This specification relates to fault-tolerant computing.
The functionality or availability of a computer system may be dependent on the availability of another computer system. For example, the functionality of an online shopping website may depend on the availability of a billing system. Ideally, the billing system is continuously available, so that the experience of a user with the shopping website is not adversely affected by downtime in the billing system.
In practice, the billing system may not be continuously available. The billing system may be taken down for maintenance from time to time or may be down due to system failure. The availability of the billing system imposes a ceiling of sorts on the availability of the shopping web site. To maintain the availability of the shopping web site, measures to increase the availability of the billing system may be implemented. However, the implementation of such measures may be complicated if the billing system handles sensitive information, such as financial data. Making changes to the billing system may lead to erosion of the security safeguards in the billing system and risk exposing sensitive data. Additionally, the shopping website and the billing system may be managed separately for security reasons. Coordinating maintenance downtimes for these separately managed systems can be difficult.