What is observability?
In general, observability is the extent to which you can understand the internal state or condition of a complex system based only on knowledge of its external outputs. The more observable a system, the more quickly and accurately you can navigate from an identified performance problem to its root cause, without additional testing or coding.
In cloud computing, observability also refers to software tools and practices for aggregating, correlating and analyzing a steady stream of performance data from a distributed application and the hardware it runs on, in order to more effectively monitor, troubleshoot and debug the application to meet customer experience expectations, service level agreements (SLAs) and other business requirements.
A relatively new IT topic, observability is often mischaracterized as an overhyped buzzword, or a 'rebranding' of system monitoring in general and application performance monitoring (APM) in particular. In fact, observability is a natural evolution of APM data collection methods that better addresses the increasingly rapid, distributed and dynamic nature of cloud-native application deployments. Observability doesn’t replace monitoring – it enables better monitoring, and better APM.
(The term 'observability' comes from control theory, an area of engineering concerned with automating control a dynamic system - e.g., the flow of water through a pipe, or the speed of an automobile over inclines and declines - based on feedback from the system.)
Why do we need observability?
For the past 20 years or so, IT teams have relied primarily on APM to monitor and troubleshoot applications. APM periodically samples and aggregates application and system data, called telemetry, that's known to be related to application performance issues. It analyzes the telemetry relative to key performance indicators (KPIs) and assembles the results in a dashboard for alerting operations and support teams to abnormal conditions that should be addressed to resolve or prevent issues.
APM is effective enough for monitoring and troubleshooting monolithic applications or traditional distributed applications, where new code is released periodically and workflows and dependencies between application components, servers and related resources are well-known or easy to trace.
But today organizations are rapidly adopting modern development practices – agile development, continuous integration and continuous deployment (CI/CD), DevOps, multiple programming languages – and cloud-native technologies such as microservices, Docker containers, Kubernetes and serverless functions. As a result, they're bringing more services to market faster than ever. But in the process they're deploying new application components so often, in so many places, in so many different languages and for such widely varying periods of time (for seconds or fractions of a second, in the case of serverless functions) that APM's once-a-minute data sampling can't keep pace.
What's needed is higher-quality telemetry – and a lot more of it – that can be used to create a high-fidelity, context-rich, fully correlated record of every application user request or transaction. Enter observability.
How does observability work?
Observability platforms discover and collect performance telemetry continuously by integrating with existing instrumentation built into application and infrastructure components, and by providing tools to add instrumentation to these components. Observability focuses on four main telemetry types:
- Logs. Logs are granular, timestamped, complete and immutable records of application events. Among other things, logs can be used to create a high-fidelity, millisecond-by-millisecond record of every event, complete with surrounding context, that developers can 'play back' for troubleshooting and debugging purposes.
- Metrics. Metrics(sometimes called time series metrics) are fundamental measures of application and system health over a given period of time, such as how much memory or CPU capacity an application uses over a five-minute span, or how much latency an application experiences during a spike in usage.
- Traces. Traces record the end-to-end 'journey' of every user request, from the UI or mobile app through the entire distributed architecture and back to the user.
- Dependencies(also called dependency maps) reveal how each application component is dependent on other components, applications and IT resources.
After gathering this telemetry, the platform correlates it in real-time to provide DevOps teams, site reliability engineering (SREs) teams and IT staff complete, contextual information – the what, where and why of any event that could indicate, cause, or be used to address an application performance issue.
Many observability platforms automatically discover new sources of telemetry as that might emerge within the system (such as a new API call to another software application). And because they deal with so much more data than a standard APM solution, many platforms include AIOps (artificial intelligence for operations) capabilities that sift the signals - indications of real problems - from noise (data unrelated to issues).
Benefits of observability
The overarching benefit of observability is that with all other things being equal, a more observable system is easier to understand (in general and in great detail), easier to monitor, easier and safer to update with new code, and easier to repair than a less observable system. More specifically, observability directly supports the Agile/DevOps/SRE goals of delivering higher quality software faster by enabling an organization to:
- Discover and address 'unknown unknowns' - issues you don't know exist. A chief limitation of monitoring tools is that they only watch for 'known unknowns' - exceptional conditions you already know to watch for. Observability discovers conditions you might never know or think to look for, then tracks their relationship to specific performance issues and provides the context for identifying root causes to speed resolution.
- Catch and resolve issues early in development. Observability bakes monitoring into the early phases of software development process. DevOps teams can identify and fix issues in new code before they impact the customer experience or SLAs.
- Scale observability automatically. For example, you can specify instrumentation and data aggregation as part of a Kubernetes cluster configuration and start gathering telemetry from the moment it spins up, until it spins down.
- Enable automated remediation and self-healing application infrastructure. Combine observability with AIOps machine learning and automation capabilities to predict issues based on system outputs and resolved them without management intervention.
Observability and IBM Cloud
With the acquisition of Instana, IBM offers industry-leading AI-powered automation capabilities to manage complexity of modern applications that span hybrid cloud landscapes. Instana combines with IBM Watson AIOps to provide a leading observability platform for automated remediation, powered by a continuous stream of contextualized telemetry data.
Learn more about Instana.
To get started, sign up for an IBM ID and create your IBM Cloud account.