Interpreting Big Data in the Lambda Architecture

Why business owners should care about this thing called the Lambda Architecture

In the past 25 years I have seen four things that really made me step back and say, “This changes everything.” The first was the browser (before that we got data from the Internet using news groups and anonymous FTP). The second was open source distribution (we could get whole architectures up in hours, not weeks or months). The third was App Stores (Amazon and Apple allowed us to distribute software with zero marginal cost). The most recent was the Lambda Architecture

Yep, it is that big.

If into a business owner or product manager who is into Big Data, data-driven decision-making, iterative A/B testing, machine learning-driven recommendation or any similar analytics application you have probably heard a passing reference about this thing called the Lambda Architecture. However, anyone digging in deeper immediately finds a menagerie of arcane terms that could only appeal to developer: Kafka, Storm, Spark, Cassandra, Elephant DB, Impala, Speed Layer, Batch Layer, Immutable Data Store, etc. This is unfortunate, because it obscures how disruptive of a change the Lambda Architecture represents. As a result, many people with decision-making authority to fund technology changes are missing out on something really big.

Life in the traditional architecture world

Traditional architectures are based on transactions. They force collection of data into formats required to complete a given transaction (i.e., I need to collect N fields of information to process sale of an item). In addition, traditional architectures enable data to be changed: I can update my profile, update my shopping cart, update my order status, etc. This makes perfect sense if your object is to complete a transaction.

But what if I want to understand more about who buys what, who is doing what, or often more importantly what leads something to happen (or not happen)? I cannot get this from the transaction data but instead have to perform “data archaeology” stitching multiple sources of data together to create what happened just before and after the transaction. If I am lucky, I have all this data. However, more often than not I need to engage in development efforts to: collect more data at the time of transaction, log more info, pull it into a data warehouse, change my reports, then dig in to see if I can figure things out. This not only takes much time and effort; it is also a ripe source of errors.

Lambda flips how we view data on its head

The Lambda Architecture starts with an entirely different premise: that it is impossible to understand today all the future uses and interpretations we will need from our data.

This is not just a platitude. It is underlying philosophy that the value of data comes from the ability to ask it to answer as many questions for you that would every want to ask. This drives entirely different approaches to how data is captured, stored, interpreted—and most importantly of all—continuously reinterpreted as you learn and discover more about your company, customers and operations:

  • First data is preserved in its original form and never changed or destroyed. This lets you look at any piece of data at any point in time and factor in changes over time. For example, you could re-segment your customers every year, quarter, or even day as you learn new patterns.
  • Second data is not forced into arbitrary formats (i.e., schemas) but is preserved raw as you may want to go back and gleam different elements. For example you could later realize a variable such as source IP address of a customer visit to your site may entirely change how you measure, interpret and react to customers from this address
  • Third data is engineered to allow it to be easily reinterpreted as you learn more. This does not just focus on making reinterpretation fast; it also makes reinterpretation fault-tolerant (i.e., easy to correct in the event of a bug—without any loss of information)
  • Finally it allows all of this in real-time with two points of view: a just-in-time view and the deep cross-sectional view (both of which are always current). This lets you make decisions quickly without sacrificing the 100% loss-less accuracy needed for important business areas (such as finance, medicine, or mission-critical operations).

Once you have these capabilities, the things you can do with data—quickly and at scale—are pretty amazing. I will share some of these in future posts, as I want to keep this post short.

However, I will close this post out with a simple analogy…

“Think Like I Chef” vs. the Fast Food Menu

Traditional architectures are like fast food menus. You have these options. If you want to change the menu, we can do some market research, see what works and rollout a new menu. If you want to change again (or explore “what if we had done this?”) we can repeat this process.

Lambda architecture is like the pantry of a great chef. You have all these ingredients. If you feel like duck à l’orange, we can make this. If you want a duck confit salad, we can re-purpose the ingredients. If you want really rich potatoes, we can render the fat and cook the potatoes in it. If you want vegan, we can pull other items out of the pantry and make something else. There are so many more options.

A Practitioner’s Guide: Best NoSQL databases to solve 9 real-time transaction challenges

There are a lot of articles out there praising the features and performance of one NoSQL database over another. However, as a practitioner of the principle “pick the right tool for the job”, I thought I would write an article on picking the right NoSQL database for the transactional challenge you are facing—whether you are a startup, mid-sized enterprise or Fortune-500 company.

Before I get started, here are some caveats. First, I have no affiliation with any the companies who provide, or serve as custodians of, the databases outlined in this post. (I have, however, used them all.) Second, I am a big proponent in open source software. This is NOT based on a philosophical bent, but instead decades of experience scaling platforms for hundreds of millions of transactions per day. Third, I am big believer in ecosystems. When you big a technology with a good ecosystem, you get many benefits: you can hire people who no it, you can find lots of tools and libraries to enhance your use of it, and you benefit from patches to solve problems others have already found for your. Ecosystem size factors pretty heavily in my recommendations, as you may not want to bet your company on an untried technology.

Finally, I should address the elephant in the room. You will probably have someone in your company say something like this:

SQL can do anything NoSQL can do. It’s too risky to use it. We lose ACID compliance. We have a huge learning curve, etc.

Yes, relational technology is great for many uses. However, there are many situations where NoSQL technology can do things bigger, faster, at lower cost, and with less effort. Not just by a little bit, but often factors of a 1000x or more. Simply using RDBMS technology for every challenge is akin to using one hammer to for any type of nail, screw, peg, etc.

With this out of the way, let’s get started.

Challenge 1: Search (and Wildcard Searches)

You want to create a place where people can search for content in your site (and handle the idiosyncrasies of misspelling, grammar, and interchange of words like “one” for “1”). Similarly, you want to allow back office and enterprise application users to perform wildcard searches (such as all orders that contain “Nike”) as quickly as they can search for content on Google.

To solve these problems, use a search engine (which is technically a NoSQL database of inverted indices paired with lots scoring and fast spell checking functions). My favorite is ElasticSearch(ES). It is really fast and gives you some interesting capabilities you can use for specialized search (see Challenge #: Recommendation).  A second choice is Apache SOLR. SOLR is quite a bit slower than ES. However, it is included natively in many NoSQL distributions (HortonWorks, Cloudera, DataStax, etc.) If you already have gone through the cost of implementing these it makes sense to stick with Apache SOLR to get more value out of your investment.

BTW, never give users the option of wildcard or text searches in non-Search databases. It is a performance and scalability nightmare.

Challenge 2: Managing Versioned Pages of Information

You have a content management system for writers, journalists, etc. and want to maintain versions of their articles. You have an information management system for life sciences such as electronic medical records (EMR) or eClinical systems, and need to keep a copy of each version of a medical records page (or a clinical case report form, a.k.a. CRF).

To solve these problems use a document-oriented database. Instead of tracking associations of records (or paragraphs) to data to versions, you can simple store the whole document (often in JSON, preserving markup and annotation data) as a single entry for each version. My favorite is Amazon’s DynamoDB, based on its ease of setup and scalability. A close second for me is MongoDB (especially if you have a requirement for on-premise management). MongoDB would benefit by making it easier to setup multi-node clusters with encrypted data transfer. This still takes too much DevOps work.

Caveat: While Document DBs are great for storing pages as documents, I would not use them to present documents as pages to high-volume end users (e.g., for a content management system). Rather than present the ‘current published’ version of content from a database you should use some sort of cache. The easiest solution to setup is Amazon’s CloudFront CDN. However, if your scale and team are big enough Varnish is a more cost-effective solution.

Challenge 3: Managing Streams of Data, Events, and Actions

You want to manage long streams of information. You want to store all the events in a customer’s life cycle (for customer lifetime value management) and that activity is frequent. You want to store sensor events and GPS position reads for an asset (e.g., movement of freight in a reefer container). This challenge is getting more frequent given the explosion of data for mobile, sensors and social sharing events

The best tool for this is a wide-column database (very different from OLAP columnar analytic databases). Wide column databases bring two advantages: they let you store sparse information very efficiently (imaging storing all the topics a person could Tweet about or all the variables a sensor could capture). Second – with some good engineering work – they scale like mad and let you fetch this information back on 1/1000th of the time as traditional relational databases.

All the major columnar databases are children of Google’s BigTable database (that tells you something). My favorite wide-column database is Cassandra, especially if you want to use it for real-time streaming analytics and complex event processing. A far second choice for me is HBase (IMHO, HBase is essentially Cassandra–but with overly complicated ops management). However, if you already have a large bundled Hadoop installation from a major provider (e.g., HortonWorks, Cloudera, MapR) you probably already have HBase installed. HBase would also be my first choice if you company or groups is primarily a batch analytics shop (i.e., a big MapReduce data warehousing shop).

Challenge 4: Recommendation Engines

You want to recommend the best thing given other things your customer has viewed, liked or purchased. You want to recommend the best business to connect with based on given customers relationships with similar businesses. You want to find potential new customers based on their similarity to existing customers.

In reality, the best tools for recommendation are machine learning based. However, graph databases can make things easier machine learning algorithms or more basic recommendation features (such “users who liked this also like these”) to get the right information. Graph databases are still a bit of nascent market. The biggest leader is Neo4J. However, if you already have a Cassandra, HBase or (I am not sure why) Oracle Berkley DB installation you could simply install Titan to use this data. This would be my number one choice as Cassandra and HBase are fantastic ways to store very sparse info on customer preferences (e.g., all the things the viewed, liked or bought) thanks to their ability to support hundreds of thousands of columns per row—and read quickly along a column down a single column across many, many rows.

If you are just getting your feet wet in the recommendation engine space, you can also use ElasticSearch’s boost feature to highlight content for recommendation based on item scores. (These scores can be simple post-transaction calculations or fully robust machine learning driven scores). I once used ES to setup a recommendation engine in less than two weeks that actually beat a Google Search result. ES (and Apache SOLR) also have the “more like this” recommendation feature available out-of-the-box.

Challenge 5: Relationship- and Attribute-based Exploration

You want to create a site that users can browse to find “things like this” or “things related to that.” One example is searching for restaurants based on confluence of style, ingredients or similarity to restaurants I like (this could be equally applied to wine exploration on Lot18 or art exploration on Art.sy). I very popular use of this is browsing sports statistics, such as using Pro-Football-Reference.com for Fantasy Football team assembly.

For these challenges I would go immediately to a graph database. Out of the box, Neo4J would be my first choice. If I already had a big Hadoop or Cassandra installation, I would go to Titan.

Challenge 6: Knowledge Base Exploration

You want to create knowledge base to find the right “how to” content to address a problem, e.g., fix my account, figure out how to perform a feature in an app, etc. You could do this from customer facing site, call center, support desk, etc.

I spent many years working with companies who spent tens of millions of dollars using exotic database solutions to solve these problems. However, none of them worked as well as Search Engines. Search Engines are fast, scalable and handle all the vagaries of user behavior (such as spelling and grammar errors, use of “one” vs. “1”, etc.). In addition, thanks to Google, people are now “trained” to use Search to find answers to their questions.

ElasticSearch’s boost feature makes an amazing knowledge base manager. Search finds the relevant content and attributes such as views, votes, helpfulness ratings, etc. drive the boost score to raise answers up or down. The best example for this is StackOverflow (the developers crib notes for just about any problem).

Challenge 7: Sorted Catalog Browsing

You want to let users search a catalog of items, then switch to sort by things like price and rating or switch to browser by category and sub-category. You want to allow users to look at broad categories and drill into sub-categories to find items to buy. Basically how we all start looking for something at Amazon.com.

The starter technology for this is Search (again ElasticSearch is my recommendation of choice). You can use ES’s aggregation features to search and browser by category. However, as you get really big (i.e., millions of items in your catalog) or you wish to allow users to pivot from search results into structured browsing or explicit assignment of SKU items to categories you would add a columnar store database such as Cassandra or HBase. To see this action, search on ‘shirts’ at Amazon. Notice the phrase ‘Choose a Department to Sort’? This forces you to move from a search result to a columnar-based query based on nested keys. (To be completely clear, Amazon uses its own home-built tech for this, not Cassandra or even the stuff they expose on AWS for the rest of us to use. However, the principles are similar).

Challenge 8: Capturing Logs for Analysis

You want to capture logs of information for later forensic analysis. This could be for debugging, performance analysis, security and penetration analysis, or simply for audit compliance.

My number one choice for this is Riak. It is fast and simple to use. (The Mozilla Foundation uses this to capture all crash report data). A second choice for this is MongoDB as it is already bundled with many log analysis applications. (However, Mongo is more costly to scale than Riak). Another choice is simply streaming this data to a file store such as Apache HDFS to later interrogate with HBase, Hive, PrestoDB, or ElasticSearch.

Challenge 9: State Machine and Session Management

Ok, this one a bit technical. However sometimes you need to keep track of info for rapid lookup for later. You may want to keep track of the pages a person recently viewed on your site. You may want to keep a pre-approval status. You might want to hold a ticket for concert in temporary lock before purchase. You may want to keep the state of a customer or item for complex rule processing (e.g., keep track that I am exercising for fitness target alerts).

The best types of databases for these challenges are key-value Stores. My favorite is Redis. It is ease to setup and super fast. However, Redis is optimized for in-memory option. It is less optimal if you need guaranteed persistence of the information you want to store for rapid lookup. If you need persistence (such as storing pre-calculated algorithm or pre-qualification models), and have no pre-existing infrastructure, I recommend MemcacheDB. However, if you already are using Cassandra, HBase or DynamoDB you can simply use that as rapid key-value store (with persistence). You may even find this more cost-effective than setting up a Redis cluster even if you do not need persistence

***

There are a lot of NoSQL technologies out there. The trick, like all things in life, is the pick the right tool for the job.

5 points where tech balances between life and work