the realities of continuous availability
play

The Realities of Continuous Availability Mark Richards Director - PowerPoint PPT Presentation

Feb 03, 2023 •34 likes •544 views

QCon London 2009 The Realities of Continuous Availability Mark Richards Director and Sr. Architect, Collaborative Consulting, LLC Author of Java Transaction Design Strategies (C4Media) Author of Java Message Service 2nd Edition (OReilly)

  1. QCon London 2009 The Realities of Continuous Availability Mark Richards Director and Sr. Architect, Collaborative Consulting, LLC Author of Java Transaction Design Strategies (C4Media) Author of Java Message Service 2nd Edition (O’Reilly)

  4. Roadmap

  7. how much availability is “good enough”? 90.0% (one nine) 36 days 12 hours 99.0% (two nines) 87 hours 46 minutes 99.9% (three nines) 8 hours 46 minutes 99.99% (four nines) 52 minutes 33 seconds 99.999% (five nines) 5 minutes 35 seconds 99.9999% (six nines) 31.5 seconds

  8. how much availability is “good enough”? how about three nines (99.9%)? there would be a 99.9% turnout of registered voters in an election if you used your windows pc 40 hours per week, you would only have to reboot it once every two weeks (once a year for a mac ) you would have one rainy day every three years if you made 10 calls a day you would have 3 dropped calls a year

  9. how much availability is “good enough”? how about three nines (99.9%)? the u.s. postal services would lose 2,000 pieces of mail each hour 20,000 prescription errors would be made each year there would be 500 incorrect surgical operations per week

  10. remember the old days? availability was handled by large mainframes and fault tolerant systems hardware and os were extremely reliable and very mature software was thoroughly tested there were highly trained and skilled operators redundancy eliminated single points of failure four nines availability was very common for all aspects of the computing environment

  11. now we have this... commodity hardware with around 99% availability short time-to-market requirements usually equates to shortcuts in reliability and system availability design frequent software changes go largely untested heterogeneous systems from different vendors making interoperability and monitoring difficult system complexity and diversity make it difficult to identify the root cause of a failure system complexity results in faults caused by operator error (over 50% of faults in most cases)

  12. continuous availability what is it?

  13. high availability reactive in nature and places an emphasis on reactive in nature and places an emphasis on failover and recovery in the shortest time possible failover and recovery in the shortest time possible continuous availability proactive in nature and places an emphasis on proactive in nature and places an emphasis on redundancy, error detection, and error prevention redundancy, error detection, and error prevention

  14. if this is high availability...

  15. then this is continuous availability

  16. if a tree falls in a forest and no one is around to hear it, does it make a sound? if a fault can be recovered before the user is aware that the fault occurred, is it really a fault?

  17. the fact is, continuous availability systems don’t really fail over “If a problem has no solution, it may not be a problem, but a fact - not to be solved, but to be coped with over time.” - Shimon Peres

  18. continuous availability embraces the philosophy of “let it fail, but fix it fast.” Resubmit rather than fail over

  19. what topologies are needed to support high and continuous availability?

  20. standard high availability topology cluster configuration client node active standby database node node mean time to failover (mtfo) = minutes

  21. standard continuous availability topology active/active configuration client node active active node database database node mean time to failover (mtfo) = seconds

  22. calculating system downtime probability 2 mtfo sd = (1-a) + (1-a) + (1-a)d mtr probability that the system is down probability of a node failure probability of a failover probability of a failover fault

  23. calculating system downtime probability 2 mtfo sd = (1-a) + (1-a) + (1-a)d mtr sd = probability of system downtime a = probability that node is operational mtfo = mean time to failover mtr = mean time to repair node d = probability of a failover fault

  24. let’s do the math... 2 mtfo sd = (1-a) + (1-a) + (1-a)d mtr dual node high availability cluster (active/passive) .000001 + .00002777778 a = .999 + .00001 mtfo = 5 minutes --------------------------- mtr = 3 hours .000038777778 d = .01 .9999612222222 or a little under 5 nines (~ 6 minutes of downtime)

  25. let’s do the math... 2 mtfo sd = (1-a) + (1-a) + (1-a)d mtr dual node continuous availability topology (active/active) .000001 a = .999 + .0000002777778 mtfo = 3 seconds + 0 mtr = 3 hours --------------------------- d = 0 .0000012777778 .999998722 or a little under 6 nines (~ 30 seconds of downtime)

  26. bottom line clustering = high availability active/active = continuous availability

  27. the other bottom line none of this math and theory makes a bit of difference if your application architecture doesn’t support the continuous availability environment

  28. continuous availability a holistic approach

  29. continuous availability killers id generation or random number generation processing order requirements batch jobs and scheduled tasks application or service state long running processes and process choreaography in-memory storage or local disk access tightly coupled systems specific ip address or hostname requirements long running transactions (database concurrency)

  30. but that’s only the start...

  31. most businesses don’t really need continuous availability or do they...

  32. another perspective... so far the focus has been on system failures but what about planned outages for maintenance upgrades and application deployments?

  33. issues facing many large companies increased batch cycles mean longer batch windows global operations support increased processing volumes (orders, trades, etc.) window for applying maintenance upgrades and application deployments is quickly diminishing!

  34. Global Operations - U.S. Perspective must support u.s. west coast operations all systems must be available until fri 2100 local time must come back up mon 0800 local time FRI 2100 CST MON 0800 CST U.S. CST SUN 2400 CST London SUN 1500 CST Tokyo

  35. Global Operations - Tokyo Perspective must support u.s. west coast operations all systems must be available until fri 2100 local time must come back up mon 0800 local time FRI 2100 Tokyo MON 0800 Tokyo Tokyo SAT 0500 Tokyo London SAT 1400 Tokyo U.S. CST

  36. how do you support the myriad of application updates and machine maintenance while still maintaining availability?

  37. maintenance classification type 1 updates type 2 updates type 3 updates

  38. maintenance classification type 1 updates type 2 updates type 3 updates application or service-related updates that do not impact service contracts or require interface or data changes and simple administrative and configuration changes

  39. maintenance classification type 1 updates type 2 updates type 3 updates simple bug fixes changes to business logic (e.g., calculation) changes to business rules configuration file and simple administrative changes supports active/passive cluster or active/active topology

  40. maintenance classification type 1 updates type 2 updates type 3 updates application-related updates that require changes in interface contracts or service contracts in addition to other changes found in type 1 updates

  41. maintenance classification type 1 updates type 2 updates type 3 updates additional user interface fields or screens modifications to interfaces modifications to service contracts modifications to message structure updates or fixes to XML schema definitions requires the use of versioning in a HA/CA environment supports active/passive cluster or active/active topology

  42. maintenance classification type 1 updates type 2 updates type 3 updates updates that require coordination and synchronization of all components or updates involving shared memory or database schema changes

  43. maintenance classification type 1 updates type 2 updates type 3 updates shared or local database schema changes changes to objects located in shared memory hardware upgrades and migrations not supported through active/passive ha cluster supports active/active ca topology

  44. maintenance classification why only three update types? increased deployment complexity means increased risk of operator error, thereby affecting availability within the CA environment

  46. autonomic computing http://www.research.ibm.com/autonomic/ a systemic view of computing modeled after a self-regulating biological system

  47. autonomic computing the vision : a network of self-healing computer systems that manage themselves components that are self-configured components that are self-healing of faults components that are self-optimized to meet requirements components that are self-protected to ward off threats

  48. recovery-oriented computing The Berkeley/Stanford Recovery-Oriented Computing (ROC) Project http://roc.cs.berkeley.edu/ recovery-oriented computing focuses on recovering quickly from software faults and operator errors

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Continuous availability: from the shift paradigm to unmanned operation. Pietro Tiberi 17 January

Continuous availability: from the shift paradigm to unmanned operation. Pietro Tiberi 17 January

Continuous availability: from the shift paradigm to unmanned operation. Pietro Tiberi 17 January 2018 TIPS Contact Group Agenda 1 2 3 4 Introduction Continuous Results Conclusions and Availability perspective 2 Continuous

434 views • 19 slides
Active/Active: Achieve Continuous Availability During Planned and Unplanned Outages Tuesday,

Active/Active: Achieve Continuous Availability During Planned and Unplanned Outages Tuesday,

Active/Active: Achieve Continuous Availability During Planned and Unplanned Outages Tuesday, September 9, 2008 Karsten Sthr, Solutions Consultant Agenda HP and GoldenGate Software Relationship 3 States of Availability Active;

575 views • 30 slides
The Journey of Continuous Improvement in the Reliability and Availability of the OPAL Reactor

The Journey of Continuous Improvement in the Reliability and Availability of the OPAL Reactor

The Journey of Continuous Improvement in the Reliability and Availability of the OPAL Reactor Jason Chakovski & Andrew Frikken IGORR 18 Sydney, Australia OPAL Reactor 20MW Thermal Multi-Purpose Reactor Facility 16 LEU FAs

376 views • 34 slides
Proof of Storage Time: Efficiently Checking Continuous Data Availability Gi Giuseppe At

Proof of Storage Time: Efficiently Checking Continuous Data Availability Gi Giuseppe At

Proof of Storage Time: Efficiently Checking Continuous Data Availability Gi Giuseppe At Ateniese Lo Long Chen hen Stevens Institute of Technology New Jersey Institute of Technology Mo Moham ammad ad Et Etemad ad Qi Qiang Ta Tang

563 views • 30 slides
5G REALITIES AND MYTHS DANIEL OBAM RADIOCOMMUNICATION EXPERT 5G REALITIES INTRODUCTION As

5G REALITIES AND MYTHS DANIEL OBAM RADIOCOMMUNICATION EXPERT 5G REALITIES INTRODUCTION As

5G REALITIES AND MYTHS DANIEL OBAM RADIOCOMMUNICATION EXPERT 5G REALITIES INTRODUCTION As with previous cellular technologies, 5G networks rely on signals carried by radio waves - part of the electromagnetic spectrum - transmitted between

366 views • 14 slides
1 Applications ? Trading Consistency for Performance Applications ? Trading Consistency for

1 Applications ? Trading Consistency for Performance Applications ? Trading Consistency for

Consistency in Replication Consistency in Replication ! Replication comes with consistency cost: Continuous Consistency Continuous Consistency ! Reasons for replication: Better performance and availability and Availability and Availability !

280 views • 6 slides
for High Availability Martin Thompson - @mjpt777 What Is High Availability ?

for High Availability Martin Thompson - @mjpt777 What Is High Availability ?

Event Sourced Architectures for High Availability Martin Thompson - @mjpt777 What Is High Availability ? Availability refers to ability of the user community to access a system not about Uptime! By High availability we

814 views • 19 slides
Move to High Availability with Hyper-v What is it and Why do you need it? Refers to a systems

Move to High Availability with Hyper-v What is it and Why do you need it? Refers to a systems

Move to High Availability with Hyper-v What is it and Why do you need it? Refers to a systems continuous uptime Reduces risk of data loss Handles failures of many components Minimises business impact One bad customer

446 views • 15 slides
Modern Realities Key words 3 4 Existing Paradigm Each staff, paid or un-paid, has area of

Modern Realities Key words 3 4 Existing Paradigm Each staff, paid or un-paid, has area of

1/6/20 Realities of Parish Life Review Parish Survey Results 50 Years of Documents St. Michael Town Hall A Missional Catholic Church Possibilities/Opportunities Moving Forward 1 2 Modern Realities Key words 3 4 Existing Paradigm Each

186 views • 5 slides
Availability Knob Flexible User-Defined Availability in the Cloud Mohammad Shahrad and David

Availability Knob Flexible User-Defined Availability in the Cloud Mohammad Shahrad and David

Availability Knob Flexible User-Defined Availability in the Cloud Mohammad Shahrad and David Wentzlaff October 5, 2016 IaaS Providers and Availability Guarantees One thing in common: Fixed 99.95% availability! 2 Whats wrong with fixed

631 views • 31 slides
Extending CSP with tests for availability Gavin Lowe Extending CSP with tests for availability

Extending CSP with tests for availability Gavin Lowe Extending CSP with tests for availability

Extending CSP with tests for availability 01 Extending CSP with tests for availability Gavin Lowe Extending CSP with tests for availability 02 Testing for availability Many languages for message-passing concurrency allow programs to test

541 views • 19 slides
Myths, Realities & Possibilities Myths, Realities & Possibilities Charlotte Jefferies

Myths, Realities & Possibilities Myths, Realities & Possibilities Charlotte Jefferies

Myths, Realities & Possibilities Myths, Realities & Possibilities Charlotte Jefferies Horty, Springer & Mattern The U.S. has the best The U.S. has the best health EMERGENCY CARE care system in the world! system in the world!

519 views • 10 slides
Continuous Probability 3 2 Continuous Probability Motivation I Sometimes you cant model

Continuous Probability 3 2 Continuous Probability Motivation I Sometimes you cant model

Continuous Probability 3 2 Continuous Probability Motivation I Sometimes you cant model things discretely. Random real numbers. Points on a map. Time. Probability space is continuous . What is an event in continuous probability?

75 views • 7 slides
Budget Reflections: 2011-12 & 2012-13 The Sobering Realities of Continuing Deficits

Budget Reflections: 2011-12 & 2012-13 The Sobering Realities of Continuing Deficits

Budget Reflections: 2011-12 & 2012-13 The Sobering Realities of Continuing Deficits Sobering Realities Ahead San Diego Unifieds Budget Challenges 2012-13 Shortfall in range of $60 to $115 million Threat of Mid-Year Cuts

414 views • 13 slides
Herenya Capital Advisors Petri Redelinghuys // @TraderPetri // www.herenya.co.za The realities of

Herenya Capital Advisors Petri Redelinghuys // @TraderPetri // www.herenya.co.za The realities of

Herenya Capital Advisors Petri Redelinghuys // @TraderPetri // www.herenya.co.za The realities of trading The realities of trading On 19 August 2019, a research paper was published entitled Day trading for a living? The authors; Fernando

491 views • 29 slides
Introduction Harsh realities of network analytics netbeam Demo Technology

Introduction Harsh realities of network analytics netbeam Demo Technology

Introduction Harsh realities of network analytics netbeam Demo Technology Stack Alternative Approaches Lessons Learned 2 ESnet Data, Analytics and Visualization Architecture 3 The Harsh Realities of Network

568 views • 33 slides
Architecting Self-Adaptive Critical System s: Contradiction or Panacea? Invited Talk at WADS

Architecting Self-Adaptive Critical System s: Contradiction or Panacea? Invited Talk at WADS

Architecting Self-Adaptive Critical System s: Contradiction or Panacea? Invited Talk at WADS 2009, 29.06.2009 Holger Giese System Analysis & Modeling Group, Hasso Plattner Institute for Software Systems Engineering at the University of

727 views • 15 slides
UNREDUCED DYNAMIC UNREDUCED DYNAMIC COMPLEXITY COMPLEXITY Towards the Unified Science of

UNREDUCED DYNAMIC UNREDUCED DYNAMIC COMPLEXITY COMPLEXITY Towards the Unified Science of

Andrei P. Kirilyuk Andrei P. Kirilyuk Institute of Metal Physics, Kiev, Ukraine Institute of Metal Physics, Kiev, Ukraine http://myprofile.cos.com/mammoth http://myprofile.cos.com/mammoth UNREDUCED DYNAMIC UNREDUCED DYNAMIC COMPLEXITY

718 views • 33 slides
System Administrators in the Wild! What we ve learned from watching you Good Morning! I am

System Administrators in the Wild! What we ve learned from watching you Good Morning! I am

System Administrators in the Wild! What we ve learned from watching you Good Morning! I am really honored to be here as an invited speaker, Ive always been impressed by the quality of speakers here at LISA, and Ill do my best to live

602 views • 48 slides
Model-Based Self-Adaptation of Service-Oriented Software Systems GK Workshop 2010 Schloss

Model-Based Self-Adaptation of Service-Oriented Software Systems GK Workshop 2010 Schloss

Model-Based Self-Adaptation of Service-Oriented Software Systems GK Workshop 2010 Schloss Dagstuhl, June 2, 2010 Thomas Vogel Research School on Service-Oriented Systems Engineering System Analysis and Modeling Group Motivation 2 Continuous

472 views • 26 slides
Current Issues Regarding Data and Safety Monitoring Committees in Clinical Trials Discussion:

Current Issues Regarding Data and Safety Monitoring Committees in Clinical Trials Discussion:

Current Issues Regarding Data and Safety Monitoring Committees in Clinical Trials Discussion: Emerging Challenges in the Practice of Clinical Trial Data Monitoring Committees Maureen G. Maguire, PhD Carolyn Jones Professor Department of

450 views • 14 slides
Ethics for Behavioral Health Providers W orking in S chools and H ealth C are S ettings Avi

Ethics for Behavioral Health Providers W orking in S chools and H ealth C are S ettings Avi

Ethics for Behavioral Health Providers W orking in S chools and H ealth C are S ettings Avi Kriechman, M.D. Department of Psychiatry and Behavioral Sciences University of New Mexico Learning Objectives 1. List and define fundamental ethical

330 views • 28 slides
Verifiable Autonomy Michael Fisher University of Liverpool, 11th September 2015 Formal

Verifiable Autonomy Michael Fisher University of Liverpool, 11th September 2015 Formal

Verifiable Autonomy Michael Fisher University of Liverpool, 11th September 2015 Formal Verification Examples Closing Motivation: Autonomy Everywhere! rtc.nagoya.riken.jp/RI-MAN www.volvo.com Formal Verification Examples Closing

490 views • 19 slides
Ethics, Stewardship, and Laboratory Tests of Unproven Benefit Brian Jackson, MD, MS Assoc Prof

Ethics, Stewardship, and Laboratory Tests of Unproven Benefit Brian Jackson, MD, MS Assoc Prof

Ethics, Stewardship, and Laboratory Tests of Unproven Benefit Brian Jackson, MD, MS Assoc Prof of Pathology (Clinical), University of Utah Medical Director, IT and Support Services, ARUP Laboratories Cas Case: e: Neo eopt pterin erin Tes

525 views • 24 slides

More recommend