Ealan Henis

Automated and Adaptive Threshold Setting: Enabling Technology for Autonomy and Self-Management

Threshold violations reported for system components signal undesirable conditions in the system. In complex computer systems, characterized by dynamically changing workload patterns and evolving business goals, the pre-computed performance thresholds on the operational values of performance metrics of individual system components are not available. This paper focuses on a fundamental enabling technology for performance management: automatic computation and adaptation of statistically meaningful performance thresholds for system components. We formally define the problem of adaptive threshold setting with controllable accuracy of the thresholds and propose a novel algorithm for solving it. Given a set of Service Level Objectives (SLOs) of the applications executing in the system, our algorithm continually adapts the per-component performance thresholds to the observed SLO violations. The purpose of this continual threshold adaptation is to control the average amounts of false positive and false negative alarms to improve the efficacy of the threshold-based management. We implemented the proposed algorithm and applied it to a relatively simple, albeit non-trivial, storage system. In our experiments we achieved a positive predictive value of 92% and a negative predictive value of 93% for component level performance thresholdsThreshold violations reported for system components signal undesirable conditions in the system. In complex computer systems, characterized by dynamically changing workload patterns and evolving business goals, the pre-computed performance thresholds on the operational values of performance metrics of individual system components are not available. This paper focuses on a fundamental enabling technology for performance management: automatic computation and adaptation of statistically meaningful performance thresholds for system components. We formally define the problem of adaptive threshold setting with controllable accuracy of the thresholds and propose a novel algorithm for solving it. Given a set of Service Level Objectives (SLOs) of the applications executing in the system, our algorithm continually adapts the per-component performance thresholds to the observed SLO violations. The purpose of this continual threshold adaptation is to control the average amounts of false positive and false negative alarms to improve the efficacy of the threshold-based management. We implemented the proposed algorithm and applied it to a relatively simple, albeit non-trivial, storage system. In our experiments we achieved a positive predictive value of 92% and a negative predictive value of 93% for component level performance thresholds

A two layered approach for securing an object store network

Storage Area Networks (SAN) are based on direct interaction between clients and storage servers. This unmediated access exposes the storage server to network attacks, necessitating a verification, by the server, that the client requests conform with the system protection policy. Solutions today can only enforce access control at the granularity of entire storage servers. This is an outcome of the way storage servers abstract storage: an array of fixed size blocks. Providing access control at the granularity of blocks is infeasible there are too many active blocks in the server of entire servers is used. Object, stores (e.g, the NASD system) on the other hand provide means to address these issues. An object store control unit presents an abstraction of a dynamic collection of objects, each can be seen as a different array of blocks, thus providing the basis for Protection at the object level. In this paper we present a security model for the object store which leverages on existing security infrastructure. We give a simple generic mechanism capable of enforcing an arbitrary access control policy at object granularity. This mechanism is specifically designed to achieve low overhead by minimizing the cost of validating an operation along the critical data path, and lends itself for optimizations such as caching The key idea of the model is to separate the mechanisms for transport security from the one used for access control and to maximize the use standard security protocols when possible We utilize a standard industry protocol for authentication, integrity and privacy on the communication channel (IPSec for IP networks) anti fine a proprietary protocol for authorization on top of the secure communication layer.

PANACEA Towards a Self-healing Development Framework

Self-healing capabilities allow software systems to overcome problems occurring during testing and run time, and thus improve overall system behavior. The PANACEA framework introduced in this paper provides a design methodology as well as ready-to-use healing elements aimed at enhancing software systems with self-healing capabilities both at design time and at run time. The PANACEA approach is based on inserting self- healing elements into the system at design and coding time, to be used later for healing at testing and run time. Specifically, the Panacea framework is based on inserting annotations into the system code at design and coding time, to later on serve as an interface for runtime monitoring, managing, configuring and healing of the annotated system components. The current embodiment of PANACEA includes several generic components that provide self-healing capabilities suited for a variety of application types. The PANACEA runtime environment automatically activates and invokes these components in order to optimize and heal the application. The PANACEA framework provides an innovative programming model that enables development of advanced self-healing applications. PANACEA introduces a paradigm shift in which software is made self-healing by design. This paradigm shift, however, is graceful since developers are not required to master neither new programming skills, nor languages. As our initial experiments demonstrate, PANACEA introduces a very small performance overhead, and scales well.

Usage centric green performance indicators

Energy effciency of data centers is gaining importance as energy consumption and carbon footprint awareness are rising. Green Performance Indicators (GPIs) provide measurable means to assess the energy effciency of a resource or system. Most of the metrics commonly used today measure the energy effciency potential of a resource, system or application usage, rather than the energy effciency of the actual usage. In this paper, we argue that the way that the resources and systems are actually used in a given data center configuration is at least as important as the effciency potential of the raw resources or systems. Hence, for data center energy effciency, we suggest to both select energy effcient components (as done today), as well as optimize the actual usage of the components and systems in the data center. To achieve the latter, optimization of usage centric GPI metrics should be employed and targeted as a primary green goal. In this paper we identify and present usage centric metrics, which should be monitored and optimized for improving energy effciency, and hence, reduce the data center carbon footprint.

Derivation of Response Time Service Level Objectives for Business Services

Design of Service Level Agreements (SLAs) emerges as an increasingly important discipline in business-oriented IT management. In this work, we study utility maximization of contractual obligations of a business service provider for a typical SLA. We demonstrate that using service usage and performance data as well as IT performance data, routinely collected by enterprises, efficient automated derivation of optimal response time Service Level Objectives (SLOs) of an SLA is possible. This paper addresses a specific facet of the SLA design problem not sufficiently addressed in previous studies. One common approach is to calculate SLOs attainable for the given IT infrastructure by means of simple percentile analysis. However, this methodology is business agnostic and may result in sub-optimal SLOs. Another widespread approach addresses IT infrastructure (re)design, where the goal is to enable the IT to meet specified target SLOs. In contrast to these approaches, our work proposes finding optimal response lime SLOs attainable for the given IT infrastructure in a business aware manner. We define the response time SLO optimization problem, propose an algorithm that efficiently solves it using linear optimization and percentile analysis, and evaluate our solution both analytically and experimentally.

Setting energy efficiency goals in data centers: the GAMES approach

Energy-aware service centers take into account energy consumption of infrastructures, machines, applications, storage systems, and their distributed computing architecture. The approach to energy efficiency in data centers in the GAMES (Green Active Management of Energy in IT Service centers) project is presented: Green Performance Indicators (GPIs), i.e., properties that, continuously monitored, evidence the level of consumed energy by the centers IT resources, can be the basis of a systematic approach to increase energy efficiency. The GPIs are the basis for improving energy efficiency with adaptive actions and to achieve a higher level of green maturity, as prescribed, for instance, in the GreenGrid Data Center Maturity Model (DCMM), based on a usage-centric perspective in GPIs. The paper briefly describes monitoring of GPIs and the adaptation actions adopted to reach the green goals. Preliminary experimental results are discussed.

Root-cause analysis of SAN performance problems: an I/O path affine search approach

We present a novel algorithm, called IPASS, for root cause analysis of performance problems in storage area networks (SANs). The algorithm uses configuration information available in a typical SAN to construct I/O paths, that connect between consumers and providers of the storage resources. When a performance problem is reported for a storage consumer in the SAN, IPASS uses the configuration information in an on-line manner to construct an I/O path for this consumer. As the path construction advances, IPASS performs an informed search for the root cause of the problem. The underlying rationale is that if the performance problem registered at the storage consumer is indeed related to the SAN itself, the root causes of the problem are more likely to be found on the relevant I/O paths within the SAN. We evaluate the performance of IPASS analytically and empirically, comparing it to known, informed and uninformed search algorithms. Our simulations suggest that IPASS scales 7 to 10 times better than the reference algorithms. Although our primary target domain is SAN, IPASS is a generic algorithm. Therefore, we believe that IPASS can be efficiently used as a building block for performance management solutions in other contexts as well.

Efficient Control of False Negative and False Positive Errors with Separate Adaptive Thresholds

Component level performance thresholds are widely used as a basic means for performance management. As the complexity of managed applications increases, manual threshold maintenance becomes a difficult task. Complexity arises from having a large number of application components and their operational metrics, dynamically changing workloads, and compound relationships between application components. To alleviate this problem, we advocate that component level thresholds should be computed, managed and optimized automatically and autonomously. To this end, we have designed and implemented a performance threshold management application that automatically and dynamically computes two separate component level thresholds: one for controlling Type I errors and another for controlling Type II errors. Our solution additionally facilitates metric selection thus minimizing management overheads. We present the theoretical foundation for this autonomic threshold management application, describe a specific algorithm and its implementation, and evaluate it using real-life scenarios and production data sets. As our present study shows, with proper parameter tuning, our on-line dynamic solution is capable of nearly optimal performance thresholds calculation.

Using XFDU for CASPAR information packaging

Purpose – The purpose of this paper is to describe the use of XML formatted data unit (XFDU) technology to implement OAIS‐based information packaging in the CASPAR project.Design/methodology/approach – The paper outlines new tools and techniques in working with XFDU for the purpose of preserving complex digital information.Findings – The preservation of digital assets was facilitated by using the features of XFDU in the CASPAR project.Practical implications – The paper is of interest to those responsible for the archival or long term preservation of digital assets.Originality/value – The paper demonstrates new tools and techniques, which together provide an integrated system suitable for solving complex issues of preserving digital assets using information packaging.

ADSC: application-driven storage control for energy efficiency

While performance and quality of service are the main criteria for application data management on storage units, energy efficiency is increasingly being stated as an additional criterion for evaluation. Due to the increasing energy consumption of storage subsystems, improving their energy efficiency is an important issue. In this paper we present a novel approach to storage management whereby both mid-level (file placement) and low level (disk mode) aspects are controlled, in a tiered storage architecture. The proposed mechanism is based on policies, and it is implemented via fuzzy logic rules, in contrast to attempting to build a model of the storage subsystem. The inputs to the storage management system are high level (application), mid level (file system) and low level (disk access patterns) information. The effectiveness of our approach has been validated by means of a case study using a TPC-C benchmark modified to access file level data. Results from this simulation are presented.