Lightweight versioning for lightweight protocols

So you've built another rehash of Google Protocol Buffers?

Facebook's Thrift was sensible, it was written by ex-googlers, released well before Google open-sourced the original, and adds a bit of networking sugar for common cases. Cisco's etch is less excusable, it's really yet another attempt at full-on RPC magic that happens to have it's own wire format similar in aim but different from protobuf and thrift. That you don't mention any of them (even just to dismiss their suitability) is somewhat troubling.

Surely you considered using them? Your (unnamed?) system as you've described it seems to be solving the exact same problem: how to maintain a binary inter-app wire protocol with flexible typesafe concurrent versioning.

Your methodology using automatically composed version-translation functions certainly seems novel: it would let you split/tuple/collect/retype fields seamlessly unlike protobuf/thrift, at the cost of more overhead in the transition and extra code. Instead of all that protobuf just has clients see only the fields they were compiled against — it's well-suited to bigtable's EAV model, but I can see how those traits would be undesirable for more rigidly-structured data.

Was there some impediment to composing your version-translation sugar on top of one of the existing versioned binary wire protocols? Was it just that bin_prot had already been "Invented Here" and was in heavy production?

I don't think that there is any really good way to automate the conversion between messages of different versions of a protocol. In the general case, it is even possible that some messages are impossible to translate, because of missing semantics in one version of the protocol or other. However, you might find the papers on generic isomorphisms by Frank Atanassow interesting.

I'm also rather skeptical of the idea of chaining conversions (of protocol messages) and would rather go (and have gone) with the direct conversion to/from internal representation instead. The problem with chaining conversions is that each conversion is a point of failure. By chaining conversions you are likely to increase the chance that something goes wrong. It is also quite possible for a particular feature of a protocol to disappear and then be reintroduced (perhaps in a slightly altered form) after a few revisions of the protocol. Simple chained conversions cannot deal with such a case.

What you describe is basically what I would do and have done earlier (aside from chaining conversions). For example, a few months ago I built a small graphical editor for a specific purpose in F#. For persisting the data manipulated by editor, I first defined a type for the external representation of the data with (version) numbered data constructors (hinge points) allowing for future modifications. To give an idea:

type ExternalRep = Rep1 of Item1 List (* | Rep2 of ... <em>)
and Item1 = Item1 of Item1Rec (</em> | Item2 of ... *)
and Item1Rec = {foo: Int; bar: String}

Then I defined functions for converting from the editor's internal representation to the external representation and back:

val toExternal: InternalRep -> ExternalRep
val ofExternal: ExternalRep -> InternalRep

To actually serialize the external representation, I wrote simple pretty printing and parsing routines using reflection that could handle all the type constructors I needed (variants, tuples, records, strings, lists and some primitive types) and used the F# syntax as the textual representation.

While working on the editor, and while it was already used for production work by others, I made several enhancements and changes to the internal and external representations of the data. To preserve the ability to read old files I never deleted any data constructors from the external rep. There was no need to be able to save to older formats (simpler problem than fully supporting multiple revisions of a protocol), so the editor always saved using the latest revisions of the external data constructors.

Sometimes I ask in a public forum the question, What's the best way to do such and such?, and often some of the responses are to the tune of Why would you want to do that?, which I usually find annoying. So, at the risk of being annoying...

Consider that you have many components in your system and for now assume there is only one protocol spoken among these components, albeit in several versions. Call the versions A, B, C, and D, from oldest to newest. I am sure you have already found that having multiple versions in play causes severe headaches, and it only gets worse when you consider the real-world example where there are numerous protocols instead of just one.

In our example, we need any version A, B, C, D to be able talk to any other version A, B, C, D. You mentioned two approaches: (i) having a chain of maps A <-> B <-> C <-> D, and (ii) using a pseudo-version (the model) as a hub H and implementing a map from each of A, B, C, D to and from H.

Since all these maps are bidirectional it seems reasonable to call two versions equivalent if they can be mapped to one another without loss of information, and I assume these are the kinds of protocol translations you are talking about. So forgive me, here is my annoying question: If in fact the protocol versions are equivalent, why not stick with the old version? At some point, (truly) new capabilities will be added, and it will be necessary and desired to change all the relevant components at once, as a faithful translation will not be possible.

Of course, sometimes the protocol changes come from external requirements and if that's the situation you're facing, please ignore my comments. But in my experience, if you're in control of the whole system of components, it's more convenient and less error-prone to upgrade protocols only when a new feature leaves you no choice.

The academic community has considered these issues somewhat in different contexts.

The most relevant multi-version work I can think of is Sameer Ajmani's thesis work that appeared in ECOOP 2006:

http://pmg.csail.mit.edu/pubs/ajmani06modular-abstract.html

Obviously we can try to map between the semantics of different versions, and that works plenty often, but sometimes it cannot be made to. The observation here is that messaging protocols (e.g., RPCs) differ from normal function call/return in that messages can fail. As such, we can/should design the system to expect such failure and code up mechanisms for recovery. This mechanism provides an opportunity: if a peer sends a message the remote peer does not understand (it is of an old version and the new version is no longer backward compatible), the receiver can simply fail and the client will be forced to recover.

Note that by "not understand" I don't mean syntax, but semantics. Suppose the server maintains a datastructure that clients can add/remove elements to, and then membership of those elements (all done via message passing). Suppose in the old version, this datastructure implemented to be a bag, but in the new version it's a set. The message format is the same in both cases, but the semantics are different. The difference can be observed by the sequences Add(1), Add(1), Remove(1), Member?(1). In the old version the last message will return true, but in the new version, it will return false. Using Ajmani's protocol, if we upgrade the server to the new version, we can allow old clients as long as the last message is made to fail, thus preserving, for that client, the old semantics.

The paper goes into more theoretical depth about building models, indicating when failure is necessary (to provide the illusion of the old semantics), etc. His paper cites other relevant papers that might be useful, too.