[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: interposition
Mark,
One meta-comment. I feel that this whole business of hinting or insisting on interposition may be just plain excessive. In other words, I could easily be persuaded that we should just steer clear of this kind of adornment on the context. I'm going to excise all the parts of your summary that I broadly agree with, with one prefatory exception. I think we are talking about presumed abort, as you presume. My comments in bold. * * * The work that AP must do when it receives the termination message from C0 now depends upon which category it falls into. If it is 2, then it must prepare its own local work before forwarding the prepare to all locally registered participants (e.g., B). It must record sufficient recovery information for its own work as a participant *and* additional recovery information for its role as a coordinator. If it is case 3 then it need only do the latter. To be pedantic, it cannot return a vote in response to the prepare delivered to it until a) it has received all of its participants' votes, and b) is sure of its own local work, and then it must record its participants' addresses, and its coordinator address, before sending its vote to the superior coordinator. The point is that the branches below it in the tree must be ready before it can go ready, not the other way around. As I understand it, because your scenario 3) does not _necessitate_
any kind of participant registration, all mentions of logging for case
3) to refer to the situation where an interposed coordinator has by design
been created, even though there are no local participants. A router might
simply route (i.e. have no participant or coordinator function at all).
They may be a performance argument for avoiding interposition, based on reduction in number of messages or sloth of fan-out etc. I'm personally unconvinced, but production deployments do funny things, and others may have experience that contradicts my prejudice. It is my belief that using interposition should be up to an individual web service. I think this is overstating the case. If the individual web services
congregate in a community (or are forced into one by ownership or economic
force majeure) then they may agree (or "agree") to rules of engagement
that cause the coordinator to become a "desired overlord", responsible
for "ensuring" that the rules are observed.
The point is that protocols are agreements, and agreements only work
when there is enough trust (and punishment for violators) to keep things
going. We suspend unwitting or corrigble offenders, and we expel incorrigible
offenders from our trust communities by simple dint of refusing to deal
with them, or by complex dint of hauling them up before disciplinary panels.
This kind of background radiation trust is good enough for many purposes,
including this discussion, in my view.
Is it worth putting in the protocol? I'd go with the flow on how useful it's likely to be, because it is a requirement-driven issue. A final point on the matter raised by Keith in the call. If you send a single app message to a service, saying "MustInterpose" then you will only ever get back one enrollment (if it's well-behaved, and capable). If you send two messages, each of which causes enrollment, then you will not have a single point of coordination for the service. That is why I believe you cannot imbue MustInterpose with the necessary implication of "SingleParticipant". Alastair
|
begin:vcard n:Green;Alastair tel;cell:+44 795 841 2107 tel;fax:+44 207 670 1785 tel;work:+44 207 670 1780 x-mozilla-html:FALSE url:www.choreology.com org:Choreology Ltd version:2.1 email;internet:alastair.green@choreology.com title:Managing Director adr;quoted-printable:;;13 Austin Friars=0D=0A;London;;EC2N 2JX; fn:Alastair Green end:vcard
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC