Nengwen Zhao,Junjie Chen,Zhaoyang Yu,Honglin Wang,Jiesong Li,Bin Qiu,Hongyu Xu,Wenchi Zhang,Kaixin Sui,Dan Pei

DOI: https://doi.org/10.1145/3468264.3468543

2021-01-01

Abstract:In large-scale online service systems, software changes are inevitable and frequent. Due to importing new code or configurations, changes are likely to incur incidents and destroy user experience. Thus it is essential for engineers to identify bad software changes, so as to reduce the influence of incidents and improve system re- liability. To better understand bad software changes, we perform the first empirical study based on large-scale real-world data from a large commercial bank. Our quantitative analyses indicate that about 50.4% of incidents are caused by bad changes, mainly be- cause of code defect, configuration error, resource contention, and software version. Besides, our qualitative analyses show that the current practice of detecting bad software changes performs not well to handle heterogeneous multi-source data involved in soft- ware changes. Based on the findings and motivation obtained from the empirical study, we propose a novel approach named SCWarn aiming to identify bad changes and produce interpretable alerts accurately and timely. The key idea of SCWarn is drawing support from multimodal learning to identify anomalies from heterogeneous multi-source data. An extensive study on two datasets with various bad software changes demonstrates our approach significantly outperforms all the compared approaches, achieving 0.95 F1-score on average and reducing MTTD (mean time to detect) by 20.4%∼60.7%. In particular, we shared some success stories and lessons learned from the practical usage.

Yifan Wu,Yunpeng Wang,Jianguo Li,Ying Li,Bingxu Chai,Wei Jiang

DOI: https://doi.org/10.1109/saner60148.2024.00079

2024-01-01

Abstract:Changes are inevitable and frequent in large-scale online service systems, which has been one of the leading causes that induce incidents. Change risk detection (CRD) aims to help engineers detect high-risk changes so that proactive actions can be taken to avoid incidents, which is vital for the availability and reliability of online service systems. Though some efforts have been dedicated to CRD, their performances are still far from satisfactory in practice. To better understand the practical challenges of CRD, we conducted the first empirical study on a large-scale online service system in Ant Group. Through this study, we identified four critical challenges, including poor interpretability, adaptation to diverse change types, indirect anomaly factors, and expected but false alarm anomalies. To address these challenges, we propose an effective and eXplainable Change Risk Detection framework named XCRD. XCRD can detect change-induced unexpected anomalies using multi-source data and provide explainable alerts for engineers to facilitate anomaly diagnosis and mitigation. We have successfully deployed XCRD in Ant Group for the past 14 months, demonstrating a significant performance improvement in CRD. We also discuss some successful cases and lessons learned during our study. To our knowledge, we are the first to deeply investigate CRD in industrial scenarios. We believe that our work can provide valuable insights for engineers and researchers to understand and improve CRD in practice.

Tianyi Yang,Cheryl Lee,Jiacheng Shen,Yuxin Su,Yongqiang Yang,Michael R. Lyu

DOI: https://doi.org/10.1145/3650212.3652131

2024-03-21

Abstract:Microservice resilience, the ability of microservices to recover from failures and continue providing reliable and responsive services, is crucial for cloud vendors. However, the current practice relies on manually configured rules specific to a certain microservice system, resulting in labor-intensity and flexibility issues, given the large scale and high dynamics of microservices. A more labor-efficient and versatile solution is desired. Our insight is that resilient deployment can effectively prevent the dissemination of degradation from system performance metrics to user-aware metrics, and the latter directly affects service quality. In other words, failures in a non-resilient deployment can impact both types of metrics, leading to user dissatisfaction. With this in mind, we propose MicroRes, the first versatile resilience profiling framework for microservices via degradation dissemination indexing. MicroRes first injects failures into microservices and collects available monitoring metrics. Then, it ranks the metrics according to their contributions to the overall service degradation. It produces a resilience index by how much the degradation is disseminated from system performance metrics to user-aware metrics. Higher degradation dissemination indicates lower resilience. We evaluate MicroRes on two open-source and one industrial microservice system. The experiments show MicroRes' efficient and effective resilience profiling of microservices. We also showcase MicroRes' practical usage in production.

Software Engineering

Xing Gao,Ming-Hong Liao,Xiang-Hu Wu,Chao-Yong Li

DOI: https://doi.org/10.1108/00022660910926863

2009-01-01

Abstract:PurposeThe purpose of this paper is to present a novel algorithm to handle space environment induced errors in the space‐robot software.Design/methodology/approachThe radiations in outer space may induce transient errors in micro‐processors, this phenomena will make software behavior unpredictable, and the existing software fault tolerance methods have been restricted in non‐multi‐threaded operation systems, non‐component‐based frameworks, non‐cacheable micro‐processors, non‐distributed environments, etc. A software model for space‐robot software, based on adaptive redundancy, is developed and a corresponding run‐time error detection algorithm is presented in this paper. Software was monitored and run‐time transient error would be detected and processed.FindingsExperiments indicate that this method introduces about 30‐35 percent time overhead and about 200‐230 percent memory overhead. It also increases the fault detection rate to 84‐92.5 percent. Moreover, the model and algorithm is effective in a realistic space robot environment.Originality/valueA redundancy model is developed and an error detection algorithm is introduced in this paper. Experiments demonstrate it can provide space‐robot software with good protection against the radiation induced transient errors.

Xuanrun Wang,Kanglin Yin,Qianyu Ouyang,Xidao Wen,Shenglin Zhang,Wenchi Zhang,Li Cao,Jiuxue Han,Xing Jin,Dan Pei

DOI: https://doi.org/10.1109/ISSRE55969.2022.00043

2022-01-01

Abstract:Software changes are frequent and inevitable. However, erroneous software changes may cause failures and incidents, degrading user experience and system stability. Thus, it is critical to distinguish erroneous software changes from normal ones. Our empirical study from a global data center reveals that erroneous software changes have caused nearly one-third of the critical incidents in the last two years. Some quantitative results also imply that the number of software changes and that of the Key Performance Indicator (KPI) time series related to a software change are relatively large. Based on the observations, we propose Kontrast, a self-supervised, generic and adaptive approach using contrastive learning, aiming to identify erroneous software changes on time. Its key idea is to compare pre-change and post-change KPI time series related to the software change, assuring the time series is still in a normal state after the software change. Since contrastive learning approaches need a fully-labeled dataset, we propose a novel data augmentation technique inspired by self-supervised learning to generate data with pseudo labels. Our model significantly outperforms all the compared approaches on two datasets with a millisecond-level speed for each KPI and is proven to obtain cross-dataset adaptability. To better certify our contribution, we also exhibit some success cases of Kontrast from its deployment.

Dewei Liu,Chuan He,Xin Peng,Fan Lin,Chenxi Zhang,Shengfang Gong,Ziang Li,Jiayu Ou,Zheshun Wu

DOI: https://doi.org/10.48550/arXiv.2103.01782

2021-03-01

Abstract:Availability issues of industrial microservice systems (e.g., drop of successfully placed orders and processed transactions) directly affect the running of the business. These issues are usually caused by various types of service anomalies which propagate along service dependencies. Accurate and high-efficient root cause localization is thus a critical challenge for large-scale industrial microservice systems. Existing approaches use service dependency graph based analysis techniques to automatically locate root causes. However, these approaches are limited due to their inaccurate detection of service anomalies and inefficient traversing of service dependency graph. In this paper, we propose a high-efficient root cause localization approach for availability issues of microservice systems, called MicroHECL. Based on a dynamically constructed service call graph, MicroHECL analyzes possible anomaly propagation chains, and ranks candidate root causes based on correlation analysis. We combine machine learning and statistical methods and design customized models for the detection of different types of service anomalies (i.e., performance, reliability, traffic). To improve the efficiency, we adopt a pruning strategy to eliminate irrelevant service calls in anomaly propagation chain analysis. Experimental studies show that MicroHECL significantly outperforms two state-of-the-art baseline approaches in terms of both accuracy and efficiency. MicroHECL has been used in Alibaba and achieves a top-3 hit ratio of 68% with root cause localization time reduced from 30 minutes to 5 minutes.

Software Engineering

Jingyu Wang,Yuewei Li,Qi Qi,Yan Lu,Bo Wu

DOI: https://doi.org/10.1109/tr.2024.3356717

IF: 5.883

2024-01-01

IEEE Transactions on Reliability

Abstract:Software architecture is undergoing a transition from monolithic architecture to microservices to achieve resilience, agility, and scalability in the software life cycle. The complex dependability of these microservices may lead to unexpected failures, which becomes a major concern on reliability for application providers. The existing fault detection and localization algorithms for microservice systems only focus on the relationship within microservices and cannot achieve finer granularity from a layered system perspective, including microservices, containers, physical machines, and networks. To tackle this problem, we propose a multilayered method that deconstructs cloud-based microservices and connects the information from various layers to enhance the precision of fault detection and localization. The proposed Transformer encoder model can detect anomalies of containers in the resource layer, and by decomposing and analyzing invocation latency, anomalies in the service layer can be detected. After determining the faulty area of the resource layer based on the above anomalies, a multifactor root cause score is used to sort root cause metrics in the faulty area for localization. Evaluations were performed on three datasets: the Sock-Shop dataset we collected from an actual microservice system, the AIOps2020 preliminary dataset, and the SMD. Empirical investigations conducted on these datasets show that our models enhance the F1 score by approximately 0.25 for anomaly detection and improve the mean average precision by up to 0.54 for root cause localization, which underscores the utility of our models in effectively managing microservice systems in practical scenarios.

engineering, electrical & electronic,computer science, software engineering, hardware & architecture

Xiang He,Teng Wang,Lei Liu,Jianan Li,Zihang Su,Yingming Guo,Zhiying Tu,Hanchuan Xu,Zhongjie Wang

DOI: https://doi.org/10.48550/arxiv.2212.11758

2022-01-01

Abstract: The dramatic development of cloud and edge computing allows for better Quality of Service (QoS) in many scenarios by deploying services on cloud and edge servers. Microservice technology is also adopted in these scenarios to decompose complex business logic into many small independent services. Meanwhile, as microservice systems continue to grow, providing stable QoS in these systems becomes a challenge, and many different approaches have been proposed for stable QoS. However, the microservice systems used in the experiments of these work have problems such as the low number of services and a single type of service. Therefore, we developed the open-source benchmark microservice system RescureService with 20+ services, including database, front-end, business logic, data processing, and artificial intelligence services in the disaster relief scenario. Measuring tools are provided to measure the service properties to help researchers prepare experimental data, and the service properties pre-measured are also presented. Meanwhile, the fulfillment of benchmark requirements is detailed, and the results show that our RescureService meets the requirements of a benchmark system in research. Moreover, instructions are given to describe adopting our system in service computing as examples.

Xiang Zhou,Xin Peng,Tao Xie,Jun Sun,Chao Ji,Dewei Liu,Qilin Xiang,Chuan He

DOI: https://doi.org/10.1145/3338906.3338961

2019-01-01

Abstract:In the production environment, a large part of microservice failures are related to the complex and dynamic interactions and runtime environments, such as those related to multiple instances, environmental configurations, and asynchronous interactions of microservices. Due to the complexity and dynamism of these failures, it is often hard to reproduce and diagnose them in testing environments. It is desirable yet still challenging that these failures can be detected and the faults can be located at runtime of the production environment to allow developers to resolve them efficiently. To address this challenge, in this paper, we propose MEPFL, an approach of latent error prediction and fault localization for microservice applications by learning from system trace logs. Based on a set of features defined on the system trace logs, MEPFL trains prediction models at both the trace level and the microservice level using the system trace logs collected from automatic executions of the target application and its faulty versions produced by fault injection. The prediction models thus can be used in the production environment to predict latent errors, faulty microservices, and fault types for trace instances captured at runtime. We implement MEPFL based on the infrastructure systems of container orchestrator and service mesh, and conduct a series of experimental studies with two opensource microservice applications (one of them being the largest open-source microservice application to our best knowledge). The results indicate that MEPFL can achieve high accuracy in intraapplication prediction of latent errors, faulty microservices, and fault types, and outperforms a state-of-the-art approach of failure diagnosis for distributed systems. The results also show that MEPFL can effectively predict latent errors caused by real-world fault cases.

ZHANG Qixun,HAN Jing,CHENG Li,ZHANG Baisheng,GONG Zican

DOI: https://doi.org/10.12142/ZTECOM.202203011

2022-01-01

Abstract:Microservices have become popular in enterprises because of their excellent scalability and timely update capabilities . However, while fine-grained modularity and service-orientation decrease the complexity of system development, the complexity of system operation and maintenance has been greatly increased, on the contrary. Multiple types of system failures occur frequently, and it is hard to detect and diag-nose failures in time. Furthermore, microservices are updated frequently. Existing anomaly detection models depend on offline training and cannot adapt to the frequent updates of microservices. This paper proposes an anomaly detection approach for microservice systems with multi-source data streams. This approach realizes online model construction and online anomaly detection, and is capable of self-updating and self-adapting. Experimental results show that this approach can correctly identify 78.85％of faults of different types.

Matteo Collina,Luca Maraschi,Tommaso Pirini 1. Platformatic Inc

DOI: https://doi.org/10.48550/arXiv.2309.06238

2023-09-12

Abstract:In a microservices-based system, reliability and availability are key components to guarantee the best-in-class experience for the consumers. One of the key advantages of microservices architecture is the ability to independently deploy services, providing maximum change flexibility. However, this introduces an extra complexity in managing the risk associated with every change: any mutation of a service might cause the whole system to fail. In this research, we would propose an algorithm to enable development teams to determine the risk associated with each change to any of the microservices in the system.

Software Engineering

Shenglin Zhang,Jun Zhu,Bowen Hao,Yongqian Sun,Xiaohui Nie,Jingwen Zhu,Xilin Liu,Xiaoqian Li,Yuchi Ma,Dan Pei

DOI: https://doi.org/10.1145/3663529.3663833

2024-01-01

Abstract:Nowadays, the testing of large-scale microservices could produce an enormous number of test alarms daily. Manually diagnosing these alarms is time-consuming and laborious for the testers. Automatic fault diagnosis with fault classification and localization can help testers efficiently handle the increasing volume of failed test cases. However, the current methods for diagnosing test alarms struggle to deal with the complex and frequently updated microservices. In this paper, we introduce SynthoDiag, a novel fault diagnosis framework for test alarms in microservices through multi-source logs (execution logs, trace logs, and test case information) organized with a knowledge graph. An Entity Fault Association and Position Value (EFA-PV) algorithm is proposed to localize the fault-indicative log entries. Additionally, an efficient block-based differentiation approach is used to filter out fault-irrelevant entries in the test cases, significantly improving the overall performance of fault diagnosis. At last, SynthoDiag is systematically evaluated with a large-scale real-world dataset from a top-tier global cloud service provider, Huawei Cloud, which provides services for more than three million users. The results show the Micro-F1 and Macro-F1 scores improvement of SynthoDiag over baseline methods in fault classification are 21% and 30%, respectively, and its top-5 accuracy of fault localization is 81.9%, significantly surpassing the previous methods.

Meng Ma,Weilan Lin,Disheng Pan,Ping Wang

DOI: https://doi.org/10.1109/tsc.2020.2993251

IF: 11.019

2022-01-01

IEEE Transactions on Services Computing

Abstract:The emergence of microservice architecture in Cloud systems poses a new challenges for the reliability operation and maintenance. Due to numerous services and diverse types of metrics, it is time-consuming and challenging to identify the root cause of anomaly in large-scale microservice architecture. To solve this issue, this article presents a multi-metric and self-adaptive root cause diagnosis framework, named MS-Rank. MS-Rank decomposes the task into four phases: impact graph construction, random walk diagnosis, result precision evaluation, metrics weight update. Initially, we introduce the concept of implicit metrics and propose a composite impact graph construction algorithm, using multiple types of metrics to discover causal relationships between services. Afterwards, we propose a diagnostic algorithm in which forward, selfward and backward transitions are designed to heuristically identify the root cause services. In addition, we establish a self-adaptive mechanism to update the confidence of different metrics dynamically according to their diagnostic precision. Lastly, we develop a prototype system and integrate MS-Rank into real production system - IBM Cloud. Experimental results show that MS-Rank has a high diagnostic precision and its performance outperforms several selected benchmarks. Through multiple rounds of diagnosis, MS-Rank can optimize itself effectively. MS-Rank can be rapidly deployed in various microservice-based systems and applications, requiring no predefined knowledge. MS-Rank also allows us to introduce expert experiences into its framework to improve the diagnostic efficiency and precision.

Ping Liu,Yu Chen,Xiaohui Nie,Jing Zhu,Shenglin Zhang,Kaixin Sui,Ming Zhang,Dan Pei

DOI: https://doi.org/10.1109/ISSRE.2019.00014

2019-01-01

Abstract:The failures of software service directly affect user experiences and service revenue. Thus operators monitor both service-level KPIs (e.g., response time) and machine-level KPIs (e.g., CPU usage) on each machine underlying the service. When a service fails, the operators must localize the root cause machines, and mitigate the failure as quickly as possible. Existing approaches have limited application due to the difficulty to obtain the required additional measurement data. As a result, failure localization is largely manual and very time-consuming. This paper presents FluxRank, a widely-deployable framework that can automatically and accurately localize the root cause machines, so that some actions can be triggered to mitigate the service failure. Our evaluation using historical cases from five real services (with tens of thousands of machines) of a top search company shows that the root cause machines are ranked top 1 (top 3) for 55 (66) cases out of 70 cases. Comparing to existing approaches, FluxRank cuts the localization time by more than 80% on average. FluxRank has been deployed online at one Internet service and six banking services for three months, and correctly localized the root cause machines as the top 1 for 55 cases out of 59 cases.

Yuan Meng,Shenglin Zhang,Yongqian Sun,Ruru Zhang,Zhilong Hu,Yiyin Zhang,Chenyang Jia,Zhaogang Wang,Dan Pei

DOI: https://doi.org/10.1109/IWQoS49365.2020.9213058

2020-01-01

Abstract:An increasing number of Internet applications are applying microservice architecture due to its flexibility and clear logic. The stability of microservice is thus vitally important for these applications' quality of service. Accurate failure root cause localization can help operators quickly recover microservice failures and mitigate loss. Although cross-microservice failure root cause localization has been well studied, how to localize failure root causes in a microservice so as to quickly mitigate this microservice has not yet been studied. In this work, we propose a framework, MicroCause, to accurately localize the root cause monitoring indicators in a microservice. MicroCause combines a simple yet effective path condition time series (PCTS) algorithm which accurately captures the sequential relationship of time series data, and a novel temporal cause oriented random walk (TCORW) method integrating the causal relationship, temporal order, and priority information of monitoring data. We evaluate MicroCause based on 86 real-world failure tickets collected from a top tier global online shopping service. Our experiments show that the top 5 accuracy (AC@5) of MicroCause for intra-microservice failure root cause localization is 98.7%, which is greatly higher (by 33.4 %) than the best baseline method.

Yifan Wu,Bingxu Chai,Ying Li,Bingchang Liu,Jianguo Li,Yong Yang,Wei Jiang

DOI: https://doi.org/10.1109/icse-seip58684.2023.00027

2023-01-01

Abstract:Although dedicated efforts have been devoted to ensuring the service quality of online service systems, these systems are still suffering from incidents due to various causes, which lead to user dissatisfaction and economic loss. Change is the most disruptive yet unavoidable maintenance event in online service systems. Among all possible causes of incidents, change is one of the leading causes that induce incidents. To enforce changes with minimized negative impact, change management has been widely applied in industry. However, change-induced incidents are still happening. Most empirical studies involving change-induced incidents are limited to one specific type of incident-inducing change. Moreover, the characteristics of change-induced incidents and challenges of change management have not been studied. To fill the knowledge gap, this paper presents the first empirical study on change-induced incidents of online service systems. 161 real change-induced incidents are collected from a large-scale online service system over two years in Ant Group. By manually examining their post-mortem reports, we clarify the severity of change-induced incidents and analyze the characteristics of change-induced incidents in terms of change types, root causes, and mitigation strategies. Furthermore, we identify a series of vital challenges of change management in practice and point out several practical implications for researchers and engineers. We believe our work could help understand change-induced incidents and give some inspiration and guidance for engineers and researchers to improve change management.

Rui Ren,Jingbang Yang,Linxiao Yang,Xinyue Gu,Liang Sun

2024-05-31

Abstract:The newly deployed service -- one kind of change service, could lead to a new type of minority fault. Existing state-of-the-art methods for fault localization rarely consider the imbalanced fault classification in change service. This paper proposes a novel method that utilizes decision rule sets to deal with highly imbalanced data by optimizing the F1 score subject to cardinality constraints. The proposed method greedily generates the rule with maximal marginal gain and uses an efficient minorize-maximization (MM) approach to select rules iteratively, maximizing a non-monotone submodular lower bound. Compared with existing fault localization algorithms, our algorithm can adapt to the imbalanced fault scenario of change service, and provide interpretable fault causes which are easy to understand and verify. Our method can also be deployed in the online training setting, with only about 15% training overhead compared to the current SOTA methods. Empirical studies showcase that our algorithm outperforms existing fault localization algorithms in both accuracy and model interpretability.

Software Engineering,Artificial Intelligence,Machine Learning

Lingzhi Wang,Nengwen Zhao,Junjie Chen,Pinnong Li,Wenchi Zhang,Kaixin Sui

DOI: https://doi.org/10.1109/icws49710.2020.00026

2020-01-01

Abstract:Microservice systems are typically fragile and failures are inevitable in them due to their complexity and large scale. However, it is challenging to localize the root-cause metric due to its complicated dependencies and the huge number of various metrics. Existing methods are based on either correlation between metrics or correlation between metrics and failures. All of them ignore the key data source in microservice, i.e., logs. In this paper, we propose a novel root-cause metric localization approach by incorporating log anomaly detection. Our approach is based on a key observation, the value of root-cause metric should be changed along with the change of the log anomaly score of the system caused by the failure. Specifically, our approach includes two components, collecting anomaly scores by log anomaly detection algorithm and identifying root-cause metric by robust correlation analysis with data augmentation. Experiments on an open-source benchmark microservice system have demonstrated our approach can identify root-cause metrics more accurately than existing methods and only require a short localization time. Therefore, our approach can assist engineers to save much effort in diagnosing and mitigating failures as soon as possible.

Wei Cao,Zhiying Cao,Xiuguo Zhang

DOI: https://doi.org/10.1088/1742-6596/1213/4/042016

2019-06-01

Journal of Physics: Conference Series

Abstract:Abstract Recently, the existing microservice anomaly detection methods which mainly monitor the system metrics and analyze the system logs have low efficiency and consume much time. This paper proposes a microservice anomaly detection method based on Conditional Random Field(CRF). The method takes the collected system parameters such as CPU utilization, memory utilization, bandwidth occupancy as the characteristic values of the observation sequence, and labels the abnormal types of the sequences corresponding to the feature values, and then creates the microservice fault matrix. Operators can quickly retrieve the specific anomaly information of the microservice error according to the microservice fault matrix. Compared with the traditional Hidden Markov Model-based detection method, this method can find the abnormal sequence corresponding to the observation sequence in the global scope. The experimental results show that the method proposed by this paper can accurately find the faults in the microservice system, and the accuracy and recall rate are relatively high.

Hongyang Chen,Pengfei Chen,Guangba Yu,Xiaoyun Li,Zilong He,Huxing Zhang

DOI: https://doi.org/10.1109/tdsc.2024.3363902

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Microservice is a widely-adopted architecture for constructing cloud-native applications. To test application resiliency, chaos engineering is widely used to inject faults proactively in applications. However, the searching space formed by possible injection locations is huge due to the scale and complexity of the application. Although some methods are proposed to effectively explore injection space, they cannot prioritize high-impact injection solutions. Additionally, the blast radius of faults injected by existing methods is typically full of uncertainty, causing faults of multiple application functions. Although some tools are designed to conduct request-level injection, they require instrumentation on application code. To tackle these problems, this paper presents MicroFI, a non-intrusive fault injection framework, aiming to efficiently test different application functions with request-level injection. Request-level injection limits the blast radius to specified requests without any source code modification. Additionally, MicroFI leverages historical injection results and parallel technique to accelerate the searching. Moreover, An enhanced PageRank is used to measure the impact of faults and prioritize high-impact faults that fail more functions. Evaluations on three microservice applications show that MicroFI precisely injects faults and reduces up to 91% redundant faults on average. Additionally, by employing prioritization, MicroFI reduces an average of 47.3% injection budgets to cover all high-impact faults.

computer science, information systems, software engineering, hardware & architecture