Welcome!

SOA & WOA Authors: Pat Romanski, Esmeralda Swartz, Elizabeth White, Carmen Gonzalez, Lori MacVittie

Related Topics: Cloud Expo, Java, SOA & WOA, .NET, AJAX & REA, Big Data Journal

Cloud Expo: Article

Top Eight Application Performance Landmines

An update to best practices

We have been blogging about the same problems and problem patterns we see while working with our customers over the past few of years. There have always been the classic application performance landmines in the areas of inefficient database access, misconfigured frameworks, excessive memory usage, bloated web pages and not following common web performance best practices among others.

More than two years ago we posted summary blogs of the Top Server-Side Performance Problems and the Top 10 Client-Side Performance Problems to give operations, architects, testers and developers easy-to-consume best practices. We feel that it is time to provide an update to these best practices as new problem patterns have since come into play. We also want to cover more than just problems that happen within your application by broadening the scope across the entire Application Delivery Chain. This includes all components between your end user and your back-end systems, databases and third-party services. The following illustrates which components are involved and what the typical errors are along the delivery chain.

Delivering an application to the end user has become more complex as it involves more components than ever before. This also leaves a lot of room for mistakes that impact end-user experience.

Let's now dig a little deeper in some of the highlighted problem areas. The following lists our Top Performance Landmines that have been reported by our customers such as BonTon and Swarovski. Other companies include those in the financial services industry, manufacturing industry and energy industry among others. To make it easier for you to decide which landmines to read we also added the target audience for each problem area.

Bloated Web Front Ends
Audience:
Operations, Architects, Testers, Developers
Often companies focus on optimizing the performance of the applications they deliver by tuning the code, reducing SQL overhead, implementing application caching, and other items that are, for the most part, invisible to the customer using the application. However, all of this effort and activity can go completely unnoticed if the content being delivered to customers is bloated and inefficient.

Sources we track show that the average page delivered to customers has been steadily increasing in size and complexity over the last 3-4 years as well as customers' expectations of performance. This continuous conflict of business vs customer expectations needs to be understood in order to be effectively managed. What companies need to realize is that what they consider to be fast and efficient doesn't really matter. If the customers using the site believe that the site is slow and hard to use, they won't use it and they will tell their friends about their poor experience.

Comparing your performance to top competitors in your industry as well as Internet leaders helps you set performance goals that can be achieved over time. Additionally, understanding why your customers leave your site can help you resolve customer experience issues: Is it a particular subset of customers who leave? Which page caused them to leave? Is there an application function on that page that is bloated and slow?

Comparing your site against peers in the same industry will help you understand where you rank.

Using caching, compression, CDNs, and a critical eye that asks questions about every new image, function, and feature you add, you can trim the weight of your site and deliver a better customer experience.

We discuss the performance degradation that can be traced to bloated front ends and how this affects site performance in Performance Improvement is not Performance Optimization and Super Bowl Sunday 2013 - Winners, Losers, and Casualties.

Slow Third-Party Content and CDNs
Audience:
Operations, Architects, Testers
Focusing on your own content can leave you exposed to performance issues that originate outside your organization. With companies adding more content from third-party sources to their site, managing application performance becomes increasingly complex, even when these services are designed to improve performance.

During peak performance events over the last 12 months - holiday shopping season and the Super Bowl - two primary trends were seen: third-party services were overwhelmed when more than one of their customers reached peak traffic simultaneously and CDNs buckled under flash loads that were far larger than even the busiest days their customers typically experience.

Third-party services are here to stay. It is far easier to sign a contract with an advertising firm to help you optimize the display of ads on your site than to try and design such a system yourself. Items such as analytics, social media, web fonts, and popular JavaScript libraries are often drawn from services you don't directly control, but rely on to work efficiently and reliably at all times. When these external services have an issue, it's your brand that takes the customer experience hit, not the third party.

Monitoring and managing third parties means treating them as unique applications, with their own baselines and Service Level Agreements (SLAs) and Service Level Objectives (SLOs). It sometimes means asking tough questions of these services, such as:

  • Have you load tested your systems to see what happens when three of your largest customers experience peak traffic simultaneously?
  • What is the escalation path we should follow with your team when we discover a performance issue that is affecting our customers?
  • How well did your system perform during the eight busiest hours over the last 12 months, not just the average performance?

Monitor the impact of slow third-party and CDN content on your page load time.

Finally, your team needs to be prepared for the scenario where a third-party service or CDN suffers a severe outage or begins to seriously degrade your site performance. Always have a Plan B, C, etc. that gives you the ability to mitigate the issue. These plans could include removing third-party tags, images, and content from your site entirely during peak traffic, load balancing between multiple CDNs, moving content to a secondary cloud provider, all the way to switching to a simple bare bones site that removes all rich media until traffic returns to a normal level.

Unless you know how third parties affect your performance, there is no way for you to manage them effectively. Once you manage your third parties, you can take control of all aspects of your site performance.

More on third-party services and their effects on application performance is covered in: You only control 1/3 of your Page Load Performance!, Third Party Content Management applied: Four steps to gain control of your Page Load Performance!, The Ripple Effect of Facebook's Outage, Third-Party Issues and the Performance Ripple Effect, and Website's Vulnerability to Third-Party Services Exposed.

We also discuss third parties, most notably CDN performance in: Super Bowl Sunday 2013 - Winners, Losers, and Casualties, and Why Bon Ton needs real-time visibility into 85% of its content delivered by Akamai.

Wrong Usage of Frameworks
Audience:
Architects, Developers
In typical software projects it is very likely that most of the code that ends up running on the application servers, in your rich client or in the browser (JavaScript) is not developed by your company but comes from third-party libraries such as Hibernate, Spring, Telerik RadControls, jQuery, ExtJS or GWT. The list probably goes on forever as these third-party frameworks allow you to be more productive by eliminating the need to write code for common tasks such as data access, special UI controls or creating complex HTML, CSS and JavaScript for interactive web applications. The problems we see, however, are that frameworks are often not used in the way they should be used, or are often not optimized for the way you use them in your application. Developers tend to search for frameworks on the web, test them on a sample application and include them in the enterprise application without properly validating that the framework supports all uses cases and whether it can scale and perform in the way needed. In many cases it "just" requires better configuration of these frameworks such as the correct Cache strategy for Hibernate or using different API functions that provide advanced features such as in SharePoint when accessing List data. Sometimes, however, it turns out that the choice of a framework was wrong, resulting in a replacement or even custom coding of the required functionality.

The following screenshot shows that Hibernate executes the same SQL query multiple times instead of caching the result from the first query. This happens in case Hibernate has not been configured correctly to perform optimally for your specific needs:

Loading a person two times in a row, but no session cache involved

Finally, frameworks get constantly updated to improve functionality but also improve performance and stability. You want to watch out for these updates and also update your implemented framework version to benefit from the improvements. We have seen cases where, e.g., jQuery was never updated leaving websites with bad performance on older browsers and sometimes even on newer browsers when older versions of jQuery didn't leverage the capabilities of the latest IE, FF, Chrome or Safari browsers.

The next screenshot shows the performance of DOM Element lookups using an older version of the Spry JavaScript framework. Even when opening the page on a modern Firefox browser these lookups contribute about 3.5 seconds to the Page Load Time:

Long-running CSS Class Name Lookups contribute about 80% to the Client-Side Load Time.

If you want to read more about common problems when using these types of frameworks check out our blogs series on Hibernate (The Session Cache, The Query Cache, Second Level Cache), the Top SharePoint Performance Mistakes or the 101 on jQuery Selector Performance.

Network Infrastructure Problems
Audience:
Operations, Architects, Testers
Network infrastructure is an important component of every successful business operation. Performance problems experienced by end users can have various origins. The operation teams need Application Performance Monitoring solutions that will enable them to isolate fault domains effortlessly and quickly.

Sometimes the answer is not obvious and performance problems can end up in a "war room" between infrastructure and application providers. The team needs to analyze whether the problem is present at all locations where the application is executed. In certain cases, the performance problems might be caused by external infrastructure used by some users.

Performance problems can be pretty costly. According to the report by the Aberdeen Group they can reduce revenue by 9% and productivity by 64%. When our services are based on the SAP infrastructure the costs can rise to even $15,000 per every minute of a service downtime. Even though SAP provides tools to monitor its components, the proper APM solution should deliver a holistic view over the entire infrastructure. Only then can the Operations team tell whether it is a problem with SAP components that were quite an investment to deploy or it's an infrastructure problem that's not related to the SAP or any application.

Overview of SAP tier with top most under-performing modules and most affected users

The most obvious hints on whether this is a network or an application problem can be seen by checking for the Network and Server time outliers compared to the values of the baseline traffic. But eyeballing the reports is not enough to avoid problems. The first step toward proactive application performance management is to learn to respond promptly to alerts triggered by the APM tool when key measures go outside of the usual range.

Cloud Gotchas
Audience:
Operations, Architects
"The Cloud"
comes with a great promise: endless resources for endless scalability and performance when I need it. This eliminates the need to buy a lot of hardware that sits idle most of the time but is only used during peak traffic periods. It also allows me to scale and perform far beyond what is expected without needing to wait for additional hardware to ship.

But there are some gotchas: throwing hardware at an application that is not designed to scale in a cloud environment won't leverage the possibilities that the cloud provides. In fact, it often ends up being a very costly endeavor. One must also understand that The Cloud - unless we talk about a private cloud setting - is an environment that is not owned by you. Direct access to the underlying hardware is not as easy as if the hardware is located in the next room, which makes troubleshooting or monitoring much harder. The cloud is also not just an endless resource pool of CPU, Memory or Disk On-Demand. It provides lots of other services such as storage, messaging and more which one must understand and monitor for performance, as these services are key components of your application.

It is recommended to live monitor cloud instance usage and cost in order to not fall into a cost trap

Relating to these problem areas you want to read the following blog posts: Managing Hybrid Cloud Environments, Analyzing Performance of Windows Azure Storage, Why Performance Monitoring is easier in Public than onPremise Clouds and Monitoring your Clouds.

Too Many Database Calls
Audience:
Architects, Testers, Developers
Database Access is the problem we see the most within the application. It is nothing new - but - as we still see it on almost every application we work with, it is critical enough to mention it again. The first lesson learned is that the blame is often not on the database side but on the access patterns of the application to the database. All too often we see a single web request that queries thousands of database statements. There are multiple reasons for it: fetching too much data beyond just the data that is needed or inefficient fetching of data that then gets aggregated and computed in the application rather than in a stored procedure. What is really interesting is that we see this problem pattern not only in distributed applications running on modern application servers. We also see it on "legacy" applications such as VB6 or even the mainframe. The following screenshot highlights the transaction flow of an enterprise application that calls the mainframe. The mainframe transaction makes 225 SQL executions per transaction. A closer look typically reveals that the same statements are called hundreds of times due to the reasons mentioned above:

The Transaction Flow highlights how services interact with each other including the number of interactions to DB2 which indicate a potential architectural and performance problem.

Besides these access pattern problems we also see individual statements that take a long time to execute. In this case, it is important to not only focus on the database to optimize statements by tweaking indices or the like, it's also important to analyze whether these queries can be optimized from within the application. We often see that too much data is retrieved from the database, which first gets parsed by the application (using extra memory) and is then thrown away (more GC activity). Another landmine is misconfigured connection pools or application code that holds on to connections too long and ends up blocking other threads from accessing the database.

The following screenshot shows the database queries executed by a single transaction, most of them taking very long to execute. The fix to this problem was to optimize these statements in both the application and in the database:

The architects in this case started by optimizing SQL statements that took a long time to execute and those that got executed several times within the same transaction.

For further reading check out our blogs with more detailed background on these problem patterns such as Don't let your load balancers ruin your holiday business or Saving MIPS and Money. For connection pool problems we also have one interesting blog named The reason I don't monitor connection pool usage.

Big Data Not Optimized
Audience:
Operations, Architects, Testers, Developers
The amount of data that we and our applications have to process is constantly growing. Big Data solutions (NoSQL, MapReduce...) provide new approaches to storing and processing large amount of data. But as with every technology it needs to be used in an optimized way to fit your specific needs. It is a misconception that you can simply process more data by adding additional resources to, e.g., a MapReduce cluster in order to speed up data processing. This only works if you have implemented your jobs in a way that allows them to scale. The same is true for accessing data from a NoSQL database. The same problems we see with relational databases also apply to accessing data in Big Data solutions. If you make inefficient queries or more queries than necessary, you are going to impact performance.

The following screenshot highlights a transaction that spends most of its time in MongoDB. A closer look into this revealed that the framework used to access MongoDB made a call to a size method of the cursor that then executed an additional query to MongoDB, which was totally unnecessary. In this example, eliminating that call reduced roundtrips to MongoDB and improved overall transaction performance by 15x:

Transactions that call JourneyCollection.getCount spend nearly half their time in MongoDB.

If you are using Big Data technologies such as Cassandra, MongoDB, Hadoop, or the like I suggest following up with the following blog posts that explain some of the problem patterns and highlight best practices: MongoDB Anti-Pattern, NoSQL vs Traditional Databases, Inside Cassandra Write Performance and What we can Learn from Cassandra Pagination. Also check out 15x Performance Improvements for Pig+HBase.

Undetected Memory Leaks
Audience:
Architects, Testers, Developers
Memory and Garbage Collection problems are still very prominent issues in any enterprise application. One of the reasons is that the very nature of Garbage Collection is often misunderstood. Besides the traditional memory-related problems such as high memory usage, wrong cache usage strategies, we also see memory issues related to class loading, large classes or native memory. The following screenshot shows the problem of having single objects consuming a lot of memory. Not that this is a bad idea if necessary - but too often this happens because information is kept in memory for no apparent reason and with that consuming memory that is not available for others.

Single Object that is responsible for a big portion of the memory being leaked

Traditional memory leaks often lead to out of memory exceptions and typically to crashes of the virtual machines. This has a negative impact on the end user as the current context of user sessions and active transactions might be lost.

High memory usage on the other hand can result in high garbage collection, which has a direct impact on end user response time. Transactions that are suspended because of long running garbage collection processing can be optimized by tweaking garbage collection settings as well as being less "wasteful" with memory.

Even problems related to wrong implementations of equals/hashcode can lead to memory problems. To address this problem we wrote a full chapter on Memory Management in our Java Enterprise Performance book that explains concepts like How Garbage Collection works, Difference between JVMs, GC Tuning, High Memory Usage and the Root Cause, Class Load Related Problems and more. We have also blogged about specific memory scenarios - check out the following blogs: Memory Monitoring in WebSphere Environments, GC Bottlenecks in Heterogeneous Environments, Leak Detection in Production Environments, Top Memory Problems - Part I and Part II.

More to Come...
These landmines are some highlights with links to more detailed blog posts. As we continue to blog about these problem patterns, we plan to compile a second list of problems later this year. Keep watching our blog for more information and check out our online book on Java Enterprise Performance.

More Stories By Andreas Grabner

Andreas Grabner has more than a decade of experience as an architect and developer in the Java and .NET space. In his current role, Andi works as a Technology Strategist for Compuware and leads the Compuware APM Center of Excellence team. In his role he influences the Compuware APM product strategy and works closely with customers in implementing performance management solutions across the entire application lifecycle. He is a frequent speaker at technology conferences on performance and architecture-related topics, and regularly authors articles offering business and technology advice for Compuware’s About:Performance blog.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@ThingsExpo Stories
SYS-CON Events announced today that Matrix.org has been named “Silver Sponsor” of Internet of @ThingsExpo, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Matrix is an ambitious new open standard for open, distributed, real-time communication over IP. It defines a new approach for interoperable Instant Messaging and VoIP based on pragmatic HTTP APIs and WebRTC, and provides open source reference implementations to showcase and bootstrap the new standard. Our focus is on simplicity, security, and supporting the fullest feature set.
BSQUARE is a global leader of embedded software solutions. We enable smart connected systems at the device level and beyond that millions use every day and provide actionable data solutions for the growing Internet of Things (IoT) market. We empower our world-class customers with our products, services and solutions to achieve innovation and success. For more information, visit www.bsquare.com.
How do APIs and IoT relate? The answer is not as simple as merely adding an API on top of a dumb device, but rather about understanding the architectural patterns for implementing an IoT fabric. There are typically two or three trends: Exposing the device to a management framework Exposing that management framework to a business centric logic • Exposing that business layer and data to end users. This last trend is the IoT stack, which involves a new shift in the separation of what stuff happens, where data lives and where the interface lies. For instance, it’s a mix of architectural style...
SYS-CON Events announced today that Utimaco will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Utimaco is a leading manufacturer of hardware based security solutions that provide the root of trust to keep cryptographic keys safe, secure critical digital infrastructures and protect high value data assets. Only Utimaco delivers a general-purpose hardware security module (HSM) as a customizable platform to easily integrate into existing software solutions, embed business logic and build s...
SYS-CON Events announced today that Red Hat, the world's leading provider of open source solutions, will exhibit at Internet of @ThingsExpo, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Red Hat is the world's leading provider of open source software solutions, using a community-powered approach to reliable and high-performing cloud, Linux, middleware, storage and virtualization technologies. Red Hat also offers award-winning support, training, and consulting services. As the connective hub in a global network of enterprises, partners, a...
SYS-CON Events announced today that SOA Software, an API management leader, will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. SOA Software is a leading provider of API Management and SOA Governance products that equip business to deliver APIs and SOA together to drive their company to meet its business strategy quickly and effectively. SOA Software’s technology helps businesses to accelerate their digital channels with APIs, drive partner adoption, monetize their assets, and achieve a...
Samsung VP Jacopo Lenzi, who headed the company's recent SmartThings acquisition under the auspices of Samsung's Open Innovaction Center (OIC), answered a few questions we had about the deal. This interview was in conjunction with our interview with SmartThings CEO Alex Hawkinson. IoT Journal: SmartThings was developed in an open, standards-agnostic platform, and will now be part of Samsung's Open Innovation Center. Can you elaborate on your commitment to keep the platform open? Jacopo Lenzi: Samsung recognizes that true, accelerated innovation cannot be driven from one source, but requires a...
Connected devices are changing the way we go about our everyday life, from wearables to driverless cars, to smart grids and entire industries revolutionizing business opportunities through smart objects, capable of two-way communication. But what happens when objects are given an IP-address, and we rely on that connection, sometimes with our lives? How do we secure those vast data infrastructures and safe-keep the privacy of sensitive information? This session will outline how each and every connected device can uphold a core root of trust via a unique cryptographic signature – a “bir...
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at Internet of @ThingsExpo, Robin Raymond, Chief Architect at Hookflash Inc., will walk through the shifting landscape of traditional telephone a...
From a software development perspective IoT is about programming "things," about connecting them with each other or integrating them with existing applications. In his session at @ThingsExpo, Yakov Fain, co-founder of Farata Systems and SuranceBay, will show you how small IoT-enabled devices from multiple manufacturers can be integrated into the workflow of an enterprise application. This is a practical demo of building a framework and components in HTML/Java/Mobile technologies to serve as a platform that can integrate new devices as they become available on the market.
Internet of @ThingsExpo Silicon Valley announced on Thursday its first 12 all-star speakers and sessions for its upcoming event, which will take place November 4-6, 2014, at the Santa Clara Convention Center in California. @ThingsExpo, the first and largest IoT event in the world, debuted at the Javits Center in New York City in June 10-12, 2014 with over 6,000 delegates attending the conference. Among the first 12 announced world class speakers, IBM will present two highly popular IoT sessions, which will take place November 4-6, 2014 at the Santa Clara Convention Center in Santa Clara, Calif...
Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity.
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at Internet of @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, will discuss how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.

SUNNYVALE, Calif., Oct. 20, 2014 /PRNewswire/ -- Spansion Inc. (NYSE: CODE), a global leader in embedded systems, today added 96 new products to the Spansion® FM4 Family of flexible microcontrollers (MCUs). Based on the ARM® Cortex®-M4F core, the new MCUs boast a 200 MHz operating frequency and support a diverse set of on-chip peripherals for enhanced human machine interfaces (HMIs) and machine-to-machine (M2M) communications. The rich set of periphera...

SYS-CON Events announced today that Aria Systems, the recurring revenue expert, has been named "Bronze Sponsor" of SYS-CON's 15th International Cloud Expo®, which will take place on November 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Aria Systems helps leading businesses connect their customers with the products and services they love. Industry leaders like Pitney Bowes, Experian, AAA NCNU, VMware, HootSuite and many others choose Aria to power their recurring revenue business and deliver exceptional experiences to their customers.
The Internet of Things (IoT) is going to require a new way of thinking and of developing software for speed, security and innovation. This requires IT leaders to balance business as usual while anticipating for the next market and technology trends. Cloud provides the right IT asset portfolio to help today’s IT leaders manage the old and prepare for the new. Today the cloud conversation is evolving from private and public to hybrid. This session will provide use cases and insights to reinforce the value of the network in helping organizations to maximize their company’s cloud experience.
The Internet of Things (IoT) is making everything it touches smarter – smart devices, smart cars and smart cities. And lucky us, we’re just beginning to reap the benefits as we work toward a networked society. However, this technology-driven innovation is impacting more than just individuals. The IoT has an environmental impact as well, which brings us to the theme of this month’s #IoTuesday Twitter chat. The ability to remove inefficiencies through connected objects is driving change throughout every sector, including waste management. BigBelly Solar, located just outside of Boston, is trans...
SYS-CON Events announced today that Matrix.org has been named “Silver Sponsor” of Internet of @ThingsExpo, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Matrix is an ambitious new open standard for open, distributed, real-time communication over IP. It defines a new approach for interoperable Instant Messaging and VoIP based on pragmatic HTTP APIs and WebRTC, and provides open source reference implementations to showcase and bootstrap the new standard. Our focus is on simplicity, security, and supporting the fullest feature set.
Predicted by Gartner to add $1.9 trillion to the global economy by 2020, the Internet of Everything (IoE) is based on the idea that devices, systems and services will connect in simple, transparent ways, enabling seamless interactions among devices across brands and sectors. As this vision unfolds, it is clear that no single company can accomplish the level of interoperability required to support the horizontal aspects of the IoE. The AllSeen Alliance, announced in December 2013, was formed with the goal to advance IoE adoption and innovation in the connected home, healthcare, education, aut...
SYS-CON Events announced today that Red Hat, the world's leading provider of open source solutions, will exhibit at Internet of @ThingsExpo, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Red Hat is the world's leading provider of open source software solutions, using a community-powered approach to reliable and high-performing cloud, Linux, middleware, storage and virtualization technologies. Red Hat also offers award-winning support, training, and consulting services. As the connective hub in a global network of enterprises, partners, a...