A DevOps story - Turning our most significant production outage into a driver for positive lasting change. A DevOps story.

A DevOps story

How we turned our most significant outage into
lasting positive change!
@martincronje

View Slide

View Slide

💡

Cohesive collaborative teams
with end-to-end ownership of
their services (build it, run it)

View Slide

2000’s

First online product

launched
Second major iteration
launched

View Slide

Writing code during
the early 2000’s

View Slide

❤
The heart of the product was built in the 2000’s

View Slide

💡

All companies have heritage
systems that enabled them to
become successful businesses!

View Slide

Question:

What is the heritage in your
environment?

View Slide

2000’s


launched
launched
Starts building innovative

user experience
2010’s

Moved to the cloud

|
Disrupts market and

expands globally

View Slide

System Context
S

Orignal UI
Core Product

(Monolith)
🥰

View Slide

System Context
Z
S

New API
Orignal UI
UI UI UI
Service Service Service
Core Product

(Monolith)
🥰

View Slide

Environment Context
Z
S

New API
Orignal UI
UI UI UI
Core Product

(Monolith)
•New Product

• Cloud-native

• Continuous deployment

• Some auto-infrastructure
provisioning

•Heritage Product

• Virtual servers

• Manual deployments

• Manual infrastructure
provisioning

View Slide

Environment Context
Z
S

New API
Orignal UI
UI UI UI
Core Product

(Monolith)
• Agile delivery

• Low test-automation

• Incidents highly disruptive

• Reliance on long-tenured engineers

• Traditional ops team (HIGH TOIL)

View Slide

40+
major incidents per month

View Slide

The perfect storm was brewing!

View Slide

Question:

Do you have a perfect storms
brewing?

View Slide

2000’s


launched
launched
Starts building innovative

user experience
2010’s

Moved to the cloud

|
Disrupts market and

expands globally 💥

Super outage

View Slide

The super outage
> Regular deployment with hundreds unique changes

> Unusable for numerous weeks

> Busy time of the year

> Most customers affected

> System performance continued to degrade

View Slide

Unable to isolate the problem

View Slide

Unable to restore a previous version

View Slide

Unable to failover

View Slide

Unable to troubleshoot

View Slide

Unable to create a new environment

View Slide

🤕 😴 🤬

View Slide

Opportunity Strikes!
> Reduce the size of changes

> Make rollback effortless

> Reduce configuration change risk

> Make it easy to setup a new environment

> Make it easy to analyse and troubleshoot problems

> Give everyone the skills to fix problems

> Handle production outages cool, calm and controlled

View Slide

With 40+ incidents/month
a catastrophic outage was only a matter of time

View Slide

Question:

What would you do address
this risk?

View Slide

😱 We needed to remove fear

View Slide

View Slide

Technology Improvement Plan
> Incident Response

> Deep Ownership

> Production Insights

> Deploy Monolith Safely

> Decouple Monolith
Z
S

New API
Orignal UI
UI UI UI
Core Product

(Monolith)

View Slide

Pitching our plan….
> Economic argument on supporting scale

> Proposed a stop to delivery to focus on resilience

> Ended up securing about 1/5 of engineering capacity
https://www.wired.com/2013/04/linkedin-software-revolution/

View Slide

💡

Initial objective was to reduce
the impact of failure on
customers

View Slide

Technology Improvement Plan
> Incident Response

> Deep Ownership

> Production Insights

> Deploy Monolith Safely

> Decouple Monolith
Z
S

New API
Orignal UI
UI UI UI
Core Product

(Monolith)

View Slide

Planning approach
● Outcomes focus charting (Auftragsklärung)

● 1-pager plan outlining

- Context

- Problem

- Objective

- Outputs

- Success measures

• Incremental approach where possible
https://auftragsklaerung.com/

View Slide

Enabling us to break-up the
monolith

View Slide

Incident Response

> Primary Objective: Shorten repair and recovery times

> Secondary Objective: Make sure they don’t happen again

View Slide

Y1Q1 Y1Q2 Y1Q3 Y1Q4 Y2Q1
New incident

manager (ITIL)
Incident response process
and prioritisation matrix
Engineers on-call
PagerDuty
🤯 🤑 Marked reduction

in incidents
💥 Incident Command
Weekly Ops Review
💥 Disestablish

tech-support
🎯 Incident recovery up to 95% SLA
Incident recovery at <80% SLA
Engineering doing

post-mortems for Sev2’s
💥 Engineering doing

post-mortems for

Sev0 and Sev1 incidents
💡 Make sure incidents don’t happen again

💡 Time to acknowledge incidents

💡 Awareness of sensitive customers

View Slide

💡

Started with old-school incident
management, because it was
the right thing to do.

View Slide

Production Insights

> Primary Objective: Standard measurement of health

> Secondary Objective: Don’t call us, we’ll call you

View Slide

Service Level Objectives
Availability =
Successful requests
Total requests

View Slide

Implementing SLO’s
> Top down approach

> Key interactions workflow

> Failed requests included slow and errors

> Differentiated between desired, current and failing

> Teams implemented SLI dashboards to back these up

View Slide

Y1Q1 Y1Q2 Y1Q3 Y1Q4 Y2Q1
🤯 Manual SLO recording

in Excel!
🎯 First basic dashboards

internally (incl. support)
💥 Dashboard released

to some customers
Prioritised improvement
SLOs to 75% compliance
🤯 Engineering

site-visits
🎯 Customers stopped
complaining
Dedicated work-streams to
dramatically improve
performance

View Slide

💡

We created a standard
definition of what good looks
like for the customer

View Slide

Deployment Safety

> Primary Objective: Reduce the impact of bad deployments

> Secondary Objective: Reduce undifferentiated heavy-lifting

View Slide

Canary deployments on monolith
C1 v2
C3 v2
C2 v2
C4 v2
C1 v1
C3 v1
C2 v1
C4 v1
Active Passive

View Slide

Canary deployments
C1 v2
C3 v2
C2 v2
C1 v1
C3 v1
C2 v1
C4 v1
Active Passive
Easy rollback
C4 v2

View Slide

Canary deployments
C1 v2
C3 v2
C2 v2
C4 v2
C1 v3
C3 v1
C2 v1
C4 v1
Active Passive
Deploy v3

View Slide

Canary deployments
C3 v2
C2 v2
C4 v2
C1 v3
C3 v1
C2 v1
C4 v1
Active Passive
C1 v2
Make live

View Slide

Canary deployments
C3 v2
C2 v2
C4 v2
C1 v3
C3 v1
C2 v3
C4 v1
Active Passive
C1 v2
Deploy v3

View Slide

Canary deployments
C3 v2
C2 v2
C4 v2
C1 v3
C3 v1
C2 v3
C4 v1
Active Passive
C1 v2
Make live

View Slide

Database Blue / Green
Schema
v2
Schema
v1

View Slide

Other things
● Moved SQL Server to management instances

● Moved all config management into source-control

● Eliminate toil where possible

View Slide

💡

Not only did we reduce impact
of issues but we also reduced
snowflakes and toil.

View Slide

This is was only the start…

View Slide

Lessons
> Spend A LOT of time with stakeholders

> Need technical executive support

> Back out of failed experiments early

> Getting this right is hard

View Slide

Achievements
● Single definition of good using Service Level Objectives

● We started detecting issues before out customers!

● Incidents resolved within SLA (improved from 80% to 95%+)

● Mostly automated deployment and provisioning on our monolith

● Reducing the impact of bad deployments

● Rollback within minutes instead of hours (or even days)

● Enabled modernisation roadmap

● Happy customers!!

View Slide

Question:

What is your key takeaway?

View Slide

💡

There’s no perfect environment.
Find the right DevOps
topology for you.

View Slide

💡

Cohesive collaborative teams
with end-to-end ownership of
their services (build it, run it)

View Slide

💡

All companies have heritage
systems that enabled them to
become successful businesses!

View Slide

💡

Find incremental gains by
looking at the biggest fires in
your environment

View Slide

💡

Find your initial objective!

We reduced failure impact

View Slide

💡

Started with old-school processes
because it was the right thing to do.

…and then we matured

View Slide

@martincronje

View Slide

A DevOps story - Turning our most significant production outage into a driver for positive lasting change. A DevOps story.

A DevOps story - Turning our most significant production outage into a driver for positive lasting change. A DevOps story.

Martin Cronjé

More Decks by Martin Cronjé

Other Decks in Technology

Featured

Transcript