Upgrade to Pro — share decks privately, control downloads, hide ads and more …

A practical introduction to observability

Nikolay Stoitsev
August 14, 2021
Technology
1
440

A practical introduction to observability

Good observability is essential for modern software. It gives us confidence that our systems are working properly. And it also allows us to debug issues efficiently. In this talk, we’ll explore everything you need to know to start applying good observability to your projects. And we’ll see the most common pitfalls you need to be aware of. We will start with the tools and basic concepts in monitoring. And we’ll go over the 3 most common mistakes people make with it. Then we’ll see how to have automatic alerts to detect issues. And, we’ll touch on the principles for setting up good alerts. As a final step, we’ll see how to build our logging system and how to apply it in the most efficient way to debug issues easily.

Nikolay Stoitsev

August 14, 2021
Tweet

More Decks by Nikolay Stoitsev

See All by Nikolay Stoitsev
Building vs Buying Software
stoitsev
0
190
Why and how to manage your manager
stoitsev
0
240
From programming to management
stoitsev
1
460
Building a modern SaaS in 2020
stoitsev
1
460
Everything You Need to Know About NewSQL in 2020
stoitsev
1
280
3 lessons on effective communication for engineers
stoitsev
0
83
ISTA 2019 - Migrating data-intensive microservices from Python to Go
stoitsev
0
140
Evolving big microservice architectures
stoitsev
2
250
The career path of software engineers and how to navigate it
stoitsev
0
510

Other Decks in Technology

See All in Technology
テストプロセスで大事にしていること #jasstnano
makky_tyuyan
0
110
DevOpsDays History and my DevOps story
kawaguti
PRO
8
1.5k
LLM とプロンプトエンジニアリング/チューターをビルドする / LLM and Prompt Engineering and Building Tutors
ks91
PRO
0
220
マルチアカウント環境への発見的統制の導入
ch1aki
1
1.3k
ChatGPT for IT Service Management (IT Pro)
dahatake
2
110
Tableau事例紹介 / Tableau Case Study of Eureka
kazuya_araki_tokyo
1
170
自動生成を活用した、運用保守コストを抑える Error/Alert/Runbook の一元集約管理 / Centralized management of Error/Alert/Runbook to minimize operational costs using automated code generation
biwashi
9
2.1k
コンテナセキュリティの基本と脅威への対策
kyohmizu
3
690
Janus
bkuhlmann
1
490
カオナビの利用実績をアウトカムへつなげる旅 / example-of-data-management-startup-in-kaonavi
kaonavi
0
120
なぜ NOT A HOTEL が Web3 に取り組むのか - NOT A HOTEL TECH TALK
ynunokawa
0
160
日本におけるデータエンジニアリングのこれまでとこれから
foursue
10
2.1k

Featured

See All Featured
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
34
8.9k
Web development in the modern age
philhawksworth
202
10k
For a Future-Friendly Web
brad_frost
171
8.9k
Automating Front-end Workflow
addyosmani
1355
200k
A Tale of Four Properties
chriscoyier
150
22k
Fireside Chat
paigeccino
20
2.6k
GraphQLの誤解/rethinking-graphql
sonatard
50
9.2k
How GitHub (no longer) Works
holman
304
140k
Teambox: Starting and Learning
jrom
128
8.4k
Code Reviewing Like a Champion
maltzj
513
39k
How GitHub Uses GitHub to Build GitHub
holman
468
290k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
115
18k

Transcript

  1. A practical introduction to observability Nikolay Stoitsev Engineering Manager @

    Halo DX
  2. None
  3. None

  4. Monitoring

  5. Monitoring Logging

  6. Monitoring Logging Distributed Tracing

  7. Monitoring

  8. Monitoring system components Application Application Application Monitoring System Time Series

    Database Dashboard

  9. Monitoring system components Application Application Application Monitoring System Time Series

    Database Dashboard Prometheus, Graphite, m3db

  10. Monitoring system components Application Application Application Monitoring System Time Series

    Database Dashboard Prometheus UI, Grafana

  11. Counter

  12. Counter increase

  13. Timer

  14. Labels

  15. What to watch out for?

  16. Cardinality

  17. Cardinality • search.success, app_version=1, type=Patient • search.success, app_version=1, type=Exam •

    search.success, app_version=2, type=Patient • search.success, app_version=2, type=Exam

  18. #1. Don’t add high cardinality tags

  19. Metrics are not accurate • DB engine optimizes for faster

    operations • When performing some operations for a different time resolution • When archiving metrics for long term storage

  20. #2. Don’t rely on metrics infrastructure for BI

  21. Don’t use average values • Averages hide the outliers •

    Doesn’t represent typical behavior

  22. Use percentiles • Represents the worst experience in 90% of

    the time • Can measure p90, p95, p99 p90

  23. Histograms • Shows the whole distribution • Configurable buckets

  24. #3. Use percentiles or histograms

  25. None

  26. Example alert

  27. Alert Levels Send Slack/Teams Message

  28. Alert Levels Send alert to oncall

  29. Alerting tool is usually built into the metrics system

  30. Alerts should be • urgent • important • actionable •

    real

  31. Should represent either ongoing or imminent problems

  32. What to watch out for?

  33. 1. Better to remove an alert when it’s noisy

  34. None

  35. #2. Use success rate

  36. Symptom-based monitoring • Number of 5xx HTTP response codes •

    Response time • Email sending is not working • Users can’t log in

  37. Cause-based monitoring • Free disk space on database server •

    Memory utilisation • Free file descriptors

  38. Many causes may trigger a symptom

  39. User impact is most important

  40. #3. Focus on symptom-based alerts

  41. Cause-based alerts are also necessary

  42. Picking alerts to start with Front-end Load Balancer Back-end DB

    Count rate of successful log-in Count request success rate
  43. None

  44. Logging

  45. Logging system Application Application Application Log Aggregation Database Dashboard Log

    Collector Log Collector Log Collector Logstash, Fluentd

  46. Logging system Application Application Application Log Aggregation Database Dashboard Log

    Collector Log Collector Log Collector Elasticsearch, Loki

  47. Logging system Application Application Application Log Aggregation Database Dashboard Log

    Collector Log Collector Log Collector Kibana

  48. Log messages

  49. Finding logs Can search by: • content of log message

    message : *notification* • all logs from a service kubernetes.labels.app/name.keyword : "api-gateway" • many more thanks to flexible query schema

  50. What to watch out for?

  51. #1. Use appropriate log level - info, warn, error

  52. Structured logging • Append useful key=value pairs • Can group

    (aggregate) by the keys • Can sort by aggregations

  53. #2. Use structured logging

  54. Too many logs Application Application Application Log Aggregation Real Time

    Search Engine Log Scraper Log Scraper Log Scraper Dashboard

  55. Too many logs Application Application Application Log Aggregation Real Time

    Search Engine Log Scraper Log Scraper Log Scraper Dashboard Reduce log retention period

  56. Too many logs Application Application Application Log Aggregation Real Time

    Search Engine Log Scraper Log Scraper Log Scraper Dashboard Cold Storage Query UI

  57. #3. Use proper retention period or cold storage

  58. None

  59. Distributed tracing https://www.youtube.com/watch?v=rM1z7Q1TxR0

  60. End-to-end summary 1. Configure automated alerts

  61. End-to-end summary 1. Configure automated alerts 2. Use metrics and

    tracing to pinpoint the problem

  62. End-to-end summary 1. Configure automated alerts 2. Use metrics and

    tracing to pinpoint the problem 3. Use structured logging to find the root cause of the problem easily

  63. End-to-end summary 1. Configure automated alerts 2. Use metrics and

    tracing to pinpoint the problem 3. Use structured logging to find the root cause of the problem easily 4. Fix problems and make sure all metrics are always back to normal

  64. Thank you! Q&A Nikolay Stoitsev Engineering Manager at Halo DX

    Photo by Pixabay, Şahin Sezer Dinçer, Andrea Piacquadio, Ian Beckley from Pexels