长期运行的交易结构化方法

发布于 2024-08-08 07:12:15 字数 459 浏览 6 评论 0原文

我正在寻找一种结构化的方法来处理长期运行(数小时或更长时间)的事务。正如此处所述,这些类型的交互通常由乐观处理锁定和手动合并策略。

使用标准事务处理此类问题的更结构化的方法将非常方便。各种长时间运行的交互,例如用户注册、订单确认等,都具有类似事务的语义,并且发明自己的脆弱的手动回滚和/或超时/清理策略既容易出错又乏味。

以 RDBMS 为例,我意识到这将是与保持所有事务打开相关的主要性能成本。作为替代方案,我可以想象有一个数据库同时支持两种隔离级别/策略,一个用于短期运行,一个用于长期运行的对话。例如,长时间运行的对话可以对数据访问有更严格的限制,以方便他们花费更多时间(某些数据的只读语义、乐观锁定语义等)。

有没有可以做类似事情的解决方案?

I'm looking for a structured approach to long-running (hours or more) transactions. As mentioned here, these type of interactions are usually handled by optimistic locking and manual merge strategies.

It would be very handy to have some more structured approach to this type of problem using standard transactions. Various long-running interactions such as user registration, order confirmation etc. all have transaction-like semantics, and it is both error-prone and tedious to invent your own fragile manual roll-back and/or time-out/clean-up strategies.

Taking a RDBMS as an example, I realize that it would be a major performance cost associated with keeping all the transactions open. As an alternative, I could imagine having a database supporting two isolation levels/strategies simultaneously, one for short-running and one for long-running conversations. Long-running conversations could then for instance have more strict limitations on data access to facilitate them taking more time (read-only semantics on some data, optimistic locking semantics etc).

Are there any solutions which could do something similar?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

一梦浮鱼 2024-08-15 07:12:15

RDBMS ACID 事务始终属于短的、原子的和本地操作。分布式应用程序、自治服务、松散耦合组件使用不同的策略,例如保留和补偿事务。

关于此主题的好读物是 Pat Helland 的论文,他自 80 年代以来一直在教授该主题。例如,请参阅自治应用程序的架构封地和使者

RDBMS ACID transactions belong always to short, atomic and local operations. Distributed application, autonomus services, loosely coupled components use different strategies like rentention and compensating transactions.

A good read on this topic are Pat Helland's papers, he's been teaching about this subject since the 80s. See for instance Architecture of an Autonomous Application or Fiefdoms and Emissaries.

舟遥客 2024-08-15 07:12:15

我宁愿使用 BPM 工具来处理此类事情,它明确旨在支持长期运行的编排。我无法详细说明,但建议检查了解 BPM 服务器。我引用了下面的一些部分,但整篇论文值得一读:

管理业务流程的状态

最大的区别之一
编排和业务
它使用的服务是每次的时间
需要执行。向一个请求
典型的服务生成回复
几秒钟之内。因为它
通常驱动全部或部分
然而,业务流程
编排可能会运行数小时、数天,
或几周,取决于需要多长时间
过程需要完成。如果什么
在某些情况下需要人工批准
过程中的点,例如
以及那个必须给她的人
审批放假了?因为
业务流程可能需要很长时间
完成时间,编排
控制它们也可以运行
很久。

这种长期运行的性质会影响
编排管理内存中的
它维护的信息——
状态——关于正在运行的进程。如果
编排被阻止
相当长的一段时间,保持
内存中的这种状态没有多大意义
感觉。相反,BPM 服务器应该
提供一种编排的方式
自动写入状态
磁盘,然后再次恢复
业务流程恢复,即使
几天或几周后。

状态管理说明了另一个问题
BPM 服务器之间的显着差异
和应用服务器。自从
支持长期运营的业务
流程不是他们的主要目的,
应用程序服务器还没有
传统上解决此类
状态管理。因为他们是
明确打算支持
然而,长期运行的编排,
BPM 服务器确实提供此服务。

处理交易

许多业务流程都需要
全有或全无行为特征
通过交易。例如,一个
编排驱动业务
进程可能需要调用两个
商业服务并确保
要么两个请求都成功,要么两个请求都成功
失败。这种原子事务
可以使用标准来完成
两阶段提交协议,它是
BPM 服务器通常使用的东西
支持。事实上,应用服务器
包含此功能,因此 BPM 服务器
建立在应用服务器上可以
很容易提供这个。

许多业务流程的本质
然而,又提出了另一个问题。如果什么
一个特定的过程需要
全有或全无的行为,但
传统的原子事务不是
可能的?原子事务需要
在生命周期内锁定数据
交易,不是交易的东西
当交易时间较短时会出现问题。
但假设必须提供的服务
捆绑到一个全有或全无的组中
包括一个需要人类
赞同。即使需要
批准者没有休假,时间
一个人需要做出回应的是
数据可能太长
保持锁定状态。或者如果一项服务怎么办
必须在这个交易中
组不参与原子
交易?这并非遥不可及
担心,因为许多应用程序不会
让任意客户端锁定他们的数据。

为了处理此类情况,BPM
服务器支持长时间运行
交易。也叫商业
活动和其他名称,
长时间运行的事务处理
错误不是通过回滚全部
更新,而是通过执行一些
当一个补偿逻辑
发生错误。例如,假设一个
特定的长期运行事务
包括一个原子事务
将钱从一家银行转移到
另一个,然后是一个操作
一旦执行另一个应用程序
转移成功。如果这场决赛
操作失败,逻辑
业务流程要求
汇款被撤消。然而
执行此操作的原子事务
转移已经提交——如何
可以逆转吗?答案是
补偿逻辑必须运行,如果
发生故障时,逻辑可能
执行另一个原子事务
撤销转移的影响。一个
BPM服务器提供内置
允许创作者的设施
定义这个的编排
补偿行动,然后就可以了
当长时自动执行
运行事务失败。

虽然补偿在以下情况下很有用:
原子交易是不可能的,
这并非没有问题。假设一个
编排修改了一些数据
长期运行的早期部分
例如,事务然后运行
稍后进行补偿操作改变
该数据恢复到其原始状态。
如果有其他应用程序会发生什么情况
访问这些之间的数据
两个事件?这第二次申请
很可能会使用最终的数据
被认为是不正确的制作
商业决策,例如计算
信用风险。或者考虑一下运营
没有明显的
赔偿。如果编排
导致导弹发射,
没有办法补偿代码
在那个编排中扭转这一局面。
然而,虽然补偿并不完美
解决方案,但这仍然是正确的
一个重要类别的方法
业务流程面临的问题。

I'd rather use a BPM tool for such kind of things, there are explicitly intended to support long-running orchestrations. I can't elaborate right but suggest to check Understanding BPM Servers. I'm quoting some parts below but the whole paper is worth the read:

Managing an Orchestration's State

One of the biggest differences between
an orchestration and the business
services it uses is the time each
takes to execute. A request to a
typical service generates a reply
within a few seconds. Because it
commonly drives all or part of a
business process, however, an
orchestration may run for hours, days,
or weeks, depending on how long the
process takes to finish. What if
human approval is required at some
point in the process, for instance,
and the person who must give her
approval is on vacation? Because
business processes can take a long
time to complete, the orchestrations
that control them can also run for a
long time.

This long-running nature affects how
an orchestration manages the in-memory
information it maintains—the
state—about a running process. If the
orchestration is blocked for a
significant period of time, keeping
this state in memory doesn’t make much
sense. Instead, a BPM server should
provide a way for an orchestration’s
state to be automatically written to
disk, then restored again when the
business process resumes, even if
it’s days or weeks later.

State management illustrates another
notable difference between BPM servers
and application servers. Since
supporting long-running business
processes isn’t their primary purpose,
application servers haven’t
traditionally addressed this kind of
state management. Because they are
explicitly intended to support
long-running orchestrations, however,
BPM servers do provide this service.

Handling Transactions

Many business processes require the
all-or-nothing behavior characterized
by a transaction. For example, an
orchestration driving a business
process might need to invoke two
business services and ensure that
either both requests succeed or both
fail. This kind of atomic transaction
can be accomplished using a standard
two-phase commit protocol, and it’s
something that BPM servers typically
support. In fact, application servers
include this feature, so a BPM server
built on an application server can
offer this quite easily.

The nature of many business processes
raises another issue, however. What if
a particular process requires
all-or-nothing behavior, but a
traditional atomic transaction isn’t
possible? Atomic transactions require
locking data for the life of the
transaction, something that isn’t a
problem when the transaction is short.
But suppose the services that must be
bundled into an all-or-nothing group
include one that requires human
approval. Even if the required
approver isn’t on vacation, the time
it takes for a person to respond is
likely far too long for data to
remain locked. Or what if one service
that must be in this transactional
group doesn’t participate in atomic
transactions? This isn’t a far-fetched
worry, since many applications won’t
let arbitrary clients lock their data.

To handle situations like these, a BPM
server supports long-running
transactions. Also called business
activities and other names,
long-running transactions handle
errors not by rolling back all
updates, but rather by executing some
kind of compensating logic when an
error occurs. For example, suppose a
particular long-running transaction
includes an atomic transaction that
transfers money from one bank to
another, followed by an operation that
executes another application once the
transfer has succeeded. If this final
operation fails, the logic of the
business process requires that the
money transfer be undone. Yet the
atomic transaction that performed this
transfer has already committed— how
can it be reversed? The answer is that
compensating logic must run if a
failure occurs, logic that might
execute another atomic transaction to
undo the effects of the transfer. A
BPM server provides built-in
facilities that allow the creator of
an orchestration to define this
compensating action, then have it
automatically execute when a long-
running transaction fails.

While compensation is useful when
atomic transactions aren’t possible,
it’s not without problems. Suppose an
orchestration modifies some data in
the early part of a long-running
transaction, for instance, then runs a
compensating operation later to change
this data back to its original state.
What happens if some other application
accesses that data in between these
two events? This second application
may well use data that’s ultimately
deemed to be incorrect in making
business decisions, such as computing
credit risk. Or think about operations
for which there is no obvious
compensation. If an orchestration
causes a missile to be launched,
there’s no way for compensating code
in that orchestration to reverse this.
Yet while compensation isn’t a perfect
solution, it is nevertheless the right
approach for an important category of
problems faced by business processes.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文