
2. <T1, B, old: 300, new: 400>
3. <T1, C, old: 5, new: 10>
4. <T1, A, old: 100, new: 560>
5. <T1 commits>
6. <T2 starts>
7. <T2, A, old: 560, new: 570>
8. <T2, E, old: 80, new: 480>
9. <T2, D, old: 60, new: 530>
10. <T2 commits>
 Output of B can occur anytime after entry 2 is
output to the log, etc.
Recovery
19
The Undo/Redo Algorithm
 Following a failure, the following is done.
• Redo all transactions for which the log has both “start” and
“commit” entries.
• Undo all transactions for which the log has “start” entry but no
“commit” entry.
 Remarks
• In a multitasking system, more than one transaction may need to
be undone.
• If a system crashes during the recovery stage, the new recovery
must still give correct results (idempotent).
• In this algorithm, a large number of transactions need to be
redone, since we do not know what data items are on disk.
Recovery
20
Example, cont.
 If system crashes, recovery action depends on the last
instruction (actually) written on log.
Last Instruction
I=0
1I4
5I9
I=10
Recovery
Action
Consequence
Nothing
Neither T1 nor T2 has run
Undo T1:
Restore the values of variables
listed in 1-I old values
Redo T1:
Set the values of the variables
listed in I-4 to values created by
T1
Undo T2:
Restore the values of variables
listed in I-9 to those before T2
started execution
Redo T1
Redo T2
T1 has not run
T1 ran
T2 has not run
T1 and T2 both ran
21
Undo/Redo, cont.
 Goal: Maximize efficiency during normal operation.
• Some extra work is required during recovery time.
 Allows maximum flexibility of buffer manager.
• Database outputs are entirely asynchronous, other than having to
happen after the corresponding log entry outputs.
 Most complex at recovery time
• Must implement both undo and redo.
 Also termed immediate database modification
 Note: requires before and after images in log or only after
images if an initial before image is written to the log
before first write.
Recovery
22
No-Undo/Redo
 Algorithm
• Do not output values to the disk until the commit log entry is on
stable storage.
• All writes go to the log and to the database cache.
• Sometime after commit, the cached values are output to the disk.
 Advantages
• Faster during recovery: no undo.
• No before images needed in log.
 Disadvantages
• Database outputs must wait.
• Lots of extra work at commit time.
 Also called deferred database modification.
Recovery
23
Undo/No-Redo
 Algorithm
• All changed data items need to be output to the disk
before commit.
• Requires that the write entry first be output to the (stable) log.
• At commit:
• Output (flush) all changed data items in the cache.
• Add commit entry to log.
 Advantages
• No after images are needed in log.
• No transactions need to be redone.
 Disadvantages
• Hot spot data requires a flush for each committed write.
• Implies lots of I/O traffic.
Recovery
24
No-Undo/No-Redo
 Algorithm
• No-undo  do not change the database during a
transaction
• No-redo  on commit, write changes to the database
in a single atomic action
 Advantages
• Recovery is instantaneous.
• No recovery code need be written.
 Atomic database writes of many pages is
accomplished using the shadow paging
technique.
Recovery
25
No-Undo/No-Redo, cont.
 During a transaction:
Master 
x
y
z



x
y
z



Last committed value of x
Last committed value of y
Last committed value of z
New version of x
New version of y
 After preparing new directory for commit:
Master 
 After committing:
Master 
Recovery
x
y
z



x
y
z



x
y
z



x
y
z



Last committed value of x
Last committed value of y
Last committed value of z
New version of x
New version of y
Last committed value of x
Last committed value of y
Last committed value of z
New version of x
New version of y
26
No-Undo/No-Redo Example, cont.
 Commit requires writing on disk of one bit.
 Restart is very fast: one disk read.
 Problems:
• Access to stable storage is indirect (though directories
may be possibly stored in main memory).
• Garbage collection of stable storage is required.
• Original layout of data is destroyed.
• Concurrent transactions are difficult to support.
Recovery
27
Checkpointing
 Checkpointing speeds up recovery by flushing dirty pages
to disk.
 During the execution in addition to the activities of the
previous method, periodically perform checkpointing.
1 Output the log buffers to the log.
2 Force database buffers to the disk.
3 Output an entry <checkpoint> on the log.
 During recovery
• Undo all transactions that have not committed.
• Redo all transactions that have committed after checkpoint.
Recovery
28
Example - Recovery with Checkpoints
Time
Tc
Tf
T1
T2
T3
T4
Checkpoint
System Failure
 T1 is ok.
 T2 and T3 are redone.
 T4 is undone.
Recovery
29
Summary
 No-Undo/Redo
• Disk is written after commit.
• No before values appear in log.
 Undo/Redo
• Before and after values written to log.
• Writes occur whenever is convenient.
 Undo/No-Redo
• Disk is written before commit.
• No after values appear in log.
 No-Undo/No-Redo
• Uses shadow paging.
• Disk writes like undo/redo, except flush before commit record.
 Checkpoint
• Flush buffers before writing checkpoint record.
Recovery
30
Related documents
MARKETING BASICS
MARKETING BASICS
Supporting Activity Database Recovery Process Suppose that the
Supporting Activity Database Recovery Process Suppose that the
Direct marketing
Direct marketing
Transaction Management (cont.)
Transaction Management (cont.)
Recoverability and Failure
Recoverability and Failure
Reliability and Security in Database Servers
Reliability and Security in Database Servers
lecture28
lecture28
Recovery - Dr Gordon Russell
Recovery - Dr Gordon Russell
12 Solve MultiStep Equations
12 Solve MultiStep Equations
Regis University Graduate Program MSCD 600 Database Architecture Name: ________________________
Regis University Graduate Program MSCD 600 Database Architecture Name: ________________________
4902RecoveryCh19
4902RecoveryCh19