[tahoe-dev] safety and Tahoe Lock Files

Jim McCoy jim.mccoy at gmail.com
Fri Mar 7 15:43:39 PST 2008


On Tue, Mar 4, 2008 at 8:09 AM, zooko <zooko at zooko.com> wrote:
> [...]
>  But thinking about Tahoe Lock Files causes me to start thinking about
>  how the same safety could in the future be implemented at the
>  Decentralized Filesystem Layer, gaining efficiency and making it
>  easier for application writers to use it.

The reason Dynamo does not assure writers of consistency is that its
creators understood CAP.  Capabilities are not magic fairy-dust that
you can sprinkle on a system and somehow get around these problems.
The problem here is that for mutable files you seem to want
consistent, available, and distributed/partition-tolerant when in fact
you only get to choose two of the three.  You can't hide this in
another layer unless that layer is prepared to deal with conflict
resolution for whichever property you are willing to relax.
Consistency is a client-side illusion if you want to keep mutability
within the same realm as the other properties.

Please read "Two-level, Self-Verifying Data for Peer-to-Peer Storage"
by Eaton, Weatherspoon, and Kubiatowicz and then reconsider your
solutions.  Hopefully this might at least point you in the direction
of a possible solution (hint: keeping mutable files and immutable
files in the same namespace is a fools errand IMNSHO...)

jim


More information about the tahoe-dev mailing list