OASIS ebXML Messaging Services TC

 View Only

Re: [ebxml-msg] an assessment of the reliability of pulled messages

  • 1.  Re: [ebxml-msg] an assessment of the reliability of pulled messages

    Posted 01-07-2005 19:42
     MHonArc v2.5.0b2 -->
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    

    ebxml-msg message

    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


    Subject: Re: [ebxml-msg] an assessment of the reliability of pulled messages


    Jacques,
    
    Sorry for the length of this.  I hope the text is made clearer through the 
    longer explanations rather than the reverse.  Please let me know what 
    remains muddled.  Also, the diagrams below will only work when viewed with 
    a fixed-width font.
    
    I believe some aspects of both scenarios as described so far are unrealistic.
    
    For #1, it would be more realistic to imagine a queue[1] maintained at the 
    MSH level.  The RMP would not learn any new semantics as a result of adding 
    the Pull to the overall situation.  It is the MSH, and not the RMP, which 
    would implement semantics making the Pull request idempotent.  This does 
    not require a new flag or MSH-level acknowledgement of any sort; it would 
    be much simpler for messages to remain in the MSH queue until the 
    underlying RMP indicates that reliable message had been received 
    successfully.  (The RMP-level acknowledgement could certainly be bundled 
    with a later Pull request as an optimization but that is a minor detail.) 
    Other ways to make the Pull request idempotent are pretty easy to imagine 
    as well.
    
    For #2, the problem is a confusion between reliability of the waiting 
    (to-be-pulled) message and reliably getting the next message.  If the Pull 
    request / response pair is "reliable" (including caching of the response) 
    at the RMP level, additional acknowledgements of the pulled messages become 
    success signals for the receiver MSH rather than RMP signals.  Put another 
    way, the receiver RMP has to do something special with the pulled messages 
    and their acknowledgements because it cannot resend the messages: An 
    acknowledgement in this scenario may end caching of the response but does 
    not relate to any "retry loop" in that RMP.  (Note: Ending caching might 
    result in problems for later duplicate Pull requests.)
    
    I am not sure the following is that different from the scenarios Jeff and 
    Jacques have drawn but wanted to come at it from another angle.  (I suspect 
    the main difference is making the R MSH actions a bit more explicit.)  When 
    laying out the various systems and drawing the message flow between them, 
    the details for the two scenarios look something like:
    
    1.	app	S MSH	S RMP		R RMP	R MSH	app (consumer)
    						   |<-- Reliable msg(s)
    	? -->	Pull -->Pull -->	Pull --> peek queue
    	Rel. msg <-- Pull resp. / Rel. msg <--  <--|
    			|--> RMP acknowledgement --> pop queue
    						(MSH removes ack'd msg)
    						 --> signal success -->
    
    Note that until the RM Reply is received the MSH-maintained queue will have 
    the same top message and the Pull request will therefore be idempotent.
    
    While it may not be clear from the cramped diagram above, the requested 
    reliable message (business payload) is taken out of the Pull response by 
    the Sending MSH.  The application that requests the next reliable message 
    (indicated by a "?" above) never sees Pull requests or responses.  If that 
    were not true (for either scenario), it would not be clear what the RMP or 
    MSH is providing the two applications.
    
    The only change in behaviour for the RMP is that the acknowledgements serve 
    as signals for the MSH rather than ending a retry loop at its level.  That 
    is, the Pull response passes through the RMP without invoking its reliable 
    machinery.  All that it does is remember the message identifier so the 
    later acknowledgements are not treated as errors.  Scenario #2 requires an 
    almost identical change in receiver RMP behaviour, plus more.
    
    2.	app	S MSH	S RMP		R RMP	R MSH	app (consumer)
    						   |<-- Reliable msg(s)
    	? -->	Pull -->Pull -->	Pull --> pop queue
    	Rel. msg <-- Pull resp. / Rel msg <--	<--|
    			|--> RMP acknowledgement --> signal success -->
    
    Failures in this case result in the Pull request being treated as a 
    duplicate and the Receiver RMP must return the previous response.  That is, 
    the Pull request is not idempotent and the Receiver RMP must ensure the 
    Receiver MSH does not see duplicates.  The Receiver RMP is also responsible 
    for caching the Pull response.
    
    As mentioned above, the Receiver RMP must also remember the message 
    identifier of the contained reliable message.  The first (response caching) 
    is a requirement for something currently optional in the WS-Reliability 
    specification.  The second (special casing the content of Pull responses 
    and their acknowledgements) is entirely new behaviour.
    
      ---
    
    Overall, the two scenarios look somewhat similar on the wire as I 
    diagrammed them above.  This is primarily because I left out the WS-R 
    headers in the scenario #2 Pull request and ignored the RM Reply to that 
    reliable request.  In most cases, however, this information will result in 
    a relatively minor expansion of the messages rather than additional 
    messages (the Pull response is sent using the RM Response reply pattern).
    
    The primary differences between the two scenarios seems to be: (a) Where 
    the Pull responses are cached. (b) How much an off-the-shelf RMP must be 
    changed to implement the new protocol.
    
    On (a), I have imagined a consistent Receiver MSH / application interface 
    that includes a mechanism for that application to push new outbound 
    reliable messages into some queue, waiting for the next Pull request.  This 
    is somewhat artificial but certainly makes it seem like the MSH queue is 
    necessary and could be used as demonstrated in scenario #1.  In any case, 
    scenario #1 makes the MSH consistently responsible for these Pull responses 
    and scenario #2 turns responsibility over to the RMP after the first 
    relevant Pull request.
    
    On (b), I believe the RMP implementation must be changed more for scenario 
    #2.  This is due to that scenario's non-standard response caching requirement.
    
    Just a bit more below.
    
    thanx,
    	doug
    
    [1] I could care less how either the RMP or the MSH are implemented but 
    queues have well-understood and simple external semantics that are visible 
    in their external interface.  For this scenario, I suggest we use this 
    metaphor regardless of the perceived constraint on implementation.  That 
    constraint is no more binding than the "caching" metaphor we imagine is 
    involved in persisting reliable responses in the receiver RMP.
    
    On 06-Jan-05 15:53, Jacques Durand wrote:
    > Jeff:
    >  
    > Your Scenario #1  (Non-reliable Pull Request)
    > is not realistic as you draft it, because you assume an RMP behavior 
    > that is quite "new" w/r to WS-Reliability spec:
    > namely, that the RMP will be able to resend the cached pulled message as 
    > a sync response of an entirely new Pull request.
    > That would assume that  the RMP has some knowledge of the Pull 
    > semantics, and knows somehow that all "Pulls" for this party ID  are 
    > equivalent, so that it can do the resending as a response of any of them.
    >  
    > The other radical alternative for Non-reliable Pull Request that could 
    > be taken (but which has many problems)  can be summarized as:
    >  
    > "Because it is a Pull signal, we can redo it (MSH level) as many times 
    > as we want, when we fail to get
    > a pulled message. So no need to involve any RMP-level reliability."
    >  
    > Problems are:
    >  
    > - that only works if the Pull is idempotent, e.g. you need a flag saying 
    > "I want to re-pull the same message as previous pull"
    > that complicates things.
    
    Complications are in the eye of the beholder.  If, as I do, you view a MSH 
    level queue as necessary in any case (because the application connected to 
    the receiver of the Pull request submits new outbound messages according to 
    its own timing) and do not see the need for a new flag, the major 
    complications arise when making larger modifications to your RMP 
    implementation (for scenario #2).
    
    > - some caching is assumed on MSH side so that pulled messages are still 
    > available for resending until they are acknowledged somehow. That seems 
    > to require a new persistence mechansim at MSH level that would not be 
    > necessary if we rely just on RMP presistence.
    
    As above, I disagree with this assertion.
    
    > - that needs be governed by an MSH-level Ack (which we precisely wanted 
    > to avoid lately).
    
    I am not sure what we have been trying to avoid or why this would be at the 
    MSH level.
    
    > Trying to use the "next" Pull as an Ack is very tricky: that assumes a 
    > complete serialization of Pull+response pairs, which I think is very 
    > restrictive. We should allow for implementations sending batches of Pull 
    > without waiting for the response between each.  That is quite possible 
    > when using concurrently several HTTP connections, and even over a single 
    > HTTP connection (pipelining).
    
    What is the requirement for multiple Pull request / response pairs at once? 
      I agree that scenario #2 might support it but have not heard a request 
    for this feature.
    
    > - unless we try to avoid situations where the same ebMS message can be 
    > successfully pulled twice (whcih seems hard to guarantee) we'll need to 
    > do duplicate elimination at MSH level (based on ebMS ID).
    
    This is necessary only in scenario #2.
    
    > Jacques
    
    ...
    


    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]