SlideShare a Scribd company logo

AWS DevDay Vienna - Resiliency and availability design patterns for the cloud

Download as PPTX, PDF
Cobus Bernard
Cobus Bernard

This document provides an overview of resiliency and availability design patterns for cloud systems. It discusses the importance of building resilient systems to minimize downtime and the costs associated with failures. It covers techniques like component redundancy, auto-scaling, database replication across availability zones, and implementing timeouts, retries and backoff strategies to handle transient failures or spikes in load. The document uses Amazon Web Services examples like DynamoDB and Aurora to illustrate database architectures that provide high availability and easy scalability in the cloud.

Internet
1 of 94
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. V I E N N A 24.10.19 Resiliency and availability design patterns for the cloud Cobus Bernard Senior Technical Evangelist Amazon Web Services @cobusbernard cobusbernard cobusbernard B A R 3
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Can you guess whatwillhappen?
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Distributed Systems are hard
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Failures areagivenand everythingwilleventuallyfail over time. Werner Vogels CTO – Amazon.com “ “
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Resiliency:Abilityfor asystemtohandle and eventuallyrecover from unexpected conditions conditions
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Partialfailure mode
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Why do we build resilient software systems?
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Thecostof downtime Annual Fortune 1000 application downtime costs (IDC) $1.25 to $2.5B Average cost of a data breach (Ponemon Institute) $3.6M Cost/hr of a critical application failure (IDC) $500K to $1M Average cost/hr of downtime (Ponemon Institute) $474K Average cost per lost or stolen record (Ponemon Institute) $141
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. How do we build resilient software systems?
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. People Application Network & Data Infrastructure
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk aboutAvailability
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Systemavailability Availability = Normal Operation Time Total Time MTBF** MTBF** + MTTR* = * Mean Time To Repair (MTTR) **Mean Time Between Failure (MTBF)
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Reading homework
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Availabilityinparallel A = 1 – (1 – Ax)2 Part X Part X
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Availabilityinparallel Component Availability Downtime X 99% (2-nines) 3 days 15 hours Two X in parallel 99.99% (4-nines) 52 minutes Three X in parallel 99.9999% (6-nines) 31 seconds
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Componentredundancyincreases availability significantly!
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Global Infrastructure • 22 Regions with 69 Availability Zones • 3 Regions coming soon: Cape Town Jakarta and Milan • 100Gbps redundant network • 99.99% SLA
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Fully-scaledAvailabilityZone
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Highlyredundant regional network
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Region and availabilityzones Region Availability zone a Availability zone b Availability zone c data center data center data center 1 or more data centers per AZ 2 or more AZs per region (new regions min 3) data center data center data center data center data center data center
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. How about a global architecture?
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Once upon a time … Origin
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. And Now … Origin ~300ms
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Origin Improve latency for end-users Origin
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Improve availabilityand disasterrecovery Applications in US West Applications in US East Users from San Francisco Users from New York Service 1 Service 2 Service 3 Service 4 Service 1 Service 2 Service 3 Service 4
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. So should we go for a global architecture?
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Perfect your regional architecture first!
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk about Multi-AZ
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Multi-AZ architecture Region Availability zone a Availability zone b Availability zone c Instances Instances Instances DB Instance DB instance standby Elastic Load Balancing (ELB)
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Multi-AZ architecture Region Availability zone a Availability zone b Availability zone c Instances Instances Instances DB Instance DB instance standby Elastic Load Balancing (ELB)
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Multi-AZ architecture Region Availability zone a Availability zone b Availability zone c Instances Instances Instances DB Instance DB instance standby Elastic Load Balancing (ELB)
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Multi-AZ architecture Region Availability zone a Availability zone b Availability zone c Instances Instances Instances DB Instance DB instance new master Elastic Load Balancing (ELB)
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Multi-AZ architecture • Enables fault-tolerant applications • AWS regional services designed to withstand AZ failures • Leveraged by AWS regional services such as Amazon S3, Amazon DynamoDB, Amazon Aurora, Amazon ELBs, etc. Region Availability zone a Availability zone b Availability zone c Instances Instances Instances DB Instance DB instance standby Elastic Load Balancing (ELB)
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk about auto scaling
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Auto-Scaling FixedVariable
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Availability zone 1 Auto Scaling group AWS Region Availability zone 2 Auto-scaling for self-healing Elastic Load Balancing (ELB) X
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk about the AWS responsibility models
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWSoperationalresponsibilitymodels On-Premises Cloud Less More Compute Virtual Machine EC2 Elastic Beanstalk AWS LambdaFargate Databases MySQL MySQL on EC2 RDS MySQL RDS Aurora Aurora Serverless DynamoDB Storage Storage S3 Messaging ESBs Amazon MQ Kinesis SQS / SNS Analytics Hadoop Hadoop on EC2 EMR Elasticsearch Service Athena Firehose
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk about databases
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Common resiliencyissueswithDatabases?? REPLICATION BACKUPSSCALING
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon DynamoDB: purpose-built for thecloud Fast and flexible key value database service for any scale Comprehensive security Encrypts all data by default and fully integrates with AWS Identity and Access Management for robust security Performance at scale Consistent, single-digit millisecond response times at any scale; build applications with virtually unlimited throughput Global database for global users and apps Build global applications with fast access to local data by easily replicating tables across multiple AWS Regions Serverless No hardware provisioning, software patching, or upgrades; scales up or down automatically; continuously backs up your data
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR AZ 1 AZ 2 AZ 3 Network RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR Storage Node Leader PutItem
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR AZ 1 AZ 2 AZ 3 RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR Storage Node Leader GetItem Network
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon.com, Nike, Netflix, Duolingo, Lyft, Airbnb, Samsung, Toyota, and Capital One depend on the scale and performance of DynamoDB to support their workloads. 10 trillion requests per day 20 million requests per second
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AmazonAurora: purpose-built for thecloud MySQL and PostgreSQL compatible relational database Availability and durability Fault-tolerant, self-healing storage; six copies of data across three AZs; continuous backup to S3 Fully managed Managed by RDS: no hardware provisioning, software patching, setup, configuration, or backups Highly secure Network isolation, encryption at rest/transit Performance and scalability 5x throughput of standard MySQL and 3x of standard PostgreSQL; scale-out up to 15 read replicas
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. BINLOG DATA DOUBLE-WRITELOG FRM FILES MYSQL WITH REPLICA EBS mirrorEBS mirror AZ 1 AZ 2 Amazon S3 EBS Amazon Elastic Block Store (EBS) Primary Instance Replica Instance 1 2 3 4 5 AZ 1 AZ 3 Primary Instance AZ 2 Replica Instance Replica Instance AMAZON AURORA TYPE OF WRITE AmazonAurora: distributed architecture
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Capital One, GE, Dow Jones, Netflix, Verizon, Expedia and Amazon depend on the scale and performance of Aurora to support their workloads. 5X the throughput of standard MySQL 15 low latency read replicas Failover in less than 30 seconds 3X the throughput of standard PostgreSQL
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Purpose-built databases Relational Key-value Document In-memory Graph Time-series Ledger DynamoDB NeptuneAmazon RDS Aurora CommercialCommunity Timestream QLDBElastiCacheDocumentDB
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Read-Writeseparation Master Read Replica Read Replica Read Replica Instance InstanceInstance
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. DatabaseFederation Users DB Products DB Master (Read) Replica Master (Read) Replica Instance InstanceInstance
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. DatabaseSharding User ShardID 002345 A 002346 B 002347 C 002348 B 002349 A CBA Master (Read) Replica Master (Read) Replica Master (Read) Replica Instance InstanceInstance
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk about backups
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Backup service
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. PreventingAccidentalTableDeletion https://aws.amazon.com/blogs/database/preventing-accidental-table-deletion-in-dynamodb/
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. PreventingAccidentalTableDeletion (sql)
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Practice and testrecoveryfrom your backups!!
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk about timeouts, backoff & retries!
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Users App DB Conn Pool INSERT INSERT INSERT INSERT What happens if the DB “slows down”? Timeout client side Timeout backend side ??
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. User 1 App DB Conn Pool INSERT Timeout client side = 10s Timeout backend side = default = Infinite Retry INSERT Retry INSERT ERROR: Failed to get connection from pool Retry
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. https://docs.microsoft.com/en-us/dotnet/api/system.net.httpwebrequest.timeout
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. https://dev.mysql.com/doc/connector-j/5.1/en/connector-j-reference-configuration-properties.html
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. @timeout_decorator.timeout(5, timeout_exception=StopIteration) def timed_get(url): return requests.get(url) https://pypi.org/project/timeout-decorator/
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Set thetimeouts!
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. How elsecould wehaveprevented theerror? User 1 DB Conn Pool INSERT Retry INSERT Retry INSERT Retry ERROR: Failed to get connection from pool
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. User 1 DB Conn Pool INSERT Timeout client side = 10s Timeout backend side = 10s Wait 2s before Retry INSERT INSERT Wait 4s before Retry Wait 8s before Retry Wait 16s before Retry Backing off betweenretries Releasing connectionsBackoff
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. No jitter With jitter https://aws.amazon.com/blogs/architecture/exponential-backoff-and-jitter/ SimpleExponentialBackoffisnotenough:AddJitter
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Example: add jitter0-1000ms def get_item(self, url, n=1): MAX_TRIES = 12 try: res = requests.get(url) except: if n > MAX_TRIES: return None n += 1 time.sleep((2 ** n) + (random.randint(0, 1000) / 1000.0)) return self.get_item(url, n) else: return res
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Idempotent operation No additional effect if it is called more than once with the same input parameters.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk about health checking!
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Auto Scaling group Service A Availability zone 1 Auto Scaling group AWS Region Service A Availability zone 2 Service BService B database Email Probing for health Cluster
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Shallowhealthcheck Instance Cache node Email database Cluster Are you healthy? yes
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Shallowhealthcheck Instance Cache node Email database Cluster Are you healthy? yes
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Deep healthcheck Instance Cache node Email database Cluster Are you healthy? yes Are you healthy? yes yes yes yes
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Deep healthcheck Instance Cache node Email database Cluster Are you healthy? no Are you healthy? no yes yes yes
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prioritize shallow health checks during hard times. Cache.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk about load shedding.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Cheaply reject excess work
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Be careful when selecting the right metric
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Don’tbeoverlyoptimisticandtakeonmorethanyoucan. Findanoperationalmetrictorejectwhatyoucannottakein. Favorcachedandstaticcontent PrioritizeELBhealthcheck(shallow)pings Inanoverloadsituationyouhavepreciousresources,donotletany ofitgotowaste. Load Shedding
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk aboutresiliency (chaos) engineering
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Fire Drills
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. GameDay atAmazon CreatingResiliencyThroughDestruction https://www.youtube.com/watch?v=zoz0ZjfrQ9s
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chaosengineering https://github.com/Netflix/SimianArmy
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. “Chaos Engineeringis the discipline of experimentingon a distributedsystem in orderto buildconfidence in the system’s capabilitytowithstand turbulentconditionsin production.” http://principlesofchaos.org
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Failureinjection • Start small & build confidence • Application level • Host failure • Resource attacks (CPU, memory, …) • Network attacks (dependencies, latency, …) • Region attacks • “Paul” attack https://www.gremlin.comhttps://github.com/Netflix/SimianArmy https://chaostoolkit.org
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. STEADY STATE HYPOTHESIS RUN EXPERIMENT VERIFY FIX! PhasesofChaosEngineering
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. https://aws.amazon.com/wellarchitected
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Thank you! © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. @cobusbernard cobusbernard cobusbernard

More Related Content

Similar to AWS DevDay Vienna - Resiliency and availability design patterns for the cloud (20)

PPTX
Building a Multi-Region, Active-Active Serverless Backends.
Adrian Hornsby
 
PDF
AWS DevDay Berlin 2019 - Going Global With Serverless
Darko Mesaroš
 
PPTX
AWS Distilled
Jeyaram Gurusamy
 
PDF
"How to build a global serverless service", Alex Casalboni, AWS Dev Day Kyiv ...
Provectus
 
PPTX
AWS Session.pptx
SanketSaxena18
 
PDF
Architecting for the cloud cloud providers
Len Bass
 
PPT
Amazon web services a quick introduction
cloudreachslideshare
 
PPT
Amazon web services: A Quick Introduction from Cloudreach
cloudreachslideshare
 
PDF
Uses, considerations, and recommendations for AWS
Scalar Decisions
 
PPTX
Cloud Service.pptx
SibinBharathi
 
PPTX
Aws best practices
Abed Abo Waddee'a
 
PPTX
Amazon Web Services(AWS) in cloud Computing .pptx
GSCWU
 
PPTX
Amazon Web Services and its Global Infrastructure.pptx
GSCWU
 
PPTX
Journey Towards Scaling Your API to 10 Million Users
Adrian Hornsby
 
PDF
20200513 - CloudComputing UCU
Marcia Villalba
 
PDF
Cloud Native Computing - Part II - Public Cloud (AWS)
Linjith Kunnon
 
PPTX
Wicked rugby
Dklumb4
 
PPTX
How Easy to Automate Application Deployment on AWS
Institut Teknologi Sepuluh Nopember Surabaya
 
PDF
AWS 101 December 2014
Ian Massingham
 
PDF
Travel hackathon
Vladimir Simek
 
Building a Multi-Region, Active-Active Serverless Backends.
Adrian Hornsby
 
AWS DevDay Berlin 2019 - Going Global With Serverless
Darko Mesaroš
 
AWS Distilled
Jeyaram Gurusamy
 
"How to build a global serverless service", Alex Casalboni, AWS Dev Day Kyiv ...
Provectus
 
AWS Session.pptx
SanketSaxena18
 
Architecting for the cloud cloud providers
Len Bass
 
Amazon web services a quick introduction
cloudreachslideshare
 
Amazon web services: A Quick Introduction from Cloudreach
cloudreachslideshare
 
Uses, considerations, and recommendations for AWS
Scalar Decisions
 
Cloud Service.pptx
SibinBharathi
 
Aws best practices
Abed Abo Waddee'a
 
Amazon Web Services(AWS) in cloud Computing .pptx
GSCWU
 
Amazon Web Services and its Global Infrastructure.pptx
GSCWU
 
Journey Towards Scaling Your API to 10 Million Users
Adrian Hornsby
 
20200513 - CloudComputing UCU
Marcia Villalba
 
Cloud Native Computing - Part II - Public Cloud (AWS)
Linjith Kunnon
 
Wicked rugby
Dklumb4
 
How Easy to Automate Application Deployment on AWS
Institut Teknologi Sepuluh Nopember Surabaya
 
AWS 101 December 2014
Ian Massingham
 
Travel hackathon
Vladimir Simek
 

More from Cobus Bernard (20)

PPTX
London Microservices Meetup: Lessons learnt adopting microservices
Cobus Bernard
 
PPTX
AWS SSA Webinar 34 - Getting started with databases on AWS - Managing DBs wit...
Cobus Bernard
 
PPTX
AWS SSA Webinar 33 - Getting started with databases on AWS Amazon DynamoDB
Cobus Bernard
 
PPTX
AWS SSA Webinar 32 - Getting Started with databases on AWS: Choosing the righ...
Cobus Bernard
 
PPTX
AWS SSA Webinar 30 - Getting Started with AWS - Infrastructure as Code - Terr...
Cobus Bernard
 
PPTX
AWS SSA Webinar 28 - Getting Started with AWS - Infrastructure as Code
Cobus Bernard
 
PPTX
AWS Webinar 24 - Getting Started with AWS - Understanding DR
Cobus Bernard
 
PPTX
AWS Webinar 23 - Getting Started with AWS - Understanding total cost of owner...
Cobus Bernard
 
PPTX
AWS SSA Webinar 21 - Getting Started with Data lakes on AWS
Cobus Bernard
 
PDF
AWS SSA Webinar 20 - Getting Started with Data Warehouses on AWS
Cobus Bernard
 
PPTX
AWS SSA Webinar 19 - Getting Started with Multi-Region Architecture: Services
Cobus Bernard
 
PPTX
AWS SSA Webinar 18 - Getting Started with Multi-Region Architecture: Data
Cobus Bernard
 
PPTX
AWS EMEA Online Summit - Live coding with containers
Cobus Bernard
 
PPTX
AWS EMEA Online Summit - Blending Spot and On-Demand instances to optimizing ...
Cobus Bernard
 
PPTX
AWS SSA Webinar 17 - Getting Started on AWS with Amazon RDS
Cobus Bernard
 
PPTX
AWS SSA Webinar 16 - Getting Started on AWS with Amazon EC2
Cobus Bernard
 
PPTX
AWS SSA Webinar 15 - Getting started on AWS with Containers: Amazon EKS
Cobus Bernard
 
PPTX
AWS SSA Webinar 13 - Getting started on AWS with Containers: Amazon ECS
Cobus Bernard
 
PPTX
AWS SSA Webinar 11 - Getting started on AWS: Security
Cobus Bernard
 
PPTX
AWS SSA Webinar 12 - Getting started on AWS with Containers
Cobus Bernard
 
London Microservices Meetup: Lessons learnt adopting microservices
Cobus Bernard
 
AWS SSA Webinar 34 - Getting started with databases on AWS - Managing DBs wit...
Cobus Bernard
 
AWS SSA Webinar 33 - Getting started with databases on AWS Amazon DynamoDB
Cobus Bernard
 
AWS SSA Webinar 32 - Getting Started with databases on AWS: Choosing the righ...
Cobus Bernard
 
AWS SSA Webinar 30 - Getting Started with AWS - Infrastructure as Code - Terr...
Cobus Bernard
 
AWS SSA Webinar 28 - Getting Started with AWS - Infrastructure as Code
Cobus Bernard
 
AWS Webinar 24 - Getting Started with AWS - Understanding DR
Cobus Bernard
 
AWS Webinar 23 - Getting Started with AWS - Understanding total cost of owner...
Cobus Bernard
 
AWS SSA Webinar 21 - Getting Started with Data lakes on AWS
Cobus Bernard
 
AWS SSA Webinar 20 - Getting Started with Data Warehouses on AWS
Cobus Bernard
 
AWS SSA Webinar 19 - Getting Started with Multi-Region Architecture: Services
Cobus Bernard
 
AWS SSA Webinar 18 - Getting Started with Multi-Region Architecture: Data
Cobus Bernard
 
AWS EMEA Online Summit - Live coding with containers
Cobus Bernard
 
AWS EMEA Online Summit - Blending Spot and On-Demand instances to optimizing ...
Cobus Bernard
 
AWS SSA Webinar 17 - Getting Started on AWS with Amazon RDS
Cobus Bernard
 
AWS SSA Webinar 16 - Getting Started on AWS with Amazon EC2
Cobus Bernard
 
AWS SSA Webinar 15 - Getting started on AWS with Containers: Amazon EKS
Cobus Bernard
 
AWS SSA Webinar 13 - Getting started on AWS with Containers: Amazon ECS
Cobus Bernard
 
AWS SSA Webinar 11 - Getting started on AWS: Security
Cobus Bernard
 
AWS SSA Webinar 12 - Getting started on AWS with Containers
Cobus Bernard
 
Ad

Recently uploaded (20)

PPTX
英国假毕业证诺森比亚大学成绩单GPA修改UNN学生卡网上可查学历成绩单
Taqyea
 
PPTX
internet básico presentacion es una red global
70965857
 
PPT
introduction to networking with basics coverage
RamananMuthukrishnan
 
PPT
Computer Securityyyyyyyy - Chapter 1.ppt
SolomonSB
 
PPTX
L1A Season 1 ENGLISH made by A hegy fixed
toszolder91
 
PPTX
sajflsajfljsdfljslfjslfsdfas;fdsfksadfjlsdflkjslgfs;lfjlsajfl;sajfasfd.pptx
theknightme
 
PPTX
PM200.pptxghjgfhjghjghjghjghjghjghjghjghjghj
breadpaan921
 
PPTX
法国巴黎第二大学本科毕业证{Paris 2学费发票Paris 2成绩单}办理方法
Taqyea
 
PPT
introductio to computers by arthur janry
RamananMuthukrishnan
 
PPTX
Research Design - Report on seminar in thesis writing. PPTX
arvielobos1
 
PPTX
L1A Season 1 Guide made by A hegy Eng Grammar fixed
toszolder91
 
PPTX
本科硕士学历佛罗里达大学毕业证(UF毕业证书)24小时在线办理
Taqyea
 
PPTX
原版西班牙莱昂大学毕业证(León毕业证书)如何办理
Taqyea
 
PDF
𝐁𝐔𝐊𝐓𝐈 𝐊𝐄𝐌𝐄𝐍𝐀𝐍𝐆𝐀𝐍 𝐊𝐈𝐏𝐄𝐑𝟒𝐃 𝐇𝐀𝐑𝐈 𝐈𝐍𝐈 𝟐𝟎𝟐𝟓
hokimamad0
 
PPTX
Lec15_Mutability Immutability-converted.pptx
khanjahanzaib1
 
PPT
Computer Securityyyyyyyy - Chapter 2.ppt
SolomonSB
 
PDF
Azure_DevOps introduction for CI/CD and Agile
henrymails
 
PDF
DevOps Design for different deployment options
henrymails
 
PPTX
PE introd.pptxfrgfgfdgfdgfgrtretrt44t444
nepmithibai2024
 
PPTX
Optimization_Techniques_ML_Presentation.pptx
farispalayi
 
英国假毕业证诺森比亚大学成绩单GPA修改UNN学生卡网上可查学历成绩单
Taqyea
 
internet básico presentacion es una red global
70965857
 
introduction to networking with basics coverage
RamananMuthukrishnan
 
Computer Securityyyyyyyy - Chapter 1.ppt
SolomonSB
 
L1A Season 1 ENGLISH made by A hegy fixed
toszolder91
 
sajflsajfljsdfljslfjslfsdfas;fdsfksadfjlsdflkjslgfs;lfjlsajfl;sajfasfd.pptx
theknightme
 
PM200.pptxghjgfhjghjghjghjghjghjghjghjghjghj
breadpaan921
 
法国巴黎第二大学本科毕业证{Paris 2学费发票Paris 2成绩单}办理方法
Taqyea
 
introductio to computers by arthur janry
RamananMuthukrishnan
 
Research Design - Report on seminar in thesis writing. PPTX
arvielobos1
 
L1A Season 1 Guide made by A hegy Eng Grammar fixed
toszolder91
 
本科硕士学历佛罗里达大学毕业证(UF毕业证书)24小时在线办理
Taqyea
 
原版西班牙莱昂大学毕业证(León毕业证书)如何办理
Taqyea
 
𝐁𝐔𝐊𝐓𝐈 𝐊𝐄𝐌𝐄𝐍𝐀𝐍𝐆𝐀𝐍 𝐊𝐈𝐏𝐄𝐑𝟒𝐃 𝐇𝐀𝐑𝐈 𝐈𝐍𝐈 𝟐𝟎𝟐𝟓
hokimamad0
 
Lec15_Mutability Immutability-converted.pptx
khanjahanzaib1
 
Computer Securityyyyyyyy - Chapter 2.ppt
SolomonSB
 
Azure_DevOps introduction for CI/CD and Agile
henrymails
 
DevOps Design for different deployment options
henrymails
 
PE introd.pptxfrgfgfdgfdgfgrtretrt44t444
nepmithibai2024
 
Optimization_Techniques_ML_Presentation.pptx
farispalayi
 
Ad

AWS DevDay Vienna - Resiliency and availability design patterns for the cloud

  • 1. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. V I E N N A 24.10.19 Resiliency and availability design patterns for the cloud Cobus Bernard Senior Technical Evangelist Amazon Web Services @cobusbernard cobusbernard cobusbernard B A R 3
  • 2. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Can you guess whatwillhappen?
  • 3. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Distributed Systems are hard
  • 4. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Failures areagivenand everythingwilleventuallyfail over time. Werner Vogels CTO – Amazon.com “ “
  • 5. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Resiliency:Abilityfor asystemtohandle and eventuallyrecover from unexpected conditions conditions
  • 6. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Partialfailure mode
  • 7. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Why do we build resilient software systems?
  • 8. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Thecostof downtime Annual Fortune 1000 application downtime costs (IDC) $1.25 to $2.5B Average cost of a data breach (Ponemon Institute) $3.6M Cost/hr of a critical application failure (IDC) $500K to $1M Average cost/hr of downtime (Ponemon Institute) $474K Average cost per lost or stolen record (Ponemon Institute) $141
  • 9. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. How do we build resilient software systems?
  • 10. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. People Application Network & Data Infrastructure
  • 11. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk aboutAvailability
  • 12. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Systemavailability Availability = Normal Operation Time Total Time MTBF** MTBF** + MTTR* = * Mean Time To Repair (MTTR) **Mean Time Between Failure (MTBF)
  • 13. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Reading homework
  • 14. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Availabilityinparallel A = 1 – (1 – Ax)2 Part X Part X
  • 15. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Availabilityinparallel Component Availability Downtime X 99% (2-nines) 3 days 15 hours Two X in parallel 99.99% (4-nines) 52 minutes Three X in parallel 99.9999% (6-nines) 31 seconds
  • 16. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Componentredundancyincreases availability significantly!
  • 17. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Global Infrastructure • 22 Regions with 69 Availability Zones • 3 Regions coming soon: Cape Town Jakarta and Milan • 100Gbps redundant network • 99.99% SLA
  • 18. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Fully-scaledAvailabilityZone
  • 19. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Highlyredundant regional network
  • 20. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Region and availabilityzones Region Availability zone a Availability zone b Availability zone c data center data center data center 1 or more data centers per AZ 2 or more AZs per region (new regions min 3) data center data center data center data center data center data center
  • 21. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. How about a global architecture?
  • 22. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Once upon a time … Origin
  • 23. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. And Now … Origin ~300ms
  • 24. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Origin Improve latency for end-users Origin
  • 25. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Improve availabilityand disasterrecovery Applications in US West Applications in US East Users from San Francisco Users from New York Service 1 Service 2 Service 3 Service 4 Service 1 Service 2 Service 3 Service 4
  • 26. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. So should we go for a global architecture?
  • 27. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Perfect your regional architecture first!
  • 28. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk about Multi-AZ
  • 29. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Multi-AZ architecture Region Availability zone a Availability zone b Availability zone c Instances Instances Instances DB Instance DB instance standby Elastic Load Balancing (ELB)
  • 30. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Multi-AZ architecture Region Availability zone a Availability zone b Availability zone c Instances Instances Instances DB Instance DB instance standby Elastic Load Balancing (ELB)
  • 31. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Multi-AZ architecture Region Availability zone a Availability zone b Availability zone c Instances Instances Instances DB Instance DB instance standby Elastic Load Balancing (ELB)
  • 32. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Multi-AZ architecture Region Availability zone a Availability zone b Availability zone c Instances Instances Instances DB Instance DB instance new master Elastic Load Balancing (ELB)
  • 33. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Multi-AZ architecture • Enables fault-tolerant applications • AWS regional services designed to withstand AZ failures • Leveraged by AWS regional services such as Amazon S3, Amazon DynamoDB, Amazon Aurora, Amazon ELBs, etc. Region Availability zone a Availability zone b Availability zone c Instances Instances Instances DB Instance DB instance standby Elastic Load Balancing (ELB)
  • 34. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk about auto scaling
  • 35. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Auto-Scaling FixedVariable
  • 36. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Availability zone 1 Auto Scaling group AWS Region Availability zone 2 Auto-scaling for self-healing Elastic Load Balancing (ELB) X
  • 37. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk about the AWS responsibility models
  • 38. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWSoperationalresponsibilitymodels On-Premises Cloud Less More Compute Virtual Machine EC2 Elastic Beanstalk AWS LambdaFargate Databases MySQL MySQL on EC2 RDS MySQL RDS Aurora Aurora Serverless DynamoDB Storage Storage S3 Messaging ESBs Amazon MQ Kinesis SQS / SNS Analytics Hadoop Hadoop on EC2 EMR Elasticsearch Service Athena Firehose
  • 39. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk about databases
  • 40. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Common resiliencyissueswithDatabases?? REPLICATION BACKUPSSCALING
  • 41. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 42. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon DynamoDB: purpose-built for thecloud Fast and flexible key value database service for any scale Comprehensive security Encrypts all data by default and fully integrates with AWS Identity and Access Management for robust security Performance at scale Consistent, single-digit millisecond response times at any scale; build applications with virtually unlimited throughput Global database for global users and apps Build global applications with fast access to local data by easily replicating tables across multiple AWS Regions Serverless No hardware provisioning, software patching, or upgrades; scales up or down automatically; continuously backs up your data
  • 43. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR AZ 1 AZ 2 AZ 3 Network RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR Storage Node Leader PutItem
  • 44. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR AZ 1 AZ 2 AZ 3 RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR Storage Node Leader GetItem Network
  • 45. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon.com, Nike, Netflix, Duolingo, Lyft, Airbnb, Samsung, Toyota, and Capital One depend on the scale and performance of DynamoDB to support their workloads. 10 trillion requests per day 20 million requests per second
  • 46. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AmazonAurora: purpose-built for thecloud MySQL and PostgreSQL compatible relational database Availability and durability Fault-tolerant, self-healing storage; six copies of data across three AZs; continuous backup to S3 Fully managed Managed by RDS: no hardware provisioning, software patching, setup, configuration, or backups Highly secure Network isolation, encryption at rest/transit Performance and scalability 5x throughput of standard MySQL and 3x of standard PostgreSQL; scale-out up to 15 read replicas
  • 47. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. BINLOG DATA DOUBLE-WRITELOG FRM FILES MYSQL WITH REPLICA EBS mirrorEBS mirror AZ 1 AZ 2 Amazon S3 EBS Amazon Elastic Block Store (EBS) Primary Instance Replica Instance 1 2 3 4 5 AZ 1 AZ 3 Primary Instance AZ 2 Replica Instance Replica Instance AMAZON AURORA TYPE OF WRITE AmazonAurora: distributed architecture
  • 48. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Capital One, GE, Dow Jones, Netflix, Verizon, Expedia and Amazon depend on the scale and performance of Aurora to support their workloads. 5X the throughput of standard MySQL 15 low latency read replicas Failover in less than 30 seconds 3X the throughput of standard PostgreSQL
  • 49. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Purpose-built databases Relational Key-value Document In-memory Graph Time-series Ledger DynamoDB NeptuneAmazon RDS Aurora CommercialCommunity Timestream QLDBElastiCacheDocumentDB
  • 50. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Read-Writeseparation Master Read Replica Read Replica Read Replica Instance InstanceInstance
  • 51. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. DatabaseFederation Users DB Products DB Master (Read) Replica Master (Read) Replica Instance InstanceInstance
  • 52. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. DatabaseSharding User ShardID 002345 A 002346 B 002347 C 002348 B 002349 A CBA Master (Read) Replica Master (Read) Replica Master (Read) Replica Instance InstanceInstance
  • 53. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk about backups
  • 54. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 55. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Backup service
  • 56. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. PreventingAccidentalTableDeletion https://aws.amazon.com/blogs/database/preventing-accidental-table-deletion-in-dynamodb/
  • 57. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. PreventingAccidentalTableDeletion (sql)
  • 58. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Practice and testrecoveryfrom your backups!!
  • 59. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk about timeouts, backoff & retries!
  • 60. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Users App DB Conn Pool INSERT INSERT INSERT INSERT What happens if the DB “slows down”? Timeout client side Timeout backend side ??
  • 61. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. User 1 App DB Conn Pool INSERT Timeout client side = 10s Timeout backend side = default = Infinite Retry INSERT Retry INSERT ERROR: Failed to get connection from pool Retry
  • 62. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. https://docs.microsoft.com/en-us/dotnet/api/system.net.httpwebrequest.timeout
  • 63. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 64. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. https://dev.mysql.com/doc/connector-j/5.1/en/connector-j-reference-configuration-properties.html
  • 65. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. @timeout_decorator.timeout(5, timeout_exception=StopIteration) def timed_get(url): return requests.get(url) https://pypi.org/project/timeout-decorator/
  • 66. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Set thetimeouts!
  • 67. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. How elsecould wehaveprevented theerror? User 1 DB Conn Pool INSERT Retry INSERT Retry INSERT Retry ERROR: Failed to get connection from pool
  • 68. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. User 1 DB Conn Pool INSERT Timeout client side = 10s Timeout backend side = 10s Wait 2s before Retry INSERT INSERT Wait 4s before Retry Wait 8s before Retry Wait 16s before Retry Backing off betweenretries Releasing connectionsBackoff
  • 69. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. No jitter With jitter https://aws.amazon.com/blogs/architecture/exponential-backoff-and-jitter/ SimpleExponentialBackoffisnotenough:AddJitter
  • 70. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Example: add jitter0-1000ms def get_item(self, url, n=1): MAX_TRIES = 12 try: res = requests.get(url) except: if n > MAX_TRIES: return None n += 1 time.sleep((2 ** n) + (random.randint(0, 1000) / 1000.0)) return self.get_item(url, n) else: return res
  • 71. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Idempotent operation No additional effect if it is called more than once with the same input parameters.
  • 72. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk about health checking!
  • 73. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Auto Scaling group Service A Availability zone 1 Auto Scaling group AWS Region Service A Availability zone 2 Service BService B database Email Probing for health Cluster
  • 74. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Shallowhealthcheck Instance Cache node Email database Cluster Are you healthy? yes
  • 75. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Shallowhealthcheck Instance Cache node Email database Cluster Are you healthy? yes
  • 76. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Deep healthcheck Instance Cache node Email database Cluster Are you healthy? yes Are you healthy? yes yes yes yes
  • 77. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Deep healthcheck Instance Cache node Email database Cluster Are you healthy? no Are you healthy? no yes yes yes
  • 78. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prioritize shallow health checks during hard times. Cache.
  • 79. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk about load shedding.
  • 80. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 81. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 82. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Cheaply reject excess work
  • 83. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 84. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Be careful when selecting the right metric
  • 85. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Don’tbeoverlyoptimisticandtakeonmorethanyoucan. Findanoperationalmetrictorejectwhatyoucannottakein. Favorcachedandstaticcontent PrioritizeELBhealthcheck(shallow)pings Inanoverloadsituationyouhavepreciousresources,donotletany ofitgotowaste. Load Shedding
  • 86. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s talk aboutresiliency (chaos) engineering
  • 87. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Fire Drills
  • 88. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. GameDay atAmazon CreatingResiliencyThroughDestruction https://www.youtube.com/watch?v=zoz0ZjfrQ9s
  • 89. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chaosengineering https://github.com/Netflix/SimianArmy
  • 90. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. “Chaos Engineeringis the discipline of experimentingon a distributedsystem in orderto buildconfidence in the system’s capabilitytowithstand turbulentconditionsin production.” http://principlesofchaos.org
  • 91. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Failureinjection • Start small & build confidence • Application level • Host failure • Resource attacks (CPU, memory, …) • Network attacks (dependencies, latency, …) • Region attacks • “Paul” attack https://www.gremlin.comhttps://github.com/Netflix/SimianArmy https://chaostoolkit.org
  • 92. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. STEADY STATE HYPOTHESIS RUN EXPERIMENT VERIFY FIX! PhasesofChaosEngineering
  • 93. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. https://aws.amazon.com/wellarchitected
  • 94. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Thank you! © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. @cobusbernard cobusbernard cobusbernard