evan krall 2015 06 12 who is this person
play

Evan Krall 2015-06-12 Who is this person? Evan Krall SRE = - PowerPoint PPT Presentation

Dec 30, 2023 •159 likes •884 views

Evan Krall 2015-06-12 Who is this person? Evan Krall SRE = development + sysadmin 4+ years at Yelp Paasta Application Delivery at Yelp Why? History Yelp started out as monolithic python app Builds/pushes take a long time Messing up is

  1. Evan Krall 2015-06-12

  2. Who is this person? Evan Krall SRE = development + sysadmin 4+ years at Yelp

  4. Paasta Application Delivery at Yelp

  5. Why?

  6. History Yelp started out as monolithic python app Builds/pushes take a long time Messing up is painful So we build process to avoid messing up Process makes pushes even slower

  7. Service Oriented Architecture Pull features out of monolith Split into different applications Smaller services -> faster pushes fewer issues per push total # of issues increases, but we can fix issues faster. Smaller parts -> easier to reason about Bonus: can scale parts independently

  8. SOA comes with challenges Lots of services means lots of dependencies Now your code is a ~distributed system~ If you thought running 1 app was hard, try 100

  9. What is a service? Standalone application Stateless Separate git repo Usually, at Yelp: HTTP API Python, Pyramid, uWSGI virtualenv

  10. Yelp SOA before Paasta services responsible for providing init script often not idempotent central list of which hosts run which services pull-model file transfers reasonably reliable push-model control (for host in hosts: ssh host ...) What if hosts are down? What if transfer hasn't completed yet?

  11. What is Paasta?

  12. What is Paasta? Internal PaaS Builds services Deploys services Interconnects services Monitors services

  13. What is Paasta? Servers are not Deploying snowflakes! services should be better! Declarative control++ Continuous integration is awesome! Monitor your services!

  14. Design goals

  15. Make ops happy Fault tolerance no single points of failure recover from failures Efficient use of resources Simplify adding/removing resources

  16. Make devs happy We need adoption, but can't impose on devs Must be possible to seamlessly port services Must work in both datacenter and AWS Must be compelling to developers Features Documentation Flexibility

  17. Make ourselves happy (paasta devs) Pick good abstractions Avoid hacks Write good tests Don't reinvent the wheel: use open-source tools Enforce opinions when necessary for scale

  18. How

  19. What runs in production? (or stage, or dev, or ...)

  20. What parts do we need? Scheduling: Decide where to run the code Delivery: Get the code + dependencies onto boxes Discovery: Tell clients where to connect Alerting: Tell humans when things are wrong

  21. What parts do we need? Scheduling: Decide where to run the code Delivery: Get the code + dependencies onto boxes Discovery: Tell clients where to connect Alerting: Tell humans when things are wrong

  22. Scheduling: Decide where to run the code Static: humans decide puppet/chef: role X gets service Y static mappings: boxes [A,B,C,...] get service Y simple, reliable slow to react to failure, resource changes

  23. Scheduling: Decide where to run the code Dynamic: computers decide Mesos, Kubernetes, Fleet, Swarm IaaS: dedicated VMs for service, let Amazon figure it out. Automates around failure, resource changes Makes discovery/delivery/monitoring harder

  24. Scheduling in Paasta: Mesos + Marathon Mesos is an "SDK for distributed systems", not batteries-included. Requires a framework Marathon (ASGs for Mesos) Can run many frameworks on same cluster Supports Docker as task executor mesosphere.io mesos.apache.org

  25. from http://mesos.apache.org/documentation/latest/mesos-architecture/

  26. from http://mesos.apache.org/documentation/latest/mesos-architecture/

  27. (Marathon) (Docker) from http://mesos.apache.org/documentation/latest/mesos-architecture/

  28. What parts do we need? Scheduling: Decide where to run the code Delivery: Get the code + dependencies onto boxes Discovery: Tell clients where to connect Alerting: Tell humans when things are wrong

  29. Delivery: Get the code + dependencies onto boxes Push-based: • for box in $boxes; do rsync code $box:/code Simple, easy to tell when finished what about failures? retry, but how long? how do we make sure new boxes get code? cron deploys

  30. Delivery: Get the code + dependencies onto boxes Pull-based: cron job on every box downloads code built-in retries new boxes download soon after boot have to wait for cron job baked VM/container images container/VM can't start on failure ASG, Marathon will retry

  31. Delivery: Get the code + dependencies onto boxes Shared sudo {gem,pip,apt-get} install lots of tooling exists already shared = space/bandwidth savings what if two services need different versions? how to update a library that 20 services need?

  32. Delivery: Get the code + dependencies onto boxes Isolated virtualenv / rbenv / VM-per-service / Docker more freedom for dev services don't step on each others' toes more disk/bandwidth harder to audit for vulnerabilities

  33. Delivery in Paasta: Docker Containers: like lightweight VMs Provides a language (Dockerfile) for describing container image Reproducible builds (mostly) Provides software flexibility docker.com

  34. What parts do we need? Scheduling: Decide where to run the code Delivery: Get the code + dependencies onto boxes Discovery: Tell clients where to connect Alerting: Tell humans when things are wrong

  35. Discovery: Tell clients where to connect Static: Constants in code Config files Static records in DNS Simple, reliable Slow reaction time

  36. Discovery: Tell clients where to connect Dynamic: Dynamic DNS zone ELB Zookeeper, Etcd, Consul Store IPs in database, not text files Reacts to change faster, allows better scheduling Complex, can be fragile Recursive: How do you know where ZK is?

  37. Discovery: Tell clients where to connect in-process DNS Everyone supports DNS TTLs are rarely respected, limit update rate Lookups add critical-path latency Talking to ZK, Etcd, Consul in service Tricky. Risk of worker lockup if ZK hangs Delegate to library Few external dependencies

  39. Discovery: Tell clients where to connect external SmartStack, consul-template, vulcand Reverse proxy on local box Simpler client code (just hit localhost:$port) Avoids library headaches Easy cross-language support Must be load-balanceable

  40. Discovery in Paasta: Smartstack Nerve registers services in ZooKeeper Synapse discovers from ZK + writes HAProxy config Registration, discovery, load balancing Hard problems! Let's solve them once. Provides migration path: port legacy version to SmartStack have Paasta version register in same pool nerds.airbnb.com/smartstack-service-discovery-cloud

  41. Discovery in Paasta: Smartstack box1 box2 client service mesos mesos slave slave k c e h c h t l a HAProxy e h HAProxy nerve nerve synapse synapse Metadata ZooKeeper HTTP request

  42. why bother with registration? why not ask your scheduler? Scheduler portability!

  43. Discovery in Paasta: Smartstack box1 box3 box2 service client service (legacy) mesos puppet mesos slave slave k c healthcheck e h c h t l a HAProxy e h HAProxy HAProxy nerve nerve nerve synapse synapse synapse Metadata ZooKeeper HTTP request

  44. There's no place like 127.0.0.1* Every box runs HAProxy Paper over network issues with retries Load balancing scales with # of clients Downside: lots of healthchecks hacheck caches to avoid hammering services Downside: many LBs means LB algorithms don't work as well *We actually use 169.254.255.254, because every container has its own 127.0.0.1

  45. What parts do we need? Scheduling: Decide where to run the code Delivery: Get the code + dependencies onto boxes Discovery: Tell clients where to connect Alerting: Tell humans when things are wrong

  46. Alerting: Tell humans when things are wrong Static E.g. nagios, icinga File-based configuration Simple, familiar Often not highly available Hard to dynamically generate checks/alerts

  47. Alerting: Tell humans when things are wrong Dynamic e.g. Sensu, Consul Allows you to add hosts & checks on the fly Flexible Generally newer, less battle-tested Newer software is often built for high availability

  48. Alerting in Paasta: Sensu Based around event bus Replication monitoring how many instances are up in HAProxy? Marathon app monitoring is service failing to start? Cron jobs on master boxes do checks, emit results. sensuapp.org

  49. Runtime Components Scheduling: Mesos+Marathon Delivery: Docker Discovery: SmartStack Alerting: Sensu

  50. How do we control this thing?

  51. Primary control plane Convenient access controls (via gitolite, etc) deploys, stop/start/restart indicated by tags less-frequently changed metadata stored in a repo

  52. Declarative control Describe end goal, not path Helps us achieve fault tolerance. "Deploy 12abcd34 to prod" vs. "Commit 12abcd34 should be running in prod" Gas pedal vs. Cruise Control

  53. metadata repo editable by service authors marathon-$cluster.yaml how many instances to run? canary secondary tasks smartstack.yaml deploy.yaml list of deploy steps Boilerplate can be generated with paasta fsm

  54. paasta_tools python 2.7 package, dh-virtualenv CLI for users control + visibility cron jobs: Collect information from git Configure Marathon Configure Nerve Resilient to failure This is how we build higher-order systems

Recommend

DISCOVERING FOUNDATION WITH SASS FOR DRUPAL BRIAN KRALL, SR. FRONT-END DEVELOPER WHO'S THIS

DISCOVERING FOUNDATION WITH SASS FOR DRUPAL BRIAN KRALL, SR. FRONT-END DEVELOPER WHO'S THIS

DISCOVERING FOUNDATION WITH SASS FOR DRUPAL BRIAN KRALL, SR. FRONT-END DEVELOPER WHO'S THIS GUY? Brian Krall Sr. Front-end Developer at Duo Consulting @bkrall on Twitter , br0iler on d.o Member of 1871 Writing at

349 views • 34 slides
Sphincter of Oddi Dysfunction: Where do we stand in 2015? Evan L. Fogel, M.D. Professor of

Sphincter of Oddi Dysfunction: Where do we stand in 2015? Evan L. Fogel, M.D. Professor of

IU GI Motility Conference August 5, 2015 Sphincter of Oddi Dysfunction: Where do we stand in 2015? Evan L. Fogel, M.D. Professor of Medicine ERCP Fellowship Director Division of Gastroenterology/Hepatology Indiana University Hospital

1.23k views • 87 slides
Evan-Moor Educational Publishers 2019 New Product Evan-Moor Educational Publishers A Brief

Evan-Moor Educational Publishers 2019 New Product Evan-Moor Educational Publishers A Brief

Evan-Moor Educational Publishers 2019 New Product Evan-Moor Educational Publishers A Brief Reminder of Who We Are Evan-Moor is a PreK-8 supplemental publisher based in the U.S. Weve been creating high quality resources for 40 years.

476 views • 10 slides
TVI AGM Presentation June 10, 2015 Qualified Person Statement and Disclaimer Qualified Person

TVI AGM Presentation June 10, 2015 Qualified Person Statement and Disclaimer Qualified Person

TVI AGM Presentation June 10, 2015 Qualified Person Statement and Disclaimer Qualified Person Mike Bue, Bsc. Eng, M.Eng, P.Eng, Technical Advisor and Project Advisory Group member of TVI and a member of the Professional Engineers of Ontario and

445 views • 28 slides
Evan Tschannen 1 Evan Tschannen Worked on FoundationDB for 8 years Touched every

Evan Tschannen 1 Evan Tschannen Worked on FoundationDB for 8 years Touched every

Evan Tschannen 1 Evan Tschannen Worked on FoundationDB for 8 years Touched every core component of the database Recently added multi-region asynchronous replication https://www.foundationdb.org

849 views • 35 slides
Digital Marketing and Social Media Evan Govender evan@digitalmarketingedge.com .com What

Digital Marketing and Social Media Evan Govender evan@digitalmarketingedge.com .com What

Digital Marketing and Social Media Evan Govender evan@digitalmarketingedge.com .com What Happens in ONE Minute Supercomputer helps identify which puppies can serve the blind It costs $50,000 to train a guide dog for the blind, whether they

399 views • 36 slides
E-Lins Technology Co.,Ltd Contact: Evan Zou Mobile: +86-13798257916 Email: evan@e-lins.com

E-Lins Technology Co.,Ltd Contact: Evan Zou Mobile: +86-13798257916 Email: evan@e-lins.com

Honesty Devotion Innovation E-Lins Technology Co.,Ltd Contact: Evan Zou Mobile: +86-13798257916 Email: evan@e-lins.com evan.elins@e-lins.com Msn: zouyanbing@hotmail.com Skype: zouyanbing Web: www.e-lins.com or www.e-lins.cn Add:

124 views • 9 slides
Corporate Presentation March 2015 Qualified Person Statement and Disclaimer Qualified Person

Corporate Presentation March 2015 Qualified Person Statement and Disclaimer Qualified Person

Corporate Presentation March 2015 Qualified Person Statement and Disclaimer Qualified Person Mike Bue, Bsc. Eng, M.Eng, P.Eng, Technical Advisor and Project Advisory Group member of TVI and a member of the Professional Engineers of Ontario and

371 views • 33 slides
Corporate Presentation October 2015 Qualified Person Statement and Disclaimer Qualified Person

Corporate Presentation October 2015 Qualified Person Statement and Disclaimer Qualified Person

Corporate Presentation October 2015 Qualified Person Statement and Disclaimer Qualified Person Mike Bue, Bsc. Eng, M.Eng, P.Eng, Technical Advisor and Project Advisory Group member of TVI and a member of the Professional Engineers of Ontario

577 views • 24 slides
Corporate Presentation February 2015 Qualified Person Statement and Disclaimer Qualified Person

Corporate Presentation February 2015 Qualified Person Statement and Disclaimer Qualified Person

Corporate Presentation February 2015 Qualified Person Statement and Disclaimer Qualified Person Mike Bue, Bsc. Eng, M.Eng, P.Eng, Technical Advisor and Project Advisory Group member of TVI and a member of the Professional Engineers of Ontario

349 views • 34 slides
18/02/2015 Has anyone assessed another person before ? What were the challenges? Draw a house

18/02/2015 Has anyone assessed another person before ? What were the challenges? Draw a house

18/02/2015 Has anyone assessed another person before ? What were the challenges? Draw a house activity The Purpose of Assessment Which person completed the activity in the best way? Diagnostic - to enable staff to find out their level of

65 views • 5 slides
DNS/DNSSEC/DANE/DNS-over- TLS etc. Team IETF95 Hackathon In-Person: Ray Bellis, Sebastian

DNS/DNSSEC/DANE/DNS-over- TLS etc. Team IETF95 Hackathon In-Person: Ray Bellis, Sebastian

DNS/DNSSEC/DANE/DNS-over- TLS etc. Team IETF95 Hackathon In-Person: Ray Bellis, Sebastian Castro, Sara Dickinson, John Dickinson, Ralph Dolman, Robert Edmonds, Evan Hunt, Shumon Huque, Daniel Kahn Gillmor, Shane Kerr, Dave Lawrence,

183 views • 16 slides
{ narrating it. Either as a first person, second person or third person. By: Una Bach Billy

{ narrating it. Either as a first person, second person or third person. By: Una Bach Billy

Writing Depression, to Happiness, and Then Gone A narrative is a piece of literature with someone { narrating it. Either as a first person, second person or third person. By: Una Bach Billy Casper is saddened about the loss of Kes.

108 views • 9 slides
2015 Results Presentation No person shall have any right of action (except in case of fraud)

2015 Results Presentation No person shall have any right of action (except in case of fraud)

National Central Cooling Company PJS C 1 February 2016 2015 Results Presentation No person shall have any right of action (except in case of fraud) against the Company or any other person in relation to the accuracy or completeness of the

474 views • 20 slides
Funding System Redesign October 13, 2015 10/13/2015 1 Context Whole life, whole day

Funding System Redesign October 13, 2015 10/13/2015 1 Context Whole life, whole day

Ohios Adult Day Services Funding System Redesign October 13, 2015 10/13/2015 1 Context Whole life, whole day work as an anchor Family (as the person defines it) Person-centered plan Individualized supports, not programs

325 views • 31 slides
Detecting Facial Manipulation Deepfakes Evan Kravitz, Huazhe Xu April 21, 2020 1 2

Detecting Facial Manipulation Deepfakes Evan Kravitz, Huazhe Xu April 21, 2020 1 2

Detecting Facial Manipulation Deepfakes Evan Kravitz, Huazhe Xu April 21, 2020 1 2 https://www.instagram.com/p/ByaVigGFP2U/ 3 https://www.instagram.com/p/ByaVigGFP2U/ What is a deepfake? Synthetic image/video of a person that looks

1.23k views • 34 slides
Informa(on Security Fundamentals: What We Learn When We Listen EVAN FRANCEN,

Informa(on Security Fundamentals: What We Learn When We Listen EVAN FRANCEN,

Informa(on Security Fundamentals: What We Learn When We Listen EVAN FRANCEN, PRESIDENT & CO-FOUNDER - FRSECURE MARCH 17, 2015 In Informa( orma(on on S Secu ecurit rity Fu y Fundamen

695 views • 32 slides
Using Geogebra To Promote Skill Development and Active Learning Evan Weinberg

Using Geogebra To Promote Skill Development and Active Learning Evan Weinberg

Using Geogebra To Promote Skill Development and Active Learning Evan Weinberg eweinberg@scischina.org Hangzhou International School 1 Introductions I'm Evan, I taught for 7 years in the NYC public schools, and then moved in 2010 to

294 views • 28 slides
Smart Cameras Mark DiVelbiss, Selena Grant, Qing Liu Overview - First Person vs Third Person -

Smart Cameras Mark DiVelbiss, Selena Grant, Qing Liu Overview - First Person vs Third Person -

Smart Cameras Mark DiVelbiss, Selena Grant, Qing Liu Overview - First Person vs Third Person - Common Problems - Motivations First Person vs Third Person Camera - First Person - Immersive - Intuitive - Third Person -

626 views • 41 slides
How do you do a Science and Engineering Librarian Evan.sterling@uottawa.ca lit review? MCG, 1

How do you do a Science and Engineering Librarian Evan.sterling@uottawa.ca lit review? MCG, 1

Evan Sterling , P.Eng., M.I.S. How do you do a Science and Engineering Librarian Evan.sterling@uottawa.ca lit review? MCG, 1 November 2019 What I will talk about today The types of literature reviews What your profs expect Doing

489 views • 47 slides
Finding and using Evan.sterling@uottawa.ca scholarly info better MCG seminar Research in

Finding and using Evan.sterling@uottawa.ca scholarly info better MCG seminar Research in

Evan Sterling , P.Eng. Science and Engineering Librarian University of Ottawa Finding and using Evan.sterling@uottawa.ca scholarly info better MCG seminar Research in undergrad courses Type some words into Google Scholar, and presto!

985 views • 52 slides
Hiring and Developing Person-Organization Fit: Person Organization Fit: An Academic and

Hiring and Developing Person-Organization Fit: Person Organization Fit: An Academic and

Hiring and Developing Person-Organization Fit: Person Organization Fit: An Academic and Practitioners Point of View Jacquelyn H. Wolf, PhD August 14, 2012 1 Fit Matters Fish out of water Right person...wrong place A

635 views • 18 slides
vmgen - A Generator of Efficient Virtual Machine Interpreters M. Anton Ertl, David Gregg, Andreas

vmgen - A Generator of Efficient Virtual Machine Interpreters M. Anton Ertl, David Gregg, Andreas

vmgen - A Generator of Efficient Virtual Machine Interpreters M. Anton Ertl, David Gregg, Andreas Krall, and Bernd Paysan Presented by Peter Bailey May 6, 2011 M. Anton Ertl, David Gregg, Andreas Krall, and Bernd Paysan Presented by Peter

559 views • 20 slides
Choosing Outcomes Across a Population: Deliberative Approaches Evan Mayo-Wilson, MPA, DPhil

Choosing Outcomes Across a Population: Deliberative Approaches Evan Mayo-Wilson, MPA, DPhil

Choosing Outcomes Across a Population: Deliberative Approaches Evan Mayo-Wilson, MPA, DPhil Center for Clinical Trials and Evidence Synthesis Department of Epidemiology Johns Hopkins Bloomberg School of Public Health evan.mayo-wilson@jhu.edu

295 views • 14 slides

More recommend