Availability and Consistency (AP and CP Modes)

Partition tolerance must always be prioritized in any cluster distributed system. Aerospike enables you to configure which is the most important to your particular use case, availability or consistency, AP (availability, partition tolerance) mode or CP (consistency, partition tolerance) mode.

Many distributed databases sacrifice consistency, dropping to a state known as eventual consistency, where data across a cluster will eventually reach a state where the data is the same on all nodes of the cluster, but there will be a period of time when this is not the case.

Transactional databases, however, generally require the opposite of eventual consistency—in other words, strong consistency. In these databases, any node can be queried and produce an identical result.

Regardless of which you choose to prioritize, consistency or availability, Aerospike works to maximize the other as well.

Availability first (AP Mode)

Even when configured to prioritize availability, in AP mode, violating consistency is rare in a properly running Aerospike system. In Chapter 5, you’ll learn more about the two conditions that might cause consistency to be affected in AP mode.

Consistency first (CP Mode)

While AP mode provides a surprisingly high level of data consistency, it isn’t perfect. When data correctness is essential, choose CP mode, prioritizing consistency over availability. Most systems that provide strong consistency require a minimum of three copies.¹ So, if a cluster splits, one of the two subparts of the cluster can allow writes if it has a majority of (two out of three) copies of a data partition.

Aerospike optimizes cluster size by allowing storage of only two copies. Using an adaptive scheme that adds more write copies on the fly in situations where they are necessary, Aerospike provides the theoretically correct result of a three-copy distributed system while only paying the infrastructure and processing costs for keeping two copies of the data.

Chapter 5 discusses the few conditions when availability is impaired in CP mode, as well as other important aspects of the basic architecture of Aerospike. Chapter 9 dives even deeper into how this is accomplished.

Flash Optimization

Another key difference between Aerospike and other databases, which allows it to operate at in-memory database speeds while using around one-tenth the number of cluster nodes, is its ability to take advantage of the characteristics of flash storage in its hybrid storage approach.

Besides throughput and latency characteristics, the ability of a database is characterized by the amount of data that can be stored and processed. Leveraging flash requires a different storage mechanism from the standard spinning disks that most databases use. Aerospike software is designed to take advantage of those differences.

Flash storage (SSDs) can be a game changer for real-time data. While in-memory configurations, which use computer memory for all data storage and computations, can be somewhat faster, Aerospike has demonstrated that SSDs can increase the per-node capacity between 10 and 100 times, often with little perceptible loss of performance.

An Aerospike system that uses flash storage can manage dozens of terabytes of data on a single machine with submillisecond record access (read and write) times. This design is possible because the read latency characteristic of input and output (I/O) in SSDs is predictably fast, regardless of whether it is random or sequential. At the time of writing, a typical commodity server can be affordably set up with 30 TB of high-performance flash and 1 TB of memory—providing 30 times the capacity of a 1 TB in-memory database on the same server.

Aerospike supports multiple kinds of storage architectures: hybrid flash (aka hybrid memory), in-memory, and all-flash. To leverage flash storage, Aerospike implements a hybrid model where data resides in flash storage, and indexes reside entirely in memory. Figure 1-1 illustrates the hybrid and in-memory architectures side by side.

One interesting thing you’ll notice in Figure 1-1 is that two namespaces in Aerospike can be configured differently, one to use only memory, and the other to use a hybrid of memory and flash. They can coexist in the same node without issue. Both namespaces have their primary key index in memory. The main difference is that the in-memory namespace also stores its data in memory. The hybrid namespace uses a slightly more involved process to save its data to flash storage. Chapter 5 will describe this process in more depth.

Figure 1-1. Hybrid flash and in-memory architectures

Since storage I/O is the slowest point in any application that uses a storage device, storage I/O is not required to traverse the index, even when data is stored on flash devices. This makes read performance in Aerospike high and predictable. This design is possible because the read latency characteristic of I/O in NAND flash (the type of flash drive most commonly used in servers) has little penalty for random access. Database access first traverses the index and acquires metadata that indicates where the required data is located. If the data element is located in a local cache, it can be returned without I/O access at all. If it is in flash storage, a single I/O will be executed to bring the entire element into local memory.

This ability to do random read I/O comes at the cost of a limited number of write cycles on SSDs. In order to avoid creating uneven wear on a single part of the SSD, and to colocate all the data of a record in one location, Aerospike does not perform in-place updates. Instead, it employs a copy-on-write mechanism using large block writes. This wears the SSD down evenly, improving device durability, and guarantees that all data for a particular record is in one location, thus preventing fragmentation of data in storage.

Gathering writes together into large blocks enables very high write throughput by combining hundreds of transactional writes into a single large block write and ensures that the internal coalescing algorithms inside a flash controller do less work. The copy-on-write mechanism is also beneficial for data correctness and recovery in case of hardware failures.

Aerospike is typically configured to bypass the operating system’s filesystem and instead uses attached flash devices directly as a block device using a custom data layout. This avoids the problem of depending on filesystems that are not optimized for flash. Unoptimized filesystems would generate extra I/O and wear as well as complexity in matching an operating system’s data commit policy to the filesystem’s.

These techniques are instrumental in providing Aerospike the unique ability to support extremely high application write rates in production while maintaining in-memory-class read response times, as well as high data correctness.

Avoiding Hotspots with Shared-Nothing Architecture

All servers in an Aerospike cluster are peers, with no master, leader, or other differentiated nodes. For horizontal scaling, Aerospike uses a shared-nothing architecture in which all nodes forming the database cluster are homogeneous—identical in terms of CPU, memory, storage, and networking capacity. A key component of this scheme is a uniform data partitioning algorithm that eliminates all skew in terms of data distribution across database cluster nodes, thereby ensuring there are no hotspots.

Access to flash storage is done in a massively parallel manner, creating a transparent data layout similar to a high-performance “RAID-0” striping system. The keys are mapped into various devices within nodes in a uniform manner. This ensures that an even amount of data is stored on every node and every flash device, thus making sure that all hardware is used equally and the load on all servers and storage devices is balanced.

These strategies and several more you’ll learn about later prevent “hot spots” and require no configuration changes even as the workload changes. For example, in Figure 1-2, you can see 80-way parallelism illustrated in a cluster of 16 nodes with 5 flash devices on each node.

Figure 1-2. Massively parallel data access on a 16-node hybrid flash Aerospike cluster showing data and processing load per node

Keeping Performance Predictable with Resilient Stability

There are multiple things that make Aerospike’s performance predictable and consistent. You just learned that storage device I/O is not required to access the index in hybrid-memory or in-memory configurations. For accessing data, the previous section mentioned that the read latency for random access to SSDs is predictably low, and skipping the operating system layer makes every piece of data exactly one I/O hop to retrieve, regardless of whether it is random or sequential. Beyond that, several architectural features keep the cluster as stable and self-healing as possible so performance remains relatively constant over time.

An automatic partitioning of the key space and an automatic data rebalancing mechanism ensures that the transaction volume is distributed evenly across all nodes and is robust in the event of any node failures happening during the rebalancing process itself. The system is designed to be continuously available, so data rebalancing doesn’t impact cluster behavior.

By not requiring operator intervention, clusters will self-heal even at demanding times. You can configure and provision your hardware capacity and set up replication/synchronization policies so that the database recovers from failures without affecting users, and you can sleep at night.

The mapping from partition to node (partition map) is exchanged and cached with the clients. Sharing of the partition map with the client is critical in making client-server interactions extremely efficient. This is why, in Aerospike, access to data from the client requires a single network request to the server node containing the data item and a maximum of one storage I/O operation each time. In steady state, the scale-out ability of the Aerospike cluster is purely a function of the number of clients and server nodes. This guarantees the linear scalability of the system as long as other parts of the system—like network interconnect—can absorb the load.

To avoid hotspots that could affect performance, Aerospike colocates indexes and data to avoid any cross-node traffic when running read operations or queries. Writes may require communication between multiple nodes based on the replication factor. Colocation of index and data and a robust data distribution hash function give you nice, even data distribution across nodes. This ensures that:

• Application workload is uniformly distributed across the cluster.

• Performance of database operations is predictable.

• Scaling the cluster up and down is easy.

• Live cluster reconfiguration and subsequent data rebalancing is simple, nondisruptive, and efficient.

Reducing Cluster Size with Optimal Use of Each Node

For a system to operate at extremely high throughput with low latency, it is necessary not just to scale out across nodes but also to scale up “(vertically)” on each node. This section discusses system-level details that help Aerospike scale up to millions of transactions per second at submillisecond latencies. The techniques used by Aerospike apply to any data storage system.

The ability to scale vertically on each node effectively means the following:

• Higher throughput levels on fewer nodes.

• Better failure characteristics, since probability of a node failure typically increases as the number of nodes in a cluster increases.

• Easier operational footprint. Managing a 10-node cluster versus a 200-node cluster is a huge win for operators.

• Lower total cost of ownership. This is especially true once you factor in SSD-based scaling.

The basic philosophy here is to enable the system to take full advantage of the hardware by leveraging it in the best way possible. To accomplish this, Aerospike is written in the C language and has a number of CPU and network optimizations that allow it to handle millions of single-record transactions per second with sub-millisecond latencies on a single node.

The scale-up architecture can typically reduce the cost of ownership of a system using the hybrid memory configuration by up to 80% compared to the same system using a pure in-memory configuration. The surprising part is that no compromise is needed in application-level performance to get the savings in infrastructure and operational costs. See Chapter 5 for more information about the architecture that makes this possible.