[PEAK] "Crash-Only" Architecture

Phillip J. Eby pje at telecommunity.com
Thu Aug 26 21:24:49 EDT 2004

Ran across an interesting paper today about "crash-only" architectures:


The basic premise is that if all components of a system are always shut 
down by "crashing" (e.g. via 'kill -9'), then they have to be designed to 
always perform crash recovery on startup.  This then leads to design 
decisions that result in fast boot times, fast recovery times, and highly 
reliable error recovery because you are testing the recovery mechanism 
every single time you start it.  :)

It's a fascinating concept.  I try to follow many of the specific 
guidelines already in PEAK, but it's interesting to see these principles 
arranged as part of an overall "theory" and ways to connect them together.

More information about the PEAK mailing list