Designing a Scalable Twitter

Guy Nirpaz, Uri Cohen and Shay Banon came up with an interesting exercise as part of the recent partner training that took place at the GigaSpaces office. In this exercise, the students were asked to come up with a scalable design for Twitter, using Space-Based Architecture.

There are some interesting scalability lessons from this exercise, which are applicable to anyone looking to implement new-style real-time web applications such as the ones used for social networking.

In this post I'll  try to summarize the main patterns to put into place and considerations to make when designing such a scalable architecture.

Background:

For those of you who are not yet familiar with the service, Twitter is sort of a SMS-service meets discussion board.  You can post short messages (up to 140 characters) that can be shared with a group of subscribers that are referred to as "followers". The main difference between twitter and other messaging applications is that both SMS and Instant Messaging (IM) applications were designed primarily for one-on-one communications whereis Twitter was designed primarily for broadcast communications (publish/subscribe, or pub/sub). Another aspect that is special about Twitter is that by default anyone can follow anyone else. In other words, it was designed for open communications, not private, as were IM and SMS.

What are Twitter's scalability challenges?

1. Sending a tweet (a message on Twitter is known as a 'tweet') -– The challenge is how to handle an ever-growing volume of tweets and re-tweets and responses that can lead to a viral "message storm"

2. Reading tweets – The challenge is how to handle a large number of concurrent users that continually “listen” for tweets from users (or topics) they follow.

Designing A Scalable Twitter

Choosing the right scalability patterns

Almost every challenge in software architecture has its roots in one of the existing patterns. So the simplest course is to start by looking for those patterns, and choosing the right patterns to scale the application. Looking at many other scalable architectures, we'll begin with a partitioning pattern as the core design principle. By partitioning our Twitter-like application we'll spread the load across a cluster of servers and scale by simply adding more servers (i.e., partitions).  Another important architectural observation about Twitter is that it doesn’t fit into the classic database-centric design that most web applications do. On the flip side, it doesn’t fit well with a messaging-centric design (pub/sub) either. It is a combination of the two.

A pattern that is suitable for this type of collaborative messaging is known as a blackboard pattern.  In our design, we will use those two design patterns -- partitioning and blackboard -- as the foundation for our scalable Twitter application. With the foundation in place, let’s list the requirements and examine how these patterns can be used to scale the app.

Scalability Requirements

We'll assume a relatively extreme scaling requirement:

• Tweet Volume: 10 billion tweets per day
• Tweet Storage: 100 Gigabytes per day (with 10:1 compression)

Additional assumptions:

• Tweets are limited to 140 characters
• Tweets are immutable, i.e., there are no updates, only inserts
• Twitter limits client applications to 70 requests per hour

Now that we have the foundational patterns and clear requirements, we can design the architecture. We'll start first with the blackboard system.

Using an In-Memory Data Grid (IMDG) as a Blackboard System

The are several approaches to building a blackboard system. To maximize performance and scalability, we'll store the data in memory, thus avoiding disk I/O, which is often the main cause for contention. For years, Java has provided a model for designing blackboard systems known as JavaSpaces. More recently, distributed caching has become popular and can provide similar capabilities to those of JavaSpaces. Let's examine two popular distributed caching approaches for our blackboard system:

1. Simple read-mostly caching using memcached
2. Read/write caching, also known as an In-Memory Data Grid (IMDG)

Choosing between memcached and an IMDG

Memcached enables us to to store the data (tweets) in a distributed memory set and read it in a scalable fashion. Having said that, be aware that memcached is not transactionally-safe and is not designed for reliability (i.e., it doesn’t support fail-over and high availability). That means that if we use memcached or something similar, we will have to use a database as the back-end. Every tweet posted will have to be written to both memcached and the database in a synchronous fashion to ensure that no tweet will be lost. This approach may be good enough for scaling read access, however, for writes and updates it offers limited scalability.

Unlike memcached, which was designed for simple read-mostly caching, In-Memory Data Grids  are designed for handling a read/write scenario, and can therefore act as the system-of-record for both write and read operations. We can still use a database for long-term persistence, but because the IMDG maintains its reliability purely in memory, we can write and update the database asynchronously and avoid hitting the database bottleneck.

Todd Hoff, author of highscalability.com wrote an interesting summary that covers the different products in this space in a recent post:  Are Cloud Based Memory Architectures the Next Big Thing?

Todd provide a clear explanation of how an IMDG works (using GigaSpaces):

 

• A POJO (Plain Old Java Object) is written through a proxy using a hash-based data routing mechanism to be stored in a partition on a Processing Unit. Attributes of the object are used as a key. This is straightforward hash based partitioning like you would use with memcached.
• You are operating through GigaSpace's framework/container so they can automatically handle things like messaging, sending change events, replication, failover, master-worker pattern, map-reduce, transactions, parallel processing, parallel query processing, and write-behind to databases.
• Scaling is accomplished by dividing your objects into more partitions and assigning the partitions to Processing Unit instances which run on nodes-- a scale-out strategy. Objects are kept in RAM and the objects contain both state and behavior. A Service Grid component supports the dynamic creation and termination of Processing Units.

Back to our Twitter app: Given the scalability requirements, we will need to scale both reads and writes, and therefore, an IMDG is a more suitable approach to implementing the blackboard system.

Now let’s examine how the use of an IMDG as the blackboard system enables us to scale both sending and reading tweets. Let's start by designing the partitioned cluster.

Designing a partition architecture

One of the main considerations in designing a partition cluster of any kind is determining the partition key, such as a Customer ID in a CRM application or a Trade ID in a trading application. At first glance, it sounds like a trivial decision, but choosing the right partitioning key requires a deep understanding of the application usage patterns and data model.  In the case of Twitter, we could choose to partition the application by the data-type, the user, the tweet itself or the followers. Our first goal is selecting a key that will that will be granular enough to enable scaling the application just by adding more partitions, while making sure that we don't end up with a key that is too fine-grained -- making it sub-optimal for querying purposes.

If we use the timestamp key, for example, our application will be optimized for “inserts” (writes), however, even a simple query such “retrieve the tweets of a certain user” will force us to execute an aggregated query against all partitions. Alternatively, if we partition the data based on user-id, we'll be able to easily spread the load from different users across partitions. Retrieving the tweets of a certain user is going to be resolved in one call to a single partition. We may encounter a problem if a single user generates a significant higher load than average, however, in the case of Twitter, we can assume that this is not very likely. Partitioning by user-id is a good compromise.

Data capacity analysis

With such extreme requirements it is clear that storing all tweets in memory is going to require huge memory capacity. Very quickly this will become economically prohibitive, so we need to devise a scheme in which the IMDG acts as a buffer for most of the load on the system, and then offloads the data and queries to an underlying persistent storage.  In our Twitter example, it is fair to assume that most real-time queries (those that require fast access to the data) will be resolved in data from the last hour or 24 hours. Queries that require older data will need to hit the database for the initial call. However, subsequent access to fetch new updates should be resolved purely in-memory.

Using this approach, we'll need about 10 servers, each holding 10GB of data in memory to accommodate 24 hours of activity. If we also want to back up the data in memory, we will need double the amount of servers.

Choosing the right eviction policy

It's reasonable to assume that recent data is accessed most and older data is rarely used. To ensure that we get the maximum hit ratio on our memory front-end, let's choose a time-based eviction policy, which always holds the most recent updates in memory. When we will reach our memory capacity limit the oldest data will automatically get evicted from memory. The actual window of time in which we will be able to keep in memory is obviously dependent on the size of the cluster. With an IMDG implementation all tweets are stored in a persistent storage, which means that when tweets are evicted they are not deleted from the system.

Scaling tweet writes:

If we select user-id as the partitioning key, each user tweet will be sent to a specific partition. Multiple users may be routed to the same partition. Usually the algorithm to determine which partition fits a certain user is something like:

routing-key.hashCode() % #of partitions

In GigaSpaces, this is done by marking the routing attribute of our tweet class with an @SpaceRouting annotation.

The web front-end application will call space.write( new Tweet(..),..)  to send the tweets. This way there is nothing in our web client code that exposes the fact that the underlying implementation interacts with a cluster of partitions (spaces in GigaSpaces). Those details are abstracted within the space proxy. When the write method is called on the space proxy it parses the field that matches @SpaceRouting from our Tweet() object and uses this field value to calculate the partition it belongs to. It then uses that value to route the Tweet(..) object to the appropriate partition.

With this approach, the web application can be written in a very simple way and can interact with the entire cluster as if it was a single server.

The data from the memory partitions gets stored asynchronously into a persistent storage. The persistent storage could be a database, but it could also be other things, such as an index search engine based on Compass/Lucene.

Scaling tweet reads:

To those familiar with messaging system, at first glance Twitter looks like a classic publish subscribe application. A closer look, however, reveals that any attempt to implement Twitter with something like a JMS message queue is going to fail in achieving a scalable system. This is especially true if you consider that the system needs to maintain a durable queue for each user. That could easily lead to a scenario in which each tweet is published to thousands of subscribers and every re-tweet can potentially lead to a "message storm".

As I discuss above, the right way to think about this type of application is as a blackboard pattern, just as a blackboard (or these days, a whiteboard) is used by a group of people (followers, in the case of Twitter) to share information and collaborate. When someone writes something on the board, everyone sees it and can choose to react. Unlike messaging (take email for example), we don’t need to send separate messages to each subscriber. Instead everyone is looking at the same board. Everything is also copied from the board to paper. When the board runs out of space, we erase it. And we can always page through the paper copy to access the board history. 

In Twitter, this means that each follower that follows a group of people is basically polling for messages posted by those users from the last time he read them. To make things more tangible we can express this type of query with the following SQL syntax:

SELECT * FROM Post WHERE UserID=<id> AND PostedOn > <from date>.

The <from date> will normally be the last few minutes, if we're constantly looking for new messages.

But there's a caveat. Remember that we partitioned the application by user-id? This means that each user's tweets are stored in a separate partition. How can we read all users' posts? If we poll for each user individually, we will end up with a lot of network calls. The simplest approach would be to execute one call that looks for ALL the users we're following and look for updates (new tweets) from those users. The pattern we'll use to perform such this task is mapreduce. One way to do that with GigaSpaces is through the distributed task API:

The distributed task API is a modern version of the stored procedure. The following snippet shows what such a call would look like:

AsyncFuture<Long> future = gigaSpace.execute(new GetTweetsUpdates());
long result = future.get(); // result will be the number of primary spaces

The GetTweetsUpdates() class contains code that will be injected in each partition and will enable us to look for updates from the users we follow in a single call. Because the call runs in-process, and because the data is stored in-memory, executing such a task is extremely fast compared with the equivalent with database and stored procedure operations. Execution is aggregated to the caller implicitly. The caller can use a reducer to aggregate the results into a single result object.

Scaling the web front-end

Nothing really new here. We'll use a classic web front-end, which is comprised of a load-balancer and a cluster of web servers that act as a front end to our IMDG instances. The web application will use a single cluster-aware IMDG proxy to send new tweet posts. The IMDG proxy will be responsible for mapping the tweet with the actual partition that hosting the tweet. That logic is kept completely out of the application code. This allows us to keep our web tier clean and simple.

Keeping the web layer stateless to avoid session stickiness

One common pattern for keeping the web tier scalable is to use a Shared-Nothing Architecture, which basically means that the web tier will be stateless. This requires keeping the user session state external to the web-tier. As previously demonstrated, the IMDG can be used as high-performance, scalable data store for maintaining shared session state information. This allows us to avoid session stickiness and to scale the web tier without being locked in to a specific server throughout the entire session, in case the server is over-loaded.

For more information on how to scale the web tier, as well as other important capabilities such as self-healing and auto-scaling, see the following tutorial: Scaling Your Web Application.

Making it simple and cost-effective using cloud computing

Twitter is yet another example for a situation in which system load is highly variable and the difference between average load and peak load can be quite significant. In such cases, provisioning our system can be fairly hard and costly. This is where cloud computing and SLA-driven deployments can help us scale on demand and pay only for what we use.

Once we figured out a way to partition the application, it's going to be much simpler to package the application into self-sufficient units (referred to in GigaSpaces as processing-units) and scale the application simply by adding or removing these units on demand. You can learn more about this here

Final words

Scaling a real-time web application such as Twitter or Facebook introduces unique challenges that are are quite different from those of a "classic" database-centric application. The most profound difference is the fact that unlike with traditional sites, Twitter is a heavy read/write application, and not read-mostly. This seemingly minor difference can break most existing models for web application scalability. Using a combination of memcached + MySQL is not going to cut it for this type of application. 

The good news is that with the right patterns and set of tools, building a scalable architecture that meets such challenges isn’t that difficult.  There are already plenty of success stories that demonstrate that, such as the following example from highscalability.com: Handle 1 Billion Events Per Day Using a Memory Grid

The proposed architecture is by no means perfect and can be further optimized to meet even better performance and latency, but that will come at the cost of simplicity. I believe that the proposed architecture should get you pretty far as-is. Avoid going through more advanced optimizations until the point they are an absolute must.

References

• Twitter getting bigger - Scaling becomes more of an issue

• Memory-Based Architectures and the Cloud

• Handle 1 Billion Events Per Day Using a Memory Grid

• Are Cloud-Based Memory Architectures the Next Big Thing?

• Scaling Your Web Application

• Persistence on the Cloud – How and Why?

• Scaling twitter presentation by Guy Nirpaz

Best Cloud Application Providers

This week i got a nice xMas surprise hearing that we won the Best Cloud Application Provider category in the The 2008 Cloudies Awards

What makes it even sweater is knowing that it came from one of the best cloud bloggers John M. Willis.

Now to make xMas even sweater one of the recent evaluator of GigaSpaces Frank Carver’s wrote on his experience with Experimenting with GigaSpaces

A sure sign that the GigaSpaces folks “get it” is the way they are integrating with Amazon’s cloud offerings.

This is a great opportunity to wish all of our friends and partners happy Christmas and happy Hanuka with one of Jim Gaffigan great stand up on Christmas.

Latency is Everywhere and it Costs You Sales - How to Crush it - My Take

Over on HighScalability.com Todd Hoff posted one of the comprehensive articles on latency that I've read titled Latency is Everywhere and it Costs You Sales - How to Crush it. It covers almost every aspect of latency, and is a must-read on the subject. Todd provides a good explanation of how Space-Based Architecture helps in reducing latency through collocation of tiers and by utilizing memory to remove the I/O bottleneck:

The thinking is that the primary source of latency in a system centers around accessing disk. So skip the disk and keep everything in memory. Very logical. As memory is an order of magnitude faster than disk it's hard to argue that latency in such a system wouldn't plummet.

Latency is minimized because objects are in kept memory and work requests are directed directly to the machine containing the already in-memory object. The object implements the request behavior on the same machine. There's no pulling data from a disk. There isn't even the hit of accessing a cache server. And since all other object requests are also served from in-memory objects we've minimized the Service Dependency Latency problem as well.

In this post I wanted to summarize my take-aways from Todd’s article and add some of my own thoughts based on my experience with GigaSpaces customers.

Sources for latency – is it the network or the software?

When discussing latency most people fall into one of two main camps: the "networking" camp and the "software architecture" camp. The former tends to think that the impact of software on latency is negligible, especially when it comes to Web applications.

Marc Abrams says "The bulk of this time is the round trip delay, and only a tiny portion is delay at the server. This implies that the bottleneck in accessing pages over the Internet is due to the Internet itself, and not the server speed."

The "software architecture" camp tends to believe that network latency is a given and there is little we can do about it. The bulk of latency that we can control lies within the software/application architecture. Dan Pritchett's Lessons for Managing Latency provides guidelines for an application architecture that addresses latency requirements using loosely-coupled components, asynchronousinterfaces, horizontal scale from the start, active/active architecture and by avoiding ACID and pessimistic transactions.

So is it the network or the software?

The simplest way to answer this question is to run a mockup test that removes the impact of the software on latency from the equation.

Global optimization vs Local optimization

To better understand latency optimization we can use the analogy of a plant production line. We have a big pipeline of things that need to get done and we need to look at each element in the pipeline to optimize our production latency. In an earlier posts - Moving to Extreme Transactions Processing using Lean methodology - I discuss how we can apply the same principles used in manufacturing line optimization, such as the Lean methodology, in software systems. I tried to illustrate the applicability of some of the core principles of lean methodology. Here’s a recap:

In many cases, we can get more bang for the buck by looking at an extended value-stream, as opposed to a localized one. Local optimization means digging into the latency path in a specific component in our system. With global optimization, however, we look at the entire pipeline and optimize at that level.

An example of local optimization would be looking at our messaging system and lowering the latency of sending a message from point A to point B. An example of global optimization would be looking at the end-to-end transaction. Processing a typical transaction involves sending messages through a messaging system, consuming it, and then updating the database. If we collocate the message queue with the data receiver, we can easily eliminate half of the network hops. Additionally, if we’ll use the same storage for messaging and data, we can avoid the 2-phase commit overhead. At the same time, we can analyze the user experience to see how many clicks it takes to perform a given operation. By reducing the number of clicks we can reduce the perceived latency much more then we can by reducing the time it takes to process each click. It’s easy to see how we can get better latency savings by taking the global optimization view. Global optimization often has much more room for optimization than a local one.

If our system is already designed with a scale-out model, adding more machines and spreading the load is much simpler than trying to apply local optimizations.

Scalability as a major source for latency.

One topic that is often missing or less understood in many latency discussions is the impact of scalability on latency.

Todd writes: "We put shards in parallel to increase capacity, but request latency through the system remains the same". This statement is a common fallacy. It assumes that each request is completely independent of the others. In reality, however, if the application is not designed with a scale-out/share-nothing approach then at some point it will hit a shared contention, which makes those supposedly parallel requests dependent on each another. Contention happens when multiple concurrent users or business-requests hit a shared resource at the same time. A shared resource might be a hardware resource -- such as CPU, memory or disk -- or a software resource, such as a shared database lock. Shared resources need to be freed before another request can be processed through them. This contention time is proportional to the number of concurrent attempts to consume the shared resource and the duration in which the resource is locked. This is one of the basic principles of Amdahl’s Law, which shows that to increase processing capacity of a request that spends 10% of its time on a shared lock will require a 100x increase to CPU power. This contention time, therefore, must be added to our “latency path”. In a non-scalable system this will be proportional to the number of concurrent requests, meaning it will rapidly lengthen as the system load increases, up to the point in which the system will face “resource starvation”. (See further discussion of this here ).

Based on my experience, hardware and software contentions are some of the main contributors to latency. This is partly due to the fact that network overhead latency is relatively fixed, while application overhead latency is variable. It is extremely complex to design a fully-optimized software application.

Scalability happens to be one of those things that are often implemented in a non-optimized manner, and as mentioned above, lead to latency. The only way we can reduce the scalability overhead on latency is by reducing the contention points in our application. The typical method for reducing the contention is through “sharding” (partitioning) the access to those resources using a share-nothing approach. Disks are less concurrent than memory, and therefore, removing the dependency on disk access in the critical path of the operation is one of the keys to a latency reduction strategy. This is one of the key principles of Space-Based Architecture:

The impact of peak load provisioning on the latency cost

Another source of latency is related to provisioning. Many web sites uses static provisioning based on peak load. But how do we measure peak load? With the introduction of social networks, and phenomenon such as the Digg Effect, it becomes extremely hard to predict peak loads, as user traffic is subject to “viral behavior” leading to sudden spikes in traffic. The further ahead we try to plan, we increase the chances of missing the target. This will lead to one of two outcomes: 1)Over-Provisioning – in which case latency is not harmed, but we unnecessarily pay the cost of more servers and other resources than we normally need. 2) Under-Provisioning -- in which case our site may significantly slow down or even crash.

Use on-demand scaling to smooth the latency peaks

If we can't predict the peak loads accurately, we need to scale the system rapidly whenever we see it is approaching capacity. If the system was not designed for scale-out (linear scalability), the process of scaling will involve a substantial amount of work and tuning, which is time-consuming and therefore defeats the purpose.

A scale-out approach enables us to scale on demand and smooth out the impact of load spikes on application latency by adding servers when the load is up and removing unnecessary ones whether load is reduced. In this way we can cost-effectively control latency.

Cloud computing and virtualization enable us to build such an “elastic computing” model with significantly less effort than previously necessary. For example, the GigaSpaces Cloud Framework already supports on-demand scalability for web containers.

My colleague Shay Hasidim posted a latency-benchmark that measured how low-latency is maintained by increasing the number of servers.

From the results above we see that as we increase the number of web servers system contention (scalability barrier) grows in terms of the number of concurrent users. With a single server, latency increases starting with 100 concurrent users; with two servers, at 300 concurrent users, and with three servers -- 500 concurrent users.

To ensure linear scalability on the web-tier, we must ensure that the underlying data-tier scales-out at the same level as can be seen in the diagram below. In this case we used GigaSpaces’ In-Memory Data Grid as a front-end to a MySQL.

With the graph above we see that the IMDG scales very close theoretical linear scalability. The above results were achieved with an IMDG running on 2 partitions. Better scalability can be achieved by increasing the number of partitions.

Read more about how to scale-out the data-tier in Scaling-out MySQL.

To enable this level of on-demand scalability we used our new Cloud Framework, which combines the GigaSpaces SLA-driven container as the application deployment virtualization layer, Amazon EC2 as the machine level virtualization layer, and the GigaSpaces application server as the middleware virtualization layer. This way we can provision new machines as soon as the SLA on the web-tier is breached (measuring latency, in this specific case). When such an event happens we launch new machine instances on EC2. A new web container is provisioned on these machines through the GigaSpaces SLA-driven deployment system. An apache load-balancer agent is responsible for synchronizing the load-balancer whenever a new web container joins the cluster. Using this approach we can achieve end-to-end dynamic scalability, starting from the load-balancer, through the web-tier and business-tier, and ending with the data-tier.

It is important to note that while this test was performed on EC2, there is nothing that bounds the solution specifically to the EC2 environment. In fact, we used the same exact model to enable dynamic scaling on private-clouds using GigaSpaces and the Sun Grid Engine, for example. A more detailed description of that is available here.

Data Query latency

Query latency is the time it takes to process a query request and receive the result. There are a few factors that influence query latency:

1. The time it takes to access the data (read it from file in case it is stored on disk)
2. Contention - the time spent on a shared lock to access the data
3. Complexity of the query - the number of calls involved in executing the query

We can address each of those issues as follows:

1. File systems are not optimized for concurrent access. In addition, file systems are stream-based systems that enforce serialization and de-serialization of the data every time we wish to access it. An easy way to eliminate this overhead is to put the data in memory, which enables access to it using a direct reference. (See further details in InfoQ Article - RAM is the new disk).
2. We can reduce contention by partitioning the data, which also results in partitioning the lock. Putting the data in-memory also reduces contention because memory is much more concurrent than disk, and we don't need to inherit global file system locks. Instead, each data item can have its own locking. This will enable much more concurrent access to our data.
3. Collocating the business logic with the data - We can reduce the number of remote calls required for each query using a stored procedure approach, meaning the business logic runs collocated with the data. For partitioned data we will need to use a MapReduce-like pattern to enable execution of the queries on distributed data sources. The fact that our data source is now partitioned enables us to reduce the time it takes to query compared with running the same query in a centralized database for the following reasons:

• The data-set per partition is smaller; and

We can leverage the full capacity of the CPU/memory of each partition to get more power to process the query

Garbage collection impact on latency

Another source of latency that I found missing in Todd article is the impact of Garbage collection. Garbage collection is used in any Java or .Net application. Garbage collection runs as a background thread that cleans all the unused object in the JVM. In early versions of Java the Garbage collection implementation used a synchronized block on the entire memory during the time the garbage collection cleaned those unused objects. This hiccup time is dependent on the size of memory, number of CPU's and number of objects that are freed between each GC cycle. In those early versions of Java it was a common practice to use Object pooling as a way to reduce this hiccup. Object pooling basically bypassed the GC work and we had to take control over object lifecycle in our code. Having said that Object pools themselves became a shared resource and source for contention. As of Java 5 the GC algorithm was improved to enable more concurrent garbage collection. This means that the hiccup time was curved-out over the time therefore had less impact over our application peak performance. This holds true as long as we have enough CPU cycles to spend on the GC cycles. The caveat is that if our application consumes 100% of the CPU all this optimization is not going to help as when the GC hit our system it will compete with our application time and therefore the end result is long hiccups again. Real-time VM aims to address this problem by spreading CPU cycles between the application threads and GC threads in deterministic manner. I.e. it will slow down our application in some cases to ensure that GC gets enough cycles and in that case provide more predictable latency behavior on behalf of throughput.
The JVM comes with different switches that enable better control over the GC behavior and provides means to adjust the GC time. One thing to note about GC optimization is that it tends be close to a voodoo art. it works in certain scenarios and break in others so It is very hard to find the right combination.

Avoiding GC hiccups - Avoid over utilization

Based on my experience, the simplest and most effective way to avoid GC hiccups is to avoid over-utilization. This means that we need to plan our system in a way that wouldn't consume more then 80% of the CPU and memory under peak loads (you can choose a different threshold that may be more appropriate for your organization). For example, if the servers can process up to 500 requests per second at 100% utilization, and we have a requirement to process 1000 requests/sec, it is better to provision three machines, each processing roughly 330 request/sec, rather than two machines that are maxed out at 1000 request/sec. We also need to make sure that we have the right proportion between memory and CPU. For intensive read/write applications, I would go with at least 1CPU/2GB, and if possible, even 1CPU/1GB. These rules of thumb should get you most of what is needed in terms of latency. Obviously if that’s not enough, then you need to dig deeper into the GC flags or consider a Real-Time JVM, but you should use those options as a last resort.

A note 64 Bit VM provisioning:

Lately I've experienced some cases where people thought that they can use 64-bit machines and large memory heap sizes to reduce the cost of the system (mostly due to software license costs and machines maintenance fees). The assumption was that if with 64-bit each process can manage more memory, they can use fewer machines and fewer processers. What they didn't take into account are the considerations I presented above. The number of CPUs needs to be proportional to the amount of memory, and not just to the number of VM processes running the IMDG. This means that using 64-bit VMs can reduce the number of machines, but might have almost no impact on the number of CPUs the system will leverage. As for the amount of memory that each process can handle - that number tends to vary widely, so I don't feel comfortable giving a concrete number other than to say that I know of systems using the GigaSpaces product with 8GBs per process.

The cost of latency

Everything we do has a $ value associated with it. Latency is no different. Todd mentioned in his post some of the issues related to latency cost.

The cost associated with losing users due to a bad user experience – this measurement is typical for e-commerce, social networking and search engines sites: "Amazon found every 100ms of latency cost them 1% in sales. Google found an extra .5 seconds in search page generation time dropped traffic by 20%."

Another cost associated with losing trades – in this case the cost is a measure of the chance of losing business when your competitor can trade faster than you do: “A broker could lose $4 million in revenues per millisecond if his electronic trading platform is 5 milliseconds behind the competition.”

Another aspect that was not mentioned is the operation costs of achieving latency targets. This cost factor applies to latency in the same way it applies to other scalability operational costs.

The cost of over provisioning – if the system was not designed for on-demand scaling then we are probably spending money on over-provisioning. Meaning the system is statically provisioned to have more machines than we actually need on average, and we pay the costs of under-utilization (idle resources waiting for peak loads).

The cost of failure – if the system was under-provisioned, then we are likely to face the cost of downtime. According to a Forester survey conducted with 235 organizations, 33% estimate the hourly cost of downtime at $10k-$100k , 25% at $100k-$500k, and 13% $500k-$1M.

How cloud computing can help to improve latency and save some of the latency cost

1. Built for on-demand scalability – cloud computing is a great enabling infrastructure built for on-demand scaling.
2. Geographically distributed – we can improve latency by running our servers close to the geographical location of the user. Quoting Todd’s article again: "Facebook opened a new datacenter on the east coast in order to save 70 milliseconds "

We can now have data centers spread around the globe at our disposal making it easy to run our applications in those different data center locations and point the user to the closest location at a fraction of the cost.

It is true that all this can be achieved without cloud computing. But cloud computing reduced the barrier to entry so that even the smallest startup can apply these optimizations, previously considered a luxury that only big companies could afford

My 20/80 rules for achieving predictable latency

I'm sure that many readers are aware of the fact that out of the many possible sources of latency, there are some that are beyond our control: Internet routers, for example.  One of the key questions I ask myself in relation to latency is whether there is a 20/80 rule.  What are the 20% of the things I should focus on that will help me reduce 80% of the latency. In this section I'll try to provide the guidelines I use for designing a system for optimum latency.

1. Focus on application architecture and leave hardware and OS optimizations as a last resort. The performance provided by commodity hardware should be good enough for 80% of cases. In addition, the effort of optimizing hardware and Internet routers might involve a huge investment, and therefore, should be used sparingly. If you’re not sure whether the source of latency in your application is the network or the software, run the tests I mentioned above.
2. Start with global optimizations – before you begin to optimize the database, the router and the messaging system, look at the entire pipeline of your business request. By looking at that global level, you may find that parallelizing some part of the request, or changing some of the reliability/consistency requirements, may have a much bigger impact than any local optimization.
3. Use Spaces Based Architecture principles (even if you’re not using GigaSpaces) – quoting Todd again:
   1. Co-location of the tiers (logic, data, messaging, presentation) on the same physical machine (but with a shared-nothing architecture so that there is minimal communication between machines)
      1. Assemble/Collocate your application components based on the runtime/execution flow dependency and not based on their function in the system. For example if each request need to go through various steps such as parsing, validation, matching and execution it doesn't make sense to do each of those steps in separate process/tier. Instead you can make sure that all of those steps will be collocated and split the application into multiple units each containing all those various components. In SBA we refer to those units as processing units. This is probably one of the main difference between Space Based Architecture and Tier based architecture. In tier based approach our application is broken down into presentation tier, business logic and data-tier where in SBA we tend to collocate all of those tier as much as possible and split the application into multiple horizontal units each containing all the tiers to reduce the amount of moving parts and network hops.
   2. Co-location of services on the same machine
   3. Maintaining data in memory (caching)
   4. Asynch communication to a persistent store and across geographical locations 
      1. Avoid calling any disk/database operation at the critical path of the execution. With the addition of data-grid we can use in-memory data as the system of record. This enables us to avoid data or file access during the critical path of the user request and delegate the update to the data base as an asynchronous operation.

2. You can add to Todd summary the other pieces associated with Query optimization such as the use of Map/Reduce and moving the logic to the data is located that I laid out above.
3.  Design your system for dynamic scalability – Dynamic scalability doesn't necessarily means that scaling needs to happen in real time. It means that scaling can be done without changing code and the cycle of scaling is short. In many real-life scenarios “short” could mean a day or even a week.
4. Provision correctly - Avoid over utilization.
5. Other tips for optimizing the architecture:
   1. Decouple application components - Use SOA and EDA to make your application granular enough so that you can easily change the way you assemble the different components of your system without code changes. This flexibility is important as it will allow you to decide at different stages what your business logic pipeline is going to look like. It will allow you to optimize later, such as collocating elements that have strong dependencies among them from a business perspective. 
   2. Abstract your communication layer - Abstracting the network layer enables latency reduction when the components are collocated. This abstraction is also important to enable easy plug-ins of different transports without changing code. Assume that in the future new protocols, transports and other technologies will be introduced. By decoupling your code from the transport you can easily plug them in when they become available.

In most cases, following these steps gets you most of what you need. It also provides a good basis for eliminating many of the factors that make latency optimization on other layers more difficult. For example, if we run the business logic in a collocated in-process mode we isolate the impact on our code from external factors such as routers. It also provides a good model for troubleshooting and optimizing the system in case latency goes wrong. Rather than dealing with latency as a big-bang project, we should break it down into the levels that enable us to deal with the latency problem in a more gradual manner.

Managing application on the cloud using a JMX Fabric

One of the challenges of managing application in a distributed environment such as Cloud/Grid is that collecting or finding the management information of each part of the application is a relatively complex task.

JMX provides a standard way to expose the management information (MBean) of a particular server. However, the way the client-side finds all the MBeans that comprise the application, or the way a single client might interact with the distributed parts of the application, is left open.

Steve Colwill from PSJ wrote a detailed blog, JMX for Grid Based Applications,
where he outlines a solution that uses JMX JSR-160 connectors and GigaSpaces to create a JMX Fabric. According to the proposed solution, the managed agent (server side) use the connector to add a reference of each MBean stub to the space. The client uses a FederatedMBeanServerConnection class that picks up those references from the space, connects to them and then delegates operations to the set of Mbean servers, effectively acting as a multiplexer.

Using the space as a JMX directory service

The above diagram illustrates how the model described by Steve works. The client is abstracted from the physical location of each server and can easily discover services that join the network. The connection from the client to the servers uses peer-to-peer communication, which means that once the service is discovered, no additional overhead is needed for communication between the client and the managed service. In this case, the space is used as a directory service. We leverage the fact that it can be distributed and dynamically discovered to simplify the discovery process in a distributed environment.

Using the space as a management data repository

The above model is quite useful for cases in which we want to expose federated services which have an existing remote interface. But this is not always the case. If it isn't, we can use the space as a management data repository, which contains full management information for each agent and exposes that information to the client or to any management application. In this method too, the client application is abstracted from the managed service. But unlike the first option, the client gets the information about the managed entity directly from the space, and doesn't need to maintain a connection with the managed service. The space in this case is used as a distributed database, so the application can not only obtain management information about an individual server but can also gather aggregate statistics and perform other aggregate data queries, directly on the data model.

Summary

Steve's solution to managing application in a distributed environment is an interesting one, as it enables applications that are already using a standard JMX interface to use a new federated model without changing the application and without adding a performance overhead. This is achieved just by plugging a new space-based connector. It is a good example that shows how a space can be used as a distributed directory service. It is important to note this is only one pattern in which a space can be used to solve this type of challenge. There are other ways; using the space as a management data repository, as I suggested in this post, is just one of them. The nice thing is that implementing any of these patterns becomes fairly simple once the space is brought into the picture.

I would like to end this post by thanking Steve specifically and PSJ in general for being a great partner for such a long period of time, and for sharing your experience in such meticulous detail.

Making EDA programming simple with JeeWiz

Event Driven Architecture (EDA) is becoming more popular these days, as the drive for loosely coupled and scalable architecture forces us to break our systems into components and integrate them through some sort of workflow.  Having said that, thinking in asynchronous events is not a trivial concept to deal with, seeing as we used to thinking and programming in a synchronous manner.

Space-Based Architecture lends itself very nicely to EDA, because it provides a means to register for events, manage the state of events and trigger different business logic elements based on state changes.
This makes the programming of EDA relatively simple compared with some of the other options, such as messaging and database systems. The following diagram shows how a typical EDA would look like in a Space-Based world - you can read the full description here.

While Space-Based Architecture makes EDA relatively simple compared with alternatives it can be made even simpler using advanced code generation tools that follows the Model Driven Development pattern.

JeeWiz is one of the leading products in that space: 

"The goal of JeeWiz is to automate software development as much as possible. JeeWiz builds all the code, configuration and build jobs that can be derived from high-level models of a system, achieving unprecedented levels of automation."

Matthew Fowler, Founder and CEO, New Technology/Enterprise Ltd. gave a presentation in our latest London Event introducing GigaSystemBuilder using JeeWiz which enables a model-driven development with GigaSpaces. JeeWiz is an Eclipse-based tool that makes it easy to create an entire project fairly easy. The product itself is highly customized. Users can use the same model to build their own templates, and in this way automate a large part of their development. The following diagram taken from Matthew's presentation, shows how a typical development process would look like with JeeWiz.

Matthew's presentation contains more details about the specific integration with GigaSpaces and what the generated code would look like -- I would highly recommend looking into it. The presentation is available online here. I was also happy to see that the GigaSpacesBuilder Eclipse-plugin is now available for download here. It comes with full documentation and an easy guide to get you through the first steps.

Well done Mathew and the JeeWiz team!

GigaSpaces is Available on Apache Camel

Apache Camel is a Spring based integration framework.
I was happy to see that David Greco released a JavaSpace connector for Camel based on GigaSpaces.

Quoting from David description of the connector:

"The javaspace: component is a transport for working with any JavaSpace compliant implementation, this component has been tested with both the Blitz implementation and the GigaSpace implementation .
This component can be used for sending and receiving any object inheriting from the Jini Entry class, it's also possible to pass an id (Spring Bean) of a template that can be used for reading/taking the entries from the space.
This component can be also used for sending/receiving any serializable object acting as a sort of generic transport. The JavaSpace component contains a special optimization for dealing with the BeanExchange. It can be used, then, for invoking remotely a POJO using as a transport a JavaSpace.
This latter feature can be used for an easy implementation of the master/worker pattern where a POJO provides the business logic for the worker.
Look at the test cases for seeing the various usage option for this component."

Interestingly enough I'm seeing more the use of space based transport used to drive this new type scale-out integration frameworks. Beyond the space transport i believe that Camel users can leverage the fact that they can use the space as a data-store for sharing the state between the various services without needing to go to database just for that purpose.

Nice work David!

The true meaning of linear scalabilty

At the TheServerSide Java Symposium in Barcelona two weeks ago, I took part in the High Performance Architecture panel.

Some of the questions raised in the panel's discussion strengthened my realization that the terms "scalability" means different things to different people. For example, people often confuse performance and scalability. At the same time, others refer to scalability as a measure of optimizing the application to utilize more processing power given to it in the form of additional CPUs or cores. Grid vendors often refer to scalability as a measure of parallelizing your application across different machines. Data Grid vendors refer to scalability as a way to remove the data bottleneck by scaling-out the data.

In a sense, all of them are correct – scalability is a multi dimensional topic. What many fail to realize is that each of the different solutions (additional hardware, grid, data grids) is just an optimization that can improve application scalability, but doesn't really addresses the scalability issue at the source.

In his excellent book Pro-JavaEE, Steve Haines discusses the topic of scalability and performance. Here's Steve's definition of Scalability vs Performance:

"The terms “performance” and “scalability” are commonly used interchangeably, but the two are distinct: performance measures the speed with which a single request can be executed, while scalability measures the ability of a request to maintain its performance under increasing load. For example, the performance of a request may be reported as generating a valid response within three seconds, but the scalability of the request measures the request’s ability to maintain that three-second response time as the user load increases."

Steve also provides various real-life examples on the implications of scalability in the chapter Performance and Scalability Testing. The clear message that comes out of it is the impact of the architecture on scalability: when it comes to scalability, you're only as strong as your weakest link.

Achieving true linear scalability:

A linearly scalable application is an application that can scale just by adding more machines and/or CPUs, without changing the application code.

So how do we achieve true linear scalability?
Dan Creswell provides a good summary in his recent post Amazon on Data Storage, which covers how Amazon approached this challenge. In an earlier post, Dodging the Concurrency Bullet, he provided a good summary of some of the core principles for achieving scalability in a stateful environment:

Any time we have a piece of state that needs to be accessed concurrently we hit problems. One can hide this problem using messaging (or similar) but the key aspect in these solutions is that we can partition operations into streams against discrete elements of data (a discrete element could be a group of things) that don’t interfere with each other. Partitioning however can be problematic:

1. Our data has to be amenable to partitioning via hashing or some other method.
2. It gets tricky when we need to deal with availability and disaster recovery.
3. Getting the correct granularity of partitioning  be challenging.

What Dan is referring to is also known as Amdahl's Law. It says that if, for example, your program has only 10% of a given function synchronized, then if the throughput of that function at a single CPU is 100 messages per second, to increase performance by a factor of 10 -- to 1,000 msg/sec -- we will need to increase our CPU resources by a factor of 100 (10 times more then what would have been required if the application wouldn't have any synchronization blocks in its code). In reality most existing  applications  are stateful and, therefore, by definition have a requirement for synchronization as part of their code.  This means that the throughput gain expected for these types of applications by throwing more hardware at the problem is going to be fairly low. In other words, if you want to achieve true linear scalability in a stateful environment you must design your application in a distributed/partitioned fashion.

Dan the makes a comment that summarizes well the challenges in applying such a pattern:

...we got rid of our concurrency problem and swapped it for a partitioning problem which then turned into something of an exotic problem. Are we any better off?

While it's not possible to completely eliminate these challenges, we can certainly simplify the solution for overcoming them. The key is to hide the complexity of partitioning and the details required to achieve parallelization as much as possible from the business-logic and push it to the middleware stack.

Obviously, if the middleware itself is not inherently designed to solve this sort of challenge, like most existing tier-based implementations, there is only so much you can hide. We can't assume that we can simply take existing middleware implementations that are designed for a tier-based approach and turn it to fit into the partitioned/scale-out model. We have to approach how the middleware itself is implemented in a different way.

I recently published the Scalability Revolution white paper, which covers in-depth a proposed pattern and architecture for achieving linear scalability in a stateful environment named Space-Based Architecture. The paper discusses the existing bottlenecks within today's typical middleware stack and how those bottlenecks can be overcome by changing the underlying implementation of the core middleware stack, namely, the messaging, data and processing.

To make the transition simple, I tried to keep the way the application interacts with those middleware components pretty much the same as it does today: this is one of the keys for easing the transition from tier-based implementations to a scale-out model.

The principles behind this pattern are not new, and are based on the same principles that Google, Amazon, eBay and others have used to achieve linear scalability. The big guys have all built their own middleware stacks to address this. Knowing that most of us can't afford the same investment, our focus at GigaSpaces has been to provide ways to make the building of scalable applications as simple as possible, as simple as Spring. If you're interested in trying it out and writing your own Amazon/Google-like application in an hour, try out our new release, GigaSpaces eXtreme Application Platform 6.0.

My Personal Blog

Until now I have been posting my GigaSpaces related blogs on our company blog  where I shared my thoughts about distributed computing architecture in general and specifically Space Based Architecture.
We've decided to change the role of the GigaSpaces corporate blog from a place that hosts just my thoughts to a central channel that  aggregates different thoughts of different individuals both from within GigaSpaces and outside of it. This will include a distinguished list of bloggers listed below. We're also going to use the GigaSpaces blog for various updates on product releases, events and other stuff.

So this is my new blogging home from now on. It will serve as a platform from which I can share my thoughts about technology in general as well as things that we're doing specifically at GigaSpaces.

Much of the GigaSpaces product evolution is a result of dialog with our customers, as well as the community at large. During the past few months I've had many discussions with various folks who are active in the developer community, such as John Davies, who was the first to introduce me to Spring, as well as Rod Johnson from Interface21 and Ross Mason from MuleSource. These discussions have been extremely helpful in shaping up many of my ideas on how GigaSpaces can fit with the various industry trends. In recent years I have also had the honor of working closely with Andy Doddington and Yuri Schimke from Bank of America, who have been particularly proactive about their work with GigaSpaces and its integration with Spring, you can learn more about that project here. Frank Greco has been a great supporter of Jini and JavaSpaces for years, and has helped a great deal in educating the market on the technology and how it could fit as an SOA platform in the financial world. This is just a partial list of the many great supporters who have influenced GigaSpaces' roadmap.

My hope for this blog is to continue this level of dialog with a broad group of thought leaders in the community. I'm hoping that  it will evolve as a platform for generating constructive dialog, some of which will probably find its way in the solution we will be providing.

Oh, and as promised - below is the list of the GigaSpaces bloggers who will be now covered in the GigaSpaces blog.

• Geva Perry - Chief Marketing Officer
• Guy Nirpaz - EVP R&D
• Owen Taylor - Senior Director, Worldwide Technical Communications
• Guy Korland - R&D Team Leader
• Shay Banon - System Architect