Slide 1
Slide 1 text
Practices for Making
Alerts Actionable
2020/01/25 SRE NEXT
Sohei Iwahori (GREE, Inc.)
Slide 2
Slide 2 text
Agenda
» Ϋϥυࢹͷݱঢ়ͱΞϥʔτ૿Ճͷഎܠ
» background story
» unactionableͳΞϥʔτʢ੩؍Ξϥʔτʣͷ૿ՃͱӨڹ
» ͲͷΑ͏ʹͯ͠ΞϥʔτΛΞΫγϣϯՄೳʹ͍͔ͯ͘͠ʁ
» ఆظతͳϞχλϦϯά
» why unactionable?ʹରԠ͍ͯ͘͠
» Recap
Slide 3
Slide 3 text
Ϋϥυࢹͷݱঢ়ͱ
Ξϥʔτ૿Ճͷഎܠ
Slide 4
Slide 4 text
background story (1/̎)
» 2015ࠒ͔ΒେنͳΦϯϓϨ->ΫϥυʢAWSʣҠߦΛ࣮ࢪ
» طଘλΠτϧͰҠߦ͕ग़དྷΔͷΛΦϯϓϨ͔ΒҠߦ +
৽نλΠτϧجຊతʹΫϥυͰߏங
» Ҡߦʹ߹ΘͤࢹγεςϜΛ৽نʹߏங
» ࠓճओʹΫϥυڥͰՔಇ͢ΔλΠτϧ͕΄ͱΜͲͱͳͬͨ2018
ࠒʹ࣮ࢪͨ͠ΞϥʔτରԠͷఆظϞχλϦϯάͱվળ+ैདྷͷऔΓ
ΈΛ͋Θ͓ͤͯ͠·͢
Slide 5
Slide 5 text
background story (2/2)
» ݱঢ়ͷڥͷنײ
» جຊαʔϏεʢେମήʔϜλΠτϧ͝ͱɺϦʔδϣϯ͕͔Ε
͍ͯΔ߹جຊతʹผΞΧϯτͰఏڙʣ
» 50+ Production AWSΞΧϯτ
» Total 2000+ Ծϗετ
» ϞχλϦϯάͷηοτVPC≒ΞΧϯτ͝ͱʹଘࡏ
» 1ڥ͋ͨΓଟͯ͘ඦنҎ
Slide 6
Slide 6 text
ΫϥυڥͷࢹγεςϜ
Slide 7
Slide 7 text
ݱࡏͷΫϥυڥࢹߏ
Slide 8
Slide 8 text
Ϋϥυڥͷࢹ(1/2)
» Prometheus + Grafana
» gangiʢexporterʣ
» ΦϯϓϨͰ༻͍ͯ͠ΔಠࣗϝτϦΫεऔಘͷͨΊͷganglia
pluginΛ࠶ར༻͢ΔͨΊͷͷ
» gmondͱ͍͏gangliaͷΤʔδΣϯτ͔ΒσʔλΛऔಘ͠
prometheusͰpullग़དྷΔΑ͏ʹ͢Δ
» fluentdʢϩάࢹ+Ξϥʔτୡʣ
Slide 9
Slide 9 text
Ϋϥυڥͷࢹ(2/2)
» amanekoʢࢹΤʔδΣϯτʣ
» cronʹΑΔ࣮ߦͰ֤छνΣοΫϓϥάΠϯΛ࣮ߦ͢Δͷ
» yusuraʢΞϥʔτίϯτϩʔϧγεςϜʣ
» ूͨ͠ΞϥʔτͷৼΓ͚ɺ੍ɺαϚϥΠζΛߦ͏ϫʔΧʔ
» ϓϥΨϒϧͳΞϥʔτ௨ػߏʢSlackɺPagerDutyɺJIRAɺ
Amazon SNSʣ
Slide 10
Slide 10 text
ΫϥυҠߦʹΑΓͲ͏ͳ͔ͬͨʁ
Slide 11
Slide 11 text
⚡
Ξϥʔτͷ૿Ճ
Slide 12
Slide 12 text
No content
Slide 13
Slide 13 text
Why so many alerts?
» Ҡߦલ͔Βྺ࢙తʹΞϥʔτϧʔϧࡉ͔͘ઃఆ͞Ε͍ͯͨ
» ΞϥʔτϧʔϧجຊతΦϯϓϨڥΛ౿ऻ
» ωοτϫʔΫͷҰ࣌తͳૄ௨ෆՄʹΑΔ૿Ճ
» ΦʔτεέʔϦϯάʹΑΔӨڹ
» ௐ͕ΞάϨογϒʹ
» εέʔϧΠϯɺΞτ࣌ͷʹΑΔ૿Ճ
» ͬ͘͟ΓΦϯϓϨ༝དྷͷϧʔϧͰݕ͞ΕΔࣄ͕ଟ͘ͳͬͨ
Slide 14
Slide 14 text
Why unactionable?
» ྺ࢙తͳܦҢʹΑΔʮݕʯͷͨΊͷΞϥʔτઃఆ
» ݕ͠ɺͦͷޙΞΫγϣϯΛஅ͢ΔΑ͏ͳΞϥʔτ
» ʮҰ࣌తͳ͖͍͠աʯ͕ߴසͰൃੜ
» ݁Ռʮ੩؍ʯରԠͱͳΔΞϥʔτ͕ଟ͘ͳͬͨ
» ੩؍ʹ෮چΞΫγϣϯͷඞཁͳ͘ࣄ͕͓͞·ͬͨͷͰղܾͱ͢
Δͷ
Slide 15
Slide 15 text
Why we should resolve?
Every time the pager goes off, I should be able to react with a sense of
urgency. I can only react with a sense of urgency a few times a day
before I become fatigued.
-- Site Reliability Engineering / Chapter 6 - Monitoring
Distributed Systems
» αʔϏεϨϕϧΛߴΊΔͨΊͷ۩ମతͳΞΫγϣϯΛՄೳͱ͢Δखஈ
ͱͯ͠ͷΞϥʔτͰ͋Δ͖
Slide 16
Slide 16 text
ͲͷΑ͏ʹͯ͠Ξϥʔτ
ΛΞΫγϣϯՄೳʹͯ͠
͍͔͘ʁ
Slide 17
Slide 17 text
ͳͥΞΫγϣϯ͢Δ͜ͱ͕Ͱ͖ͳ͍ͷ͔ʁ
» ͦͦOn-callΞϥʔτ͕ଟ͗͢Δ
» ੩؍ɺ͋Δ͍ఆܕతͳରԠ͔͍ͯ͠͠ͳ͍
» ΞΫγϣϯΛى͜͢ඞཁ͋Δ͕ɺۓٸͰͳ͍
» ʮݕʯΛ͍ͨ͠ͱ͍͏ཧ༝ʹΑΓઃఆ͞Ε͍ͯΔ
» ΞϥʔτΛड͚͕ͨஅ͕͍͠
Slide 18
Slide 18 text
ఆظతͳϞχλϦϯά
» ݄͝ͱʹOn-callΞϥʔτΛूܭ͠
ͯSlackʹ௨͢Δ
» PagerDutyͷIncidentΛ
SumoLogicͰूܭͯ͠௨
» ্Ґ10݅ΛରʹͲ͏ѻ͏͖͔Λ
ຖ݄ݕ౼
Slide 19
Slide 19 text
ରԠΛܾΊ͍ͯ͘
» ͦͦOn-callΞϥʔτͰ͋Δඞཁ͕͋Δ͔ʁ
» ఆ݅ɺৼΓ͚Λదʹߦ͏
» ਓͷखͰରԠ͢Δඞཁ͕͋Δ͔ʁ
» ࣗಈ෮چͷݕ౼
» ରԠͷج४͕໌֬Ͱ͋Δ͔ʁ
» ΞΫγϣϯʹ݁ͼͭ͘ࢦඪͷඋ
» ΞΫγϣϯ͍͢͠Έͮ͘Γ
Slide 20
Slide 20 text
ఆ݅ɺৼΓ͚Λదʹߦ͏
Slide 21
Slide 21 text
ఆ݅Λదʹߦ͏
» ݫ͗͢͠ΔΞϥʔτ݅ͷ؇
» Ұ࣌తͳεύΠΫɺޡݕΛ͑ΔରԠ
» prometheusͷruleʹ͓͚Δfor x minͰͷظؒʹΑΔఆ
» νΣοΫܥͷࢹͷoccurrencesʹΑΔ࿈ଓݕఆͳͲ
Slide 22
Slide 22 text
ৼΓ͚Λదʹߦ͏
» ͪʹΞΫγϣϯඞཁͳ͍͕ൃੜ͍ͯ͠Δ͜ͱΛݕ͍ͨ͠
» slackʹͷΈ௨ʢྲྀྔʹҙ͢Δʣ
» ͪʹΞΫγϣϯඞཁͳ͍͕ԿΒ͔ͷରԠߦ͍͍ͨ
» Ξϥʔτ͔ΒJIRAνέοτΛࣗಈىථ͢Δ
» ͦͷͰͪʹ۩ମతͳΞΫγϣϯ͕ඞཁ
» PagerDuty௨
Slide 23
Slide 23 text
slack௨ + JIRAνέοτىථ
Slide 24
Slide 24 text
༨ஊɿscheduled-event-
notifier
» Ξϥʔτ͔Βͷνέοτىථͷ
ΈΛྲྀ༻ͯ͠ɺରԠ͕ඞཁͳAWSϦ
ιʔεͷϝϯςφϯε௨ΛࣗಈͰ
νέοτԽͯ͠ӡ༻νʔϜͰཧ
Slide 25
Slide 25 text
No content
Slide 26
Slide 26 text
ࣗಈ෮چͷݕ౼
Slide 27
Slide 27 text
άϦʔʹ͓͚Δࣗಈ෮چ
» Alert Operator
» ΞϥʔτछผʹԠͯ͡AWS SSMͰఆܕతͳ෮چίϚϯυΛ࣮ߦ͢
ΔAWS Lambda Function
» ϓϩηεͷ࠶ىಈͳͲ୯७ͳΞΫγϣϯΛࢼߦ͢Δ
» ਓؒʹ௨͞ΕΔͷͱಉ͡ΞϥʔτͷใΛडऔΓɺ
ରԠ͢ΔίϚϯυΛ࣮ߦɺ݁ՌΛνϟοτ௨͢Δ
Slide 28
Slide 28 text
Alert Operator࣮ߦྫ
ྫ͑͜ͷΑ͏ͳίϚϯυΛ࣮ߦ͢Δ
service xxx status
sleep 10
service xxx restart
service xxx status
Slide 29
Slide 29 text
ࣗಈ෮چͷಋೖϓϥΫςΟε
» ೖΕ͍͢ͱ͜Ζ͔Β
» ෭࡞༻͕ͳ͍ɺίϚϯυ࣮ߦલΑΓঢ়ଶ͕ѱ͘ͳΒͳ͍
» ࣗಈରԠ͕ࣦഊͨ͠߹ผϧʔϧͰݕ
» ࣗಈରԠ͕࣮ߦ͞ΕΔΞϥʔτϧʔϧͱɺਓ͕ؒΈΔϧʔϧΛ
͚ΔͳͲ
Slide 30
Slide 30 text
ରԠج४ͷ໌֬Խ
Slide 31
Slide 31 text
άϦʔඪ४ࢦඪͱͯ͠ͷSysLoad
» ࣾͰྺ࢙తʹαʔόෛՙʹରͯ͠ͷڞ௨ࢦඪͱͯ͠SysLoadΛఆ
ٛɺར༻͍ͯ͠Δ
» https://github.com/gree/sysload
» The Four Golden Signalsʹ͓͚ΔSaturationΛՄࢹԽ͢ΔϝτϦ
Ϋε
» ʮSysLoad͕100ʹͳ͍ͬͯΔ߹͍ͣΕ͔ͷϦιʔε͕͍ͯ͠
Δʯ͜ͱ͕୭͕ݟͯΘ͔Δ
Slide 32
Slide 32 text
SysLoadͷఆٛ
sysload evaluates the following three elements. The maximum value of
each is 100.
ALL CPU utilization
disk I/O utilization
CPU Utilization in which interrupt from NIC is occurring
» ͍ͣΕ͔ͷαʔόϦιʔε͕ঢ়ଶʹ͋Δ=ߴෛՙͰ͋Δ͜ͱ͕Θ
͔Δ
» ࠷ॳͷΓ͚ϙΠϯτͱͯ͠༻Ͱ͖Δ
Slide 33
Slide 33 text
SysLoadάϥϑͷӡ༻
» SysLoadෳ߹άϥϑʹิॿઢ͕͋ΓɺͷϥΠϯ=80%Λ͍͑ͯ
Δ߹ରԠΞΫγϣϯΛऔΔ͖Ͱ͋Δ͜ͱ͕Θ͔Δ
Slide 34
Slide 34 text
ϩʔϧ͝ͱͷμογϡϘʔυඋ
Slide 35
Slide 35 text
ͦͷଞɺΞΫγϣϯΛิॿ͢ΔΈ
» chatbot
» खಈखॱΛஔ͖͑Δखஈͱͯ͠
» AWSͷΦʔτεέʔϦϯάʹର͢Δૢ࡞ͳͲ
» [wip]௨ͱͱʹrunbookΛఏڙ
» cookpad͞Μ͕औΓ·Ε͍ͯͨΑ͏ͳͷ
» طଘͷखॱॻͱซ༻͢ΔఆͰඋத
Slide 36
Slide 36 text
Recap
Slide 37
Slide 37 text
Recap
» ΞϥʔτͷܭଌΛߦ͏
» औΔ͖ΞΫγϣϯʹ߹ΘͤͯదͳৼΓ͚Λݕ౼͢Δ
» ఆܕతͳΞΫγϣϯࣗಈରԠΛݕ౼͢Δ
» Ξϥʔτ௨ʹܦ࿏ɺՃΛ͍͢͠ػߏΛೖΕ͓ͯ͘
» ΞΫγϣϯΛऔΓ͍͢ࢦඪɺΈɺखॱΛ༻ҙ͢Δ
Slide 38
Slide 38 text
thank you for listening
Slide 39
Slide 39 text
who?
» Sohei Iwahori (@egmc)
» GREE, Inc.
» Πϯϑϥ / Monitoring Unit
Leader
» ήʔϜͷΠϯϑϥͱαʔόࢹɺओ
ʹAWS
Slide 40
Slide 40 text
Appendix
» ࣮ફɹࣗಈ෮چ(hiroaki.kobayashi)
» https://www.slideshare.net/greetech/ss-140561840
» ̒͘Β͍લʹࣗ࡞ͨ͠ metric ͕ͦͦ͜͜༗༻ͩͱࢥ͏ͷͰɺOSS
Ͱެ։͠·͢(takanori.sejima)
» https://labs.gree.jp/blog/2018/12/17645/
» sysloadࢹͳͲͷʢԾʣ(takanori.sejima)
» https://www.slideshare.net/takanorisejima/
sysload-133365308
Slide 41
Slide 41 text
Appendix
» SQSɺElastiCacheɺLambdaͰ࡞ΔߴՄ༻ͳΞϥʔτ௨γεςϜ
(sohei.iwahori)
» https://labs.gree.jp/blog/2017/05/16483/