In past articles I have covered topics about how Nimble Storage lowers customer risk with technologies internal to the array such as:
- Fully automated headroom management
- Hands-free, heuristics-based Auto QoS
- The most paranoid data integrity
Now, it’s time to write a more in-depth article about the immense customer benefits of InfoSight, Nimble’s Predictive Analytics platform.
I’ve been at Nimble Storage about a year now, and this technology still remains the fundamental reason I chose to come to Nimble versus the many other opportunities I had.
My opinion hasn’t changed – if anything, I increasingly see that this is the cornerstone of how to fundamentally advance how infrastructure works. Not having such a technology has become a major competitive disadvantage for other vendors, since not having it increases risk for customers.
I will show how InfoSight is far beyond what any other storage vendor has in the analytics area in both scope and capability. Because it’s not about just the storage…
Imagine if you had a technology that could, among many other things, reduce problem resolution time from several days to minutes? How could that potentially help your company in case something really hard to diagnose (and well outside storage) affected a critical part of the business? What would the business value be for such an ability?
Why InfoSight was Built
The fundamental reason behind building this technology is to reduce business risk by improving the reliability of the entire infrastructure, not just the reliability of storage.
A secondary goal for the Predictive Analytics technology in InfoSight is to provide statistics, trending analysis, recommendations and overall visibility in the infrastructure.
Most storage vendors are very focused on, predictably, storage. Their reporting, troubleshooting and analytics – they’re focused on the storage piece. However, statistically, when dealing with quality enterprise storage gear, storage is quite simply not the leading cause of overall infrastructure issues affecting the delivery of data to applications.
The App-Data Gap
Any delay between the delivery of data to the end user is called the App-Data Gap.
Clearly, App-Data Gap issues could stem from any number of sources.
Business owners care about applications serving data, and arguably many couldn’t care less about the infrastructure details as long as it’s meeting business SLAs.
But what happens when things inevitably go wrong? Because it is a case of when, not if. Especially when something goes wrong in a strange way so that even redundant systems don’t quite help? Or if it’s an intermittent issue that can’t be tracked down? Or an endemic issue that has been plaguing the environment for a long time?
The State of IT Troubleshooting
With the complexity of today’s data centers (whether on-premises or cloud-based), there is so much going on that troubleshooting is hard, even for basic “point me in the right direction” root cause analysis. And if something really arcane is going on, timely troubleshooting may prove impossible.
There is no shortage of data – if anything, there is often too much of it, but usually not of a high enough quality and/or presented in ways that are not necessarily helpful nor correlated.
The true value starts once quality data is correlated and troubleshooting becomes proactive and, ultimately, automatic.
Cars are always a good example…
Imagine cars with basic sensors and instrumentation – if something goes wrong, do you get enough information? Do you know the optimal course of action? Quickly enough?
Let’s say the fuel lamp lights up. What does that mean? That I have X amount of fuel left because I think it said so in the car’s manual that I lost years ago when trying to fend off that surprisingly irate koala? Is knowing the amount of fuel left helpful enough?
Would it not be incredibly better if I had this information instead:
- How much farther can I drive?
- Where is the next gas station on my route?
- Is the route to that gas station open?
- Does that gas station have the fuel type I need? In stock or just in theory?
- Are they open for business? For sure or do I just know their official hours?
- Do they accept my form of payment?
- Can I even make it to that gas station or should I go elsewhere even if it takes me wildly off course?
- Can all the above information be summarized in a “just go there” type action if I didn’t want to know all the details and wanted to know what to do quickly?
I’m sure most of us can relate – especially the people that have had the misfortune of being stranded due to one of the above reasons.
How InfoSight was Built
In order to get insights from data, the data has to be collected in the first place. And quite frequently, a lot of good data is required in order to have enough information to get meaningful insights.
One of the things Nimble Storage did right from the beginning, was to ask the developers to put sensors in software functions, even if there was no immediately apparent way to get value from those sensors (we constantly invent new ways to leverage the data).
This has created a coding methodology that cannot easily be retrofitted by other vendors playing catch up – the Nimble code is full of really deep sensors (about 4,000 as of the time of this publication in March of 2017) and an entire process that is without equal.
Yet another car example
A good parallel to our rich sensor methodology is Tesla. They have a lot of very advanced sensors in each car, in order to collect extremely detailed information about how the car is used, where, in what conditions, and what’s around it:
Without the correct type of rich sensors in the right places, the ability to know enough about the environment (including context) is severely compromised. Most competitor cars don’t have anything remotely close to Tesla’s sensor quality and quantity. Which is one of the reasons it is really hard for their competitors to catch up in the self driving car game. To my knowledge, Tesla has collected far more sensor data about real world driving than any other car company.
Quality sensor data by itself is of limited value, but it’s a good (and necessary) start.
Every day, each Nimble Storage system collects and uploads up to 70 million sensor values, which is many orders of magnitude richer than what competitors do (since they didn’t build the system with that in mind to begin with). In addition to sensors, we also collect logs and config variables.
We don’t only collect data from the Nimble Storage systems.
We also want to collect data from the fabric, the hypervisors, hosts, applications, everything we can get our hands on (and the list is expanding).
A nice side effect is that due to the richness of data collected, Nimble Support will not bother customers with endless requests for huge diagnostic uploads to Support, unlike certain other vendors that shall remain nameless…
For the security conscious: this is anonymized metadata, collecting actual customer data would be illegal and stupid to do (yes, we get the question). All this information just tells us how you’re using the system (and how it’s reacting), not what your data contains. In addition, a customer has to opt in, otherwise no metadata is sent to Nimble (almost everyone opts in, for benefits that will become extremely clear later on). Here’s the InfoSec policy.
All this sensor data is collected from all customer systems and sent to a (really) Big Data system. It’s a massively parallel implementation and it’s all running on Nimble gear (eat your own dog food as they say, or 3-Michelin-Star meal as the case may be).
Fun fact: In a few hours we collect more data than much bigger vendors (with many more systems deployed) collect in several years with their antediluvian “analytics” frameworks.
Fun fact #2: Nimble has collected more data about how real-world infrastructure is used than any other company. This is the infrastructure database that will enable the “self driving car” AI in IT. Imagine the applications and benefits if even complicated tasks can now be automated with AI.
Now that the data is collected, optimized and placed in an area where it can rapidly be examined and manipulated, the fun begins.
Correlation, Context & Causation Third
It is very easy to draw the wrong conclusions if one relies on simple statistics and even advanced correlation without context awareness.
A nice illustration of this is Anscombe’s Quartet. If someone does a simple statistical analysis for all four datasets, the results are identical (the blue trend line). However, if one simply looks at a plot of the data points, it becomes abundantly clear that the blue trend line does not always tell the right story.
Being able to accurately tell what’s really going on is a big part of this technology.
Another good way to see the drawback of lack of situational awareness is playing chess without knowing the board exists. The illustrious Mr. Wardley has a great article on that. Big Data by itself isn’t enough.
Some of the techniques Nimble Storage uses to separate the wheat from the chaff, without giving away too much:
Machine Learning related:
- Eigenvalue Decomposition
- Sliding window correlations
- Differential equation models of IO flux in order to assess workload contention
- Autoregressive, Bootstrapping and Monte Carlo methods
- Correlation across the entire customer population
- Outlier detection and filtering
- Semi-supervised mixture models, Bayesian logic for probability inference, Random Forests, Support Vector Machines, Multifeature Clustering Techniques
- Application behavior models
- Interactions between different components in the stack such as array code, hypervisors, server types, switches, etc.
- Advanced visualizations
- Zero Day Prevention
As you can see, the InfoSight framework is massive in both scope and execution. In addition, the computational power needed to do this properly is pretty serious.
What Benefits do Nimble Customers get from InfoSight?
The quickest way to describe the overall benefits is massively lower business risk.
A good way to show one of the advantages of the complete solution (Nimble Storage plus InfoSight) is to share some real-life examples of where we were able to help customers identify and resolve incredibly challenging problems.
Example #1: Widespread Hypervisor bug. Business impact: complete downtime
There was a bug in a certain hypervisor that would disconnect the hosts from the storage. It affected the storage industry as a whole. Nimble was instrumental in helping the hypervisor vendor understand exactly what the problem was and how it was manifesting. The fix helped the entire storage industry.
Example #2: Insidious NIC issue. Business impact: very erratic extreme latency affecting critical applications
The customer was seeing huge latency spikes but didn’t call Nimble initially since the array GUI showed zero latency. They called every other vendor, nobody could see anything wrong and kept pointing the finger at the storage. After calling Nimble support, we were able to figure out that it was the server NIC that was causing issues (a NIC that had just passed all the server vendor’s diagnostics with flying colors). Replacing it fixed the problem.
Example #3: Network-wide latency spikes. Business impact: lost revenue
A large financial company was experiencing huge latency spikes for everything connected to a certain other vendor’s array. They had a support case open for 6 months with both their network and storage vendors. The case was unresolved. They brought Nimble in for a POC. We had exact the same latency issues. The difference was we identified the real problem in 20 minutes (an obscure setting on the switches). Changing the setting fixed the original storage vendor’s issues. That customer is buying from us now anyway.
Example #4: Climate control issues. Business impact: data center shutdown
A customer had a failing air conditioning system. We proactively identified the issue a full 36 minutes before their own monitoring systems managed to do so. Very serious, and apparently more common than one would think.
We have many more examples but this is already an abnormally long blog post as it is… I hope this is enough to show that the value of InfoSight goes far beyond the storage, and extends all the way up the stack (and even tangentially helps with environmental issues, and we didn’t even discuss how it helps identify security issues).
Indeed, due to all the Nimble technology, our average case resolution time is around 30 minutes (from the time you pick up the phone, not from the time you get a call back).
So my question, gentle reader, is: If any of the aforementioned problems happened to you, how long would it take for you to resolve them? What would the process be? How many vendors would you have to call? What would the impact to your business be while having the problems? What would the cost be? And does that cost include intangible things like company reputation?
Solving difficult problems more quickly than ever was possible in the past is, of course, one of the major benefits of InfoSight.
But would it not be better to not have the problem in the first place?
The Prime Directive
We stand by this adage: If any single customer has a problem, no other customer ever should. So we implement Zero Day Prevention.
It doesn’t just mean we will fix bugs as we find them. It means we will try to automatically prevent the entire customer base from hitting that same problem, even if the problem has affected only one customer.
Only good things can come from such a policy.
Inoculation & Blacklisting
There are two technologies at play here (which can also work simultaneously):
- Inoculation: Let’s assume a customer has a problem and that problem is utterly unrelated to any Nimble code. Instead of saying “Not Us”, we will still try to perform root cause analysis, and if we can identify a workaround (even if totally unrelated to us), we will automatically create cases for all customers that may be susceptible to this issue. The case will include instructions on how to proactively prevent the problem from occurring.
- Blacklisting: In this case, there is something we can do that is related to our OS. For instance, a hypervisor bug that only affects certain versions of our OS, or some sort of incompatibility. We will then automatically prevent susceptible customers from installing any versions of our OS that clash with their infrastructure. Contrast that to other vendors asking customers to look at compatibility matrices or, worse, letting customers download and install any OS version they’d like…
Here’s an example of a customer that we won’t let upgrade until we help them resolve the underlying issue:
Hardware upgrade recommendations
Another proactive thing InfoSight does is to recommend not just software but also hardware upgrades based on proprietary and extremely intelligent analysis of trending (and not based on simple statistical models, per the Anscombe’s Quartet example earlier on).
Things like controller, cache, media and capacity are all examined, and the customers see specific and easy to follow recommendations:
Notice we don’t say something vague like “not enough cache”. We explicitly say “add this much more cache.”
There is still enough cache in this example system for now, but with intelligent projections, the recommended amount is calculated and presented. The customer can then easily take action without needing to call support nor hire expensive consultants. And take action before things get too tight.
Other InfoSight Benefits
There are many other benefits, but this post is getting dangerously long so I will describe just a few of them in a list instead of showing screenshots and detailed descriptions for everything.
- Improved case automation: About 90% of all cases are opened automatically, and a huge percentage of them are closed automatically
- Accelerated code evolution: Things that take other companies years to detect and fix/optimize are now tackled in a few weeks or even days
- App-aware reporting: Instead of reporting generically, be able to see detailed breakdowns by application type (and even different data types for the same application, for example Oracle data vs Oracle logs)
- Insight into how real applications work: check here for an excellent paper.
- Sizing: Using the knowledge of how applications work across the entire customer base, help array sizing become more accurate, even in the face of incomplete requirements data
- Protection: tell customers what is protected via snaps/replication, including lag times
- Visualizations: Various ways of showing heretofore difficult or impossible to see behaviors and relationships
- Heuristics-based storage behavior: Using knowledge from InfoSight, teach the storage system how to behave in the face of complex issues, even when it’s not connected to InfoSight
- Extension into cloud consumers: Provide visibility into AWS and Azure environments using Nimble Cloud Volumes (NCV).
Regarding vendors that claim they will perform advanced predictive analytics inside their systems…
Really? They can spare that much computational power on their systems, and dedicate incredible amounts of spare capacity, and have figured out all the advanced algorithms necessary, and built all the right sensors in their code, and accurately cross-correlate across the entire infrastructure, and automatically consult with every other system on the planet, and help identify weird problems that are way outside the province of that vendor? Sold! Do they sell bridges, too?
There is only so much one can do inside the system, or even if adding a dedicated “monitoring server” in the infrastructure. This is why we elected to offload all this incredibly heavy processing to a massively parallel infrastructure in our cloud instead of relying on weak solipsistic techniques.
A Common Misconception
Instead of the usual summary, I will end this post rather differently.
Often, Nimble customers, resellers, competitors (and sometimes even a few of the less technical Nimble employees) think that the customer-visible GUI of InfoSight is all of InfoSight.
InfoSight actually is the combination of the entire back end, machine learning, heuristics, proactive problem prevention, automation, the myriad of internal visualization, correlation and data massaging mechanisms, plus the customer-visible part.
Arguably, what we let customers see is a tiny, tiny sliver of the incredible richness of data we have available in our Big Data system. Internally we see all the data, and use it to provide the incredible reliability and support experience Nimble customers have come to love.
There’s a good reason we don’t expose the entire back end to customers.
For normal humans without extensive training it would be a bit like seeing The Matrix code, hence the easy visualizations we provide for a subset of the data, with more coming online all the time (if you’re a customer see if you have access yet to the cool new Labs portion, found under the Manage tab).
So this (for instance, an app-aware histogram proving that SQL DBs do almost zero I/O at 32KB):
Or this (a heatmap showing a correlation of just sequential I/O, just for SQL, for the whole week – easy to spot patterns, for example at 0600 every day there’s a burst):
Instead of this:
So, next time you see some other vendor showing a pretty graph, telling you “hey, we also have something like InfoSight! Ours looks even prettier!” – remember this section. It’s like saying “all cars have steering wheels, including the rusty pinto on cinder blocks”.
They’re like kids arguing about a toy, while we are busy colonizing other planets…
InfoSight is the largest extant database of IT infrastructure behavior. We have been collecting data for years, and have more sensors than any other storage system I’m aware of. We have data on behavior as a function of all kinds of applications, workloads, types of client systems, hypervisor versions… and this existing data is part of what allows us to make intelligent decisions, even in the event of not having enough data.
Even if one hypothetically assumes other vendors somehow manage to:
- Build the same quality and quantity of sensors and
- Build an equivalent back end and
- Manage to catch up with all the insane R&D we’ve done when it comes to intelligently analyzing things and automatically figuring out solutions to problems…
They still won’t have the sheer history, the database size and quality Nimble has simply because they haven’t been doing it as long and/or don’t have enough systems collecting data. Hard to extrapolate when you don’t have a good starting point…
This stuff isn’t easy to do folks.
And if you read all the way to this, congratulations, and apologies for the length. If it’s any consolation, it’s about a third of what it should have been to cover the subject properly…