Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Human Factors and PostMortems

Daniel Schauenberg
November 11, 2014
Technology
3
740

Human Factors and PostMortems

Our daily work takes place in a myriad of systems. They are comprised of software, hardware and humans. And everybody who has worked with complex systems at any scale knows: Failure is not an option, it's inevitable.

At Etsy we are embracing the fact that failures happen and that the only way to understand how the accident happened is to investigate it without blaming the humans involved. This is why we have a blameless postmortem for every outage that occurs. It is an open meeting and everybody is invited to join and find out what happened and how we can make the system safer.

This talk will explain how postmortems at Etsy are conducted and how we maintain and scale the process as the team grows and new people start. It will go over the tools we built and utilize to make postmortems efficient and also share the learnings from each one with all the people in the company.

Daniel Schauenberg

November 11, 2014
Tweet

More Decks by Daniel Schauenberg

See All by Daniel Schauenberg
The Road to Success is paved with Small Improvements
mrtazz
4
1.5k
Deploy, Collaborate and Listen
mrtazz
2
690
Data Driven Monitoring
mrtazz
2
760
Mobile CI at Etsy
mrtazz
2
490
Development, Deployment & Collaboration at Etsy
mrtazz
5
15k
A Whirlwind Tour of Etsy's Monitoring Stack
mrtazz
6
2.6k
Co-Workers As Customers: Lessons from Airbnb & Etsy
mrtazz
7
730
Development, Deployment and Collaboration at Etsy
mrtazz
9
5.6k
Continuous-Delivery-Meetup-NYC-2013.pdf
mrtazz
1
310

Other Decks in Technology

See All in Technology
Terraform CI/CD パイプラインにおける AWS CodeCommit の代替手段
hiyanger
1
190
AIチャットボット開発への生成AI活用
ryomrt
0
150
Deno+JSRでパッケージを作って公開する
askua
0
120
私はこうやってマインドマップでテストすることを出す!
mineo_matsuya
0
300
SREの組織類型に応じた リーダシップの考察
kenta_hi
PRO
1
640
透過型SMTPプロキシによる送信メールの可観測性向上: Update Edition / Improved observability of outgoing emails with transparent smtp proxy: Update edition
linyows
2
200
ExaDB-D dbaascli で出来ること
oracle4engineer
PRO
0
3.8k
TanStack Routerに移行するのかい しないのかい、どっちなんだい! / Are you going to migrate to TanStack Router or not? Which one is it?
kaminashi
0
260
ライブラリでしかお目にかかれない珍しい実装
mikanichinose
2
340
信頼性に挑む中で拡張できる・得られる1人のスキルセットとは?
ken5scal
2
460
隣接領域をBeyondするFinatextのエンジニア組織設計 / beyond-engineering-areas
stajima
1
240
ノーコードデータ分析ツールで体験する時系列データ分析超入門
negi111111
0
350

Featured

See All Featured
How to Ace a Technical Interview
jacobian
276
23k
10 Git Anti Patterns You Should be Aware of
lemiorhan
654
59k
Navigating Team Friction
lara
183
14k
jQuery: Nuts, Bolts and Bling
dougneiner
61
7.5k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
131
33k
4 Signs Your Business is Dying
shpigford
180
21k
Building Flexible Design Systems
yeseniaperezcruz
327
38k
Building an army of robots
kneath
302
42k
Building Your Own Lightsaber
phodgson
102
6.1k
Fontdeck: Realign not Redesign
paulrobertlloyd
82
5.2k
Gamification - CAS2011
davidbonilla
80
5k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
28
8.2k

Transcript

  1. Human Factors & PostMortems Daniel Schauenberg [email protected] @mrtazz

  2. None

  3. We deploy quite a lot

  4. MTTR

  5. MTTR > MTBF

  6. None
  7. None
  8. None
  9. None
  10. None
  11. None

  12. realtalk: things break

  13. New View

  14. Complex Socio- Technical Systems

  15. Erkenntnis und Irrtum fließen aus denselben psychischen Quellen; nur der

    Erfolg vermag beide zu scheiden. — Ernst Mach, Erkenntnis und Irrtum (p. 116)

  16. Things made sense at the time

  17. People don't come to work to do a bad job

  18. Nietzschean Anxiety

  19. So I always get off the hook whatever I do?

  20. There is a difference between explaining and excusing human performance.

    — Sidney Dekker, The Field Guide to Understanding Human Error (p. 196)

  21. Blameless Postmortems

  22. Open Meeting

  23. Everybody is Invited

  24. What happened?

  25. Timeline

  26. Describe the past Don't excuse it away

  27. The Facilitator

  28. Guide the Discussion

  29. Look out for indicators of Old View thinking

  30. Counterfactuals

  31. - she should have - if he would have -

    if they just had - you failed to

  32. Biases

  33. Hindsight Bias Confirmation Bias Outcome Bias

  34. there are many more

  35. Who is in charge?

  36. Etsy School

  37. Taught Facilitator Course

  38. 3 x 90 minutes

  39. Remediation Items

  40. incorporate learning and takeaway from the meeting

  41. None

  42. turn surprises into known factors

  43. MORGUE

  44. None
  45. None
  46. None
  47. None
  48. None
  49. None
  50. None

  51. https://github.com/ etsy/morgue

  52. Near Miss

  53. Pre Mortem

  54. "Hey all, I just ran rm -rf $DIR/ and since

    the variable was empty I deleted my whole VM. This would have been bad in production. Don't do that."

  55. Architecture Reviews

  56. Operability Reviews

  57. It is also worth pointing out that the bias towards

    investigating failures rather than success itself represents a trade-off. — Erik Hollnagel, The ETTO Principle: Efficiency- Thoroughness Trade-Off

  58. Investigate Success

  59. Why did it work?

  60. Human Error is where you stopped looking

  61. peakscale.com/ postmortems

  62. codeascraft.com etsy.com/codeascraft/talks etsy.com/careers

  63. Questions?

  64. Human Factors & PostMortems Daniel Schauenberg [email protected] @mrtazz