Tweet
Tweet

Slide 1

Slide 1 text

Building resilient systems with stacking Chris Keathley / @ChrisKeathley / [email protected]

Slide 2

Slide 2 text

Breaking resilient systems with stacking Chris Keathley / @ChrisKeathley / [email protected]

Slide 3

Slide 3 text

Purely functional data structures explained Chris Keathley / @ChrisKeathley / [email protected]

Slide 4

Slide 4 text

How to build reliable systems with your face (and not on your face) Chris Keathley / @ChrisKeathley / [email protected]

Slide 5

Slide 5 text

HOw to boot your apps correctly Chris Keathley / @ChrisKeathley / [email protected]

Slide 6

Slide 6 text

Scaling

Slide 7

Slide 7 text

Scaling

Slide 8

Slide 8 text

Scaling BEAM

Slide 9

Slide 9 text

Resilience an ability to recover from or adjust easily to Misfortune or change /ri-ˈzil-yən(t)s/

Slide 10

Slide 10 text

No content

Slide 11

Slide 11 text

Complex systems run in degraded mode. “…complex systems run as broken systems. The system continues to function because it contains so many redundancies and because people can make it function, despite the presence of many flaws… System operations are dynamic, with components (organizational, human, technical) failing and being replaced continuously.”

Slide 12

Slide 12 text

System A group of interacting, interrelated, or interdependent elements forming a complex whole. /ˈsistəm/

Slide 13

Slide 13 text

Systems have dependencies

Slide 14

Slide 14 text

Systems

Slide 15

Slide 15 text

Our App Systems

Slide 16

Slide 16 text

Our App Webserver Systems

Slide 17

Slide 17 text

Our App Webserver DB Systems

Slide 18

Slide 18 text

Our App Webserver DB Redis Systems

Slide 19

Slide 19 text

Our App Webserver DB Redis Kafka Systems

Slide 20

Slide 20 text

Our App Systems

Slide 21

Slide 21 text

Our App Systems

Slide 22

Slide 22 text

Systems

Slide 23

Slide 23 text

Systems Our App

Slide 24

Slide 24 text

Systems Our App Other Service Other Service Other Service Other Service Other Service Other Service

Slide 25

Slide 25 text

Scaling is a problem of handling failure

Slide 26

Slide 26 text

Our App Systems Other Service Client

Slide 27

Slide 27 text

Our App Systems Other Service Client

Slide 28

Slide 28 text

Our App Systems Other Service Client

Slide 29

Slide 29 text

Our App Systems Other Service Client

Slide 30

Slide 30 text

Our App Systems Other Service Client

Slide 31

Slide 31 text

Our App Systems Other Service Client

Slide 32

Slide 32 text

Our App Systems Other Service Client

Slide 33

Slide 33 text

Our App Systems Other Service Client

Slide 34

Slide 34 text

Our App Systems Other Service Client

Slide 35

Slide 35 text

Our App Systems Other Service Client

Slide 36

Slide 36 text

Dependencies are more then other systems

Slide 37

Slide 37 text

Systems Our App

Slide 38

Slide 38 text

Systems Our App Humans!

Slide 39

Slide 39 text

Handle failures gracefully Provide feedback to other systems Give insight to operators Systems Should…

Slide 40

Slide 40 text

Our App Webserver DB Redis Kafka

Slide 41

Slide 41 text

Our App Webserver DB Redis Kafka Stacked Design

Slide 42

Slide 42 text

Lets talk about…

Slide 43

Slide 43 text

Lets talk about… Booting the runtime & Configuration Starting dependencies Connecting to external systems Alarms and feedback Communicating with services we don’t control

Slide 44

Slide 44 text

Lets talk about… Booting the runtime & Configuration Starting dependencies Connecting to external systems Alarms and feedback Communicating with services we don’t control

Slide 45

Slide 45 text

Server

Slide 46

Slide 46 text

Kubernetes

Slide 47

Slide 47 text

Kubernetes Release

Slide 48

Slide 48 text

Our App Webserver DB Redis Kafka

Slide 49

Slide 49 text

Our App

Slide 50

Slide 50 text

Releases are the unit of deployment in Erlang/Elixir

Slide 51

Slide 51 text

What has to be here to start our application?

Slide 52

Slide 52 text

App Boot

Slide 53

Slide 53 text

App Boot Read in system configuration

Slide 54

Slide 54 text

App Boot Read in system configuration Start the BEAM

Slide 55

Slide 55 text

App Boot Read in system configuration Start the BEAM Start the App

Slide 56

Slide 56 text

App Boot Start the App Read runtime configuration

Slide 57

Slide 57 text

App Boot Start the App Read runtime configuration Proceed to next level

Slide 58

Slide 58 text

App Boot Start the App Read runtime configuration Proceed to next level

Slide 59

Slide 59 text

Mix config vs. runtime config

Slide 60

Slide 60 text

No content

Slide 61

Slide 61 text

defmodule Jenga.Application do use Application def start(_type, _args) do children = [ ] opts = [strategy: :one_for_one, name: Jenga.Supervisor] Supervisor.start_link(children, opts) end end

Slide 62

Slide 62 text

defmodule Jenga.Application do use Application def start(_type, _args) do config = [ port: "PORT", db_url: "DB_URL", ] children = [ ] opts = [strategy: :one_for_one, name: Jenga.Supervisor] Supervisor.start_link(children, opts) end end

Slide 63

Slide 63 text

defmodule Jenga.Application do use Application def start(_type, _args) do config = [ port: "PORT", db_url: "DB_URL", ] children = [ {Jenga.Config, config}, ] opts = [strategy: :one_for_one, name: Jenga.Supervisor] Supervisor.start_link(children, opts) end end

Slide 64

Slide 64 text

defmodule Jenga.Config do end

Slide 65

Slide 65 text

defmodule Jenga.Config do use GenServer def start_link(desired_config) do GenServer.start_link(__MODULE__, desired_config, name: __MODULE__) end end

Slide 66

Slide 66 text

defmodule Jenga.Config do use GenServer def start_link(desired_config) do GenServer.start_link(__MODULE__, desired_config, name: __MODULE__) end def init(desired) do :jenga_config = :ets.new(:jenga_config, [:set, :protected, :named_table]) end end

Slide 67

Slide 67 text

defmodule Jenga.Config do use GenServer def start_link(desired_config) do GenServer.start_link(__MODULE__, desired_config, name: __MODULE__) end def init(desired) do :jenga_config = :ets.new(:jenga_config, [:set, :protected, :named_table]) case load_config(:jenga_config, desired) do :ok -> {:ok, %{table: :jenga_config, desired: desired}} end end end

Slide 68

Slide 68 text

defmodule Jenga.Config do use GenServer def start_link(desired_config) do GenServer.start_link(__MODULE__, desired_config, name: __MODULE__) end def init(desired) do :jenga_config = :ets.new(:jenga_config, [:set, :protected, :named_table]) case load_config(:jenga_config, desired) do :ok -> {:ok, %{table: :jenga_config, desired: desired}} :error -> {:stop, :could_not_load_config} end end end

Slide 69

Slide 69 text

defmodule Jenga.Config do use GenServer def start_link(desired_config) do GenServer.start_link(__MODULE__, desired_config, name: __MODULE__) end def init(desired) do :jenga_config = :ets.new(:jenga_config, [:set, :protected, :named_table]) case load_config(:jenga_config, desired) do :ok -> {:ok, %{table: :jenga_config, desired: desired}} :error -> {:stop, :could_not_load_config} end end defp load_config(table, config, retry_count \\ 0) defp load_config(_table, [], _), do: :ok defp load_config(_table, _, 10), do: :error defp load_config(table, [{k, v} | tail], retry_count) do case System.get_env(v) do nil -> load_config(table, [{k, v} | tail], retry_count + 1) value -> :ets.insert(table, {k, value}) load_config(table, tail, retry_count) end end end

Slide 70

Slide 70 text

** (Mix) Could not start application jenga: Jenga.Application.start(:normal, []) returned an error: shutdown: failed to start child: Jenga.Config ** (EXIT) :could_not_load_config

Slide 71

Slide 71 text

Lets talk about… Booting the runtime & Configuration Starting dependencies Connecting to external systems Alarms and feedback Communicating with services we don’t control

Slide 72

Slide 72 text

Lets talk about… Booting the runtime & Configuration Starting dependencies Connecting to external systems Alarms and feedback Communicating with services we don’t control

Slide 73

Slide 73 text

App

Slide 74

Slide 74 text

App Load Balancer /up

Slide 75

Slide 75 text

App Load Balancer /up Operators alarms

Slide 76

Slide 76 text

App

Slide 77

Slide 77 text

App

Slide 78

Slide 78 text

App Phoenix

Slide 79

Slide 79 text

defmodule Jenga.Application do use Application def start(_type, _args) do config = [ port: "PORT", db_url: "DB_URL", ] children = [ {Jenga.Config, config}, ] opts = [strategy: :one_for_one, name: Jenga.Supervisor] Supervisor.start_link(children, opts) end end

Slide 80

Slide 80 text

defmodule Jenga.Application do use Application def start(_type, _args) do config = [ port: "PORT", db_url: "DB_URL", ] children = [ {Jenga.Config, config}, JengaWeb.Endpoint, ] opts = [strategy: :one_for_one, name: Jenga.Supervisor] Supervisor.start_link(children, opts) end end

Slide 81

Slide 81 text

defmodule JengaWeb.Endpoint do use Phoenix.Endpoint, otp_app: :jenga def init(_key, config) do port = Jenga.Config.get(:port) {:ok, Keyword.put(config, :http, [:inet6, port: port])} end end

Slide 82

Slide 82 text

defmodule JengaWeb.UpController do use JengaWeb, :controller def up(conn, _params) do {code, message} = status() conn |> Plug.Conn.put_status(code) |> json(message) end defp status do {500, %{status: “LOADING”}} end end

Slide 83

Slide 83 text

Lets talk about… Booting the runtime & Configuration Starting dependencies Connecting to external systems Alarms and feedback Communicating with services we don’t control

Slide 84

Slide 84 text

Lets talk about… Booting the runtime & Configuration Starting dependencies Connecting to external systems Alarms and feedback Communicating with services we don’t control

Slide 85

Slide 85 text

App Phoenix

Slide 86

Slide 86 text

App Phoenix Database

Slide 87

Slide 87 text

App Phoenix Pool Supervisor Conn Conn Conn

Slide 88

Slide 88 text

App Phoenix Pool Supervisor Conn Conn Conn Disconnected

Slide 89

Slide 89 text

Supervisors are about guarantees -“Friend of the show” Fred Hebert

Slide 90

Slide 90 text

App Phoenix Pool Supervisor Conn Conn Conn

Slide 91

Slide 91 text

App Phoenix Pool Supervisor Conn Conn Conn

Slide 92

Slide 92 text

App Phoenix Pool Supervisor Conn Conn Conn

Slide 93

Slide 93 text

App Phoenix Pool Supervisor Conn Conn Conn

Slide 94

Slide 94 text

App Phoenix Pool Supervisor Conn Conn Conn

Slide 95

Slide 95 text

defmodule Jenga.DemoConnection do use GenServer end

Slide 96

Slide 96 text

defmodule Jenga.DemoConnection do use GenServer def init(opts) do wait_for = 3_000 + backoff() + jitter() Process.send_after(self(), {:try_connect, opts}, wait_for) {:ok, %{state: :disconnected}} end end

Slide 97

Slide 97 text

defmodule Jenga.DemoConnection do use GenServer def init(opts) do wait_for = 3_000 + backoff() + jitter() Process.send_after(self(), {:try_connect, opts}, wait_for) {:ok, %{state: :disconnected}} end def handle_info({:try_connect, opts}, _) do do_connect(opts) {:noreply, state} end end

Slide 98

Slide 98 text

defmodule Jenga.DemoConnection do use GenServer def init(opts) do wait_for = 3_000 + backoff() + jitter() Process.send_after(self(), {:try_connect, opts}, wait_for) {:ok, %{state: :disconnected}} end def handle_info(:try_connect, state) do case do_connect do :ok -> {:noreply, %{state | state: :connected}} :error -> wait_for = 3_000 + backoff() + jitter() Process.send_after(self(), :try_connect, wait_for) {:noreply, state} end end end

Slide 99

Slide 99 text

Lets talk about… Booting the runtime & Configuration Starting dependencies Connecting to external systems Alarms and feedback Communicating with services we don’t control

Slide 100

Slide 100 text

Lets talk about… Booting the runtime & Configuration Starting dependencies Connecting to external systems Alarms and feedback Communicating with services we don’t control

Slide 101

Slide 101 text

App Phoenix Pool Supervisor Conn Conn Conn

Slide 102

Slide 102 text

App Phoenix Pool Supervisor Conn Conn Conn

Slide 103

Slide 103 text

App Phoenix Pool Supervisor Conn Conn Conn

Slide 104

Slide 104 text

App Phoenix Pool Supervisor Conn Conn Conn

Slide 105

Slide 105 text

App Phoenix Pool Supervisor Conn Conn Conn

Slide 106

Slide 106 text

App Phoenix Pool Supervisor Conn Conn Conn Load Balancer

Slide 107

Slide 107 text

defmodule JengaWeb.UpController do use JengaWeb, :controller def up(conn, _params) do {code, message} = status() conn |> Plug.Conn.put_status(code) |> json(message) end defp status do {500, %{status: “LOADING”}} end end

Slide 108

Slide 108 text

defmodule JengaWeb.UpController do use JengaWeb, :controller def up(conn, _params) do {code, message} = status() conn |> Plug.Conn.put_status(code) |> json(message) end defp status do case Database.check_status() do :ok -> {200, %{status: "OK"}} _ -> {500, %{status: "LOADING"}} end end end

Slide 109

Slide 109 text

App Phoenix Pool Supervisor Conn Conn Conn Load Balancer

Slide 110

Slide 110 text

App Phoenix Pool Supervisor Conn Conn Conn

Slide 111

Slide 111 text

App Phoenix Pool Supervisor Conn Conn Conn Operators alarms

Slide 112

Slide 112 text

App Phoenix Pool supervisor Operators alarms db_supervisor Watchdog

Slide 113

Slide 113 text

Watchdog

Slide 114

Slide 114 text

Watchdog Good Bad Check DB Status

Slide 115

Slide 115 text

Watchdog Good Bad Check DB Status Open alarm

Slide 116

Slide 116 text

Watchdog Good Bad Check DB Status Close alarm Open alarm

Slide 117

Slide 117 text

defmodule Jenga.Database.Watchdog do use GenServer end

Slide 118

Slide 118 text

defmodule Jenga.Database.Watchdog do use GenServer def init(:ok) do schedule_check() {:ok, %{status: :degraded, passing_checks: 0}} end end

Slide 119

Slide 119 text

defmodule Jenga.Database.Watchdog do use GenServer def init(:ok) do schedule_check() {:ok, %{status: :degraded, passing_checks: 0}} end def handle_info(:check_db, state) do status = Jenga.Database.check_status() state = change_state(status, state) schedule_check() {:noreply, state} end end

Slide 120

Slide 120 text

defmodule Jenga.Database.Watchdog do use GenServer def init(:ok) do schedule_check() {:ok, %{status: :degraded, passing_checks: 0}} end def handle_info(:check_db, state) do status = Jenga.Database.check_status() state = change_state(status, state) schedule_check() {:noreply, state} end defp change_state(result, %{status: status, passing_checks: count}) do end end

Slide 121

Slide 121 text

defmodule Jenga.Database.Watchdog do use GenServer def init(:ok) do schedule_check() {:ok, %{status: :degraded, passing_checks: 0}} end def handle_info(:check_db, state) do status = Jenga.Database.check_status() state = change_state(status, state) schedule_check() {:noreply, state} end defp change_state(result, %{status: status, passing_checks: count}) do case {result, status, count} do {:ok, :connected, count} -> if count == 3 do :alarm_handler.clear_alarm(@alarm_id) end %{status: :connected, passing_checks: count + 1} {:ok, :degraded, _} -> %{status: :connected, passing_checks: 0} end end end

Slide 122

Slide 122 text

defmodule Jenga.Database.Watchdog do use GenServer def init(:ok) do schedule_check() {:ok, %{status: :degraded, passing_checks: 0}} end def handle_info(:check_db, state) do status = Jenga.Database.check_status() state = change_state(status, state) schedule_check() {:noreply, state} end defp change_state(result, %{status: status, passing_checks: count}) do case {result, status, count} do {:ok, :connected, count} -> if count == 3 do :alarm_handler.clear_alarm(@alarm_id) end %{status: :connected, passing_checks: count + 1} {:ok, :degraded, _} -> %{status: :connected, passing_checks: 0} {:error, :connected, _} -> :alarm_handler.set_alarm({@alarm_id, "We cannot connect to the database”}) %{status: :degraded, passing_checks: 0} {:error, :degraded, _} -> %{status: :degraded, passing_checks: 0} end end end

Slide 123

Slide 123 text

:alarm_handler.clear_alarm(@alarm_id) :alarm_handler.set_alarm({@alarm_id, "We cannot connect to the database”})

Slide 124

Slide 124 text

defmodule Jenga.Application do use Application def start(_type, _args) do config = [ port: “PORT", db_url: "DB_URL", ] children = [ {Jenga.Config, config}, JengaWeb.Endpoint, Jenga.Database.Supervisor, ] opts = [strategy: :one_for_one, name: Jenga.Supervisor] Supervisor.start_link(children, opts) end end

Slide 125

Slide 125 text

defmodule Jenga.Application do use Application def start(_type, _args) do config = [ port: “PORT", db_url: "DB_URL", ] :gen_event.swap_handler( :alarm_handler, {:alarm_handler, :swap}, {Jenga.AlarmHandler, :ok}) children = [ {Jenga.Config, config}, JengaWeb.Endpoint, Jenga.Database.Supervisor, ] opts = [strategy: :one_for_one, name: Jenga.Supervisor] Supervisor.start_link(children, opts) end end

Slide 126

Slide 126 text

defmodule Jenga.AlarmHandler do require Logger def init({:ok, {:alarm_handler, _old_alarms}}) do Logger.info("Installing alarm handler") {:ok, %{}} end def handle_event({:set_alarm, :database_disconnected}, alarms) do send_alert_to_slack(database_alarm()) {:ok, alarms} end def handle_event({:clear_alarm, :database_disconnected}, alarms) do send_recovery_to_slack(database_alarm()) {:ok, alarms} end def handle_event(event, state) do Logger.info("Unhandled alarm event: #{inspect(event)}") {:ok, state} end end

Slide 127

Slide 127 text

Lets talk about… Booting the runtime & Configuration Starting dependencies Connecting to external systems Alarms and feedback Communicating with services we don’t control

Slide 128

Slide 128 text

Lets talk about… Booting the runtime & Configuration Starting dependencies Connecting to external systems Alarms and feedback Communicating with services we don’t control

Slide 129

Slide 129 text

App Other Service Client External Services

Slide 130

Slide 130 text

App Other Service Client External Services

Slide 131

Slide 131 text

App Other Service Client External Services

Slide 132

Slide 132 text

App Other Service Client External Services

Slide 133

Slide 133 text

App Other Service Client External Services

Slide 134

Slide 134 text

App Other Service Client External Services

Slide 135

Slide 135 text

App Other Service Client External Services

Slide 136

Slide 136 text

Circuit Breakers

Slide 137

Slide 137 text

defmodule Jenga.ExternalService do def fetch(params) do with :ok <- :fuse.ask(@fuse, :async_dirty), {:ok, result} <- make_call(params) do {:ok, result} else {:error, e} -> :ok = :fuse.melt(@fuse) {:error, e} :blown -> {:error, :service_is_down} end end end

Slide 138

Slide 138 text

App Other Service Client External Services

Slide 139

Slide 139 text

App Other Service Client External Services

Slide 140

Slide 140 text

App Other Service Client External Services ETS

Slide 141

Slide 141 text

App Other Service Client External Services ETS

Slide 142

Slide 142 text

App Other Service Client External Services ETS

Slide 143

Slide 143 text

App Other Service Client External Services ETS

Slide 144

Slide 144 text

Circuit Breakers

Slide 145

Slide 145 text

Additive Increase Multiplicative Decrease

Slide 146

Slide 146 text

Lets talk about… Booting the runtime & Configuration Starting dependencies Connecting to external systems Alarms and feedback Communicating with services we don’t control

Slide 147

Slide 147 text

We booted our application!

Slide 148

Slide 148 text

Now what?

Slide 149

Slide 149 text

Handle failures gracefully Provide feedback to other systems Give insight to operators Systems Should…

Slide 150

Slide 150 text

Handle failures gracefully Provide feedback to other systems Give insight to operators Systems Should…

Slide 151

Slide 151 text

Handle failures gracefully Provide feedback to other systems Give insight to operators Systems Should…

Slide 152

Slide 152 text

Handle failures gracefully Provide feedback to other systems Give insight to operators Systems Should…

Slide 153

Slide 153 text

Handle failures gracefully Provide feedback to other systems Give insight to operators Systems Should…

Slide 154

Slide 154 text

We have powerful tools in our runtime

Slide 155

Slide 155 text

Take advantage of them to build more robust systems

Slide 156

Slide 156 text

Thanks Chris Keathley / @ChrisKeathley / keathey.io