storms in the cloud
play

Storms in the Cloud Designing and using a fault injection system - PowerPoint PPT Presentation

Jun 11, 2023 •421 likes •1.06k views

Storms in the Cloud Designing and using a fault injection system Michalis Zervos @mzervos http://venturebeat.com/ http://www.pcworld.com/ Google News - http://thenextweb.com/ https://twitter.com/netflixhelps Google News -

  1. Storms in the Cloud Designing and using a fault injection system Michalis Zervos @mzervos

  2. http://venturebeat.com/ http://www.pcworld.com/ Google News - http://thenextweb.com/ https://twitter.com/netflixhelps Google News - http://mashable.com/ Google News - http://www.itnews.com.au http://www.itnews.com.au

  4. Service Resilience • Not a solved problem • Goal is: • 100% uptime • No degradation • Responsive 

  5. Traditional testing • Unit tests • Functional / Integration • End to end 

  6. Cloud services – Testing challenges • Continuous evolution • Multiple dependencies • Global distribution • Traffic fluctuation 

  7. Cloud services – Fundamentals • Auto-scaling • Redundancy • Monitoring and detection systems • Auto-mitigation / Failover mechanisms • Staged deployments • Data replication 

  8. The extra mile • Embrace failure • Break the system • Adjust the engineering process 

  9. Storms in the Cloud

  10. Fault Injection System Support diverse services Easy to use Verify resilience and behavior Simulate complex failures / real-life incidents

  11. Agenda Designing a Fault Injection System Usage patterns

  12. Faults • Resource pressure • Network • Processes • Virtual machine • Platform • Application specific • Hardware

  13. Faults • Resource pressure • Network • Processes • Virtual machine • Platform • Application specific • Hardware

  14. Resource Pressure Faults • CPU Available tools • Memory • consume.exe (Windows SDK) • Physical • stress (Unix) • Virtual • Sysinternals tools • Hard disk • Capacity • Read • Write

  15. Faults • Resource pressure • Network • Processes • Virtual machine • Platform • Application specific • Hardware

  16. Network faults • Layers Available tools • Transport (TCP/UDP) • Network Emulator Toolkit (NEWT) • Application layer (HTTP) • Fiddler core • Types • Disconnect • Latency • Alter response codes (HTTP) • Packet reorder / loss (TCP/UDP) • Filters • Domain / IP / Subnet • URL path • Port / Protocol

  17. Faults • Resource pressure • Network • Processes • Virtual machine • Platform • Application specific • Hardware

  18. Process faults • Stop / Kill Available tools • Restart • OS commands • Stop service • Sysinternals tools • Start • Crash • Hang

  19. Faults • Resource pressure • Network • Processes • Virtual machine • Platform • Application specific • Hardware

  20. Virtual Machine / OS faults • Stop Available tools • Restart • Cloud Management APIs • BSOD / Kernel panic • OS commands • Change date • Sysinternals tools • Re-image

  21. Faults • Resource pressure • Network • Processes • Virtual machine • Platform • Application specific • Hardware

  22. Distributed platform faults • Quorum loss Available tools – Platform specific • Data loss • Service Fabric testability APIs • Move primary node • Remove replica

  23. Faults • Resource pressure • Network • Processes • Virtual machine • Platform • Application specific • Hardware

  24. Application specific faults • Hooks Available tools • Instrument service code • MSR Detours • Intercept / Re-route calls • TestApi – Managed Fault Injection • No access to service code

  25. Application specific faults • Hooks Available tools • Instrument service code • MSR Detours • Intercept / Re-route calls • TestApi – Managed Fault Injection • No access to service code

  26. Faults • Resource pressure • Network • Processes • Virtual machine • Platform • Application specific • Hardware

  27. Hardware faults • Machine • Network devices • Rack • UPS • Datacenter

  28. Faults • Resource pressure • Network • Processes • Virtual machine • Platform • Application specific • Hardware

  29. Injection mechanism • VM External • VM Internal – Service code external  Agent • VM Internal – Service code internal  Hooks

  30. Injection mechanism • VM External • VM Internal – Service code external  Agent • VM Internal – Service code internal  Hooks

  31. External injection • VM / Region Stop • VM / Region Restart • Re-image Cloud Cloud Management Service Management Service Target VM Target VM

  32. Injection mechanism • VM External • VM Internal – Service code external  Agent • VM Internal – Service code internal  Hooks

  33. VM internal injection - Agent • Resource pressure Virtual Machine • Network • Processes Fault Agent • OS • Detours • … Target Service VM Operating System Target Application

  34. Injection mechanism • VM External • VM Internal – Service code external  Agent • VM Internal – Service code internal  Hooks

  35. VM internal injection - Hooks • Application behavior • Flexibility • Service specific Target Application

  36. VM internal injection - Hooks • Application behavior • Flexibility • Service specific Target Application

  37. Hooks Fault Agent VM External

  38. System Architecture Target Service VMs Fault Management Cloud Cloud Fault Agent Service Management Service Management Service Fault Agent

  39. System components Auditing Automation Security Verification Reporting

  40. System components Auditing Automation Security Verification Reporting

  41. Security and Safety • AuthN / AuthZ • Fault agents • Kill switch • Safety nets

  42. Security and Safety • AuthN / AuthZ • Integrate with Identity Provider Azure Active Directory • Fault agents • Multi-Factor Authentication • Kill switch • Least-privilege principle • Safety nets • Granular access levels

  43. Security and Safety • AuthN / AuthZ • Secure communication – TLS/SSL • Fault agents • Code signing • Kill switch • Execution permissions • Safety nets

  44. Security and Safety • AuthN / AuthZ • Fault agents • Kill switch • Safety nets

  45. Security and Safety • AuthN / AuthZ Auto fault removal • Fault agents • Agents – Service connectivity loss Agent-side detection • Kill switch • Service malfunctioning • Safety nets Auto-monitoring module • Unusual behavior Anomaly detection

  46. System components Auditing Automation Security Verification Reporting

  47. System components Auditing Automation Security Verification Reporting

  48. Auditing • Faults • Fault agents • Management service • Clients

  49. System components Auditing Automation Security Verification Reporting

  50. System components Auditing Automation Security Verification Reporting

  51. Automation • Scheduling • Zero - configuration • Dependencies auto-discovery

  52. System components Auditing Automation Security Verification Reporting

  53. System components Auditing Automation Security Verification Reporting

  54. System components Auditing Automation Security Verification Reporting

  57. Usage scenarios • Resilience verification • Test new features • Training • Verify staged deployments • Test detection, alerting, mitigation systems • Repro incidents

  58. Injection environment Test Canary Production

  59. Recovery Games

  60. Recovery Games Attacker Defender • Inject faults • Assess • Provide hints • Analyze • Mitigate

  61. Recovery Games - Goals • Familiarize with monitoring tools • Recognize outage patterns • Train on assessing the impact • Root-cause / mitigation mindset • Practice log analysis

  62. In Invest t in in Fault In Inje jecti tion Testing Resilience Test new Training verification features Engineering process & culture Michalis Zervos @mzervos

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Daren Hasenkamp*, Alex Sim, Michael Wehner, Kesheng Wu Lawrence Berkeley National Laboratory

Daren Hasenkamp*, Alex Sim, Michael Wehner, Kesheng Wu Lawrence Berkeley National Laboratory

Searching Tropical Storms on Cloud: A Large-Scale Climate Data Analysis Daren Hasenkamp*, Alex Sim, Michael Wehner, Kesheng Wu Lawrence Berkeley National Laboratory *University of California, Berkeley Why Study Tropical Storms? Tropical

698 views • 20 slides
Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come from? Why Cloud? Cloud for small, medium, enterprise, and government Barriers to adoption Embracing Cloud Social Mobile Cloud

972 views • 45 slides
SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud

SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud

SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud Tour of the buzzwords, myths and realities Whats in store for me, the boss, the company, the industry? Your cloud, our cloud their

224 views • 19 slides
Prediction of Bayesian Intervals for Tropical Storms ICLR 2020 Climate Change Workshop Max

Prediction of Bayesian Intervals for Tropical Storms ICLR 2020 Climate Change Workshop Max

Prediction of Bayesian Intervals for Tropical Storms ICLR 2020 Climate Change Workshop Max Chiswick (Independent) and Sam Ganzfried (Ganzfried Research) Tropical Storm Prediction with RNN Dataset: Tropical storms in the Atlantic Ocean

222 views • 7 slides
Storms Strengthening Security & Resilience in the 21 st Century ________________________

Storms Strengthening Security & Resilience in the 21 st Century ________________________

Beyond the Storms Strengthening Security & Resilience in the 21 st Century ________________________ Dane S. Egli, PhD Johns Hopkins University Applied Physics Laboratory 1 Why Why Cr Critica itical l Infra Infrast stru ruct ctur

546 views • 16 slides
Word Storms: Multiples of Word Clouds for Visual Comparison of Documents Quim Castell, Charles

Word Storms: Multiples of Word Clouds for Visual Comparison of Documents Quim Castell, Charles

Word Storms: Multiples of Word Clouds for Visual Comparison of Documents Quim Castell, Charles Sutton (WWW-2014) Zoltn Szab Gatsby Unit, Tea Talk Decembert 18, 2014 Zoltn Szab Words Storms Motivation Vast number of documents on

468 views • 19 slides
CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

Cornell CS5412 Cloud Computing (Spring 2015) 1 CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is cheaper! The cloud business model is growing at an unparalleled pace without any limit in sight

632 views • 45 slides
CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

1 CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is cheaper The cloud business model is growing at an unparalleled pace without any limit in sight In the future everything will be on the cloud

945 views • 65 slides
DR-4216 Feb. 15-22 Severe Winter Storms, Snowstorms, Flooding, Landslides & Mudslides

DR-4216 Feb. 15-22 Severe Winter Storms, Snowstorms, Flooding, Landslides & Mudslides

DR-4216 Feb. 15-22 Severe Winter Storms, Snowstorms, Flooding, Landslides & Mudslides Declared April 30th & DR-4217 April 2-17 Severe Storms, Tornadoes, Flooding, Landslides & Mudslides Declared May 1 st Joe Girot, Federal

305 views • 11 slides
The Cloud Is Big! The Cloud Is Hot! IT industry Constitutes about 2% of total US energy

The Cloud Is Big! The Cloud Is Hot! IT industry Constitutes about 2% of total US energy

The Data Furnace: Heating Up with Cloud Computing Jie Liu , Michel Goraczko, Jiakang Lu Sean James, Christian Belady Kamin Whitehouse Microsoft University of Virginia The Cloud Is Big! The Cloud Is Hot! IT industry Constitutes about 2%

551 views • 16 slides
Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing Understanding: Distributed Application Design Resource Management Automation Virtualized Computing Environments High-performance Computing

1.02k views • 49 slides
RESILIENCE GOD STYLE: Weathering the Storms of Life Teacher, do You not care that we are

RESILIENCE GOD STYLE: Weathering the Storms of Life Teacher, do You not care that we are

RESILIENCE GOD STYLE: Weathering the Storms of Life Teacher, do You not care that we are perishing? Hush, be still And the wind died down and it became perfectly calm Bob Dees A Fellow Brudder in Christ Rembrandt, The Storm on the

733 views • 13 slides
SIO15-SS1 20: Topic 17: Heat Waves and Great Storms SIO15-SS1 20: Topic 17: Heat Waves and Great

SIO15-SS1 20: Topic 17: Heat Waves and Great Storms SIO15-SS1 20: Topic 17: Heat Waves and Great

SIO15-SS1 20: Topic 17: Heat Waves and Great Storms SIO15-SS1 20: Topic 17: Heat Waves and Great Storms SIO15-SS1 20: Topic 17: Heat Waves and Great Storms SIO15-SS1 20: Topic 17: Heat Waves and Great Storms highest T (global): 58C (136F)

535 views • 27 slides
Frequency of severe storms and global warming George Aumann 15 April 2008 Submitted to GRL March

Frequency of severe storms and global warming George Aumann 15 April 2008 Submitted to GRL March

Frequency of severe storms and global warming George Aumann 15 April 2008 Submitted to GRL March 2008 H. H. Aumann Outline Deep Convective Clouds (DCC) and severe storms Do we expect the frequency of DCC to increase with global warming? Do

258 views • 25 slides
NVIDIA GPUs in the Cloud 4 EVOLVING CLOUD REQUIREMENTS On Off Hybrid Cloud premises premises

NVIDIA GPUs in the Cloud 4 EVOLVING CLOUD REQUIREMENTS On Off Hybrid Cloud premises premises

NVIDIA GPUs in the Cloud 4 EVOLVING CLOUD REQUIREMENTS On Off Hybrid Cloud premises premises Connecting clouds New workloads Components to disrupt SOFTLAYER CAPABILITIES OVERVIEW 5 GLOBAL CLOUD PLATFORM Unified architecture enabled by

390 views • 17 slides
Storms Brewing in the National Flood Insurance Program: Understanding the Impacts on Your

Storms Brewing in the National Flood Insurance Program: Understanding the Impacts on Your

Storms Brewing in the National Flood Insurance Program: Understanding the Impacts on Your Community Molly Lawrence Van Ness Feldman LLP Washington, D.C Seattle, WA Why Are Floodplains Issue Important in Your County? Confluence of Events:

525 views • 29 slides
HICL Infrastructure PLC Introductory Presentation - the Investment Manager, HICL Overview &

HICL Infrastructure PLC Introductory Presentation - the Investment Manager, HICL Overview &

HICL Infrastructure PLC Introductory Presentation - the Investment Manager, HICL Overview & Recent Performance Summer 2019 hicl.com | For Investment Professionals (as defined under FSMA 2000). Individuals without professional experience in

802 views • 65 slides
Operational Node Connectivity Description (OV-2) Operational Activity Decomposition (OV-5, Node

Operational Node Connectivity Description (OV-2) Operational Activity Decomposition (OV-5, Node

Operational Node Connectivity Description (OV-2) Operational Activity Decomposition (OV-5, Node Tree) Operational Activity Model (OV-5, A-0 diagram) Purpose: The purpose of BSF is to protect a high density urban environment against biological

126 views • 12 slides
WEYERHAEUSER Patty Bedient Executive Vice President and Chief Financial Officer 2012 Citi Basic

WEYERHAEUSER Patty Bedient Executive Vice President and Chief Financial Officer 2012 Citi Basic

WEYERHAEUSER Patty Bedient Executive Vice President and Chief Financial Officer 2012 Citi Basic Materials Symposium New York | November 28 , 2012 1 | November 28, 2012 FORWARD-LOOKING STATEMENT This presentation contains statements concerning

636 views • 26 slides
Investor Presentation First Quarter 2017 Update June 2017 CSIQ NASDAQ Listed Safe Harbor

Investor Presentation First Quarter 2017 Update June 2017 CSIQ NASDAQ Listed Safe Harbor

Investor Presentation First Quarter 2017 Update June 2017 CSIQ NASDAQ Listed Safe Harbor Statement This presentation has been prepared by the Company solely to facilitate the understanding of the Companys business model and growth strategy.

641 views • 23 slides
Beckhoff TwinCAT The Windows Control and Automation Technology Beckhoff Industrial PC Beckhoff

Beckhoff TwinCAT The Windows Control and Automation Technology Beckhoff Industrial PC Beckhoff

Beckhoff TwinCAT The Windows Control and Automation Technology Beckhoff Industrial PC Beckhoff TwinCAT Beckhoff Lightbus Beckhoff Embedded PC Beckhoff Beckhoff Beckhoff PC Fieldbus Cards, Bus Terminal Fieldbus Box Switches Beckhoff

711 views • 31 slides
Prophet a path out of the cloud http://syncwith.us jesse@bestpractical.com 1 You may know me

Prophet a path out of the cloud http://syncwith.us jesse@bestpractical.com 1 You may know me

Prophet a path out of the cloud http://syncwith.us jesse@bestpractical.com 1 You may know me from... RT (Request Tracker) Jifty SVK Hiveminder Perl 6 Shirts 2 Ive been hacking on an open source database called Prophet 3 It

1.74k views • 143 slides
Have You Tried Turning It Off and On Again? David N. Blank-Edelman Senior Cloud Ops Advocate 1

Have You Tried Turning It Off and On Again? David N. Blank-Edelman Senior Cloud Ops Advocate 1

7/6/18 source: http://leyanda.de/index.php?option=com_content&view=article&id=11 Have You Tried Turning It Off and On Again? David N. Blank-Edelman Senior Cloud Ops Advocate 1 7/6/18 @otterbook source:

593 views • 27 slides
Block ads, trackers and malware with Raspberry Pi and Pi-hole https://cryptoaustralia.org.au

Block ads, trackers and malware with Raspberry Pi and Pi-hole https://cryptoaustralia.org.au

Block ads, trackers and malware with Raspberry Pi and Pi-hole https://cryptoaustralia.org.au Nick Kavadias nick@cryptoaustralia.org.au Self promotion! CryptoAUSTRALIA is a not-for-profit started by security and privacy enthusiast.

1.58k views • 50 slides

More recommend