Modular Software Upgrades for Distributed Systems

  • Sameer Ajmani
  • Barbara Liskov
  • Liuba Shrira
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4067)


Upgrading the software of long-lived, highly-available distributed systems is difficult. It is not possible to upgrade all the nodes in a system at once, since some nodes may be unavailable and halting the system for an upgrade is unacceptable. Instead, upgrades must happen gradually, and there may be long periods of time when different nodes run different software versions and need to communicate using incompatible protocols. We present a methodology and infrastructure that make it possible to upgrade distributed systems automatically while limiting service disruption. We introduce new ways to reason about correctness in a multi-version system. We also describe a prototype implementation that supports automatic upgrades with modest overhead.


Transform Function Current Object Version Number Permission System Simulation Object 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ajmani, S.: Automatic Software Upgrades for Distributed Systems. Ph.D., MIT (September 2004), Also available as technical report MIT-LCS-TR-1012Google Scholar
  2. 2.
    Almeida, J.P.A., Wegdam, M., van Sinderen, M., Nieuwenhuis, L.: Transparent dynamic reconfiguration for CORBA (2001)Google Scholar
  3. 3.
    Amer-Yahia, S., Breche, P., Souza, C.: Object views and updates. Journes Bases de Donnes Avances (1996)Google Scholar
  4. 4.
    Bidan, C., Issarny, V., Saridakis, T., Zarras, A.: A dynamic reconfiguration service for CORBA. In: Intl. Conf. on Configurable Dist. Systems, May 1998 pp. 35–42 (1998)Google Scholar
  5. 5.
    Bloom, T.: Dynamic Module Replacement in a Distributed Programming System. PhD thesis, MIT (1983)Google Scholar
  6. 6.
    Boyapati, C., Liskov, B., Shrira, L., Moh, C.-H., Richman, S.: Lazy modular upgrades in persistent object stores. In: OOPSLA (2003)Google Scholar
  7. 7.
    Brewer, E.A.: Lessons from giant-scale services. IEEE Internet Computing (July 2001)Google Scholar
  8. 8.
    Callaghan, B., Pawlowski, B., Staubach, P.: NFS version 3 protocol specification. RFC 1813, Network Working Group (June 1995)Google Scholar
  9. 9.
    Dabek, F., Kaashoek, M.F., Karger, D., Morris, R., Stoica, I.: Wide-area cooperative storage with CFS. In: SOSP (October 2001)Google Scholar
  10. 10.
    Fabry, R.S.: How to design systems in which modules can be changed on the fly. In: Intl. Conf. on Software Engineering (1976)Google Scholar
  11. 11.
    Freedman, M.J., Freudenthal, E., Mazières, D.: Democratizing content publication with Coral. In: NSDI, San Francisco, CA (March 2004)Google Scholar
  12. 12.
    Frieder, O., Segal, M.E.: On dynamically updating a computer program: From concept to prototype. Journal of Systems and Software, 111–128 (1991)Google Scholar
  13. 13.
    Hicks, M.W., Moore, J.T., Nettles, S.: Dynamic software updating. Programming Language Design and Implementation, 13–23 (2001)Google Scholar
  14. 14.
    Hofmeister, C.R., Purtilo, J.M.: A framework for dynamic reconfiguration of distributed programs. Technical Report CS-TR-3119, University of Maryland, College Park (1993)Google Scholar
  15. 15.
    Kaminsky, M., Savvides, G., Mazières, D., Kaashoek, M.F.: Decentralized user authentication in a global file system. In: SOSP, October 2003, pp. 60–73 (2003)Google Scholar
  16. 16.
    Kapur, D.: Towards a theory for abstract data types. Technical Report MIT-LCS-TR-237, MIT (June 1980)Google Scholar
  17. 17.
    Kramer, J., Magee, J.: The Evolving Philosophers Problem: Dynamic change management. IEEE Transactions on Software Engineering 16(11), 1293–1306 (1990)CrossRefGoogle Scholar
  18. 18.
    Liskov, B., Castro, M., Shrira, L., Adya, A.: Providing persistent objects in distributed systems. In: European Conf. on Object-Oriented Programming (June 1999)Google Scholar
  19. 19.
    Liskov, B., Wing, J.: A behavioral notion of subtyping. ACM Transactions on Programming Languages and Systems 16(6), 1811–1841 (1994)CrossRefGoogle Scholar
  20. 20.
    Monk, S., Sommerville, I.: A model for versioning of classes in object-oriented databases. In: British National Conf. on Databases, Aberdeen, pp. 42–58 (1992)Google Scholar
  21. 21.
    Peterson, L., Culler, D., Anderson, T., Roscoe, T.: A blueprint for introducing disruptive technology into the Internet. In: HotNets I (October 2002)Google Scholar
  22. 22.
    Ritzau, T., Andersson, J.: Dynamic deployment of Java applications. In: Java for Embedded Systems Workshop, London (May 2000)Google Scholar
  23. 23.
    Salz, J., Snoeren, A.C., Balakrishnan, H.: TESLA: A transparent, extensible session-layer architecture for end-to-end network services. In: USITS (2003)Google Scholar
  24. 24.
    Senivongse, T.: Enabling flexible cross-version interoperability for distributed services. Distributed Objects and Applications (1999)Google Scholar
  25. 25.
    Skarra, A.H., Zdonik, S.B.: The management of changing types in an object-oriented database. In: OOPSLA, pp. 483–495 (1986)Google Scholar
  26. 26.
    Soules, C.A.N., Appavoo, J., Hui, K., Wisniewski, R.W., Silva, D.D., Ganger, G.R., Krieger, O., Stumm, M., Auslander, M., Ostrowski, M., Rosenburg, B., Xenidis, J.: System support for online reconfiguration. In: USENIX Annual Technical Conf. (2003)Google Scholar
  27. 27.
    Srinivasan, R.: RPC: Remote procedure call specification version 2. RFC 1831, Network Working Group (1995)Google Scholar
  28. 28.
    Stoyle, G., Hicks, M., Bierman, G., Sewell, P., Neamtiu, I.: Mutatis mutandis: Safe and flexible dynamic software updating. Principles of Programming Languages (2005)Google Scholar
  29. 29.
    Tewksbury, L.A., Moser, L.E., Melliar-Smith, P.M.: Live upgrades of CORBA applications using object replication. In: ICSM, November 2001 pp. 488–497 (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Sameer Ajmani
    • 1
  • Barbara Liskov
    • 2
  • Liuba Shrira
    • 3
  1. 1.Google, Inc. 
  2. 2.MIT Computer Science and Artificial Intelligence Laboratory 
  3. 3.Brandeis University Computer Science Department 

Personalised recommendations