Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Tenets of Resilient Systems

Michael Gasch
July 08, 2022
Technology
0
89

Tenets of Resilient Systems

Excerpt from workshop on resilient system design.

Michael Gasch

July 08, 2022
Tweet

More Decks by Michael Gasch

See All by Michael Gasch
VMware Code Power Session Git 07-2020
embano1
1
160
Concurrency_Bugs_in_Go_-_Go_Meetup_Leipzig_03-15-2019_GASCH.pdf
embano1
1
340
What is a (Docker) Container, really?
embano1
2
320

Other Decks in Technology

See All in Technology
WebGLやCanvasを使ったデータ可視化コンテンツ開発/nikkei-tech-talk5-3
nikkei_engineer_recruiting
0
140
Agileを始める前に知っておきたい3つの真実
chiroruxx
8
1.2k
[CI/CD2023]OSSで構築するOpenAPI開発のCI/CD
xibuka
2
260
Oracle Container Engine for Kubernetes (OKE) ご紹介 / oke-overview
oracle4engineer
PRO
1
980
サービスと共にチームも成長する 〜New Relicを利用したサービスとチームの定量化〜
hirokiotsuka
0
140
CloudWatchエージェントとCloudWatchで行うアプリ監視
smt7174
0
100
私と Nature Remo E / Nature Remo E
orgachem
0
240
自分のデータは自分で守る - あなたのCI/CDパイプラインをセキュアにする処方箋
jacopen
4
460
Tackle the infodemic of misinformation from LINE
line_developers_tw
PRO
0
130
QMファンネルとQAキャリア
gen519
PRO
1
170
Privacy Techによる新しいデータ活用の形
line_developers
PRO
1
220
軽率に休学したら Babylon.js×WebARで 夢を3つ叶えてた / my dreams with babylon.js and WebAR
drumath2237
0
130

Featured

See All Featured
What's new in Ruby 2.0
geeforr
336
30k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
349
27k
The Invisible Side of Design
smashingmag
292
49k
How To Stay Up To Date on Web Technology
chriscoyier
779
250k
GraphQLの誤解/rethinking-graphql
sonatard
39
8k
Building a Scalable Design System with Sketch
lauravandoore
451
31k
Designing the Hi-DPI Web
ddemaree
273
33k
The Straight Up "How To Draw Better" Workshop
denniskardys
226
130k
Three Pipe Problems
jasonvnalue
89
9k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
24
5.1k
Teambox: Starting and Learning
jrom
124
7.9k
Reflections from 52 weeks, 52 projects
jeffersonlam
340
18k

Transcript

  1. Confidential │ ©2020 VMware, Inc. 9
    Or when Things go REALLY bad …

    View Slide

  2. Confidential │ ©2020 VMware, Inc. 10
    Root Causes of Outages

    View Slide

  3. Confidential │ ©2020 VMware, Inc. 11
    Resiliency is not about making
    Money.
    It’s about not losing Money.
    Uwe Friedrichsen

    View Slide

  4. Confidential │ ©2020 VMware, Inc. 12
    Availability =
    MTTF
    MTTF + MTTR
    What we optimize for
    (“known unknowns”)

    View Slide

  5. Confidential │ ©2020 VMware, Inc. 13
    Distributed systems force developers to
    make a quantum leap from the relative
    certainty of a single machine or process to
    the byzantine interactions of interconnected
    subsystems, where we cannot stop the
    world to take a snapshot of it or to make it
    move one step at a time.
    -- Sergey Bykov
    We need a Change in our Mindset

    View Slide

  6. Confidential │ ©2020 VMware, Inc. 14
    Everything fails,
    all the time.
    Werner Vogels

    View Slide

  7. Confidential │ ©2020 VMware, Inc. 15
    Availability =
    MTTF
    MTTF + MTTR
    What we must optimize for
    (“unknown unknowns”)

    View Slide

  8. Confidential │ ©2020 VMware, Inc. 16
    © Uwe Friedrichsen
    “Just make your system resilient!” they said…

    View Slide

  9. Confidential │ ©2020 VMware, Inc. 17
    !

    View Slide

  10. Confidential │ ©2020 VMware, Inc. 18
    A complex system that works is
    invariably found to have evolved
    from a simple system that worked.
    John Gall
    Well, … J
    “I want a simple Solution!”

    View Slide

  11. Confidential │ ©2020 VMware, Inc. 19
    "

    View Slide

  12. Confidential │ ©2020 VMware, Inc. 20
    Rasmussen’s System Model
    http://www.spacesafetymagazine.com/wp-content/uploads/2016/07/2.-Cook-and-Rasmussen%E2%80%99s-dynamic-safety-model.png

    View Slide

  13. Confidential │ ©2020 VMware, Inc. 21
    Then and Now
    Resiliency Engineering
    20th century: Why do accidents happen
    21st century: Why they don‘t
    https://www.youtube.com/watch?v=PGLYEDpNu60

    View Slide

  14. Confidential │ ©2020 VMware, Inc. 22
    Design Philosophy in Networked Systems
    The Internet

    View Slide

  15. Confidential │ ©2020 VMware, Inc. 23
    Modularity based on
    abstraction is the way
    things are done
    Barbara Liskov

    View Slide

  16. Confidential │ ©2020 VMware, Inc. 24
    cat file | grep string | sort – r | uniq
    The Unix Philosophy

    View Slide

  17. Confidential │ ©2020 VMware, Inc. 25
    cat file | grep string | sort – r | uniq
    The Unix Philosophy
    STREAM
    ! Did you notice that I said nothing about Microservices?

    View Slide

  18. Confidential │ ©2020 VMware, Inc. 26
    Can we apply this Philosophy
    to Distributed Systems?

    View Slide

  19. 27
    Confidential │ ©2020 VMware, Inc.
    Tenets of Resilient Systems

    View Slide

  20. Confidential │ ©2020 VMware, Inc. 28
    Tenets of Resilient Systems
    Domain
    Understanding
    Ownership
    Simplicity
    Empathy
    Anti-Fragility
    Observability
    Operational
    Friendliness
    Preserve
    Knowledge

    View Slide

  21. Confidential │ ©2020 VMware, Inc. 29
    Tenets of Resilient Systems
    If you don’t understand your Business Domain,
    you don’t understand the Problem
    Domain Driven Design (Bounded Contexts)
    Set Expectations (Contracts)
    This is NOT about Technology
    Communicate (document) clearly
    Domain
    Understanding
    Ownership
    Simplicity
    Empathy
    Anti-Fragility
    Observability
    Operational
    Friendliness
    Preserve
    Knowledge

    View Slide

  22. Confidential │ ©2020 VMware, Inc. 30
    Tenets of Resilient Systems
    “You build it, you run it”
    Cross-functional Teams (“DevSecOps”)
    Service Orientation
    API-First Design (no Backdoors)
    Risk and Incident Management
    Communication Plans
    Domain
    Understanding
    Ownership
    Simplicity
    Empathy
    Anti-Fragility
    Observability
    Operational
    Friendliness
    Preserve
    Knowledge

    View Slide

  23. Confidential │ ©2020 VMware, Inc. 31
    Tenets of Resilient Systems
    Simple != easy
    Self-sufficient (Autonomy)
    Modular
    Composable
    Evolvable
    Use proven Components
    Small Gains don’t justify added Complexity
    (intrinsic vs accidental Complexity)
    Domain
    Understanding
    Ownership
    Simplicity
    Empathy
    Anti-Fragility
    Observability
    Operational
    Friendliness
    Preserve
    Knowledge

    View Slide

  24. Confidential │ ©2020 VMware, Inc. 32
    Tenets of Resilient Systems
    Your System does not run in Isolation
    Be a good Citizen
    Anticipate Effects on (possibly unknown)
    upstream/downstream Services
    Mechanical Sympathy
    Domain
    Understanding
    Ownership
    Simplicity
    Empathy
    Anti-Fragility
    Observability
    Operational
    Friendliness
    Preserve
    Knowledge

    View Slide

  25. Confidential │ ©2020 VMware, Inc. 33
    Tenets of Resilient Systems
    Embrace Failure (Stress)
    Decentralization and asynchronous
    Communication (Facts) through weak Links
    Static Stability (graceful Degradation,
    Independence) and Zero Trust
    Isolation (minimize Blast Radius)
    Admission (Resource) and Flow Control
    Redundancy (no SPOFs) with Failure Recovery
    Supervision (“crash-only” Software)
    Idempotency and Immutability
    Domain
    Understanding
    Ownership
    Simplicity
    Empathy
    Anti-Fragility
    Observability
    Operational
    Friendliness
    Preserve
    Knowledge

    View Slide

  26. Confidential │ ©2020 VMware, Inc. 34
    Tenets of Resilient Systems
    Instrument and audit everything
    Measure from the Inside and Outside
    (Customer)
    Be transparent
    Simplify Troubleshooting and Root Cause
    Analysis (Correlation)
    Augment with Business Level Metrics (View)
    Continuously measure / analyze / optimize
    Drives Capacity Planning
    Domain
    Understanding
    Ownership
    Simplicity
    Empathy
    Anti-Fragility
    Observability
    Operational
    Friendliness
    Preserve
    Knowledge

    View Slide

  27. Confidential │ ©2020 VMware, Inc. 35
    Tenets of Resilient Systems
    Don’t hide Complexity, never assume
    Single-Version Software
    Standardize everything
    Automate and reduce Toil to prevent Human
    Error
    Chaos test in Production
    Boring (Tech) is good
    “Soft-Delete” and Self-Healing
    Document clearly (Recovery Plans, Last Change,
    Ownership)
    Practice (Game/Hack Days)
    Domain
    Understanding
    Ownership
    Simplicity
    Empathy
    Anti-Fragility
    Observability
    Operational
    Friendliness
    Preserve
    Knowledge

    View Slide

  28. Confidential │ ©2020 VMware, Inc. 36
    Tenets of Resilient Systems
    Stand on the Shoulders of Giants
    Learn from the Past
    Blameless Culture
    Write Post-Mortems
    Make Knowledge accessible
    Domain
    Understanding
    Ownership
    Simplicity
    Empathy
    Anti-Fragility
    Observability
    Operational
    Friendliness
    Preserve
    Knowledge

    View Slide

  29. Confidential │ ©2020 VMware, Inc. 37
    Tenets of Resilient Systems
    Closed Loops
    Continuously Observe, Analyze, Act
    Behavior Driven Development to bridge Silos
    Ship (release) often but incrementally
    Version everything (GitOps)
    Shared Responsibility (GitOps)
    No central Coordinator
    APIs as System and Communication Boundaries
    SLOs as Contracts
    Domain
    Understanding
    Ownership
    Simplicity
    Empathy
    Anti-Fragility
    Observability
    Operational
    Friendliness
    Preserve
    Knowledge

    View Slide

  30. Confidential │ ©2020 VMware, Inc. 38
    Failure is inevitable.
    But it makes you stronger.

    View Slide