Home |
Previous Page | Next Page Distributed Data > Multiphase Commit Protocols > Two-Phase Commit Protocol >
The two-phase commit protocol is designed to handle system and media
failures in such a way that data integrity is preserved across all the participating
database servers. The two-phase commit protocol performs an automatic recovery if a failure occurs.
Types of Failures That Automatic Recovery Handles
The
following events can cause the coordinating thread or the participant thread
to terminate or hang, thereby requiring automatic recovery:
- System failure of the coordinator
- System failure of a participant
- Network failure
- Termination of the coordinating thread by the administrator
- Termination of the participant thread by the administrator
Administrator's Role in Automatic Recovery
The only role of the administrator
in automatic recovery is to bring the coordinator or participant (or both)
back online after a system or network failure.
Important:
A slow network cannot, and should not, trigger automatic recovery.
None of the recovery mechanisms described here go into effect unless a coordinator
system fails, a network fails, or the administrator terminates the coordinating
thread.
Automatic-Recovery Mechanisms for Coordinator Failure
If
the coordinating thread fails, each participant database server must decide
whether to initiate automatic recovery before it commits
or rolls back the transaction or after it rolls back
a transaction. This responsibility is part of the presumed-end optimization.
(See Presumed-End Optimization.)
Automatic-Recovery Mechanisms for Participant Failure
Participant recovery occurs whenever a participant
thread precommits an item of work that is terminated before the two-phase
commit protocol can be completed. The goal of participant recovery is to complete
the two-phase commit protocol according to the decision reached by the coordinator.
Participant recovery is driven by either the coordinator or the participant,
depending on whether the coordinator decided to commit or to roll back the
global transaction.
Important:
To support automatic
recovery after a subordinate server is shut down or restarted while a cross-server
transaction is open, the sqlhosts file should include
an entry for every database server from which distributed operations might
be initiated. During automatic recovery, the name of the coordinator is recovered
from the logical logs, and the subordinate server reconnects with the coordinator
to complete the transaction. Because the coordinator always identifies itself
to the participants using the name that is in the DBSERVERNAME configuration
parameter in its own ONCONFIG file, the DBSERVERNAME of the coordinator should
be a TCP/IP connection name known to the participants. The subordinate server
should be able to connect to the coordinator using the DBSERVERNAME of the
coordinator.
Home |
[ Top of Page | Previous Page | Next Page | Contents |
Index ]