Developing the MongoDB Backup Service, From Prototype to Production

MongoDB
April 29, 2014
#Cloud

In this series, the MMS team presents an in-depth look at how we developed the MongoDB backup capabilities in MMS. It should not surprise readers to learn that MMS Backup is a dogfood project… we use MongoDB in a few places, not just the obvious one. We thus have an opportunity to show in intimate detail how we ourselves implement the best practices we teach our community via our educational channels. 

In this opening post, we’ll look at how we approached the overall project, identifying the challenges we’d face and setting the roadmap from prototype to general release. In part two, we’ll cover the development of the client-side agent MMS Backup users drop into their infrastructure. In part three, we’ll look at the ingestion side at the MongoDB Mothership, and in parts four and five, we’ll cover how we evolved our storage technology from a simple file archive to a deduplicating blockstore using MongoDB as our underpinning technology.

Let’s get started with a quick overview of MMS Backup.

Defining the Service

MongoDB Management Service transparently replicates MongoDB instances to cloud storage, taking snapshots of each database, by default, every six hours. It maintains these snapshots for 2 days, and then begins aging them out, keeping dailies for a week, weeklies for a month, and monthlies for a year (this retention policy is configurable). It lets clients restore any of those snapshots, or to the state of the database at any point in time within the last 24 hours.

The Challenges

Given the above design specs, we faced these core challenges:

  1. Capacity planning without prior knowledge of our clients’ workloads.
  2. Providing clients a lightweight agent that installs and configures easily, and that doesn’t impact client production environments.
  3. Storing client data efficiently.

Capacity Planning

Capacity planning is hard even when you know a lot about how your application is used and how resources are consumed. Building a service meant to handle arbitrary client workloads is harder. We did know that for each of the replica sets we would back up, we would need certain resources, but the extent of our need each would be different for each client. For each replica set, we need: 

  1. Disk space to hold the database
  2. Disk space to hold 24 hours of oplogs, as well as extra space to hold more while snapshots were being taken
  3. Disk space to hold one snapshot every six hours for X months
  4. Network bandwidth to ingest the initial data and a constant stream of oplogs
  5. Disk IO for applying oplogs
  6. CPU cycles and RAM to run MongoDB apply oplogs to our copies of our clients’ data
  7. CPU cycles and RAM to compress data (an optimization)

A Lightweight Agent

By “transparently replicates”, I mean that MMS Backup is completely invisible to our clients’ infrastructure, requiring no configuration changes to their replica sets, and leaving no trace of the service in their status outputs. It is also fairly intangible, adding no more load than any other secondary replica set member would.

To accomplish this, we need to provide our clients with a software agent that is installed inside their infrastructure, with access to their MongoDB replica sets. The agent accesses their collections and oplogs directly, but conceptually works just like a hidden secondary. Installing this agent needs to be as easy as we can make it.

Efficient Data Storage

Our default snapshot retention policy is to maintain:

  • 6-hour interval snapshots for 2 days,
  • Daily snapshots stored for 1 week,
  • Weekly snapshots stored for 1 month,
  • and Monthly snapshots stored for 1 year.

If we have 100 clients, each with a single 1TB database, that makes 3,100 TB, without oplog storage. Clearly finding some way to optimize our use of disk space represents a special subset of challenges in our capacity planning.

Working on The Right Stuff First

Every project runs the risk of delivery delays, performance problems, and outright failure. The agile methodologies which have been refined in the past decades all share one principle: these risks are directly proportional to a degree of ignorance. It can be ignorance of anything, such as the resources required to handle load, the time required to develop a feature, or how well a feature will suit the targeted need. We mitigate risk by building working systems as early as possible, focusing on the areas of highest ignorance, and using the feedback from rapid iterations to reduce that risk.

This suggests that you start building with components you can use that will require the least amount of effort, with the greatest chance of delivering a functioning system. Once a system is working and feedback is flowing, you can begin to improve on the parts that are insufficient.

Defining Our Roadmap

With that framework in mind, we laid out what we needed to deliver our features and identified where these needs could not be met with existing components, and where the needs were least defined.

Network Bandwidth at Our Datacenter

While we could not know how much we would need, the solution – paying a network provider to bring capacity to you – is well known, and scaling up capacity can be done relatively quickly. This is therefore a low-risk area.

Overall Capacity Planning

There was great risk of harm to the project had this been improperly handled, but as described above, it was impossible to do before having some data from a running system. Thus, our approach here was to define the classes of missing knowledge, so we could gather it while in the prototyping, alpha, and beta stages, and be ready to apply what we learned. 

Efficient Storage

Deduplicating large quantities of highly redundant data is a well known problem class, so ignorance of how exactly we would tackle it introduced only moderate risk, in spite of it being very harmful to our infrastructure should we fail to address it properly. Since skipping this step would still produce a working system, we could make do with directories of *.tar.gz files and work on higher risk areas first.

The Agent

An improperly implemented agent would cause great harm to the backup system, and while the logic for replicating a client database was already completely described by the behavior of MongoDB secondaries, we could not produce a working system without this component. This meant that our very first task was to build the MMS Backup agent.

Stay Tuned

In our next piece, we’ll look at the path we took developing that agent, why we switched from Java to Go, and go into gritty detail regarding its workings.

← Previous

MongoDB’s first UK Public Sector Hackathon

MongoDB is helping developers build and scale applications rapidly across the UK Public Sector. It has been adopted by a fast-growing number of UK government agencies and departments as they embrace open source technology and evolve their digital services and big data capability. The Government Digital Service (GDS) use MongoDB for gov.uk . The Met Office host space weather predictions and The National Archives use MongoDB to underpin their Discovery Platform to host terabytes of archived content, including the recent publication of diaries from World War One marking the centenary. To support this continued innovation of public sector digital services and use of open government data, we hosted an all-day hackathon at our Silicon Roundabout office in Shoreditch. Over 75 of the smartest developers, designers and system/database administrators from across the public and private sector travelled from all over the UK to take part in the day. More than 12 different government agencies and departments were represented. Armed with laptops, ideas and plenty of enthusiasm, everyone set out to develop interesting and novel solutions to a variety of problems and challenges - all in just a day of coding! 13 teams self-organised and worked tirelessly, aided by copious coffee, bacon butties and giant burritos, to hack on ideas crowd-sourced on the day. We created a website to collect ideas and enable live voting, which we'll also feature in future hackathons. Winners were determined based on votes from the audience and special guest judges Paul Downey, Technical Architect at Government Digital Service (GDS), Simon Wardley, Researcher at CSC’s Leading Edge Forum, Sam Pikesley from the Open Data Institute (ODI) and Sean Roberts, Technical Operations Lead from Rackspace. The following winners were announced. 1st Prize: Crisis Control An incident management system providing a single operating picture for managing small-scale local incidents (i.e. mountain rescue) in real-time. The prototype was developed using an open source stack including Python, Angular/jQuery and Leaflet and will be open source itself in the near future. MongoDB’s document model provided flexibility with the variety of resources that could be managed using the system. Congratulations to John, Simon, George, Gavin, Jason and Chris. 2nd Prize: What is happening in my river? An API and web interface providing access to historical and live hydrology data from the Environment Agency, including search for river stations and data by postcode and river. The hack is live online and the alpha version is based on a one-month archive and live streaming of 100,000 measurements per day. The team used Swagger with MongoDB. Well done to the team: James, Simon, Jack, Danny, Vincenzo, Jairo, Alessio G and Alessio C. 3rd Prize: WWI war diary data analysis and visualisation Using crowd-sourced data from the National Archive’s World War One war diaries, the team demonstrated visualisation of troop movements throughout Europe. Their work involved georeferencing data using Geonames into GeoJSON and aggregation using the Aggregation Framework. Well done to Steven, James, Tom, Chris, Alok, Aleks and the two Matts! Special mentions from the judges were also given to the following apps. Air Pollution Alerts: Providing alerts about high levels of air pollution via SMS, email or push notifications, based on UK-AIR data feeds from Defra. The app was built with a Ruby on Rails and MongoDB backend and Phonegap mobile and web apps. Maps from Nothing: Using open data from Geonames , this innovative hack from a team at The Registers of Scotland demonstrated how to turn point data in MongoDB into a hierarchical set of intensity maps which were visualised as map tiles. The technique means interesting maps can be created from very little source data and the total space required to store the data is independent of the source data. Other hacks built on the day included: Ordhack used Ordnance Survey data, alongside flooding data from the Environment Agency and weather data from The Met Office, to provide detailed information about households in Exeter. SpotHoles is a crowd-sourced system for cyclists to warn them of upcoming potholes in the road, featuring audible warnings and photo uploads. UK County News Aggregator (UKCNA) used open source data on news from around the UK and aggregated at a county level, providing geo-visualisations of the results. Poll.it is a tool that offers simple real-time public opinion feedback to governments with the option of linked demographic data characteristics. Bookmark your house, a joint concept being built by the Land Registry in collaboration with GDS, intended to help discover what would it mean if you could find information about a property via Google, and bookmark a registered title and mashup your house. Congratulations to all the teams on building some truly innovative apps in such a short timescale. And thanks to everyone involved for making the day fun and successful, including our co-sponsor Rackspace for providing super fast cloud hosting and expertise. MongoDB are proud to donate to the winning team’s nominated charities: British Lung Foundation (Crisis Control); Royal British Legion (WWI war diary data analysis and visualisation); Water Aid (What is happening in my river?). Rackspace will also be providing free cloud and ObjectRocket MongoDB hosting to get the winning team’s code and applications online to a wider audience. Developers found the flexibility and versatility of MongoDB, with its dynamic document model, helped to enable quick and iterative development on the day. Developers could therefore focus more on the functionality and usability of their applications. Many used MongoDB’s GeoJSON-based geospatial features to query location data. Aggregation Framework was also widely used to harness rich and often very large open datasets, some of which were available for the first time on the day. For the full list of apps and more information, please see http://www.publicsectorhackathon.org. Catch a highlight reel from the event here . Keep an eye on the website and the MongoDB events page for details about further events of interest. Get MongoDB Updates Right to Your Inbox *To find out more about MongoDB in public sector, come and visit us at the Public Sector Show 2014 at [ExCel London](http://www.publicsectorshow.co.uk). Companies House Chief Architect Chris Smith will be talking about their use of MongoDB in a new online unified service which will provide web and API access to over 3 million active companies throughout the UK*

April 29, 2014
Next →

How Edenlab Built a High-Load, Low-Code FHIR Server to Deliver Healthcare for 40 Million Plus Patients

The Kodjin FHIR server has speed and scale in its DNA. Edenlab, the Ukrainian company behind Kodjin , built our original FHIR solution to digitize and service the entire Ukrainian national health system. The learnings and technologies from that project informed our development of the Kodjin FHIR server. At Edenlab, we have always been driven by our passion for building solutions that excel in speed and scale. With Kodjin, we have embraced a modern tech stack to deliver unparalleled performance that can handle the demands of large-scale healthcare systems, providing efficient data management and seamless interoperability. Eugene Yesakov, Solution Architect, Author of Kodjin Built for speed and scale While most healthcare projects involve handling large volumes of data, including patient records, medical images, and sensor data, the Kodjin FHIR server is based on a system developed to handle tens of millions of patient records and thousands of requests per second, to ensure timely access and efficient decision-making for a population of over 40 million people. And all of this information had to be processed and exchanged in real-time or near real-time, without delays or bottlenecks. This article will explore some of the architectural decisions the Edenlab team took when building Kodjin, specifically the role MongoDB played in enhancing performance and ensuring scalability. We will examine the benefits of leveraging MongoDB's scalability, flexibility, and robust querying capabilities, as well as its ability to handle the increasing velocity and volume of healthcare data without compromising performance. About Kodjin FHIR server Kodjin is an ONC-certified and HIPAA-compliant FHIR Server that offers hassle-free healthcare data management. It has been designed to meet the growing demands of healthcare projects, allowing for the efficient handling of increasing data volumes and concurrent requests. Its architecture, built on a horizontally scalable microservices approach, utilizes cutting-edge technologies such as the Rust programming language, MongoDB, ElasticSearch, Kafka, and Kubernetes. These technologies enable Kodjin to provide users with a low-code approach while harnessing the full potential of the FHIR specification. A deeper dive into the architecture approach - the role of MongoDB in Kodjin When deciding on the technology stack for the Kodjin FHIR Server, the Edenlab team knew that a document database would be required to serve as a transactional data store. In an FHIR Server, a transactional data store ensures that data operations occur in an atomic and consistent manner, allowing for the integrity and reliability of the data. Document databases are well-suited for this purpose as they provide a flexible schema and allow for storing complex data structures, such as those found in FHIR data. FHIR resources are represented in a hierarchical structure and can be quite intricate, with nested elements and relationships. Document databases, like MongoDB, excel at handling such complex and hierarchical data structures, making them an ideal choice for storing FHIR data. In addition to supporting document storage, the Edenlab team needed the chosen database to provide transactional capabilities for FHIR data operations. FHIR transactions, which encompass a set of related data operations that should either succeed or fail as a whole, are essential for maintaining data consistency and integrity. They can also be used to roll back changes if any part of the transaction fails. MongoDB provides support for multi-document transactions , enabling atomic operations across multiple documents within a single transaction. This aligns well with the transactional requirements of FHIR data and ensures data consistency in Kodjin. Implementation of GridFS as a storage for the terminologies in Terminology service Terminology service plays a vital role in FHIR projects, requiring a reliable and efficient storage solution for terminologies used. Kodjin employs GridFS , a file system within MongoDB designed for storing large files, which makes it ideal to handle terminologies. GridFS offers a convenient way to store and manage terminology files, ensuring easy accessibility and seamless integration within the FHIR ecosystem. By utilizing MongoDB's GridFS, Kodjin ensures efficient storage and retrieval of terminologies, enhancing the overall functionality of the terminology service. Kodjin FHIR server performance To evaluate the efficiency and responsiveness of the Kodjin FHIR server in various scenarios we conducted multiple performance tests using Locust, an open-source load testing tool. One of the performance metrics measured was the retrieval of resources by their unique ids using the GET by ID operation. Kodjin with MongoDB achieved a performance of 1721.8 requests per second (RPS) for this operation. This indicates that the server can efficiently retrieve specific resources, enabling quick access to desired data. The search operation, which involves querying ElasticSearch to obtain the ids of the searched resources and retrieving them from MongoDB, exhibited a performance of 1896.4 RPS. This highlights the effectiveness of polyglot persistence in Kodjin, leveraging ElasticSearch for fast and efficient search queries and MongoDB for resource retrieval. The system demonstrated its ability to process search queries and retrieve relevant results promptly. In terms of resource creation, Kodjin with MongoDB showed a performance of 1405.6 RPS for POST resource operations. This signifies that the system can effectively handle numerous resource-creation requests. The efficient processing and insertion of new resources into the MongoDB database ensure seamless data persistence and scalability. Overall, the performance tests confirm that Kodjin with MongoDB delivers efficient and responsive performance across various FHIR operations. The high RPS values obtained demonstrate the system's capability to handle significant workloads and provide timely access to resources through GET by ID, search, and POST operations. Conclusion Kodjin leverages a modern tech stack including Rust, Kafka, and Kubernetes to deliver the highest levels of performance. At the heart of Kodjin is MongoDB, which serves as a transactional data store. MongoDB's capabilities, such as multi-document transactions and flexible schema, ensure the integrity and consistency of FHIR data operations. The utilization of GridFS within MongoDB ensures efficient storage and retrieval of terminologies, optimizing the functionality of the Terminology service. To experience the power and potential of the Kodjin FHIR server firsthand, we invite you to contact the Edenlab team for a demo. For more information On MongoDB’s work in healthcare, and to understand why the world’s largest healthcare companies trust MongoDB, read our whitepaper on radical interoperability .

May 31, 2023