using chaos to build resilient systems
play

USING CHAOS TO BUILD RESILIENT SYSTEMS @tammybtow, Gremlin Whats - PowerPoint PPT Presentation

Jun 04, 2023 •529 likes •1.38k views

USING CHAOS TO BUILD RESILIENT SYSTEMS @tammybtow, Gremlin Whats the scale of your infra? @tammybtow #QCONNYC How many services do you have running in production? @tammybtow #QCONNYC How many engineers do you have at your

  1. USING CHAOS TO BUILD RESILIENT SYSTEMS @tammybütow, Gremlin

  2. What’s the scale of your infra? @tammybütow #QCONNYC

  3. How many services do you have running in production? @tammybütow #QCONNYC

  4. How many engineers do you have at your company? @tammybütow #QCONNYC

  5. A Common Chaos Engineering Journey 🚳 🏏 🚘 @tammybütow, Gremlin @tammybütow #QCONNYC

  6. TOP 5 MOST POPULAR WAYS TO USE CHAOS ENGINEERING IN 2018 @tammybütow #QCONNYC

  7. ADVANCED USES OF CHAOS ENGINEERING 🚣 🚣 @tammybütow #QCONNYC

  8. What happened this week: June 2018 Slack Outage @tammybütow, Gremlin @tammybütow #QCONNYC

  9. @tammybütow, Gremlin @tammybütow #QCONNYC

  10. TAMMY BÜTOW  Principal SRE, Gremlin Causing chaos in prod since 2009. Previously SRE Manager @ Dropbox leading Databases, Block Storage and Code Workflows for 500 million users and 800 engineers. @tammybütow @tammybütow #QCONNYC

  11. GREMLIN • We are practitioners of Chaos Engineering • We build software that helps engineers build resilient systems in a safe, secure and simple way. • We offer 11 ways to inject chaos for your Chaos Engineering experiments (e.g. host/container packet loss and shutdown) @tammybütow #QCONNYC

  12. PART 1: LAYING THE FOUNDATION @tammybütow #QCONNYC

  13. Let’s Define A Resilient System: • A resilient system is a highly available and durable system. • A resilient system can maintain an acceptable level of service in the face of failure. • A resilient system can weather the storm (a misconfiguration, a large scale natural disaster or controlled chaos engineering). @tammybütow #QCONNYC

  14. It would be silly to give an Olympic pole-vaulter a broom and ban them from practicing! @tammybütow #QCONNYC

  15. “Thoughtful planned experiments designed to reveal the weaknesses in our systems” - Kolton Andrus, Gremlin CEO @tammybütow, Gremlin @tammybütow #QCONNYC

  16. Think of it like a vaccination: Inject something harmful in order to build an immunity. @tammybütow, Gremlin @tammybütow #QCONNYC

  17. Eventually systems will break in many undesired ways. Break them first on purpose with controlled chaos! 💦 @tammybütow #QCONNYC

  18. DOGFOODING • Using your own product. 🐷 • For us that means using Gremlin for our Chaos Engineering experiments. • Failure Fridays @tammybütow #QCONNYC

  19. Failure Fridays are dedicated time for teams to collaboratively focus on using Chaos Engineering practices to reveal weaknesses in your services. @tammybütow #QCONNYC

  20. WHY DO DISTRIBUTED SYSTEMS NEED CHAOS? • Unusual hard to debug failures are common 🚁 • Systems & companies scale rapidly and Chaos Engineering helps you learn along the way @tammybütow #QCONNYC

  21. FULL-STACK CHAOS ENGINEERING • You can inject chaos at any layer. 💼 • API, App, Cache, Database, OS, Host, Network, Power & more. @tammybütow #QCONNYC

  22. WHY RUN CHAOS ENGINEERING EXPERIMENTS? @tammybütow #QCONNYC

  23. Are you confident that your metrics and alerting are as good as they should be? #pagerpain 📠 @tammybütow #QCONNYC

  24. Are you confident your customers are getting as good an experience as they should be? #customerpain 😟 @tammybütow #QCONNYC

  25. Are you losing money due to downtime and broken features? #businesspain 💹 @tammybütow #QCONNYC

  26. HOW DO YOU RUN CHAOS ENGINEERING EXPERIMENTS? @tammybütow #QCONNYC

  27. HOW TO RUN A CHAOS ENGINEERING EXPERIMENT • Form a hypothesis • Consider blast radius ⚡ • Run experiment • Measure results • Find & fix issues or scale @tammybütow #QCONNYC

  28. Don’t run before you can walk @tammybütow, Gremlin @tammybütow #QCONNYC

  29. The 3 Prerequisites for Chaos Engineering 1. Monitoring & Observability 2. On-Call & Incident Management 3. Know Your Cost of Downtime Per Hour @tammybütow, Gremlin @tammybütow #QCONNYC

  30. What Do I Use For Monitoring & Observability? @tammybütow, Gremlin @tammybütow #QCONNYC

  31. We All Need To Know The Cost Of Downtime @tammybütow, Gremlin @tammybütow #QCONNYC

  32. We All Need Incident Management @tammybütow, Gremlin @tammybütow #QCONNYC

  33. HOW TO CHOOSE A CHAOS EXPERIMENT • Identify top 5 critical systems • Choose 1 system ⚡ • Whiteboard the system • Select attack: resource/ state/network • Determine scope @tammybütow #QCONNYC

  34. WHAT SHOULD WE MEASURE? • Availability — 500s 📉 • Service specific KPIs • System metrics: CPU, IO, Disk • Customer complaints @tammybütow #QCONNYC

  35. HOW TO RUN YOUR OWN GAMEDAY! gremlin.com/gameday @tammybütow #QCONNYC

  36. HOW TO RUN YOUR OWN GAMEDAY! gremlin.com/gameday @tammybütow #QCONNYC

  37. EXAMPLE SYSTEM: KUBERNETES RETAIL STORE Node: kube-02 User Node: kube-03 Node: kube-04 Primary: kube-01 @tammybütow #QCONNYC

  38. PART 2: RESOURCE CHAOS ENGINEERING @tammybütow #QCONNYC

  39. RESOURCE CHAOS We can increase CPU, Disk, IO & Memory consumption to ensure monitoring is setup to catch problems. Important to catch issues before they turn into high severity incidents (unable to purchase new product!) and downtime for customers. @tammybütow #QCONNYC

  40. CPU CHAOS @tammybütow #QCONNYC

  41. LET’S CREATE A “KNOWN-KNOWN” EXPERIMENT https://github.com/tammybutow/chaosengineeringbootcamp @tammybütow #QCONNYC

  42. CHAOS IN TOP @tammybütow #QCONNYC

  43. LET’S KILL THE CHAOS NOW @tammybütow #QCONNYC

  44. NO MORE CHAOS IN TOP @tammybütow #QCONNYC

  45. DISK CHAOS @tammybütow #QCONNYC

  46. DISK CHAOS 💦 @tammybütow #QCONNYC

  47. MEMORY CHAOS @tammybütow #QCONNYC

  48. MEMORY CHAOS 💦 free -m @tammybütow #QCONNYC

  49. PART 3: STATE CHAOS ENGINEERING @tammybütow #QCONNYC

  50. PROCESS CHAOS @tammybütow #QCONNYC

  51. PROCESS CHAOS Ways to create process chaos on purpose: • Kill one process • Loop kill a process • Spawn new processes • Fork bomb @tammybütow #QCONNYC

  52. PROCESS CHAOS 💦 pkill -u chaos @tammybütow #QCONNYC

  53. SHUTDOWN CHAOS @tammybütow #QCONNYC

  54. SHUTDOWN CHAOS 💦 shutdown -h @tammybütow #QCONNYC

  55. WHAT ARE OTHER WAYS YOU CAN TURN OFF A SERVER? WHAT IF YOU WANT TO TURN OFF EVERY SERVER WHEN IT’S ONE WEEK OLD? @tammybütow #QCONNYC

  56. HALT, REBOOT & POWEROFF CHAOS 💦 halt @tammybütow #QCONNYC

  57. WHAT ABOUT SHUTTING DOWN 
 CONTAINERS AND K8’S PODS? @tammybütow #QCONNYC

  58. THE MANY WAYS TO KILL CONTAINERS • Kill self • Kill a container from the host • Use one container to kill another • Use one container to kills several containers • Use several containers to kill several @tammybütow #QCONNYC

  59. The average lifespan of a container is 2.5 days And they fail in many unexpected ways. @tammybütow #QCONNYC

  60. TIME TRAVEL CHAOS @tammybütow #QCONNYC

  61. TIME TRAVEL CHAOS AKA CLOCK SKEW 💦 ntpq @tammybütow #QCONNYC

  62. PART 4: NETWORK CHAOS ENGINEERING @tammybütow #QCONNYC

  63. BLACKHOLE CHAOS @tammybütow #QCONNYC

  64. BLACKHOLE CHAOS 💦 ip route show @tammybütow #QCONNYC

  65. DNS CHAOS @tammybütow #QCONNYC

  66. DNS CHAOS 💦 @tammybütow #QCONNYC

  67. DNS CHAOS 💦 @tammybütow #QCONNYC

  68. LATENCY CHAOS @tammybütow #QCONNYC

  69. LATENCY CHAOS 💦 mtr google.com @tammybütow #QCONNYC

  70. PACKET LOSS CHAOS @tammybütow #QCONNYC

  71. PACKET LOSS CHAOS 💦 @tammybütow #QCONNYC

  72. PART 5: COMPLEX OUTAGES @tammybütow #QCONNYC

  73. We can combine different types of chaos engineering experiments to reproduce complicated outages. Reproducing outages gives you confidence you can handle it if/when it happens again. @tammybütow #QCONNYC

  74. Let’s go back in time to look at some of the worst outage stories that kicked off the introduction of chaos engineering. @tammybütow #QCONNYC

  75. DROPBOX’S WORST OUTAGE EVER Some master-replica pairs were impacted which resulted in the site going down. https://blogs.dropbox.com/tech/2014/01/outage-post-mortem/ @tammybütow #QCONNYC

  76. UBER’S DATABASE OUTAGE 1.Master log replication to S3 failed 2.Logs backed up on the primary 3.Alerts fired to engineer but they are ignored 4.Disk fills up on database primary 5.Engineer deletes unarchived WAL files 6.Error in config prevents promotion — Matt Ranney, Uber, 2015 @tammybütow #QCONNYC

  77. OUTAGES HAPPEN. @tammybütow #QCONNYC

  78. THERE ARE MANY MORE OUTAGES YOU CAN READ ABOUT HERE: https://github.com/danluu/post-mortems @tammybütow #QCONNYC

  79. HOW CAN YOU CONTINUE YOUR CHAOS ENGINEERING JOURNEY? @tammybütow #QCONNYC

  80. JOIN THE CHAOS SLACK GREMLIN.COM/SLACK @tammybütow #QCONNYC

  81. LEARN WITH THE GREMLIN COMMUNITY GREMLIN.COM/COMMUNITY @tammybütow #QCONNYC

  82. THE FIRST CHAOS ENGINEERING CONFERENCE! CHAOSCONF.IO @tammybütow #QCONNYC

  83. THANK YOU QCON NYC @tammybütow #CHAOSENGINEERING

Recommend

Chaos Engineering: Why the world needs more resilient systems @tammybutow Oh hai, nice to meet

Chaos Engineering: Why the world needs more resilient systems @tammybutow Oh hai, nice to meet

Chaos Engineering: Why the world needs more resilient systems @tammybutow Oh hai, nice to meet you! @tammybutow Principal SRE @ Gremlin @tammybutow Tech Advisory Board @ Greenpeace tammybutow Enjoys Skateboarding, Snowboarding, Metal,

1.11k views • 94 slides
Resilient Food Systems, Resilient Cities Presented by Kim Zeuli Resilience A

Resilient Food Systems, Resilient Cities Presented by Kim Zeuli Resilience A

Resilient Food Systems, Resilient Cities Presented by Kim Zeuli Resilience A resilient Growing food Processing system Distribution 60% of NYCs produce; 50% meat and fish 28% of site in

181 views • 15 slides
Introductory Concepts for Dynamical Systems: Chaos Michael Cross California Institute of

Introductory Concepts for Dynamical Systems: Chaos Michael Cross California Institute of

Introductory Concepts for Dynamical Systems: Chaos Michael Cross California Institute of Technology 29 May, 2008 Michael Cross (Caltech) Chaos 29 May, 2008 1 / 25 Lorenz Model Deterministic Nonperiodic Flow , Journal of Atmospheric Sciences

1.1k views • 31 slides
Quantum chaos in many-particle systems Boris Gutkin Georgia Institute of Technology &

Quantum chaos in many-particle systems Boris Gutkin Georgia Institute of Technology &

Quantum chaos in many-particle systems Boris Gutkin Georgia Institute of Technology & Duisburg-Essen University QMath13: Atlanta, October 2016 p. 1 Outline of the talk Single-particle quantum chaos. Single (semiclassical)

432 views • 24 slides
Heritage and Learning Service Working to build independent and resilient communities across

Heritage and Learning Service Working to build independent and resilient communities across

Leic icestershire County Council Heritage and Learning Service Working to build independent and resilient communities across Leicestershire through access to culture and learning. Our Collections Dear Miss Maturin Many thanks indeed for the

115 views • 8 slides
Compression Systems and Blockchain Dr. Mohammed Abutaha PhD. Information Security 1 Outline

Compression Systems and Blockchain Dr. Mohammed Abutaha PhD. Information Security 1 Outline

Chaos-based Crypto Compression Systems and Blockchain Dr. Mohammed Abutaha PhD. Information Security 1 Outline Introduction Chaos based stream cipher Selective encryption on HEVC Chaos crypto and blockchain Demo 2

353 views • 17 slides
Properties of Chaos Nathan Aschbacher @gen_nja _ we suspect most users are not

Properties of Chaos Nathan Aschbacher @gen_nja _ we suspect most users are not

Properties of Chaos Nathan Aschbacher @gen_nja _ we suspect most users are not working on these kinds of safety-critical systems. -- Chaos Engineering the Book Must Be at Least this 26262 to Ride Functional Safety in

508 views • 26 slides
Polynomial Chaos and Scaling Limits of Disordered Systems Rongfeng Sun National University of

Polynomial Chaos and Scaling Limits of Disordered Systems Rongfeng Sun National University of

Polynomial Chaos and Scaling Limits of Disordered Systems Rongfeng Sun National University of Singapore Joint work with Francesco Caravenna (Milano-Bicocca) Nikos Zygouras (Warwick) Outline 1. Disordered Systems (Disorder Relevance vs

876 views • 75 slides
Climate and Displacement in U.S. Cities Strong Prosperous and Resilient Communities Challenge

Climate and Displacement in U.S. Cities Strong Prosperous and Resilient Communities Challenge

Climate and Displacement in U.S. Cities Strong Prosperous and Resilient Communities Challenge (SPARCC) June 9, 2020 We ignite not in the light, but in lack thereof, For it is in loss that we truly learn to love. In this chaos, we will

463 views • 45 slides
Kolton Andrus (@deelyle) Overview 1. Why is Failure Testing Important? 2. How did we build

Kolton Andrus (@deelyle) Overview 1. Why is Failure Testing Important? 2. How did we build

Kolton Andrus (@deelyle) Overview 1. Why is Failure Testing Important? 2. How did we build Failure as a Service? 3. How has this made our systems more resilient? Why Failure Testing? 1. Makes our systems immune to failure 2. Prevents larger

597 views • 38 slides
Building resilience How outages shaped Etsys systems Act 1 Quick! Be resilient!

Building resilience How outages shaped Etsys systems Act 1 Quick! Be resilient!

Building resilience How outages shaped Etsys systems Act 1 Quick! Be resilient! http://www.flickr.com/photos/niaid/11854196633/sizes/l/ Quick! Be resilient! Actually, its a slow process Iterative Introspective Horizontal

672 views • 35 slides
Build Highly Resilient Applications with Redis Enterprise Clustering MAY 2019 | MANUEL HURTADO

Build Highly Resilient Applications with Redis Enterprise Clustering MAY 2019 | MANUEL HURTADO

Build Highly Resilient Applications with Redis Enterprise Clustering MAY 2019 | MANUEL HURTADO Redis Introduction Most Loved Databases 2017, 2018 & 2019 Stack Overflow survey, among >100K developers % of devs who expressed interest in

364 views • 35 slides
Developing Cyber Resilient Systems A Systems Security Engineering Approach NATIONAL INSTITUTE OF

Developing Cyber Resilient Systems A Systems Security Engineering Approach NATIONAL INSTITUTE OF

NIST Special Publication 800-160, Volume 2 Developing Cyber Resilient Systems A Systems Security Engineering Approach NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY The Current Landscape Today's systems are very brittle, rely on a

595 views • 22 slides
Accelerating towards resilient STE systems Claudiu Carissa Joo Corteso Forgaci Champlin

Accelerating towards resilient STE systems Claudiu Carissa Joo Corteso Forgaci Champlin

DeSIRE meeting June 29 30, 2020 Times Up: Accelerating towards resilient STE systems Claudiu Carissa Joo Corteso Forgaci Champlin Designing resilient urban climates Resilience by Project Leader (WUR) urban SURF Urban

476 views • 11 slides
Chaos Engineering Chaos Engineering with Containers Ana Medina Chaos Engineer at 1

Chaos Engineering Chaos Engineering with Containers Ana Medina Chaos Engineer at 1

@ana_m_medina #QConSF Chaos Engineering Chaos Engineering with Containers Ana Medina Chaos Engineer at 1 @ana_m_medina #QConSF Ana Medina @ana_m_medina Chaos Engineer @ Gremlin Previously Software Engineer / SRE @ Uber , Also

887 views • 29 slides
Polynomial Chaos and Scaling Limits of Disordered Systems Francesco Caravenna Universit` a

Polynomial Chaos and Scaling Limits of Disordered Systems Francesco Caravenna Universit` a

Disordered Systems Partition Function CDPM Further Developments Polynomial Chaos and Scaling Limits of Disordered Systems Francesco Caravenna Universit` a degli Studi di Milano-Bicocca Nantes June 6, 2014 Francesco Caravenna Scaling

1.31k views • 92 slides
The Lorenz System and Chaos in Nonlinear DEs April 30, 2019 Math 333 p. 71 in Chaos: Making a

The Lorenz System and Chaos in Nonlinear DEs April 30, 2019 Math 333 p. 71 in Chaos: Making a

The Lorenz System and Chaos in Nonlinear DEs April 30, 2019 Math 333 p. 71 in Chaos: Making a New Science by James Gleick Adding a dimension adds new possible layers of complexity in the phase space of a DE. Today well explore what can

565 views • 18 slides
Chaos in hyperspaces of nonautonomous discrete systems Hugo Villanueva Mndez Joint work with

Chaos in hyperspaces of nonautonomous discrete systems Hugo Villanueva Mndez Joint work with

Chaos in hyperspaces of nonautonomous discrete systems Hugo Villanueva Mndez Joint work with Ivn Snchez and Manuel Sanchis Facultad de Ciencias en Fsica y Matemticas Universidad Autnoma de Chiapas Mxico Twelfth Symposium on

853 views • 46 slides
Quantum Chaos in Composite Systems Karol Zyczkowski in collaboration with Lukasz Pawela and

Quantum Chaos in Composite Systems Karol Zyczkowski in collaboration with Lukasz Pawela and

Quantum Chaos in Composite Systems Karol Zyczkowski in collaboration with Lukasz Pawela and Zbigniew Pucha la (Gliwice) Smoluchowski Institute of Physics, Jagiellonian University, Cracow and Center for Theoretical Physics, Polish

813 views • 34 slides
Quantum chaos of generic systems Marko Robnik 6th Ph.D. School/Conference on Mathematical

Quantum chaos of generic systems Marko Robnik 6th Ph.D. School/Conference on Mathematical

Center for Applied Mathematics and Theoretical Physics University of Maribor Maribor Slovenia www.camtp.uni-mb.si Quantum chaos of generic systems Marko Robnik 6th Ph.D. School/Conference on Mathematical Modeling of Complex

2.46k views • 48 slides
Chaotic motion Chaotic motion (chaos, or deterministic chaos) is aperiodic motion sensitive

Chaotic motion Chaotic motion (chaos, or deterministic chaos) is aperiodic motion sensitive

Chaotic motion Chaotic motion (chaos, or deterministic chaos) is aperiodic motion sensitive dependence on initial conditions - in practice unpredictable at long times not completely random (phase space structure) often universal -

237 views • 12 slides
Chaos Engineering Day Stockholm edition, 2017 Organization: Martin Monperrus, KTH

Chaos Engineering Day Stockholm edition, 2017 Organization: Martin Monperrus, KTH

Chaos Engineering Day Stockholm edition, 2017 Organization: Martin Monperrus, KTH http://chaos.conf.kth.se/ 111 Chaos Engineering Day? Goals: Meet: Know each other Learn: High quality technical presentations Plan: Next

380 views • 18 slides
Build Build Build Build System building The process of compiling and linking software

Build Build Build Build System building The process of compiling and linking software

Build Build Build Build System building The process of compiling and linking software components into an executable system Different systems are built from different combinations of components Invariably supported by automated

557 views • 20 slides
Polynomial Chaos and Scaling Limits of Disordered Systems 4. Free energy estimates. Introduction

Polynomial Chaos and Scaling Limits of Disordered Systems 4. Free energy estimates. Introduction

Pinning models Weak disorder regime The marginally relevant regime Polynomial Chaos and Scaling Limits of Disordered Systems 4. Free energy estimates. Introduction to marginal relevance. Francesco Caravenna Universit` a degli Studi di

1.48k views • 104 slides

More recommend