Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The Walking Dead - A Survival Guide to Resilien...
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Michael Nitschinger
April 23, 2015
Programming
0
370
The Walking Dead - A Survival Guide to Resilient Reactive Applications
This talk was given at JAX 2015 in Mainz.
Michael Nitschinger
April 23, 2015
Tweet
Share
More Decks by Michael Nitschinger
See All by Michael Nitschinger
High Performance JVM Networking with Netty
daschl
5
1.3k
Reactive Data Access with RxJava... and N1QL!
daschl
0
200
Spark with Couchbase
daschl
0
150
Reactive Data Access with RxJava ... and N1QL!
daschl
0
180
The Walking Dead - A Survival Guide to Resilient Reactive Applications
daschl
0
220
State of the Art JVM Networking with Netty
daschl
2
450
The Walking Dead - A Survival Guide to Resilient Reactive Applications
daschl
1
440
The Walking Dead - A Survival Guide to Resilient Applications
daschl
0
1.3k
Building a Reactive Database Driver on the JVM
daschl
2
950
Other Decks in Programming
See All in Programming
Codex の「自走力」を高める
yorifuji
0
680
DSPy入門 Pythonで実現する自動プロンプト最適化 〜人手によるプロンプト調整からの卒業〜
seaturt1e
1
540
Rails Girls Tokyo 18th GMO Pepabo Sponsor Talk
yutokyokutyo
0
200
atmaCup #23でAIコーディングを活用した話
ml_bear
4
740
ふつうのRubyist、ちいさなデバイス、大きな一年 / Ordinary Rubyists, Tiny Devices, Big Year
chobishiba
1
140
2026年は Rust 置き換えが流行る! / 20260220-niigata-5min-tech
girigiribauer
0
220
Go Conference mini in Sendai 2026 : Goに新機能を提案し実装されるまでのフロー徹底解説
yamatoya
0
520
Rubyと楽しいをつくる / Creating joy with Ruby
chobishiba
0
210
メタプログラミングで実現する「コードを仕様にする」仕組み/nikkei-tech-talk43
nikkei_engineer_recruiting
0
160
Ruby x Terminal
a_matsuda
7
580
Head of Engineeringが現場で回した生産性向上施策 2025→2026
gessy0129
0
210
ご飯食べながらエージェントが開発できる。そう、Agentic Engineeringならね。
yokomachi
1
280
Featured
See All Featured
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.9k
The Cult of Friendly URLs
andyhume
79
6.8k
Public Speaking Without Barfing On Your Shoes - THAT 2023
reverentgeek
1
330
Typedesign – Prime Four
hannesfritz
42
3k
Winning Ecommerce Organic Search in an AI Era - #searchnstuff2025
aleyda
1
1.9k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
31
10k
Lightning talk: Run Django tests with GitHub Actions
sabderemane
0
140
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
508
140k
How to train your dragon (web standard)
notwaldorf
97
6.5k
Beyond borders and beyond the search box: How to win the global "messy middle" with AI-driven SEO
davidcarrasco
3
65
How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today
helenjbeal
1
140
The #1 spot is gone: here's how to win anyway
tamaranovitovic
2
980
Transcript
Michael Nitschinger | Couchbase, Inc. The Walking Dead A Survival
Guide to Reactive Resilient Applications
the right Mindset 2
– U.S. Marine Corps “The more you sweat in peace,
the less you bleed in war.” 3
4
5
Not so fast, mister fancy tests! 6
What can go wrong? Always ask yourself 7
Fault Tolerance 101 8
Fault Error Failure A fault is a latent defect that
can cause an error when activated. 9
Fault Error Failure Errors are the manifestations of faults. 10
Fault Error Failure Failure occurs when the service no longer
complies with its specifications. 11
Fault Error Failure Errors are inevitable. We need to detect,
recover and mitigate them before they become failures. 12
Reliability is the probability that a system will perform failure
free for a given amount of time. MTTF Mean Time To Failure MTTR Mean Time To Repair 13
Availability is the percentage of time the system is able
to perform its function. availability = MTTF MTTF + MTTR 14
Expression Downtime/Year Three 9s 99.9% 525.6 min Four 9s 99.99%
52.56 min Four 9s and a 5 99.995% 26.28 min Five 9s 99.999% 5.256 min Six 9s 99.9999% 0.5256 min 100% 0 15
Pop Quiz! Edge Service User Service Session Store Data Warehouse
Wanted: 99.99% Availability ??? ??? ??? 16
Pop Quiz! Edge Service User Service Session Store Data Warehouse
Wanted: 99.99% Availability 99.99% 17 99.99% 99.99%
Pop Quiz! Edge Service User Service Session Store Data Warehouse
Wanted: 99.99% Availability ~99.999% ~99.999% ~99.999% 18
Fault Tolerant Architecture 19
Units of Mitigation are the basic units of error containment
and recovery. 20
Escalation is used when recovery or mitigation is not possible
inside the unit. 21
Escalation 22 Cluster Node Node Service Service Service Service Service
Endpoint Endpoint Endpoint Endpoint Endpoint
Escalation 23 Cluster Node Node Service Service Service Service Service
Endpoint Endpoint Endpoint Endpoint Endpoint
Escalation 24 Cluster Node Node Service Service Service Service Service
Endpoint Endpoint Endpoint Endpoint Endpoint
Escalation 25 Cluster Node Node Service Service Service Service Service
Endpoint Endpoint Endpoint Endpoint Endpoint
Redundancy Cost Active/Active Active/Standby N+M Active/Passive Cost Time To Recover
26
The Fault Observer receives system and error events and can
guide and orchestrate detection and recovery Unit Unit Observer Listener Listener Unit Unit 27
28
29
Detecting Errors 30
A silent system is a dead system. 31
A System Monitor helps to study behaviour and to make
sure it is operating as specified. 32 http://cdn-www.airliners.net/aviation-photos/photos/9/2/1/0982129.jpg
https://github.com/Netflix/Turbine 33
Periodic Checking Heartbeats monitor tasks or remote services and initiate
recovery Routine Exercises prevent idle unit starvation and surface malfunctions 34
35 Encoder( Encoder( Ne*y( Writes( Ne*y( Reads( Decoder( Decoder( Event
on Idle No Traffic Endpoint
Riding over Transients is used to defer error recovery if
the error is temporary. “‘Patience is a virtue’ to allow the true signature of an error to show itself.” - Robert S. Hanmer 36
37 The Leaky Bucket
And more! • Complete Parameter Checking • Watchdogs • Voting
• Checksums • Routine Audits 38
Recovery and Mitigation of Errors 39
Timeout to not wait forever and keep holding up the
resource. 40 X
Failover to a redundant unit when the error has been
detected and isolated. Cost Active/Active Active/Standby N+M Cost Time To Recover Redundancy Reminder 41
Intelligent Retries Time between Retries Number of Attempts Fixed Linear
Exponential 42
Restart can be used as a last resort with the
trade-off to lose state and time. 43
Fail Fast to shed load and give a partial great
service than a complete bad one. Boundary 44
Backpressure & Batching! 45
Case Study: Hystrix https://raw.githubusercontent.com/wiki/Netflix/Hystrix/images/hystrix-flow-chart-original.png 46
And more! • Rollback • Roll-Forward • Checkpoints • Data
Reset Recovery Mitigation • Bounded Queuing • Expansive Controls • Marking Data • Error Correcting Codes 47
And more! • Rollback • Roll-Forward • Checkpoints • Data
Reset Recovery Mitigation • Bounded Queuing • Expansive Controls • Marking Data • Error Correcting Codes 48
Recommended Reading 49
Patterns for Fault-Tolerant Software by Robert S. Hanmer 50
Release It! by Michael T. Nygard 51
Announcement CB Server 4.0 dp! 52 http://blog.couchbase.com/introducing-developer-preview-for-couchbase-server-4.0
Any Questions? 53
twitter @daschl email
[email protected]
Thank you! 54
SiteGround - Reliable hosting with speed, security, and support you can count on.
daschl
yorifuji
seaturt1e
yutokyokutyo
ml_bear
chobishiba
girigiribauer
yamatoya
nikkei_engineer_recruiting
a_matsuda
gessy0129
yokomachi
reverentgeek
andyhume
hannesfritz
aleyda
eileencodes
sabderemane
chriscoyier
notwaldorf
davidcarrasco
.png){kind=avatar}
helenjbeal
tamaranovitovic
![twitter @daschl email [email protected] Thank you! 54](https://files.speakerdeck.com/presentations/653d12d90db14a15a90a89d195c246ea/slide_53.jpg){kind=link}