APM for cloud apps: Next big challenge
As
more and more companies are pushing their apps on the cloud, industry is facing
a new challenge of monitoring performance of the apps on various clouds and
measuring the SLAs for application performance in cloud. I won’t be astounded
if someone comes up with a new term "ALAs - Application Level
Performance" in near future. As cloud itself has to fulfill composite set
of expectations like auto scaling, billing, on demand provisioning etc, it’s
becoming difficult to segregate the root causes of application level
performance, simply because cloud has many layers to track and applications are
becoming more and more distributed, loosely coupled and difficult to manage. In
such a complex ecosystem, tracking application performance is a real challenge
in front of companies working in the sphere of APM.
How important is APM?
APM
is not a revenue generating solution for enterprises. However, it’s the core of
IT services as the thrust of APM is to fulfill SLAs and make sure the end-user
experience is of highest quality. In a highly competitive market, excellence
plays the most important role. If you are not providing high-quality solutions
to your customer, you are already out of the market. In such a fiercely
competitive market, APM plays a key role. Instead of having reactive processes,
companies are looking for proactive processes.
As
mentioned in one of the research report from Gartner - The factors most
responsible for the increased attention now being paid to the APM process and
the tools and services supporting it do not come from IT, but from the business
side of the enterprise, which has (during the past decade) fundamentally
changed its attitude towards IT in general. Line of business and C-level
executives now generally recognize that IT is not just infrastructure that
supports background workflows, but is also, and more fundamentally, a direct
generator of revenue and a key enabler of strategy.
Gartner
has defined five dimensions of an APM solution:
1. End-User experience monitoring - The capture of data about how end-to-end
application availability, latency, execution correctness and quality appeared
to the end-user.
2. Runtime application architecture discovery, modeling and
display - The discovery of
the software and hardware components involved in application execution and the
array of possible paths across which these components could communicate to
enable that involvement.
3. User-defined transaction profiling - The tracing of events as they occur
among the components or objects as they move across the paths discovered in the
second dimension; this is generated in response to a user’s attempt to cause
the application to execute what the user regards as a logical unit of work.
4. Component deep - Dive monitoring in application context -- the fine-grained
monitoring of resources consumed by and events occurring within the components
discovered in the second dimension.
5. Analytics - The marshaling of techniques, including behavior learning
engines, complex-event processing (CEP) platforms, log analysis, and multidimensional
database analysis to discover meaningful and actionable patterns in the
typically large datasets generated by the first four dimensions of APM.
Suggested features for an APM supporting cloud apps
Besides
the above dimensions for a typical APM solution, I suggest following features
for an APM supporting the cloud apps:
1.
Support for multiple
clouds and ability to provide a CMDB for cloud components.
2.
Agentless architecture
to reduce performance monitoring side-effects.
3.
Integration
capabilities with cloud provided monitoring tools.
4.
Auto-sensing of
application performance degradation and isolation of the cause from cloud.
5.
Integration
capabilities with ITIL-compliant service desk/ IT operations management tools.
6.
Ability to define and
translate application performance in terms of business SLAs.
To meet the 5 dimensions of Application Performance
Management viz End-User
Experience Monitoring, Runtime Application Architecture Discovery, Modeling and
Display, User-Defined Transaction Profiling, Component Deep - dive monitoring, and
Analytics, a typical APM tool has the following component layers:
1. Real
Time Dashboard, Alerts and Notification Layer
2. Application
Monitoring Layer
3. Network
Monitoring and Management Layer
4. Database
Layer (Rule DB, Log, DB, CM DB)
5. Integration
Layer (ESM integration, Infrastructure Integration and LDAP integration)
Following is the high level
architecture diagram of a typical APM tool.
The
APM works on the FCAPS philosophy. FCAPS is acronym for Fault Detection and
Management, Configuration Management, Accounting, Performance Management and
Security Management of underlying infrastructure comprising of various
hardware, software and firmware components. It typically includes, central
nervous system of your computing infrastructure (CNS = Compute, Network and
Storage). APM becomes complex in a distributed environment when there are
thousands of software and hardware components to manage using millions of
events to monitor and thousands of rules to define.
A
typical APM will get hooked to underneath infrastructure by providing the
relevant SDKs. Example, if your infrastructure uses VMWare for virtualization,
Oracle DB instances, IBM Web Sphere, MS Exchange Server etc, a good APM will be
able to gather events from all these components and process these data based on
the set rules to generate real time dashboards, alerts and notifications. A
good APM tool will also provide facility to define performance indicators as
performance definition varies in different context.
A
good APM tool will have capabilities to get integrated with existing Enterprise
systems Management tools so that it becomes part of the IT management
eco-systems and doesn’t work in silos.
APM
tool should also have capabilities to generate dashboards periodically to
address needs to various business users such as business owners, technology
owners and process owners.
Agent-Based
and Agent-Less Architecture:
Most
of the APM tools work on agent based architecture wherein agents with small
footprint are deployed across distributed systems to listen, capture and
transmit event information to central event DB. The agents are designed to keep
the performance overload as minimum as possible else there can be a danger of
agents themselves becoming performance and security bottlenecks.
Agent-less
architecture is based on signal interception paradigm wherein event information
is gathered from existing system components by intercepting events and logs and
processing these events and logs to generate high level dashboards.
What
do various components of APM do?
1. Network
Monitoring Components:
a. Fault
Management Engine: Fault management is a set of functions that enable the
detection, isolation, and correction of abnormal operation of the network.
b. Configuration
Management Engine: Configuration management provides functions to identify,
collect configuration data from, exercise control over, and provide
configuration data to network elements.
c. Accounting
Management Engine: Accounting management lets you measure the use of network
services and determine costs to the service provider and charges to the
customer for such use. It also supports the determination of charges for
services.
d. Performance
Management Engine: Performance management provides functions to evaluate and
report on the behavior of telecommunication equipment and the effectiveness of
the network or network element. Its role is to gather and analyze statistical
data for the purpose of monitoring and correcting the behavior and
effectiveness of the network, network elements, or other equipment, and to aid
in planning, provisioning, maintenance, and quality measurement.
e. Security
Management Engine: Security services provide authentication, access control,
data confidentiality, data integrity, and nonrepudiation. It also provides
security event detection and reporting reports activities that may be construed
as a security violation (unauthorized user, physical tampering with equipment)
on higher layers of security applications.
2. Information
Collection and Transition Agents: these are
listeners in various forms across the network which can intercept signals,
process them and transmit to a central repository for further processing.
Example, SNMP agents. For those who do not know SNMP, it stands for Simple
Network Monitoring Protocol , based on simple request/response paradigm. http://www.wtcs.org/snmp4tpc/snmp.htm
seems to be a good primer on this topic.
3. Events
Log and Data Processing Engine: Different systems generate logs in different
formats. A log processor has to understand such a variety log formats by
parsing these logs, extract the required information and store in the central
DB for further processing.
4. Rules
Definition and Enforcement Engine: Dashboards, alerts and notifications are
required to generate for various user groups. Each user group in the eco-system
will have its own way to see and interpret data for various business and
technical reasons. To make log processing more meaningful, APM provides a way
to define and enforce rules. Example, performance counters can be defined for
benchmarking performance of the app for various business needs. A user trading
shares online may want response time not more than 5 seconds whereas a data
entry operator at university can afford to wait for few more seconds. Rule
definition engine provides a way to create and edit rules dynamically and hence
has the capability to enforce alert/notification generation, SLA report
generation, and dashboard generation based on the set benchmarks and
thresholds.
5. Dashboard,
Notification and Alert Generation Engine: This is the top level component in an
APM which generates user friendly graphs, reports, alerts and notification for
the end users. It also have capabilities to benchmark itself to generate
comparison charts, projections for the future performance and send warnings
proactively.
Why so much focus on APM?
The
natural answer is market size and complexity of cloud-based applications. Also
APM is surely an expensive phenomenon. Business owners need to understand what
is more expensive – the cost of application or the cost of customers moving
away from their businesses due to lack of QoS. It’s a tread off business owners
need to understand and surely it’s going to be a headache for most of them. APM
solutions are available in wide range – from cost perspective and from features
perspective. There is no single answer to the question like which is the best
APM tool for my need. Since I see cloud to be the future of IT, I see APM to be
the most critical area to tame for IT managers, and hence I can see huge
interest companies will have in APM especially while moving their apps to
cloud. Moreover, IT services companies will have to heavily rely on good APM
solutions to make sure they are delivering a right solution to their customer.
I can foresee the QA teams in IT and consulting services using and relying
heavily on APM tools. In short, I can see a bright future for APM companies and
the consultants working in this highly challenging area of specialization.
About Author: Satish Agrawal is Vice President - Cloud Computing at e-Zest
Solutions Ltd. He has over 16 years of experience in IT and software product
engineering space and has built and implemented end-to-end cloud solutions for
clients across geographies
