1. Introduction

At Microsoft Research, we have an ongoing project called Phoenix. The long term goal of the Phoenix project is to develop and apply recovery techniques that will enable application programs to survive system crashes and allow application programmers to deal effectively with application errors. The effort relies fundamentally on exploiting and extending conventional database recovery techniques. Our initial systems focus is to provide persistent database sessions to client applications across server failures, without the application itself needing to take measures for its recoverability. Our approach is based on (i) application message logging, in which the client application’s interactions with the database server are captured and (ii) database session state materialized as database tables and logged on the server. To demonstrate the viability of our approach, we implemented a prototype system, named Phoenix/ODBC, that provides persistent ODBC database sessions

This short overview cannot describe all the Phoenix technology we have introduced. We outline here our systems work on Phoenix/ODBC that shows (i) how database session state can be treated as recoverable database objects and interactions between the client application and these database objects can be captured and logged; (ii) how to provide persistent result sets for SQL queries; and (iii) that logging costs for query result sets is usually modest and an entire ODBC database session can be recovered in a fraction of the time required to re-execute a single query. A more complete description of the Phoenix/ODBC system can be found in [2,3].

 

2. The Application Availability Challenge

Dealing with errors or exceptions is a very large part of getting applications right. Failures are not only an application programming problem but operational and availability problems as well. The Phoenix goal is to increase the availability of an application and in many cases avoid the operational task of coping with an error. There are two aspects of this:

System Crashes: While database systems recover database state, the states of applications using the database, and their sessions, are "blown away" (erased). Our intent is to extend database recovery to session and application state. This will enable stateful applications to survive failures and continue execution.

Logical Errors: Transactions abort for logical errors as well as crashes. Aborted transactions roll back to transaction start. Our intent is to extend database recovery to support partial rollback for application errors, where the rollback resets not only database state (supported by savepoints) but also application state.

We are currently exploring technology that exploits database redo recovery to enable applications to persist across system failures. While forms of program persistence have been proposed, the costs have been high in logging and checkpointing. Our techniques [1,4,5,6,7] substantially reduce these execution costs and leverage the database's recovery mechanisms to accomplish this. Phoenix continues the trend of expending system resources to conserve more expensive and error-prone human resources.

 

1. Phoenix/ODBC – Persistent Database Sessions

In the Phoenix project, we have focused first on client application availability and persistence in the presence of database server failures[2,3]. We avoid the difficulty involved with making substantial changes to the internals of the database system by focusing on session availability. Our prototype Phoenix/ODBC provides persistent server sessions to ODBC-enabled clients that survive a server crash without the client application being aware of the outage, except for possible timing considerations.

 

3. ODBC Background

ODBC (Open Database Connectivity) is a client application API to SQL database servers based on the X/Open and ISO/CAE SQL Call Level Interface standard. Applications can access data in any DBMS supporting ODBC for access to their databases. An application makes calls to ODBC using SQL statements written in either ODBC SQL or DBMS-specific SQL syntax. The usual components involved in going from an ODBC client application to a DBMS Server are outlined below and illustrated in Figure 1.

ODBC Driver: a DBMS vendor provided dynamic link library (on NT) that responds to all client application calls to the ODBC API. The driver translates SQL statements into DBMS-specific SQL syntax and passes the statement to the server and reformats results returned from the DBMS into ODBC format.

ODBC Driver Manager: a platform component that manages communications between the application and vendor provided ODBC drivers for any database with which the application works. The driver manager loads the ODBC driver and passes all application requests to it.

 

 

 

Figure 1: Illustration of the main components in the ODBC architecture.

 

1. An Example ODBC Database Session

To illustrate the use of ODBC and the likely result were a database failure to occur, we consider the following example. Our database session is centered on a data analysis query, similar to those in the TPC-D benchmark, and involves three tables: a master customer table, a detail orders table, and summary invoice table. The task is to extract the appropriate records for a customer with the last name "Smith," find that customer’s current orders, and aggregate the order totals into the invoice summary table. This client application might be coded as follows:

1. Overview of Phoenix/ODBC
1. The Phoenix/ODBC Architecture

To provide session availability in Phoenix/ODBC we introduce, a Phoenix-enabled ODBC Driver Manager. Phoenix/ODBC wraps any native ODBC driver, intercepting application requests going to the database as well as responses returned from the server.



---

 

Figure 3: ODBC architecture with a Phoenix-enhanced ODBC Driver Manager.

 

2. Phoenix/ODBC Actions

Phoenix/ODBC creates a virtual ODBC database session for an application (statement 1 of our example) and maps it to one or more real ODBC database sessions. It detects server failures and recovery by timing out requests and pinging the server until it recovers. It then re-associates the virtual session to a new ODBC session by reconnecting to the server and re-associating saved information with this new session. Finally, when the session terminates it cleans up any persistent session state that was created (statement 8).

Phoenix/ODBC captures transient session state and makes it persistent. It logs statements that alter session context (statement 1). It rewrites SQL statements to force the creation of persistent database tables that capture application session state, before passing the request on to the native ODBC driver (result sets of statements 2 and 4 will be made to persist). Phoenix/ODBC intercepts server responses, variously caching, filtering, and reshaping result sets, and synchronizing with state materialized on the database server (partially delivered result sets in statements 3 and 5 are synchronized to provide seamless delivery).

 

3. Decomposing Application State

1. Delivery of SQL Statement Results

A challenging aspect of masking server failures is ensuring seamless delivery of results to a client. Phoenix/ODBC enables this by making the result of a SQL statement a persistent table and re-accessing the result table after a failure.

1. Phoenix/ODBC Performance

Using queries from the TPC-D benchmark, we conducted an evaluation of Phoenix/ODBC to measure the costs of persisting and recovering ODBC database sessions[3]. We found that Phoenix/ODBC overhead to persist result sets for queries with a high degree of complexity, such as those found in the TPC-D benchmark, is modest. For TPC-D query Q5, the response time difference between Phoenix/ODBC and ‘vanilla’ ODBC is less than 4%, while for query Q11 there was less than a 30% difference in response time for result sets up to 100 tuples.

For computationally simple queries that generate small result sets the response time difference is small, but the response time ratio between Phoenix/ODBC and vanilla ODBC is more pronounced. The difference is due not only to run-time overheads of Phoenix/ODBC (request interception, scanning and parsing), which are quite small, but also due to table creation costs. Total Phoenix/ODBC costs contribute only about one third of a second to response time, but for simple queries this has a large impact on the response time ratio.

The time to fetch tuples from a Phoenix/ODBC persistent result set is within 5% of the fetch cost for an ODBC volatile result set. Response time measurements for ODBC fetch averaged .00380 seconds, while response time for Phoenix/ODBC fetch averaged .00397 seconds.

Once the database system recovers from server failure, Phoenix/ODBC can recover the entire database session and continue application execution in less than one second. Comparing this to the execution time for TPC-D query Q11, we note this is less than a tenth of the time required to recompute the query and send its results to the client.

 

2. Summary

Phoenix/ODBC relieves the application developer from coping with the programming complexity of handling server failures, increases the availability of the application, and in many cases avoids the operational task of coping with an error. Any application can use Phoenix/ODBC to enhance database session availability without having to modify the application program, the original ODBC driver, or the database server. Indeed, a user of the application, end user or other software, may not even be aware that a database server crash has occurred, except for some delay. While there is an extra cost for application persistence, Phoenix continues the trend of expending system resources to conserve more expensive and error-prone human resources.

 

3. Bibliography