Presentation is loading. Please wait.

Presentation is loading. Please wait.

Failure Analysis of Two Internet Services Archana Ganapathi

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Failure Analysis of Two Internet Services Archana Ganapathi"— Presentation transcript:

1 Failure Analysis of Two Internet Services Archana Ganapathi (archanag@cs.berkeley.edu)

2 24x7 availability is important for Internet Services Unavailability = MTTR/(MTTR+MTTF) Determine reasons for failure and time to repair! Motivation

3 Recently in the News… “Technicians were installing routers to upgrade the.Net Messenger service, which underlies both Windows Messenger and MSN Messenger. The technicians incorrectly configured the routers. Service was out from 9 a.m. to 2 p.m. Eastern time on Monday. Ironically, the routers were being installed to make the service more reliable.” --posted on cnn.com techweb on Wednesday January 8 th, 2003

4 Recently in the News… “ AN INTERNET ROUTING error by AT&T effectively shut off access from around 40 percent of the Internet to several major Microsoft Web sites and services on Thursday, Microsoft has said. Access to Microsoft's Hotmail, Messenger, and Passport services as well as some other MSN services was cut for more than an hour after AT&T made routing changes on its backbone. The changes were made in preparation for the addition of capacity between AT&T and Microsoft that is meant to improve access to the services hit by the outage, said Adam Sohn, a spokesman for Microsoft. ” --posted on infoworld.com on Thursday January 9 th, 2003

5 Obtain real failure data from three Internet Services –Data in this talk is from two of them Validate/characterize failure based on post mortem reports Investigate failure mitigation techniques Approach

6 Internet Services Online Service/ Internet Portal Global Content Hosting Service Hits/day~100 million~7 million Collocation sites 2 (500 machines)15 (500 machines) PlatformSolaris on SPARC & x86 Open source x86 OS # of months studied 7 months3 months # of problems 296205

7 Internet Service Architecture Users Front End Back End FE – forward user requests to BE and possibly process data that is returned BE – data storage units NET – interconnections between FE and BE

8 Fe Be Net Unk Hw Sw Op Ol Df Ev Un Sw config Hw repair Initial Upgrade Fixing Part All None ROC techniques to mitigate failure

9 Types of Failures Component Failure –Not visible to customers –If not masked, evolves into a… Service Failure –Visible to customers –Service unavailable to end user or significant performance degradation –Always due to a component failure

10 Online Note: these are the statistics for 7 months of data

11 Note: these are the statistics for 3 months of data Content

12 Observations Hardware component failures are masked well in both services Operator induced failures are hardest to mask Compared to Online, Content is less successful in masking failures, especially operator-induced failures (Online: 33% unmasked, Content: 50% unmasked) Note: more than 15% of problems tracked at Content pertain to administrative/operations machines or services

13 Service Failure Cause by Location Front End Back End Net- work Un- known Online 77%3%18%2% Content 66%11%18%4%

14 Service Failure Cause by Component OnlineContent Total: 61 failures in 12 months Total: 56 failures in 3 months

15 Time to Repair (hr) MinMaxMedianAverageTotal # of problems OP0.272.92.921.15 SW0.59.61.42.76 HW0.1 1 OP0.2550.94.512.413 SW0.521.43.46.610 HW1.225.82.55.77 ONLINE CONTENT 8 months 2 months

16 Customer Impact Part of Customers Affected: –Part/All/None –Online: 50% affected part, 50% affected all customers (3 months of data) –Content: 100% affected part of customers (2 months of data)

17 Multiple Event Failures Vertically Cascaded Failures: chain of cascaded component failures that lead to service failure. Horizontally Related Failures: multiple independent component failures that contribute to service failure.

18 Multiple Event Failure Results Online Service Failures (3 months of data) –41% Vertically Cascaded –0% Horizontally Related Content Service Failures(2 months of data) –0% Vertically Cascaded –25% Horizontally Related

19 Service Failure Mitigation Techniques Total = 40 service failures Online testing26 Expose/monitor failures to reduce TTR12 Expose/monitor failures to reduce TTD11 Configuration checking9 Redundancy9 Online fault/load injection6 Component Isolation5 Pre-deployment fault/load injection3 Proactive restart3 Pre-deployment correctness testing2

20 Conclusions/Lessons Operator errors are most impacting –Largest single cause of failure –Largest MTTR Most valuable failure mitigation techniques are: –Online testing –Better monitoring tools, and better exposure of component health and error conditions –Configuration testing and increased redundancy

21 Research Directions Improve classification based on Vertically Cascading and Horizontally Related service failures Further explore failure mitigation techniques Investigate failure models based on time of day Apply current statistics to develop accurate benchmarks

22 Related Work “Why do Internet services fail, and what can be done about it?” (Oppenheimer D.) “Failure analysis of the PSTN” (Enriquez P.) “Why do computers stop and what can be done about it?” (Gray J.) “Lessons from giant-scale services” (Brewer E.) “How fail-stop are faulty programs?” (Chandra S. and Chen P.M.) “Networked Windows NT System Field Failure Data Analysis” (Xu J., Kalbarczyk Z. and Iyer R.)

Download ppt "Failure Analysis of Two Internet Services Archana Ganapathi"

Similar presentations

(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.

(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.
Chapter 3: Planning a Network Upgrade

Chapter 3: Planning a Network Upgrade
Networking Essentials Lab 3 & 4 Review. If you have configured an event log retention setting to Do Not Overwrite Events (Clear Log Manually), what happens.

Networking Essentials Lab 3 & 4 Review. If you have configured an event log retention setting to Do Not Overwrite Events (Clear Log Manually), what happens.
Large-Scale Distributed Systems Andrew Whitaker CSE451.

Large-Scale Distributed Systems Andrew Whitaker CSE451.
Internet Information Server 6.0. IIS 6.0 Enhancements  Fundamental changes, aimed at: Reliability & Availability Reliability & Availability Performance.

Internet Information Server 6.0. IIS 6.0 Enhancements  Fundamental changes, aimed at: Reliability & Availability Reliability & Availability Performance.
DATA CENTER OUTAGE BRIEFING JANUARY 10–11, 2014 INFORMATION AND EDUCATIONAL TECHNOLOGY.

DATA CENTER OUTAGE BRIEFING JANUARY 10–11, 2014 INFORMATION AND EDUCATIONAL TECHNOLOGY.
Predictor of Customer Perceived Software Quality By Haroon Malik.

Predictor of Customer Perceived Software Quality By Haroon Malik.
Skyward Server Management Options Mike Bianco. Agenda: Managed Services Overview OpenEdge Management / OpenEdge Explorer OpenEdge Managed Demo.

Skyward Server Management Options Mike Bianco. Agenda: Managed Services Overview OpenEdge Management / OpenEdge Explorer OpenEdge Managed Demo.
Experience with some Principles for Building an Internet-Scale Reliable System Mike Afergan (Akamai and MIT) Joel Wein (Akamai and Polytechnic University,

Experience with some Principles for Building an Internet-Scale Reliable System Mike Afergan (Akamai and MIT) Joel Wein (Akamai and Polytechnic University,
Reliability Week 11 - Lecture 2. What do we mean by reliability? Correctness – system/application does what it has to do correctly. Availability – Be.

Reliability Week 11 - Lecture 2. What do we mean by reliability? Correctness – system/application does what it has to do correctly. Availability – Be.
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.1 Computer Networks and Internets with Internet Applications, 4e By Douglas.

© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.1 Computer Networks and Internets with Internet Applications, 4e By Douglas.
Recovery Oriented Computing: Update Armando Fox (in loco Patterson) Summer ROC Retreat, June 2002.

Recovery Oriented Computing: Update Armando Fox (in loco Patterson) Summer ROC Retreat, June 2002.
Understanding Network Failures in Data Centers: Measurement, Analysis and Implications Phillipa Gill University of Toronto Navendu Jain & Nachiappan Nagappan.

Understanding Network Failures in Data Centers: Measurement, Analysis and Implications Phillipa Gill University of Toronto Navendu Jain & Nachiappan Nagappan.
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
 Network Management  Network Administrators Jobs  Reasons for using Network Management Systems  Analysing Network Data  Points that must be taken.

 Network Management  Network Administrators Jobs  Reasons for using Network Management Systems  Analysing Network Data  Points that must be taken.
Hands-On Microsoft Windows Server 2008 Chapter 11 Server and Network Monitoring.

Hands-On Microsoft Windows Server 2008 Chapter 11 Server and Network Monitoring.
CH 13 Server and Network Monitoring. Hands-On Microsoft Windows Server 20082 Objectives Understand the importance of server monitoring Monitor server.

CH 13 Server and Network Monitoring. Hands-On Microsoft Windows Server Objectives Understand the importance of server monitoring Monitor server.
Windows Server 2008 Chapter 11 Last Update 2012.06.07 1.0.0.

Windows Server 2008 Chapter 11 Last Update
© 2006 Jupitermedia Corporation Webcast TitleSuccessful Rollout Planning 1 January 19, 2006 2:00pm EST, 11:00am PST George Spafford, President Spafford.

© 2006 Jupitermedia Corporation Webcast TitleSuccessful Rollout Planning 1 January 19, :00pm EST, 11:00am PST George Spafford, President Spafford.
ATIF MEHMOOD MALIK KASHIF SIDDIQUE Improving dependability of Cloud Computing with Fault Tolerance and High Availability.

ATIF MEHMOOD MALIK KASHIF SIDDIQUE Improving dependability of Cloud Computing with Fault Tolerance and High Availability.

Similar presentations

Ads by Google