Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Why the world needs more resilient systems

Tammy Bryant Butow
March 23, 2018
Technology
1
97

Why the world needs more resilient systems

Presented in March 2018 in London, Paris, Hamburg and Stockholm.

Tammy Bryant Butow

March 23, 2018
Tweet

More Decks by Tammy Bryant Butow

See All by Tammy Bryant Butow
The Road To Resilience: Chaos Engineering, Disaster Recovery & GameDays
tammybutow
0
120
An exploration of black holes: strange failure modes - Craft Conf - Tammy - Gremlin
tammybutow
0
130
What is SRE
tammybutow
0
250
Site Reliability Engineering For Kubernetes
tammybutow
0
220
Observing and Understanding Failures - SRE Apprentices
tammybutow
0
220
Chaos Engineering: When The Network Breaks - Tammy Bryant Butow (Gremlin) - ETE 2021
tammybutow
0
110
Chaos Engineering: When the network breaks @ NGINX Conf 2019
tammybutow
0
110
Chaos Engineering: When the Network Breaks
tammybutow
0
97
Chaos Engineering Bootcamp - Velocity NYC
tammybutow
0
32

Other Decks in Technology

See All in Technology
The CloudCompare project by Dr. Daniel Girardeau-Montaut
kentaitakura
0
350
從 Gemini API 到 LINE Bot
clonn
0
200
強みを伸ばすキャリアデザイン
yug1224
0
190
Tableau事例紹介 / Tableau Case Study of Eureka
kazuya_araki_tokyo
1
150
メールセキュリティの DMARC周りの設定を少しずつ設定してみたお話
miu_crescent
1
250
OpenTelemetry を使ったトレースエグザンプラーの活用 / otel-trace-exemplar
k6s4i53rx
2
560
巨大なテーブルのテーブル定義を無停止で安全に誰でも変更できるようにする / Table-definitions-for-huge-tables-can-be-modified-by-anyone-safely-and-non-disruptively
freee
1
690
The AI Revolution Will Not Be Monopolized: How open-source beats economies of scale, even for LLMs
inesmontani
PRO
1
620
LLMアプリケーションの実験管理・評価の工夫を紹介
pharma_x_tech
6
600
Kubernetesでアプリの安定稼働と高頻度のアップデートを両立するためのプラクティス / Best Practices for Applications on Kubernetes to Achieve Both Frequent Updates and Stability
hhiroshell
10
2.9k
2024-04-06 AMeDAS to Lagoon SORACOM UG 2024-04-06
anysonica
0
120
Pedestrian-Centric大規模交通安全映像解析向けWoven Traffic Safety (WTS) データセットの紹介
kbuster
0
140

Featured

See All Featured
Build The Right Thing And Hit Your Dates
maggiecrowley
23
2k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
18
1.7k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
153
14k
The Illustrated Children's Guide to Kubernetes
chrisshort
28
46k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
118
38k
Making the Leap to Tech Lead
cromwellryan
123
8.5k
Designing for Performance
lara
601
67k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
226
16k
Design by the Numbers
sachag
274
18k
Facilitating Awesome Meetings
lara
40
5.6k
Become a Pro
speakerdeck
PRO
9
4.5k
Typedesign – Prime Four
hannesfritz
36
2k

Transcript

  1. Chaos Engineering: Why the world needs more resilient systems @tammybutow

  2. Oh hai, nice to meet you! @tammybutow @tammybutow tammybutow [email protected]

    Principal SRE @ Gremlin Tech Advisory Board @ Greenpeace Enjoys Skateboarding, Snowboarding, Metal, Punk & Breaking Things On Purpose.

  3. Dropbox DigitalOcean National Australia Bank Queensland University of Technology Netflix

    Amazon Salesforce Google Our Gremlin Team Were Previously @ PagerDuty Datadog

  4. More Resilient Systems! Why the world needs:

  5. A resilient system is a highly available and durable system.

    A resilient system can maintain an acceptable level of service in the face of failure. A resilient system can weather the storm (a misconfiguration, a large scale natural disaster or controlled chaos engineering). What is a resilient system?

  6. Resilient Systems Let’s review industry examples to understand why we

    need:

  7. Cardiac monitoring is now done via a bluetooth device implanted

    in the body and a mobile app. The patient takes no action. Resilience of the device is the only thing the patient cares about. Med Tech Industry:
  8. None

  9. People are changing jobs, moving homes, traveling and more. Systems

    need to not only keep up but also provide value anytime/anywhere. Fin Tech Industry:

  10. A “technical issue related to some routine maintenance”. Impacted the

    purchase of over 2000 homes.

  11. People are traveling more frequently for work and leisure. They

    need to be able to get where they need to go with no hassles. Transport Tech Industry:
  12. None

  13. More remote learning than ever before. Many students learn remotely.

    They need reliable access to teachers, students and learning materials. Edu Tech Industry:
  14. None

  15. People need protection from bushfires, tsunamis, earthquakes and storms. Many

    of the warning systems for these disasters are legacy unreliable systems. Enviro Tech Industry:

  16. Insert photo of tsunami Saturday, 7 February 2009 - Australia’s

    all-time worst bushfire disaster

  17. Saturday, 7 February 2009 - Australia’s all-time worst bushfire disasters

  18. Saturday, 7 February 2009 - Australia’s all-time worst bushfire disasters

  19. What do these systems have in common? The primary concern

    of the user is resilience of the system, in particular high availability.

  20. A great future for everyone Let’s figure out how to

    create:

  21. What does a great future look like?

  22. More Resilient Systems? How do we create:

  23. Introducing: Chaos Engineering

  24. Chaos Engineering? What is

  25. Thoughtful, planned experiments designed to reveal the weakness in our

    systems. Chaos Engineering:

  26. Inject something harmful, in order to build an immunity

  27. None

  28. We can inject harm in hosts, containers, pods, applications and

    more.

  29. Chaos Engineer? What is a

  30. A vaccine research computer scientist. Chaos Engineer: SREs / Production

    Engineers commonly practice Chaos Engineering.

  31. A vaccine research computer scientist. Chaos Engineer:

  32. A vaccine research computer scientist. Chaos Engineer: http://www.cancerresearchuk.org/about-cancer/cancer-in-general/treatment/immunotherapy/types/vaccines-to-treat-cancer

  33. The Bad Database Vaccine Bad DB Vaccine What happens when

    the database is unreachable? Does the database have reliable and trustworthy monitoring? Does the database fail gracefully?

  34. Injecting Harm in DynamoDB https://www.gremlin.com/community/tutorials/gremlin-gameday-breaking-dynamodb/

  35. Chaos Engineering What do you need before you can start

    doing:

  36. Prerequisites for Chaos Engineering

  37. 1. High Severity Incident Management 2. Monitoring 3. Measure the

    Impact of Downtime Prerequisites for Chaos Engineering

  38. High Severity Incident Management Chaos Engineering Prerequisite #1:

  39. The practice of recording, triaging, tracking, and assigning business value

    to problems that impact critical systems. High Severity Incident Management:

  40. gremlin.com/community

  41. SEVs? What are

  42. What are SEVs? The term SEV is derived from “High

    Severity Incident”

  43. What are SEVs?

  44. How Do You Determine SEV levels?

  45. What is an example of SEV 0? SEV Name: SEV

    0 Runaway Cow (auto generated code names help your team remember and refer to SEVs!) SEV Description: Nintendo Switch eShop is down and not working SEV Start Time: 08:40am Dec 25 2017 (Christmas Day) What is the availability impact? 100% What is the outage duration? 5 hours and 40 minutes

  46. What is an example of SEV 0?

  47. The SEV Lifecycle? What is the

  48. None

  49. How To Run A GameDay gremlin.com/community

  50. How do you identify your critical systems?

  51. What are your critical tier 0 systems? Traffic Database Storage

  52. Monitoring Chaos Engineering Prerequisite #2:

  53. Monitoring Why Do You Need:

  54. Why Monitor - The Google SRE Book https://landing.google.com/sre/book/chapters/monitoring-distributed-systems.html

  55. How Should You Use Monitoring

  56. Critical Services Dashboard gremlin.com/community

  57. The Four Golden Signals - The Google SRE Book https://landing.google.com/sre/book/chapters/monitoring-distributed-systems.html

  58. The Four Golden Signals - The Google SRE Book https://landing.google.com/sre/book/chapters/monitoring-distributed-systems.html

    Monitoring Signal Description Example Latency The time it takes to service a request. HTTP 500 error triggered due to loss of connection to a database Traffic A measure of how much demand is being placed on your system For a web service, this measurement is usually HTTP requests per second Errors The rate of requests that fail, either explicitly, implicitly or by policy. Catching HTTP 500s at your load balancer can do a decent job of catching all completely failed requests. Saturation How "full" your service is. Should also signal impending saturation. It looks like your database will fill its hard drive in 4 hours.

  59. Measure The Impact Of Downtime Chaos Engineering Prerequisite #3:

  60. Measure The Impact Of Downtime We need to understand how

    SEV 0s impact our customers and business.

  61. Measure The Impact Of Downtime System Impact: • Availability •

    Durability Customer/Business Impact: • Outcome • Cost • Time

  62. What is the impact of the Nintendo Switch eShop SEV

    0? SEV Description: Nintendo Switch eShop is down and not working What is the availability impact? 100% Time? 5 hours and 40 minutes Cost? ______ Outcome? Switch users all over the world can’t buy games

  63. Chaos Engineering Now we’re ready to get started with:

  64. Chaos Engineering Use Case: Twilio

  65. Chaos Engineering Case Study: Twilio Ratequeue Chaos has 3 goals:

    1. Pick a shard 2. Kill primary 3. Monitor recovery.

  66. How To Practice Chaos Engineering

  67. Share The Chaos Engineering Journey Widely

  68. • Do a Chaos Engineering Kick Off @ All Hands

    • Send email updates & progress reports • Run Monthly Metrics Reviews • Deliver Presentations Share The Chaos Engineering Journey Widely

  69. Don’t Surprise Everyone!

  70. Gremlin? What is

  71. What is Gremlin?

  72. Gremlin Chaos Engineering Attacks There are a range of attacks

    built-in and ready to run on Linux. Type of Attack Attack Gremlin Support (March 2018) Resource CPU ✅ Resource Disk ✅ Resource IO ✅ Resource Memory ✅ State Process Killer ✅ State Shutdown ✅ State Time Travel ✅ Network Blackhole ✅ Network DNS ✅ Network Latency ✅ Network Packet Loss ✅

  73. Chaos Engineering

  74. Create a Kubernetes Cluster gremlin.com/community

  75. Create a Kubernetes Cluster Master Node 1 Node 2 Node

    3 159.65.85.204 159.65.85.158 159.65.85.169 159.65.85.202

  76. Host Level Chaos Engineering With Kubernetes

  77. Create a Kubernetes Daemonset For Gremlin

  78. View Your Kubernetes Pods

  79. Run An Attack From The Gremlin Control Panel

  80. Monitor Your Chaos Engineering Attack

  81. Monitor Your Chaos Engineering Attack

  82. Notify Your Team

  83. The Path To Chaos Engineering Let’s Review:

  84. The Path To Chaos Engineering High Severity Incident Management Monitoring

    Make & Measure Improvements Chaos Engineering Measure the impact of downtime

  85. Make Improvements? How do you

  86. 1. Build - Build a new system / improve existing

    2. Borrow - Use open source / contribute to OS 3. Buy - Use 3rd party systems 4. Brush up - GameDays / Team training 5. Break - Chaos Engineering / Failure injection 6. Begone - Decommission systems / delete code How do you make improvements?

  87. Always Measure Improvements Tell your before and after story with

    metrics

  88. More Resilient Systems The world needs:

  89. More Resilient Systems! You can create:

  90. Join us on this journey! gremlin.com/community gremlin.com/slack

  91. Thanks! @tammybutow gremlin.com