Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Se7en Deadly Deployment Sins

Philipp Krenn
September 27, 2018
Programming
3
2k

Se7en Deadly Deployment Sins

Do you have something to confess? Or are you still in denial — knowing that you're doing something wrong, but you cannot say for sure what it is?
In this talk, we'll go through our deployment sins and how to avoid them:
* Gluttony: Adding all the dependencies — both in size and number.
* Greed: Yes, I want to use the biggest and slowest application server possible.
* Sloth: Continuous Deployment or Delivery — who would need that?!
* Lust: Of course I'm using containers, microservices, and every latest trend for every project!
* Pride: Once something is in production it's purely an ops problem.
* Envy: Why should I rely on an external library, when I can lovingly handcraft it all myself?
* Wrath: Logging and monitoring are for the faint of heart!

Philipp Krenn

September 27, 2018
Tweet

More Decks by Philipp Krenn

See All by Philipp Krenn
Full-Text Search Explained
xeraa
11
1.8k
360° Monitoring of Your Microservices
xeraa
7
3k
Scale Your Metrics with Elasticsearch
xeraa
4
110
YAML Considered Harmful
xeraa
0
1.9k
Scale Your Elasticsearch Cluster
xeraa
1
250
Hands-On ModSecurity and Logging
xeraa
2
110
Centralized Logging Patterns
xeraa
1
880
Dashboards for Your Management with Kibana Canvas
xeraa
1
430
Make Your Data FABulous
xeraa
3
710

Other Decks in Programming

See All in Programming
Help Collisions, Isolate the Worlds
tagomoris
0
100
Gradle Convention Plugins
jmatsu
1
530
なぜ自社ではスクラムがうまくいかないのか アジャイルコーチと考える、スクラムのアンチパターン / Why Scrum doesn't work in my company?
daipresents
1
340
Migrating From Spring Boot 2 To Spring Boot 3 - What's Jakarta EE Got To Do with It?
ivargrimstad
0
580
Lightweight Architectures: With Angular's Signals and Standalone
manfredsteyer
PRO
0
110
Migrating From Spring Boot 2 To Spring Boot 3 - What's Jakarta EE Got To Do with It?
ivargrimstad
0
510
_アニメーション抜き__MVIに基づくStateMachineアーキテクチャ_KMPとJetpack_ComposeとSwiftUIを組み合わせる.pdf
gmvalentino8
5
660
ruby.wasmでブラウザを酷使してみよう / 2023-MatsueRubyKaigi
lnit
0
140
アプリケーションパフォーマンスの計測と改善の方法を勉強している話
devoc
10
2.6k
Next.js × AWS App Runner × AWS AppSyncで進めるクライアントファーストのWEB開発
okaharuna
6
2.8k
Domain-Driven Design (Tutorial)
hschwentner
13
18k
実践!Swift API Design Guidelinesに基づいた簡潔明瞭なAPIの作り方
jrsaruo
1
240

Featured

See All Featured
Facilitating Awesome Meetings
lara
37
5.1k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
49
16k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
352
21k
A Philosophy of Restraint
colly
195
15k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
318
20k
What the flash - Photography Introduction
edds
64
11k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
239
1.2M
Testing 201, or: Great Expectations
jmmastey
26
6k
Product Roadmaps are Hard
iamctodd
42
8.7k
What’s in a name? Adding method to the madness
productmarketing
PRO
14
2.2k
Optimising Largest Contentful Paint
csswizardry
6
1.8k
Practical Orchestrator
shlominoach
179
9.3k

Transcript

  1. Se7en
    Deployment Sins
    Philipp Krenn@xeraa

    View Slide

  2. Developer

    View Slide

  3. View Slide

  4. It depends...

    View Slide

  5. 1997: “Hello World!”
    2017: “Cloud Native Distributed
    Containerized RESTful microservice
    based on ARMv7 w/ k8s Hello World!
    as a service.”
    — https://twitter.com/shanselman/status/923721516117778432

    View Slide

  6. View Slide

  7. Gluttony
    is the overindulgence and overconsumption of anything
    to the point of waste.

    View Slide

  8. View Slide

  9. Memory, Disk,
    Network

    View Slide

  10. Windows 95 was 30Mb. Today we
    have web pages heavier than that!
    Windows 10 is 4Gb, which is 133 times
    as big. But is it 133 times as superior?

    View Slide

  11. Google keyboard app routinely eats
    150 Mb. Is an app that draws 30 keys
    on a screen really five times more
    complex than the whole Windows 95?
    — http://tonsky.me/blog/disenchantment/

    View Slide

  12. "Windows 95 was 30 MB" is such an ignorant,
    obnoxious, trite take.
    a triple buffered framebuffer (which you want
    for smooth scrolling) for my 4K display is 70
    MB in pixels alone. Obviously a complete
    webpage with precomposed textures would
    take more.
    — https://twitter.com/whitequark/status/1043747987342671872

    View Slide

  13. 640K ought to be enough for
    anybody

    View Slide

  14. View Slide

  15. View Slide

  16. View Slide

  17. The JS Drinking Game:
    1. Think of a noun.
    2. Google ".js"
    3. If a libary with that name exists,
    drink! #JavaScript #code
    — https://twitter.com/_ericelliott/status/
    746427779525279744

    View Slide

  18. View Slide

  19. View Slide

  20. View Slide

  21. Microservices
    Nano, Pico, Femto, Atto, Yocto

    View Slide

  22. View Slide

  23. Don’t forget - having legacy software
    is often a sign of success. Your business
    was successful to last long enough for
    your software to become legacy.
    — https://twitter.com/samnewman/status/
    929622273065136130

    View Slide

  24. Microservices help if
    too many people
    too many dependencies
    not scalable

    View Slide

  25. Will this solve all your
    problems?

    View Slide

  26. View Slide

  27. Reminder: if you're building
    microservices, you're building a
    distributed system. That means,
    among other things,

    View Slide

  28. each service has to be independently
    testable and deployable (including to
    your dev environment) and should
    degrade gracefully if it cannot reach
    its dependencies.
    — https://twitter.com/jezhumble/status/
    1021897540445196288

    View Slide

  29. Sun Microsystems
    8 fallacies of
    distributed computing

    View Slide

  30. View Slide

  31. View Slide

  32. Jeff Hodges
    Notes on Distributed
    Systems for Young
    Bloods
    https://www.somethingsimilar.com/2013/01/14/notes-
    on-distributed-systems-for-young-bloods/

    View Slide

  33. The Five Nines
    Is it resilient? Nein.
    Is it available? Nein.
    Is it scalable? Nein.
    Is it reliable? Nein.
    Does it work? Nein.
    — https://twitter.com/marcvolovic/status/
    898022815668088832

    View Slide

  34. At this point it would be easier if you
    told us when it DID work.
    — https://twitter.com/honest_update/status/
    930128629677416450

    View Slide

  35. SOA done right?

    View Slide

  36. View Slide

  37. View Slide

  38. SOAP: Simple Object Access Protocol.
    Except it's not Simple, it's
    Complicated. And it's not about
    Objects, it's about RPC.
    So really: CRAP
    — https://twitter.com/joewalnes/status/563691487586549761

    View Slide

  39. View Slide

  40. We replaced our monolith with micro
    services so that every outage could be
    more like a murder mystery.
    — https://twitter.com/honest_update/status/
    651897353889259520

    View Slide

  41. View Slide

  42. Here's a diagram of two microservices
    and their shared database.
    — https://twitter.com/mathiasverraes/status/
    711168935798902785

    View Slide

  43. OH: "replace your shared monolithic
    DB with a shared monolithic stream
    store"
    — https://twitter.com/ntcoding/status/928902644764200960

    View Slide

  44. In every distributed system architecture
    diagram, change the box labeled
    “Kafka” to “ESB” and immediately
    “The hot new thing” becomes “The
    legacy we need to get rid of”. Think
    about that. #decentralize
    — https://twitter.com/olivergierke/status/1044592822500904960

    View Slide

  45. ...don’t even consider microservices
    unless you have a system that’s too
    complex to manage as a monolith.
    The majority of software systems
    should be built as a single monolithic
    application.

    View Slide

  46. Do pay attention to good modularity
    within that monolith, but don’t try to
    separate it into separate services.
    — http://martinfowler.com/bliki/MicroservicePremium.html

    View Slide

  47. View Slide

  48. https://twitter.com/simonbrown/status/847339104874381312

    View Slide

  49. The #microservices bandwagon exists
    because the name is cool. Monoliths
    just need marketing help…
    #MegaPlatform #UberContainer
    #StereoLith
    — https://twitter.com/sjmaple/status/724541627407147008

    View Slide

  50. #Serverfull

    View Slide

  51. A word of the week: Microlith - a huge
    enterprise app ported to one, fat
    Docker container. #MicroserviceJokes
    — https://twitter.com/rmehmandarov/status/
    865542627004788737

    View Slide

  52. If you want to implement
    microservices, the 1st thing you need
    to do is implement aggregated
    logging. The 2nd is implement
    correlation IDs
    — https://twitter.com/samnewman/status/
    862255875125366786

    View Slide

  53. Microservices can help large number
    of people go faster by allowing more
    autonomy. I remain to be convinced it
    does the same for small teams
    — https://twitter.com/samnewman/status/
    778118760226062336

    View Slide

  54. Repeat after me
    I'm not Facebook,
    Google, or Amazon

    View Slide

  55. View Slide

  56. Greed
    is applied to a very excessive or rapacious desire and
    pursuit of material possessions.

    View Slide

  57. View Slide

  58. View Slide

  59. Sloth
    is sometimes defined as physical laziness, but spiritual
    laziness is emphasized.

    View Slide

  60. View Slide

  61. Continuous
    Integration CI
    Build and test every push

    View Slide

  62. Continuous Delivery
    CD
    Manual production deployment

    View Slide

  63. Continuous
    Deployment CD
    Automated production deployment

    View Slide

  64. View Slide

  65. Facebook switched to Continuous
    Delivery / Deployment in 04/2017
    https://code.facebook.com/posts/270314900139291/
    rapid-release-at-massive-scale/

    View Slide

  66. Deploy multiple times per day if it
    fits your business model. Don’t
    deploy for the sake of deploying.

    View Slide

  67. https://twitter.com/allspaw/status/925490726468771840

    View Slide

  68. View Slide

  69. View Slide

  70. View Slide

  71. DDD (Russian: Davai Davai Deploy) -
    Just deploy this sh*t already. Come on!
    — https://twitter.com/Steve_Jules/status/
    862247438551265280

    View Slide

  72. Also
    Deadline Driven Deployment

    View Slide

  73. View Slide

  74. View Slide

  75. https://twitter.com/ericqweinstein/status/529319496029589504

    View Slide

  76. View Slide

  77. Volkswagen detects when your
    tests are being run in a CI server,
    and makes them pass.
    https://github.com/auchenberg/volkswagen
    https://github.com/hmlb/phpunit-vw

    View Slide

  78. View Slide

  79. Separate code and
    config

    View Slide

  80. Do not commit secrets
    HashiCorp Vault
    Ansible Vault
    ...

    View Slide

  81. View Slide

  82. Lust
    is an intense and uncontrolled desire.

    View Slide

  83. Always use the hottest

    View Slide

  84. High-latency low-throughput
    append-only database with very
    expensive transaction commit
    protocols just doesn’t have the same
    ring to it as “Blockchain” does it?
    — https://twitter.com/jstogdill/status/1004448569615626240

    View Slide

  85. #Database: garbage-in garbage-out
    #Blockchain: garbage-in garbage-
    carved-in-stone
    — https://twitter.com/nivertech/status/1033037299553103872

    View Slide

  86. View Slide

  87. View Slide

  88. Docker: each docker container should
    just run one process
    Me: but your containers are 700+MB
    each
    Docker: you see why our mascot is a
    whale
    — https://twitter.com/classam/status/743333692462895104

    View Slide

  89. View Slide

  90. https://turnoff.us/geek/
    before-devops-after-
    devops/

    View Slide

  91. View Slide

  92. View Slide

  93. View Slide

  94. View Slide

  95. "A container is just a process"

    View Slide

  96. View Slide

  97. containers will not fix your broken
    architecture
    you are welcome
    — https://twitter.com/littleidea/status/659445920954642432

    View Slide

  98. View Slide

  99. You gotta love the docker-compose
    command line:
    docker-compose down -v Removes all
    volumes
    docker-compose -v down Prints the
    version of docker-compose
    — https://twitter.com/fhopf/status/971910920522760192

    View Slide

  100. New dependencies of your artifacts
    JVM and base image

    View Slide

  101. so.. using GlibC?
    How’s re-imaging all of your
    @Docker images going?
    — https://twitter.com/starbuxman/status/
    700591322177019904

    View Slide

  102. View Slide

  103. Containerizing legacy applications

    View Slide

  104. Microservices + containers
    Cargo cult

    View Slide

  105. View Slide

  106. cargo culting comes from received but
    not integrated knowledge. because
    one doesn't grasp how a thing works,
    one simply goes through the motion of
    how one was told to do it.
    — https://twitter.com/GeePawHill/status/
    931941663886454784

    View Slide

  107. If you are only picking Kubernetes
    because that's the way Google does it,
    then you should also consider writing
    your own filesystems.
    — https://twitter.com/kelseyhightower/status/
    741310392756887552

    View Slide

  108. At this point you're crazy to think you can
    manage k8s yourself. I'm sure you've got
    engineers who want to. It's shiny and fun
    now, but the novelty wears off quick. And
    then you are left with an old snowflake
    — https://twitter.com/ibuildthecloud/status/
    1020371700934881280

    View Slide

  109. Kubris - the belief that Kubernetes can
    do everything by itself
    — https://twitter.com/monadic/status/1007293757501378560

    View Slide

  110. OH: “their infra is 50 shades of broken
    and they’re now setting up their own
    frankenetes cluster hoping it’ll fix
    everything”
    — https://twitter.com/copyconstruct/status/
    935317466573504512

    View Slide

  111. We've been so beaten into thinking we
    need to care about the speed-of-
    delivery with containers, we lost focus
    somewhere on prod reliability
    — https://twitter.com/danveloper/status/858372256174669824

    View Slide

  112. https://
    www.monkeyuser.com/
    2018/tech-debt/

    View Slide

  113. What's wrong here?
    For a stateful production service
    $ docker run -p 9200:9200
    -p 9300:9300
    -e "http.host=0.0.0.0"
    -e "transport.host=0.0.0.0"
    -e "discovery.zen.ping.unicast.hosts=..."
    docker.elastic.co/elasticsearch/elasticsearch

    View Slide

  114. Zombies
    ideas that should have been killed
    by evidence, but keep shambling
    along

    View Slide

  115. Run Elasticsearch as
    root

    View Slide

  116. Cockroaches
    claims that disappear for a while
    when proved wrong, but just keep
    on coming back

    View Slide

  117. Make JAR not WAR

    View Slide

  118. YAML

    View Slide

  119. https://twitter.com/Caged/status/1039937162769096704

    View Slide

  120. One more thing
    Serverless

    View Slide

  121. Serverless

    View Slide

  122. View Slide

  123. Yesterday I have bird and bee
    discussion with junior devops for make
    realize cloud instance is born of real
    hardware.
    — https://twitter.com/DEVOPS_BORAT/status/
    289777231683788801

    View Slide

  124. View Slide

  125. I felt a great disturbance in the cloud,
    as if millions of microservices suddenly
    cried out in terror, and were suddenly
    serverless.
    — https://twitter.com/kennybastani/status/
    858021145890762755

    View Slide

  126. 2016: Serverless Architecture
    2017: Codeless Architecture
    2018: Architectureless Architecture
    — https://twitter.com/benbjohnson/status/
    746049032699600897

    View Slide

  127. by 2025, 30% of net new technical
    debt will be serverless
    — https://twitter.com/mstine/status/972207185005633536

    View Slide

  128. PaaS reborn?

    View Slide

  129. If your PaaS can efficiently start
    instances in 20ms that run for half a
    second, then call it serverless.
    — https://twitter.com/adrianco/status/736553530689998848

    View Slide

  130. Every vendor that can't compete in
    Cloud chooses "Hybrid" as their
    strategy - Opinion's law of Cloud.
    — https://twitter.com/cloud_opinion/status/
    594215778947362816

    View Slide

  131. View Slide

  132. Pride
    is identified as believing that one is essentially better
    than others.

    View Slide

  133. View Slide

  134. "I know, we need
    DevDevOpsOps!"
    — https://twitter.com/
    agile_memes/status/
    1019694518050754560

    View Slide

  135. View Slide

  136. DevOps is not a
    tool | certificate | job title | team

    View Slide

  137. View Slide

  138. View Slide

  139. To make error is human. To propagate
    error to all server in automatic way is
    #devops.
    — https://twitter.com/DEVOPS_BORAT/status/
    41587168870797312

    View Slide

  140. DevOps is a software engineering
    culture and practice of putting horrors
    into containers and then talking about
    Kubernetes at conferences.
    — https://twitter.com/sadserver/status/1011652439303262208

    View Slide

  141. View Slide

  142. Envy
    is the discontent towards someone's traits, status,
    abilities, or rewards.

    View Slide

  143. Craft everything
    yourself!

    View Slide

  144. Infrastructure
    !
    vs

    View Slide

  145. All my servers are cattle ... except for
    the redis instance. That one gets
    health care and Christmas gifts.
    — https://twitter.com/ajordens/status/801847570259509248

    View Slide

  146. View Slide

  147. View Slide

  148. "Every company has a test
    environment. Some are lucky enough
    to also have a production
    environment."
    — https://twitter.com/lowrykoz/status/1017850159198294022

    View Slide

  149. Avoid Drift

    View Slide

  150. View Slide

  151. I like the "ssh tags the instance for
    garbage collection" model as a step; it
    lets you migrate a team to new habits.
    — https://twitter.com/ferlatte/status/905984786082050048

    View Slide

  152. View Slide

  153. Wrath
    also known as "rage", may be described as inordinate
    and uncontrolled feelings of hatred and anger.

    View Slide

  154. How I Hacked My Morning Routine:
    I wiped a production database and
    now I am 100% definitely awake
    — https://twitter.com/iamdevloper/status/
    1034824761833136128

    View Slide

  155. View Slide

  156. How do you monitor your system?
    End users.

    View Slide

  157. UDP : User Distress Protocol.
    — https://twitter.com/thisisvibs/status/1022323915417210880

    View Slide

  158. pretty awesome when monitoring
    tools say zero overhead. Might as well
    say negative overhead.. I mean if you
    are going to lie at least add value!
    — https://twitter.com/adrianfcole/status/
    1024140189331906560

    View Slide

  159. View Slide

  160. What we really do
    when a server is
    down. #DevOps
    — https://twitter.com/
    mattiasgeniar/status/
    1039892272643489792

    View Slide

  161. Conclusion

    View Slide

  162. What did we learn today?
    It depends...

    View Slide

  163. A good developer is like a werewolf:
    Afraid of silver bullets.
    — https://twitter.com/codepitbull/status/
    784691906005635072

    View Slide

  164. Think back five years ago. How many
    technical opinions did you deeply hold
    which you now repudiate? Now think
    about the present. How many opinions
    do you deeply hold today?

    View Slide

  165. We are always in a state of progressive
    wrongness. Don't cling too tightly to
    what you believe today.
    — https://twitter.com/djspiewak/status/
    1040247203648819200

    View Slide

  166. View Slide

  167. Questions?
    Confessions?
    @xeraa

    View Slide