top of page


Public·31 members

How to Download and Install Busy 21 Rel 5.3 for Free

You can opt your best choice for your business and get a demo for free. you can start it from busy latest version, Busy software 21 download, Busy software download, Busy 18 download, Busy software free demo etc.

AbstractAs Internet services become more popular and pervasive, a criticalproblem that arises is managing the performance of services under extreme overload. This paper presents a set of techniques for managing overload in complex, dynamic Internet services. These techniques are based on an adaptive admission controlmechanism that attempts to bound the 90th-percentile response time ofrequests flowing through the service. This is accomplished by internally monitoring the performance of the service, which isdecomposed into a set of event-driven stages connected with request queues. By controlling the rate at which each stage admitsrequests, the service can perform focused overload management, forexample, by filtering only those requests that lead to resourcebottlenecks. We present two extensions of this basic controller thatprovide class-based service differentiation as well as application-specific service degradation. We evaluate these mechanisms using a complexWeb-based e-mail service that is subjected to a realistic user load, as well as a simpler Web server benchmark.1 IntroductionInternet services have become a vital resource for many people.Internet-based e-mail, stock trading, driving directions, and even movie listings are often considered indispensable both for businesses and personal productivity. Web application hosting has opened up new demands for service performance and availability, with businesses relying on remotely-hosted services for accounting, human resources management, and other applications.At the same time, Internet services are increasing in complexity and scale. Although much prior research has addressed the performance and scalabilityconcerns of serving static Web pages [8,28,31], many modern services rely on dynamically-generated content,which requires significant amounts of computation and I/O to generate.It is not uncommon for a single Internet service request to involve several databases, application servers, and front-end Web servers. Unlike staticcontent, dynamically-generated pages often cannot be cached orreplicated for better performance, and the resource requirements fora given user load are very difficult to predict.Moreover, Internet services are subject to enormousvariations in demand, which in extreme cases can lead to overload. During overload conditions, the service's response times may grow tounacceptable levels, and exhaustion of resources may cause theservice to behave erratically or even crash. The events ofSeptember 11, 2001 provided a poignant reminder of the inability of most Internet services to scale: many news sites worldwide wereunavailable for several hours due to unprecedented demand. CNN.comexperienced a request load 20 times greater than the expected peak, at one point exceeding 30,000 requests a second. Despite growing the size of the server farm, CNN was unable to handlethe majority of requests to the site for almost 3 hours [23].Many services rely on overprovisioning of server resources to handlespikes in demand. However, when a site is seriously overloaded, request rates can be orders of magnitude greater than the average, and it is clearly infeasible to overprovision a service to handle a 100-fold or 1000-fold increase in load. Overload management is a critical requirement for Internet services, yet few services are designed with overload in mind. Often, services rely on the underlying operating system to manage resources, yet the OS typically does not have enough informationabout the service's resource requirements to effectively handle overloadconditions. A common approach to overload control is to apply fixed(administrator-specified) resource limits, such as bounding the number of simultaneous socket connections or threads. However, it is difficult to determine the ideal resource limits under widely fluctuating loads; setting limits too low underutilizes resources, while setting them toohigh can lead to overload regardless. In addition, such resource limitsdo not have a direct relationship to client-perceived service performance. We argue that Internet services should be designed from the ground up to detect and respond intelligently to overload conditions. In this paper, we presentan architecture for Internet service design that makes overloadmanagement explicit in the programming model, providing services withthe ability to perform fine-grained control of resources in response to heavy load. In this model, based on the staged event-driven architecture(SEDA) [40], services are constructed as a network of event-driven stages connected with explicit request queues. By applying admission control to each queue, the flow ofrequests through the service can be controlled in a focused manner.To achieve scalability and fault-tolerance, Internet services are typicallyreplicated across a set of machines, which may be within a single data center or geographically distributed [16,37].Even if a service is scaled across many machines, individual nodes stillexperience huge variations in demand. This requires that effectiveoverload control techniques be deployed at the per-node level, which isthe focus of this paper.Our previous work on SEDA [40] addressed theefficiency and scalability of the architecture, and an earlier positionpaper [39] made the case for overload managementprimitives in service design. This paper builds on this work by presenting an adaptive admission control mechanism within the SEDA framework that attempts to meet a 90th percentile response time target by filtering requests at each stage of a service. This mechanism is general enough to support class-based prioritization of requests (e.g., allowing certain users to obtain better service than others) as well as application-specific service degradation.Several prior approaches to overload control in Internet services have beenproposed, which we discuss in detail in Section 5.Many of these techniques rely on static resource limits [3,36], apply only to simplistic, static Web page loads [2,9], or have been studied only under simulation [10,20]. In contrast, the techniquesdescribed in this paper allow services to adapt to changing loads, apply to complex, dynamic Internet services with widely varying resource demands, and have beenimplemented in a realistic application setting. We evaluate our overload control mechanisms using both a resource-intensive Web-based e-mail service and a simple Web server benchmark. Our results show that theseadaptive overload control mechanisms are effective at controlling the response times of complex Internet services, and permit flexible prioritization and degradation policies to be implemented.2 The Staged Event-Driven ArchitectureOur overload management techniques are based on the staged event-driven architecture (or SEDA), a model fordesigning Internet services that are inherently scalable androbust to load. In SEDA, applications are structured as a graph ofevent-driven stages connected with explicit event queues, as shown in Figure 1. We provide a briefoverview of the architecture here; a more complete description andextensive performance results are given in [40].Figure 1:Structure of the Arashi SEDA-based email service:This is a typical example of a SEDA-based Internet service, consistingof a network of stages connected with explicit event queues. Each stageis subject to adaptive resource management and admission control toprevent overload. Requests are read from the network and parsed by a theread packet and parse packet stages on the left. Eachrequest is then passed to a stage that handles the particular requesttype, such as listing the user's mail folders. Static page requests arehandled by a separate set of stages that maintain an in-memory cache.For simplicity, some event paths and stages have been elided fromthis figure.2.1 SEDA OverviewSEDA is intended to support the massive concurrency demands oflarge-scale Internet services, as well as to exhibit good behaviorunder heavy load. Traditional server designs rely on processes orthreads to capture the concurrency needs of the server:a common design is to devote a thread to each client connection. However, general-purpose threads are unable to scale to the large numbers required by busy Internet services [5,17,31].The alternative to multithreading is event-driven concurrency, in which a small number of threads are used to process many simultaneous requests. However, event-driven server designs can often be very complex, requiringcareful application-specific scheduling of request processing and I/O.This model also requires that application code never block, which isoften difficult to achieve in practice. For example, garbage collection,page faults, or calls to legacy code can cause the application to block, leading to greatly reduced performance. To counter the complexity of the standard event-driven approach,SEDA decomposes a service into a graph of stages, where eachstage is an event-driven service component that performs some aspectof request processing. Each stage contains a small, dynamically-sizedthread pool to drive its execution. Threads act as implicit continuations, automatically capturing the execution state across blocking operations; to avoid overusing threads, it is important that blocking operations be short or infrequent. SEDA provides nonblocking I/O primitives to eliminate the most common sources of long blocking operations.Stages are connected with explicit queues that act as the execution boundary between stages, as well as amechanism for controlling the flow of requests through the service.This design greatly reduces the complexity of managing concurrency, as each stage is responsible only for a subset of request processing, and stages are isolated from each other through composition with queues. As shown in Figure 2, a stage consists of an event handler, an incoming event queue, and a dynamically-sized thread pool. Threads within a stage operate by pulling a batch of events off of the incoming event queue and invoking the application-supplied event handler. The event handler processes each batch of events, and dispatches zero or more events by enqueueing them on the event queues of other stages. The stage's incoming event queue is guarded by an admission controller that accepts or rejects new requests for the stage. The overload control mechanisms described in this paper are based on adaptive admission control for each stage in a SEDA service.Figure 2:A SEDA Stage:A stage consists of an incoming event queue withan associated admission controller, a thread pool, and an application-supplied event handler.The stage's operation is managed by a set of controllers, whichdynamically adjust resource allocations and scheduling. The admission controller determines whether a given request is admitted tothe queue.Additionally, each stage is subject to dynamic resource control, which attempts to keep each stage within its ideal operating regime by tuning parameters of the stage's operation. For example, one suchcontroller adjusts the number of threads executing within each stagebased on an observation of the stage's offered load (incoming queuelength) and performance (throughput). This approach frees the application programmer from manually setting ``knobs'' that can have a serious impact on performance. More details on resource control in SEDA are given in [40].2.2 Advantages of SEDAWhile conceptually simple, the SEDA model has a number of desirable properties for overload management:Exposure of the request stream:Event queues make the request stream within the service explicit,allowing the application (and the underlying runtime environment) to observe and control the performance of the system, e.g., through reordering or filtering of requests.Focused, application-specific admission control:By applying fine-grained admission control to each stage, thesystem can avoid bottlenecks in a focused manner. For example, a stagethat consumes many resources can be conditioned to load by throttlingthe rate at which events are admitted to just that stage, ratherthan refusing all new requests in a generic fashion.The application can provide its own admission control algorithms that aretailored for the particular service.Modularity and performance isolation:Requiring stages to communicate through explicit event-passingallows each stage to be insulated from others in the system for purposesof code modularity and performance isolation.2.3 Overload exposure and admission controlThe goal of overload management is to prevent service performancefrom degrading in an uncontrolled fashion under heavy load, as a result of overcommitting resources. As a service approaches saturation, response times typically grow very large and throughput may degrade substantially. Under such conditions, it is often desirable to shed load, for example, by sending explicit rejection messages to users, rather than cause all users to experience unacceptable response times. Note that rejecting requests is just one form of load shedding; several alternatives are discussed below.Overload protection in SEDA is accomplished through the use of fine-grainedadmission control at each stage, which can be used to implement a widerange of policies. Generally, by applying admission control, the servicecan limit the rate at which a stage accepts new requests, allowingperformance bottlenecks to be isolated. A simple admission controlpolicy might be to apply a fixed threshold to each stage's event queue;however, with this policy it is very difficult to determine what the idealthresholds should be to meet some performance target.A better approach is for stages to monitor their performance and trigger rejection of incoming events when some performance threshold has been exceeded. Additionally, an admission controller could assign a cost to each event in the system, prioritizing low-cost events (e.g., inexpensive static Web page requests) over high-cost events (e.g., expensive dynamicpages). SEDA allows the admission control policy to be tailored for eachindividual stage.This mechanism allows overload control to be performed within a servicein response to measured resource bottlenecks; this is in contrast to ``external'' service control based on an a priori model ofservice capacity [2,10]. Moreover, by performing admission control on a per-stage basis, overload response can be focused on those requests that lead to a bottleneck, and be customized for eachtype of request. This is as opposed to generic overload response mechanismsthat fail to consider the nature of the request being processed [18,19].When the admission controller rejects a request, thecorresponding enqueue operation fails, indicating to the originatingstage that there is a bottleneck in the system. The upstream stage istherefore responsible for reacting to these ``overload signals'' in someway. This explicitindication of overload differs from traditional service designsthat treat overload as an exceptional case for which applications aregiven little indication or control.Rejection of an event from a queue does not imply that the user'srequest is rejected from the system. Rather, it is the responsibilityof the stage receiving a queue rejection to perform some alternateaction, which depends greatly on the service logic, as described above.If the service has been replicated across multiple servers, the request can be redirected to another node, either internally or by sending an HTTP redirect message to the client. Services may also provide differentiated service by delaying certain requests in favor of others: an e-commerce site might give priority to requests from users about to complete an order. Another overload response is to block until the downstream stage can accept the request. This leads to backpressure, since blocked threads in a stage cause its incoming queue to fill, triggering overload response upstream. In some applications, however, backpressure may be undesirable as it causes requests to queue up, possibly for long periods of time. More generally, an application may degrade service inresponse to overload, allowing a larger number of requests to beprocessed at lower quality. Examples include deliveringlower-fidelity content (e.g., reduced-resolution image files) orperforming alternate actions that consume fewer resources per request.Whether or not such degradation is feasible depends greatly on thenature of the service.The SEDA framework itself is agnostic as to the precise degradation mechanism employed--it simply provides the admission control primitive to signal overload to applications.3 Overload Control in SEDAIn this section we present three particular overload control mechanisms that have been constructed using the stage-based admission control primitives described earlier. We begin with a motivation for the use of 90th-percentile response time as a client-based performance metric to drive overload control. We then discuss an adaptive admission control mechanism to meet a 90th-percentile response time target, and describe an extension that enables service differentiation across different classes of users. We also describe the use of application-specific service degradation in this framework.3.1 Performance metrics A variety of performance metrics have beenstudied in the context of overload management, including throughputand response time targets [9,10], CPUutilization [2,11,12],and differentiated service metrics, such as the fractionof users in each class that meet a given performancetarget [20,25]. In thispaper, we focus on 90th-percentile response time as a realisticand intuitive measure of client-perceived system performance.This metric has the benefit that it is both easy to reason about andcaptures the user's experience of Internet serviceperformance. This is as opposed to average or maximum response time (whichfail to represent the ``shape'' of a response time curve), or throughput(which depends greatly on the network connection to the service andbears little relation to user-perceived performance).In this context, the system administrator specifies a target value for theservice's 90th-percentile response time. The target response time may be parameterized by relative utility of the requests, for example, based on request type or user classification. An example might be to specify a lower response time target for requests from users with more items in their shopping cart. Our current implementation, discussed below, allows separate response time targets to be specifiedfor each stage in the service, as well as for different classes of users(based on IP address, request header information, or HTTP cookies).3.2 Response time controller designThe design of the per-stage overload controller in SEDA is shownin Figure 3. The controller consists ofseveral components. A monitor measures response times foreach request passing through a stage. Requests are tagged with thecurrent time when they enter the service. At each stage , the request's response time is calculated as the time it leaves minus the time it entered the system.While this approach does not measure network effects, we expect that under overload the greatest contributor to perceived request latency will be intra-service response time.1Figure 3:Response time controller design:The controller observes a historyof response times through the stage, and adjusts the rate at which thestage accepts new requests to meet an administrator-specified90th-percentile response time target.The measured 90th-percentileresponse time over some interval is passed to thecontroller that adjusts theadmission control parameters


Welcome to the group! You can connect with other members, ge...
bottom of page