1.
Aug. 2 Aug. 3 Aug. 4 Aug. 5 Aug. 6
9:00 Intro &
terminology
TP mons
& ORBs
Logging &
res. Mgr.
Files &
Buffer Mgr.
Structured
files
11:00 Reliability Locking
theory
Res. Mgr. &
Trans. Mgr.
COM+ Access paths
13:30 Fault
tolerance
Locking
techniques
CICS & TP
& Internet
CORBA/
EJB + TP
Groupware
15:30 Transaction
models
Queueing Advanced
Trans. Mgr.
Replication Performance
& TPC
18:00 Reception Workflow Cyberbricks Party FREE
Transactional Workflow
Chapter 9
2.
What Is the Problem ?
“A workflow management system is an
active system that manages the flow of
business processes performed by multiple
persons in multiple steps. It gets the right
data to the right people with the right tools
at the right time.”
(This definition omits a umber of aspects:
roles, events, errors, cooperation, ...)
3.
In More Technical Terms: What Is
Workflow ?
WF is a long-lived execution involving a potentially
large number of autonomous agents such as
programs, databases, sensors, actors, humans.
Control flow and data flow are (partially) pre-defined
and may evolve over time.
There are numerous interdependent consistency
criteria.
A WF must be kept alive by “the system” under all
circumstances.
5.
Steps ...
execute application logic of any kind,
can interact with human operators,
access shared data in databases,
depend on events and can create their own
events,
have a short duration and (should) behave like
classical transactions,
are invoked depending on the execution history.
6.
The Script ...
specifies the control flow and the workflow,
defines the event and data conditions under
which a step is to be executed,
defines the synchronization criteria for accessing
shared data,
maintains the local execution context of a
workflow instance,
handles resource conflicts, in particular on
shared data,
represents a persistent execution.
7.
What Is Transactional Workflow ?
There are different interpretations:
Extended transaction models adapted to the
needs of workflow: Sagas, Flex transactions,
etc.
Application of some transactional properties
such as isolation and durability to workflows.
Using classical distributed transactions to
implement the control flow machinery of a
workflow system.
8.
What Happens to the Transactional
Properties ?
A: Atomicity does not apply to an entire workflow
C: Consistency must be redefined including the
temporal dimension.
I: Isolation must be limited in time; cooperation
must be allowed.
D: Rather than the effects of transaction, the
execution itself must be durable.
9.
Correctness
Transactional correctness guarantees a
consistent overall state if each individual step is
executed correctly (or not at all) and there was a
consistent initial state.
In long-lived executions, this definition cannnot
be used, because
strict isolation is not feasible and
rollback is not option at the workflow level.
10.
Rollback vs. Compensation
Rollback is based on the assumption that an
erroneous state can be reverted to the previous
(correct) state without affecting anybody =>
Isolation.
Compensation tries to modify an erroneous state
such that all the consistency constraints work as
though the faulty operation was never executed
=> Formal definition of consistency.
11.
Correctness For Long-Lived Activities
Transactions can be executed iff the possibility
of rollback is maintained.
A step in a workflow can be executed iff
the individual step can be rolled back and
its commitment does not block any of the previously
executed steps from being compensated if needed.
12.
What Are Invariants For?
Compensation must be guaranteed for
completed steps =>
certain predicates on the shared and local state must
be maintained.
The requirements for a state to be executable
are formalized as combined event / state
predicates called “invariants”.
Invariants are alos useful to describe
correctness criteria for forward execution.
13.
Types of Invariants
Entry invariants guard the execution of a step.
If an entry invariant is violated, there are different
options:
give up (compensate),
negotiate,
resolve conflict.
Exit invariants formalize the new consistent state. Its
protection can be
strict (must),
moderate (want),
lose (hope).
14.
Invariants: Virtual Objects
Invariants may contain expressions like:
obj_1 + obj_2 rel_op value.
The objects are not necessarily managed by the
same RM.
To support such invariants, they are established
as virtual objects, which:
have a special name,
have a “value” method,
are stored at each participating RM,
are evaluated locally whenever possible.
15.
Dynamic Aspects of Invariants
p1
pa2 pa3 pa4
pb2 pb3 pb4
Individual invariants established by each step
17.
Dynamic Aspects of Invariants
Invariants can be deleted if the step with the
corresponding entry invariant will never be
executed. This implies:
All invariants become obsolete at the end of a
workflow.
Dead code must be detected dynamically.
We need special loop invariants.
If a step´s compensation step is dynamically
modified, this may cause problems.
18.
Supporting Invariants
In order to support invariants, database systems
must give up some their autonomy. In particular,
they have to:
provide notification about lock conflicts,
implement recoverable locks,
implement semantic locks (e.g. escrow),
implement existence locks at the tuple and at the
schema level.
19.
Using Transactions in a Workflow-
System
Application-level transactions for grouping multiple
steps
Transaction 1
Transaction 2
21. B C
System-level transactions for transferring control
from one step to the next
Using Transactions in a Workflow-System
22.
C
System-level transactions for transferring control
from one step to the next
B
CM
transfer
control
receive
request
notify
CM
notify
CM
System transaction A
Using Transactions in a Workflow-System
25.
C
Input queue Output queue
Local code
1.
dequeue
2. local execution
3. post
Complete
local transaction
incl. transfer
of control
Queue-Driven Step Processing
27.
Problems Related to Rollback
Why did the local transaction fail (system abort or
application-initiated rollback?)
In which cases should the TA be re-posted (and how
often)?
Who gets notified about an abort (source or CM)?
Who gets notified about the eventual failure to restart a
transaction?
Should application-level TAs be treated as distributed or
nested transactions at the system level?
Which programming level should handle these issues
(step or script)?
28.
Summing It Up - 1
Transactional concepts can be carried over to
workflow management in multiple ways and at
differet levels.
The most obvious application of transaction
technology is at the level of the workflow engine,
where transactions provide persistent execution
of a script, local recovery in case of partial
failures, reliable state transitions, recoverable
events, and consistent context.
29.
Summing It Up - 2
Transactions at the system level need a number
of extensions: nesting, chaining, leave-resume,
transfer.
Participating resource managers need to be able
to support an open distributed two-phase-
commit protocol.
Persistent storage managers need a number of
functional extensions such as recoverable locks.
30.
Summing It Up - 3
At the step level, transactions provide atomicity
for short-term related computations.
The TM must be able to support dependen-cies
among transcations.
At the script level, the concepts of atomicity and
consistency have to be translated into more
abstract notions (compensation, invariants).