5.4 System Design
5.4.2 Offloading Raft to P4 Switch
There are three key requirements for our network-assisted Raft. First, the correctness of Raft al- gorithm should not suffer by offloading processing logic to the network. Second, the Raft logic on a switch should be able to respond most requests directly for improved performance. Third, the Raft logic on a switch should safely discard obsolete log entries and even state machine for scalability. In the basic Raft consensus algorithm, there are three major elements: leader election, log replication, and log commitment. In order to satisfy the above requirements, our system consists of two major components: front-end implemented in a switch taking care of log replication and log commitment, and back-end in a server having a complete Raft imple- mentation1. Front-end enhances Raft in two aspects. First, it is able to perform Raft-aware forwarding. Second, it can quickly respond to Raft requests by rewriting the incoming packets. The job of back-end maintains complete states on the server for responding certain requests (described in the following subsection) which might not be fulfilled by front-end. The unique feature of our proposed solution is that we duplicate only the necessary logic to switches which act as a cache to reduce consensus latency, and we minimize the storage of replicated log entries and state machine in switches. The entire Raft algorithm is still running on the server machines. This partial offloading architecture helps improve the performance of Raft without sacrificing scalability.
Raft-aware P4 Switch. Front-end runs in a P4 switch which parses Raft requests and caches Raft states using P4 primitive actions. Upon the reception of a request, front-end parses the request and rewrites the packets to construct the corresponding response. It also forwards the
1leader electionand log replication are duplicated at front-end and back-end to improve performance and scala-
original packet to back-end for liveness check which is part of leader election. Normal response would be generated from back-end and sent to the switch as well, but front-end does not need to forward the message and only extracts necessary flow control information from it. For certain request, front-end may not be able to generate response due to limited information available on the switch, and such a request will be served normally by back-end. For example, when a new server joins the cluster, it needs to fetch all logs which may not be available at front-end, and then back-end would serve the request.
Now we discuss how front-end can forward certain Raft message without involving the back-end. In Raft, the requests from a client can only be handled by the leader. In the bootstrap phase, the client would randomly choose a server in the cluster to talk with. If the selected server is not a leader, it would notify the client of the leader’s IP address if it knows. Then the client can issue a new request to the leader. In our design, since front-end is aware of Raft, front-end of the selected server can forward the request to the leader directly and reduce the communication overhead.
In a practical system, especially when log replication and log commitment are implemented in switches, the log and state machine of Raft cannot grow without a bound. To solve this prob- lem, we adopt a similar but simpler approach as snapshot mechanism described in Raft [4]. In our scenario, front-end just needs to discard obsolete information without storing it because back-end always keeps all necessary information. However, the mechanism for discarding state machine is different from discarding obsolete log entries because front-end needs to know whether a requested item is already in swtich’s state machine or server’s. Thus, before discard- ing state machine cached in a switch, it needs to maintain a dictionary for existing keys in the system.
Handling Failures. We now discuss how to handle failures in this partial offloading architec- ture. Because front-end records the gap between two consecutive Raft heartbeat, if the gap is larger than a timeout value, front-end knows that back-end is down. Front-end will not discard any log and state machine from now on and sync them after the failed back-end is recovered. Communication failure between front-end and back-end is equivalent to a back-end failure.
If front-end fails, more specifically, the switch running front-end fails, back-end times out and issues a RequestVote message which cannot reach others. Back-end then times out and increases its term (defined as a representation of virtual time in Raft) indefinitely. Later on, when the switch is recovered, it will retrieve previous state by forwarding requests to back-end
and observing its response. At this point, back-end may have the largest term number, but may not have up-to-date log. Thus, it would step down the existing leader, and propose a new round of leader election.