2021-06-01 06:02:47 (585) Default-thread-5 6C7C6C6CDBE0FC98AC705F8BD396194C txid=2dc2b028db28 EXCESSIVE *** End  #11860627 /pm_project.do, user: userxzy, total time: 0:00:41.346, processing time: 0:00:41.344, total wait: 0:00:00.002, semaphore wait: 0:00:00.002, SQL time: 0:00:24.343 (count: 12,284), business rule: 0:00:27.257 (count: 2,998), ACL time: 0:00:01.435, UI Action time: 0:00:00.934, Cache build time: 0:00:00.682, source: xxx.xxx.xxx.xxx null

Note that the above transaction spent:

• 41.344s executing on the application node (processing time)
• 27.257s (i.e. 66% of total processing time) executing 2998 business rules

On further inspection it was found that the transaction:

• Did not execute any individual Business Rules which were slow (i.e. took >= 100ms to execute) - Business Rule time was therefore high due to a very large number of reasonably quick (in isolation) Business Rules
• Executed the Before Query data segregation Business Rules many thousands of times (often repeatedly against the same underlying table / function in the Script Include)

When the Before Query data segregation Business Rules were debugged it was found that:

• A single invocation of a before query business rule was averaging around 10ms execution time
• The vast majority of this 10ms was spent traversing the 'territory' table determining the hierarchy of territories the given user should have access to (and building the corresponding encoded query)

Unfortunately this is a scenario we see relatively often when working with customer instances - the Business Rule / Script Include code was well written and there is no reason to believe that it was not well / exhaustively tested before being deployed into production. It is likely, however, that whoever wrote this code found that it took an insignificant time to execute in isolation and therefore assumed that its impact to the platform / end users would be negligible. What they did not consider, however, is that this design means that certain transactions might execute these Business Rules many thousands of times - even if a single execution of the Business Rule is fast this design does not scale well (as evidenced above). Ultimately this caused quite significant performance degradation across the instance and a general loss of confidence in the ServiceNow platform.

Whilst working with the customer, one other aspect of design became apparent that we could ultimately use to our advantage. When we reviewed the Before Query Business Rules we found that they all:

• Called one of three different functions (or entry points) in the corresponding script include
• Passed the name of the table the Business Rule was running against and details of the current user to the Script Include

Likewise the script include would always return a consistent encoded query for each combination of function (entry point) / table / user. Furthermore, the design meant that the same function / table / user combinations were being passed to the script include over and over again in single transactions. In short the vast majority of Business Rule time was spent calculating the same encoded query over and over again. This meant that if the encoded query could only be calculated once per function / table / user combination (then re-used if applicable) it was likely that we could significantly improve the performance / reduce the impact of these business rules.

The next question was how could the platform store / reuse specific encoded queries? There are two possible options here - a cache table or the users session. We will discuss each (along with their pros and cons) below.

Using a Cache Table

Remember that, in this case, the Script Include produced an encoded query in response to a function (entry point) / table / user combination - as a result the following table was deployed to hold this information:

SQL> show columns from u_mf_cache;
+------+----------------+-------------+------+-----+---------+-------+
| Port | Field          | Type        | Null | Key | Default | Extra |
+------+----------------+-------------+------+-----+---------+-------+
| 3403 | u_encodedquery | mediumtext  | YES  |     |         |       | <=== HOLDS CALCULATED ENCODED QUERY
| 3403 | u_table        | varchar(40) | YES  |     |         |       | <=== TABLE PROVIDED TO SCRIPT INCLUDE
| 3403 | u_user         | varchar(32) | YES  | MUL |         |       | <=== USER SYS_ID PROVIDED TO SCRIPT INCLUDE
| 3403 | sys_id         | char(32)    | NO   | PRI |         |       |
| 3403 | sys_updated_by | varchar(40) | YES  |     |         |       |
| 3403 | sys_updated_on | datetime    | YES  |     |         |       | <=== DATE / TIME CACHE RECORD CREATED / LAST UPDATED
| 3403 | sys_created_by | varchar(40) | YES  |     |         |       |
| 3403 | sys_created_on | datetime    | YES  |     |         |       |
| 3403 | sys_mod_count  | int(11)     | YES  |     |         |       |
| 3403 | u_function     | varchar(40) | YES  |     |         |       | <=== FUNCTION / ENTRY POINT WITHIN SCRIPT INCLUDE CALLED BY BUSINESS RULE
+------+----------------+-------------+------+-----+---------+-------+ 

The Script Include was then modified such that:

• As soon as it was called it would query the cache table looking for a record with corresponding function (u_function), table (u_table), and user (u_user)
• If such a record was found, then the date / time the cache record was last updated / created (sys_updated_on) was compared against the current date / time - if the record was created / updated within a certain period (i.e. last 1 hour) the Script Include would immediately return the encoded query from the record in the cache table (u_encodedquery) and exit
• If no such record existed or the cache record was too old (stale), then the Script Include would calculate the encoded query in the normal way but then insert results into the cache table (or update any existing record accordingly)

This mechanism meant that even if no record existed for a given function / table / user combination the Script Include would simply calculate the required encoded query (as it had been doing previously) and place the result in the cache table - this operation took approximately the same amount of time as a single invocation of the 'non caching' Script Include (i.e. it introduced negligible degradation for a single execution of the Business Rule / Script Include). If, however, a cache record did exist for the given function / table / user combination, then the Script Include (and therefore Business Rule) could 'short circuit'; completing significantly more quickly than the 'non caching' Script Include.

In summary, it was expected that, for transactions which might only execute the Business Rules a handful of times with different function / table / user combinations, any performance degradation from maintaining the cache table would be negligible; certainly not enough to be noticed by end users. Transactions that executed the Business Rules many thousands of times with repeated function / table / user combinations, however, could be expected to show significant performance improvements as the vast majority of Business Rule executions would 'short circuit', exit early, and, therefore, the overall Business Rule time of the transactions would be drastically reduced.

Note that the structure of the cache table and design of the Script Include meant that the cache table would constantly service SQL queries such as 'SELECT ... FROM u_mf_cache WHERE u_user = [x] AND u_table = [y] AND u_function = [z]'. To ensure that these queries remained performant under load and as the size of the table increased a composite index was added across the (u_user, u_table) columns.

Advantages of a cache table:

• No restriction as to the size of data (i.e. encoded queries) which can be placed in the table - as such makes sense if large data structures / strings need to be cached
• Simple to understand and implement - the cache table can be interacted with via standard APIs such as GlideRecord()
• Allows easy avoidance of security issues - lets consider that a user has an incorrect territory associated - this will generate incorrect encoded queries in the cache table allowing the user access to data which they shouldn't have. A Business Rule could be added to the sys_user table which, if a users territory changes, immediately purges all the users cache entries. This would ensure that as soon as the incorrect territory is corrected the user will immediately be forced to generate / use new (correct) encoded queries

Disadvantages of a cache table:

• Every single invocation of a before query business rule will perform a SQL query against the cache table - this adds (some) latency to transactions / the instance
• In busy instances the cache table could become extremely large (in terms of record count) and busy (in terms of SQL queries / inserts / updates) which could cause the table to become a point of contention in the underlying database. A good indexing strategy (as described above) will help to mitigate this to an extent

Caching Data in User Sessions

Instead of caching data in a table in the underlying database, it is also possible to cache string based data in a user's session in memory. Various APIs are available to perform this, i.e.:

• To cache data in a users session:

var session = gs.getSession();
session.putClientData([key], [data]);

For example:
var session = gs.getSession();
session.putClientData('foo', 'bar');

• To retrieve cached data from a users session:

var session = gs.getSession();
session.getClientData([key]);

For example:
var session = gs.getSession();
gs.info(session.getClientData('foo'));
...
*** Script: bar

• To clear cached data from a users session:

var session = gs.getSession();
session.clearClientData([key]);

For example:
var session = gs.getSession();
session.clearClientData('foo');
gs.info(session.getClientData('foo'));
...
*** Script: null

To leverage caching data in user sessions the Script Include was further modified such that:

• When an encoded query for a given function / table / user combination was built, a cache entry was created within the user's session, i.e.:
  • Key: mfc_[table]_[function]
  • Data: JSON String containing two pieces of information
    • Calculated encoded query
    • Unix timestamp tracking when the cache entry was created
• When called, the Script Include would:
  • Immediately check the user's session to determine if a cache entry for the given table / function combination was found (i.e. key of mfc_[table]_[function])
  • If found then the Script Include would check the Unix timestamp held within the cache entry and compare against the current date / time
  • If the cache entry was recent enough (created in the past 1 hour) the Script Include would immediately return the cached encoded query (i.e. data from key with mfc_[table]_[function]) - if the cache entry was stale (i.e. created > 1 hour ago) the cache entry would be cleared
  • If no cache entry was found in the user's session or the cached data was found to be stale, the Script Include would recalculate the encoded query (as normal) and add a corresponding key / data back to the user's session

Note that keys for data within the user's session do not include details of the corresponding user (which was of great importance when using a cache table) - this is because each user's session cache is private to that user and is not shared. This means that any cache entries in a user's session can only be accessed by code initiated by that user and therefore it is not necessary to record details of the user in cache.

Advantages of caching data in a user's session:

• The user's session can be interacted with via standard APIs - as a result it is extremely easy to implement caching within session objects
• Session objects / data are held within memory (heap) on application nodes - as a result, interacting with the session (and therefore cached data) is extremely fast and does not involve any kind of database query
• Session objects are created for both interactive (i.e. user based) and non-interactive (i.e. scheduled job) based sessions - as a result, caching data in user sessions is also valid when executing scheduled jobs

Disadvantages of caching data in a user's session:

• Application nodes run with relatively small amounts of available memory (heap is always sized at 2Gb and a significant proportion of this is taken by other objects required during normal operation of the node) - if large / numerous cache entries are held in user sessions this can quickly cause memory contention on application nodes leading to widespread performance degradation / service impacting events. User sessions should only be used to cache a small number of relatively short pieces of data. For some ideas about how to do keep your code efficient in terms of memory usage, see the article Performance Best Practices for Server-side Coding in ServiceNow and read the sections "Running out of memory due to storing dot-walked GlideElement fields", "Not limiting number of returned records when querying very large tables" and "Large arrays or objects". If your instance runs out of memory or runs low on memory it can cause an outage.
• Sessions are created on login and destroyed on logout (causing all data held within the corresponding session object in memory to be lost). This is not of particular concern for user sessions which tend to be relatively long lived but may impact integrations which execute frequently using a new session each time as they may calculate / cache the same data over and over again with little benefit
• Session objects are private (i.e. there is no way in which one user can manipulate the contents of any other user's session object) - if a user caches a problematic encoded query (due to them having an 'incorrect' territory associated) the problematic encoded query will continue to be used until either the user logs out (and their session is destroyed) or the cached entries are considered stale. Even if an administrator addresses the 'incorrect' territory, the user will still access data related to the prior 'territory' for a period of time

Caching Data using the ScopedCacheManager

The ScopedCacheManager was introduced in Tokyo as an API for developers to write instance-wide server side caching using a concept of cacheable pairs. A cacheable pair is when cached values are paired with a persistent data structure. When the data structure is altered via Create/Update/Delete operation, the related cache is flushed - and on the next access attempt, the cached will need to be updated. For full documentation see the developer guide on our official doc site: https://docs.servicenow.com/bundle/washingtondc-api-reference/page/integrate/guides/scopedcachemgr/c...

Advantages of ScopedCacheManager

• Since ScopedCacheManager is a fully supported ServiceNow Platform cache mechanism. This method keeps your instance more out-of-the-box and avoids some of the risks associated with customization when compared to the other methods discussed in this article.
• ScopedCacheManager provides 4 types of cacheable pairs. Depending on the use case, this flexibility may allow developers to avoid unnecessary cache flushing.
• ScopedCacheManager provides a maximum entry control and Least Recently Used (LRU) data structure so that the cache does not grow too large and freshly accessed entries are not evicted.

Disadvantages of ScopedCacheManager

• If not carefully designed ScopedCacheManager is susceptible to excessive cache flushing; i.e., cache thrashing. Cache thrashing is when the cache is constantly being rebuilt and, thus, negating the performance advantage of having a value cached in the first place.
• Since ScopedCacheManager is flushed based on updates to the underlying data store, developers do not control exactly when the ScopedCacheManager is flushed. If the underlying data store is frequently updated it can lead to very short lived cache objects. Conversely, if the underlying data is not frequently updated it can lead to very "stale" cache objects.
• ScopedCacheManager has an API to limit number of objects that can be stored, but it doesn't have a limit on how much memory the cache contains. Developers should take care to consider how much memory their cache could possibly take if storing many large objects.

Performance Improvements Seen

To demonstrate the effectiveness of caching data significant testing was performed both with and without caching enabled. Initially, this testing was somewhat synthetic in that a Background Script was executed to call a single function within the script include 10,000 times, calculating total time taken - for example:

var impUser = new GlideImpersonate();
var initialUser = impUser.impersonate('d37741dcdbae2b0414f4bc2ffe96194c');
var stopWatch = new GlideDateTime();
for (var i = 0; i < 10000; i++) {
   var smf = new [script_include]]();
   [script_include].[function]]('pm_project', 'd37741dcdbae2b0414f4bc2ffe96194c');
}
gs.info('TOTAL MS: ' + (new GlideDateTime().getNumericValue() - stopWatch.getNumericValue()) + ' AVERAGE PER ITERATION MS: ' + ((new GlideDateTime().getNumericValue() - stopWatch.getNumericValue()) / 10000));
impUser.impersonate(initialUser);

For a given function, timings were as follows (note that this was similar across all functions within the Script Include):

• No caching: 72.328s / 7.2328ms per iteration
• Caching using table: 7.864s / 0.7864ms per iteration (89% improvement vs no caching)
• Caching using session: 0.861s / 0.0861ms per iteration (99% improvement vs no caching)

Further testing involved identifying slow transactions being executed in the customer's production instance where those transactions were adversely affected by high Business Rule time (which, in turn, was determined to be due to large numbers of executions of Before Query Business Rules). In general, with caching enabled, transaction processing time (i.e. time spent executing on an application node) improved by between 55 - 65%. Transactions which were not adversely affected by execution of large numbers of Before Query Business Rules saw very limited (essentially no) performance degradation from use of caching.

Summary

Caching of data to improve performance is a somewhat advanced topic that is likely to only be of benefit in very specific scenarios (essentially wherever an expensive logical operation using a consistent set of inputs / returning a consistent set of results is executed over and over again). If your instance does have such a use case, however, implementing caching of data as described in this article can provide significant performance improvements and allow your instance to scale as expected.