Architectural Description

1. ORBD

• ORBD is located in battleship.ece.cmu.edu.

• Port number is 1500.

• We assume that ORBD is stable and no crash.

2. Database

• Database server is located in sillyboys.ece.cmu.edu.

• We assume that Database is stable and no crash.

3. Client

• On-line BookStore runs on Tomcat Web server.

• Our Client Server is located in chico.ece.cmu.edu.

• Each user can access client server through web browser.

• We assume that Client Server is stable.

4. Server

• We have two replica.

• The first replica is in clue.ece.cmu.edu.

• The second replica is in risk.ece.cmu.edu

• Each replica has its own fault detector.

• The fault detector is check the replica is alive and restart replica if it is crashed.

• We assume that server crash is only by performing kill-9 or Ctrl+c.

Fault Tolerance

1. Replication

• The BookStore system have one primary replica and one passive replica.

• The primary replica receives messages from the clients and saves the values to the database system.

• We do not provide global replication manager, but each server has its own fault detector.

• If the primary replica is crashed, the client tries to call service again to the second server.

• If the previous primary replica (the first server) fails over from the crash, it will be the primary and current primary replica (the second server) will change to the passive replica.

2. Entities Not Replicated

• The database, client server are not replicated.

• We assume those are stable and never crashed.

3. Number of Faults Tolerated at a Time

• One fault can be handled with two server in assumption that one primary replica is alive at least.

4. Successive Faults Tolerated

• The multiple number of successive faults can be tolerated in assumption that one primary replica is alive at least.