SlideShare uma empresa Scribd logo

Debugging Microservices in Production

C4Media
C4Media

Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/1OiwHor. Bryan Cantrill describes the debugging techniques employed at Joyent, and shares real stories from the trenches - and how those painful experiences resulted in better tools and better methodologies. Filmed at qconsf.com. Bryan Cantrill is the CTO at Joyent, where he oversees worldwide development of the SmartOS and SmartDataCenter platforms. Prior to joining Joyent, Bryan served as a Distinguished Engineer at Sun Microsystems, where he spent over a decade working on system software. In particular, he co-designed and implemented DTrace, a facility for dynamic instrumentation of production systems.

Tecnologia
1 de 48
Debugging microservices in production CTO bryan@joyent.com Bryan Cantrill @bcantrill
InfoQ.com: News & Community Site • 750,000 unique visitors/month • Published in 4 languages (English, Chinese, Japanese and Brazilian Portuguese) • Post content from our QCon conferences • News 15-20 / week • Articles 3-4 / week • Presentations (videos) 12-15 / week • Interviews 2-3 / week • Books 1 / month Watch the video with slide synchronization on InfoQ.com! http://www.infoq.com/presentations /debugging-microservices- production
Purpose of QCon - to empower software development by facilitating the spread of knowledge and innovation Strategy - practitioner-driven conference designed for YOU: influencers of change and innovation in your teams - speakers and topics driving the evolution and innovation - connecting and catalyzing the influencers and innovators Highlights - attended by more than 12,000 delegates since 2007 - held in 9 cities worldwide Presented at QCon San Francisco www.qconsf.com
Debugging in the beginning...
Debugging in the beginning... — Sir Maurice Wilkes, 1913 - 2010
Debugging in the beginning... — Sir Maurice Wilkes, 1913 - 2010
Debugging in the beginning... — Sir Maurice Wilkes, 1913 - 2010 “As soon as we started programming, we found to our surprise that it wasn't as easy to get programs right as we had thought. Debugging had to be discovered. I can remember the exact instant when I realized that a large part of my life from then on was going to be spent in finding mistakes in my own programs.”
Debugging • The first non-trivial program for the EDSAC (a program to calculate a table of Airy integrals) had 120 lines and 20 errors — including one not debugged until four decades later! • This experience remains modern for anyone in software today, and many spend much of their career debugging • Yet there is little formalized about debugging: few books on it; little research; no conferences — and no university courses! • Is it any surprise that debugging anti-patterns persist?
Debugging anti-patterns • For too many, debugging is the process of making problems go away rather than understanding the system! • The view of bugs-as-nuisance has many knock-on effects: • Fixes that don’t fix the problem (or introduce new ones!) • Bug reports closed out as “will not fix” or “works for me” • Users who are told to “restart” or “reboot” or “log out” or anything else that amounts to wishful thinking • And this is only when the process has obviously failed...
Darker debugging anti-patterns • More insidious effects are felt when the problem appears to have been resolved, but hasn’t actually been fully understood • These are the fixes that amount to a fresh coat of paint over a crack in the foundation — and they are worse than nothing • Not only do these fixes not actually resolve the problem, they give the engineer a false sense of confidence that spreads virally • “Debugging” devolves into an oral tradition: folk tales of problems that were made to go away
Thinking methodically • The way we think about debugging is fundamentally wrong; we need to think methodically about debugging! • When we think of debugging as the quest for understanding our (misbehaving) systems, it allows us to consider it more abstractly • Namely, how do we explain the phenomena that affect our world? • We have found that the most powerful explanations reflect an understanding of underlying structure — beyond what to why • This deeper understanding allows us to not only to explain but make predictions
Predictive power • Valuing predictive power allows us to test our explanations: if our predictions are wrong, our understanding is incomplete • We can use the understanding from failed predictions to develop new explanations and new predictions • We can then test these new predictions to test our understanding • If all of this is sounding familiar, it’s because it’s science — and the methodical exploration of it is the scientific method
The scientific method • The scientific method is to: • Make observations • Formulate a question • Formulate a hypothesis that answers the question • Formulate predictions that test the hypothesis • Test the predictions by conducting an experiment • Refine the hypothesis and repeat as needed
Science, seriously?!
Science, seriously. • Software debugging is a pure distillation of scientific thinking • The limitless amount of data from software systems allows experiments in seconds instead of weeks/months/years • The systems we’re reasoning about are entirely synthetic, discrete and mutable — we made it, we can understand it • Software is mathematical machine; the conclusions of software debugging are often mathematical in their unequivocal power! • Software debugging is so pure, it requires us to refine the scientific method slightly to reflect its capabilities...
The software debugging method • Make observations • Based on observations, formulate a question • If the question can be answered through subsequent observation, answer the question through observation and refine/iterate • If the question cannot be answered through observation, make a hypothesis as to the answer and formulate predictions • If predictions can be tested through subsequent observation, test the predictions through observation and refine/iterate • Otherwise, test predictions through experiment and refine/iterate
Observation is the heart of debugging! • The essence — and art! — of debugging software is making observations and asking questions, not formulating hypotheses! • Observations are facts — they constrain hypotheses in that any hypothesis contradicted by facts can be summarily rejected • As facts beget questions which beget observations and more facts, hypotheses become more tightly constrained — like a cordon being cinched around the truth • Or, in the words of Sir Arthur Conan Doyle’s Sherlock Holmes, “when you have eliminated all which is impossible, then whatever remains, however improbable, must be the truth”
Making the hypothetical leap • Once observation has sufficiently narrowed the gap between what is known and what is wrong, a hypothetical leap should be made • Debugging is inefficient when this leap is made too early — like making a specific guess too early in Twenty Questions • A hypothesis is only as good as its ability to form a prediction • A prediction should be tested with either subsequent observation or by conducting an experiment • If the prediction proves to be incorrect, understanding is incomplete; the hypothesis must be rejected — or refined
Experiments in software • A beauty of software is that it is highly amenable to experiment • Many experiments are programs — and the most satisfying experiments test predictions about how failure can be induced • Many “non-reproducible” problems are merely unusual! • Debugging a putatively non-reproducible problem to the point of a reproducible test case is a joy unique in software engineering
Software debugging in practice • The specifics of observation depends on the nature of the failure • Software has different kinds of failure modes: • Fatal failure (segmentation violation, uncaught exception) • Non-fatal failure (gives the wrong answer, performs terribly) • Explicit failure (assertion failure, error message) • Implicit failure (cheerfully does the wrong thing)
Taxonomizing software failure Implicit Explicit Non-fatal Fatal Gives the wrong answer Returns the wrong result Leaks resources Stops doing work Performs pathologically Emits an error message Returns an error code Assertion failure Process explicitly aborts Exits with an error code Segmentation violation Bus Error Panic Type Error Uncaught Exception
Microservices prehistory • The late 1990s saw the rise of three-tier architectures consisting of presentation, application logic and data tiers • Many names for roughly the same notion: “Service-oriented architecture”, “Model/View/Controller”, etc. • The AJAX+REST revolution of the mid-2000s gave rise to true web applications in which application logic could live on the edge • Led to some broader architectural questioning...
Post-AJAX questions • Why should HTTP be restricted to the web? • Why should REST be restricted to web apps? • Instead of having one monolithic architecture, why not have a series of (smaller) services that merely did one thing well? • In case this sounds vaguely familiar...
The Unix Philosophy • The Unix philosophy, as articulated by Doug McIlroy: • Write programs that do one thing and do it well • Write programs to work together • Write programs that handle text streams, because that is a universal interface • The single most important revolution in software systems thinking! • Applying it to HTTP-based services...
Microservices • Microservices do one thing, and strive to do it well • Replace a small number of monoliths with many services that have well-documented, small HTTP-based APIs • Larger systems can be composed of these smaller services • While the trend it describes is real, the term “microservices” isn’t without its controversy...
Microservices
Microservices
Debugging microservices • Veteran nerd rage may be being provoked by proponents of microservices not fully appreciating the risks… • Microservices turn a monolithic system into a distributed one • While resilient to certain classes of force majeure failures, distributed systems remain vulnerable to software defects • Distributed systems are infamously nasty to debug — not least because they often must be debugged in production
Microservices in production • Microservices are tautologically small — they don’t need their own dedicated physical hardware, or even dedicated virtual hardware! • Microservices are a particularly good fit for containers, virtual OS instances pioneered by FreeBSD jails and Solaris zones
Containers at Joyent • Joyent runs OS containers in the cloud via SmartOS — and we have run containers in multi-tenant production since ~2006 • Adding support for hardware-based virtualization circa 2011 strengthened our resolve with respect to OS-based virtualization • OS containers are lightweight and efficient — which is especially important as services become smaller and more numerous: overhead and latency become increasingly important! • We emphasized their operational characteristics — performance, elasticity, tenancy — and for many years, we were a lone voice...
Containers as PaaS foundation? • Some saw the power of OS containers to facilitate up-stack platform-as-a-service abstractions • For example, dotCloud — a platform-as-a-service provider — built their PaaS on OS containers • Struggling as a PaaS, dotCloud pivoted — and open sourced their container-based orchestration layer...
...and Docker was born
Docker revolution • Docker has used the rapid provisioning + shared underlying filesystem of containers to allow developers to think operationally • Developers can encode deployment procedures via an image • Images can be reliably and reproducibly deployed as a container • Images can be quickly deployed — and re-deployed • Docker complements the small-system ethos of microservices!
Docker at Joyent • We wanted to create a best-of-all-worlds platform: the developer ease of Docker on the production-grade substrate of SmartOS • We developed a Linux system call interface for SmartOS, allowing SmartOS to run Linux binaries at bare-metal speed • In March 2015, we introduced Triton, our (open source!) stack that deploys Docker containers directly on the metal • Triton virtualizes the notion of a Docker host (i.e., “docker ps” shows all of one’s containers datacenter-wide) • Brings full debugging (DTrace, MDB) to Docker containers
When microservices fail?
A more apt metaphor...
Microservice failure modes Implicit Explicit Non-fatal Fatal Gives the wrong answer Returns the wrong result Leaks resources Stops doing work Performs pathologically Emits an error message Returns an error code Assertion failure Process explicitly aborts Exits with an error code Segmentation violation Bus Error Panic Type Error Uncaught Exception
Cascading microservice failure modes Implicit Explicit Non-fatal Fatal Gives the wrong answer Returns the wrong result Leaks resources Stops doing work Performs pathologically Emits an error message Returns an error code Assertion failure Process explicitly aborts Exits with an error code Segmentation violation Bus Error Panic Type Error Uncaught Exception
Debugging fatal failure • When software fails fatally, we know that the software itself is broken — its state has become inconsistent • By saving in-memory state to stable storage, the software can be debugged postmortem • To debug, one starts with the invalid state and reasons backwards to discover a transition from a valid state to an invalid one • This technique is so old, that the terms for this saved state dates back to the dawn of the computing age: a core dump • Not as low-level as the name implies! Modern high-level languages (e.g., node.js and Go) allow postmortem debugging!
Debugging fatal failure: microservices • Postmortem analysis lends itself very well to microservices: • There is no run-time overhead; overhead (such as it is) is only at the time of death • The microservice/container can be safely (automatically!) restarted; the core dump can be analyzed asynchronously • Tooling need not be in container, can be made arbitrarily rich • In Triton, all core dumps are automatically stored and then uploaded into a system that allows for analysis, tagging, etc. • This has been invaluable for debugging our own services!
Debugging non-fatal failure • There is a solace in fatal failure: it always represents a software defect at some level — and the inconsistent state is static • Non-fatal failure can be more challenging: the state is valid and dynamic — it’s difficult to separate symptom from cause • Non-fatal failure must still be understood empirically! • Debugging in vivo requires that data be extracted from the system — either of its own volition (e.g., via logs) or by coercion (e.g., via instrumentation)
Debugging explicit, non-fatal failure • When failure is explicit (e.g., an error or warning message), it provides a very important data point • If failure is non-reproducible or otherwise transient, analysis of explicit software activity becomes essential • Action in one container will often need to be associated with failures in another • Especially for distributed systems, this becomes log analysis, and is an essential forensic tool for understanding explicit failure • Essential observation: a time line of events!
Debugging implicit, non-fatal failure • Problems that are both implicit and non-fatal represent the most time-consuming, most difficult problems to debug because the system must be understood against its will • Wherever possible make software explicit about failure! • Where errors are programmatic (and not operational), they should always induce fatal failure! • Microservices break at the boundaries: two services each think that they are operating correctly, but together they’re broken • Data must be coerced from the system via instrumentation
Instrumenting production systems • Traditionally, software instrumentation was hard-coded and static (necessitating software restart or — worse — recompile) • Dynamic system instrumentation was historically limited to system call table (strace/truss) or packet capture (tcpdump/snoop) • Effective for some problems, but a poor fit for ad hoc analysis • In 2003, Sun developed DTrace, a facility for arbitrary, dynamic instrumentation of production systems that has since been ported to Mac OS X, FreeBSD, NetBSD and (to a degree) Linux • DTrace has inspired dynamic instrumentation in other systems (see @brendangregg’s talk!)
Instrumenting Docker containers • In Docker, instrumentation is a challenge as containers may not include the tooling necessary to understand the system • Docker host-based techniques for instrumentation may be tempting, but they should be considered an anti-pattern! • DTrace has a privilege model that allows it to be safely (and usefully) used from within a container • In Triton, DTrace is available from within every container — one can “docker exec -it bash” and then debug interactively
Instrumenting node.js-based microservices • We have invested heavily in node.js-based infrastructure to allow us to meaningfully instrument microservices in production: • We developed Bunyan, a logging facility for node.js that includes DTrace support • Added DTrace support for node.js profiling • An essential vector for iterative observation: turning up the logging level on a running microservice!
Debugging microservices in production • Debugging methodically requires us to shift our thinking — and learn how to carefully observe the systems we build • Different types of failures necessitate different techniques: • Fatal failure is best debugged via postmortem analysis — which is particular appropriate in an all-container world • Non-fatal failure necessitates log analysis and dynamic instrumentation • The ability to debug problems in production is essential to successfully deploy and scale microservices!
Watch the video with slide synchronization on InfoQ.com! http://www.infoq.com/presentations/debugging- microservices-production

Recomendados

Microservices Antipatterns
Microservices AntipatternsMicroservices Antipatterns
Microservices AntipatternsC4Media
 
A Primer on Big Data for Business
A Primer on Big Data for BusinessA Primer on Big Data for Business
A Primer on Big Data for BusinessLeslie Bradshaw
 
Debugging (Docker) containers in production
Debugging (Docker) containers in productionDebugging (Docker) containers in production
Debugging (Docker) containers in productionbcantrill
 
Debugging microservices in production
Debugging microservices in productionDebugging microservices in production
Debugging microservices in productionbcantrill
 
What's Better than Microservices? Serverless Microservices.
What's Better than Microservices? Serverless Microservices.What's Better than Microservices? Serverless Microservices.
What's Better than Microservices? Serverless Microservices.Apigee | Google Cloud
 
Principles of microservices velocity
Principles of microservices velocityPrinciples of microservices velocity
Principles of microservices velocitySam Newman
 
Streaming a Million Likes/Second: Real-Time Interactions on Live Video
Streaming a Million Likes/Second: Real-Time Interactions on Live VideoStreaming a Million Likes/Second: Real-Time Interactions on Live Video
Streaming a Million Likes/Second: Real-Time Interactions on Live VideoC4Media
 
Next Generation Client APIs in Envoy Mobile
Next Generation Client APIs in Envoy MobileNext Generation Client APIs in Envoy Mobile
Next Generation Client APIs in Envoy MobileC4Media
 

Recomendados

Microservices Antipatterns
Microservices AntipatternsMicroservices Antipatterns
Microservices AntipatternsC4Media
 
A Primer on Big Data for Business
A Primer on Big Data for BusinessA Primer on Big Data for Business
A Primer on Big Data for BusinessLeslie Bradshaw
 
Debugging (Docker) containers in production
Debugging (Docker) containers in productionDebugging (Docker) containers in production
Debugging (Docker) containers in productionbcantrill
 
Debugging microservices in production
Debugging microservices in productionDebugging microservices in production
Debugging microservices in productionbcantrill
 
What's Better than Microservices? Serverless Microservices.
What's Better than Microservices? Serverless Microservices.What's Better than Microservices? Serverless Microservices.
What's Better than Microservices? Serverless Microservices.Apigee | Google Cloud
 
Principles of microservices velocity
Principles of microservices velocityPrinciples of microservices velocity
Principles of microservices velocitySam Newman
 
Streaming a Million Likes/Second: Real-Time Interactions on Live Video
Streaming a Million Likes/Second: Real-Time Interactions on Live VideoStreaming a Million Likes/Second: Real-Time Interactions on Live Video
Streaming a Million Likes/Second: Real-Time Interactions on Live VideoC4Media
 
Next Generation Client APIs in Envoy Mobile
Next Generation Client APIs in Envoy MobileNext Generation Client APIs in Envoy Mobile
Next Generation Client APIs in Envoy MobileC4Media
 
Software Teams and Teamwork Trends Report Q1 2020
Software Teams and Teamwork Trends Report Q1 2020Software Teams and Teamwork Trends Report Q1 2020
Software Teams and Teamwork Trends Report Q1 2020C4Media
 
Understand the Trade-offs Using Compilers for Java Applications
Understand the Trade-offs Using Compilers for Java ApplicationsUnderstand the Trade-offs Using Compilers for Java Applications
Understand the Trade-offs Using Compilers for Java ApplicationsC4Media
 
Kafka Needs No Keeper
Kafka Needs No KeeperKafka Needs No Keeper
Kafka Needs No KeeperC4Media
 
High Performing Teams Act Like Owners
High Performing Teams Act Like OwnersHigh Performing Teams Act Like Owners
High Performing Teams Act Like OwnersC4Media
 
Does Java Need Inline Types? What Project Valhalla Can Bring to Java
Does Java Need Inline Types? What Project Valhalla Can Bring to JavaDoes Java Need Inline Types? What Project Valhalla Can Bring to Java
Does Java Need Inline Types? What Project Valhalla Can Bring to JavaC4Media
 
Service Meshes- The Ultimate Guide
Service Meshes- The Ultimate GuideService Meshes- The Ultimate Guide
Service Meshes- The Ultimate GuideC4Media
 
Shifting Left with Cloud Native CI/CD
Shifting Left with Cloud Native CI/CDShifting Left with Cloud Native CI/CD
Shifting Left with Cloud Native CI/CDC4Media
 
CI/CD for Machine Learning
CI/CD for Machine LearningCI/CD for Machine Learning
CI/CD for Machine LearningC4Media
 
Fault Tolerance at Speed
Fault Tolerance at SpeedFault Tolerance at Speed
Fault Tolerance at SpeedC4Media
 
Architectures That Scale Deep - Regaining Control in Deep Systems
Architectures That Scale Deep - Regaining Control in Deep SystemsArchitectures That Scale Deep - Regaining Control in Deep Systems
Architectures That Scale Deep - Regaining Control in Deep SystemsC4Media
 
ML in the Browser: Interactive Experiences with Tensorflow.js
ML in the Browser: Interactive Experiences with Tensorflow.jsML in the Browser: Interactive Experiences with Tensorflow.js
ML in the Browser: Interactive Experiences with Tensorflow.jsC4Media
 
Build Your Own WebAssembly Compiler
Build Your Own WebAssembly CompilerBuild Your Own WebAssembly Compiler
Build Your Own WebAssembly CompilerC4Media
 
User & Device Identity for Microservices @ Netflix Scale
User & Device Identity for Microservices @ Netflix ScaleUser & Device Identity for Microservices @ Netflix Scale
User & Device Identity for Microservices @ Netflix ScaleC4Media
 
Scaling Patterns for Netflix's Edge
Scaling Patterns for Netflix's EdgeScaling Patterns for Netflix's Edge
Scaling Patterns for Netflix's EdgeC4Media
 
Make Your Electron App Feel at Home Everywhere
Make Your Electron App Feel at Home EverywhereMake Your Electron App Feel at Home Everywhere
Make Your Electron App Feel at Home EverywhereC4Media
 
The Talk You've Been Await-ing For
The Talk You've Been Await-ing ForThe Talk You've Been Await-ing For
The Talk You've Been Await-ing ForC4Media
 
Future of Data Engineering
Future of Data EngineeringFuture of Data Engineering
Future of Data EngineeringC4Media
 
Automated Testing for Terraform, Docker, Packer, Kubernetes, and More
Automated Testing for Terraform, Docker, Packer, Kubernetes, and MoreAutomated Testing for Terraform, Docker, Packer, Kubernetes, and More
Automated Testing for Terraform, Docker, Packer, Kubernetes, and MoreC4Media
 
Navigating Complexity: High-performance Delivery and Discovery Teams
Navigating Complexity: High-performance Delivery and Discovery TeamsNavigating Complexity: High-performance Delivery and Discovery Teams
Navigating Complexity: High-performance Delivery and Discovery TeamsC4Media
 
High Performance Cooperative Distributed Systems in Adtech
High Performance Cooperative Distributed Systems in AdtechHigh Performance Cooperative Distributed Systems in Adtech
High Performance Cooperative Distributed Systems in AdtechC4Media
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 

Mais conteúdo relacionado

Mais de C4Media

Software Teams and Teamwork Trends Report Q1 2020
Software Teams and Teamwork Trends Report Q1 2020Software Teams and Teamwork Trends Report Q1 2020
Software Teams and Teamwork Trends Report Q1 2020C4Media
 
Understand the Trade-offs Using Compilers for Java Applications
Understand the Trade-offs Using Compilers for Java ApplicationsUnderstand the Trade-offs Using Compilers for Java Applications
Understand the Trade-offs Using Compilers for Java ApplicationsC4Media
 
Kafka Needs No Keeper
Kafka Needs No KeeperKafka Needs No Keeper
Kafka Needs No KeeperC4Media
 
High Performing Teams Act Like Owners
High Performing Teams Act Like OwnersHigh Performing Teams Act Like Owners
High Performing Teams Act Like OwnersC4Media
 
Does Java Need Inline Types? What Project Valhalla Can Bring to Java
Does Java Need Inline Types? What Project Valhalla Can Bring to JavaDoes Java Need Inline Types? What Project Valhalla Can Bring to Java
Does Java Need Inline Types? What Project Valhalla Can Bring to JavaC4Media
 
Service Meshes- The Ultimate Guide
Service Meshes- The Ultimate GuideService Meshes- The Ultimate Guide
Service Meshes- The Ultimate GuideC4Media
 
Shifting Left with Cloud Native CI/CD
Shifting Left with Cloud Native CI/CDShifting Left with Cloud Native CI/CD
Shifting Left with Cloud Native CI/CDC4Media
 
CI/CD for Machine Learning
CI/CD for Machine LearningCI/CD for Machine Learning
CI/CD for Machine LearningC4Media
 
Fault Tolerance at Speed
Fault Tolerance at SpeedFault Tolerance at Speed
Fault Tolerance at SpeedC4Media
 
Architectures That Scale Deep - Regaining Control in Deep Systems
Architectures That Scale Deep - Regaining Control in Deep SystemsArchitectures That Scale Deep - Regaining Control in Deep Systems
Architectures That Scale Deep - Regaining Control in Deep SystemsC4Media
 
ML in the Browser: Interactive Experiences with Tensorflow.js
ML in the Browser: Interactive Experiences with Tensorflow.jsML in the Browser: Interactive Experiences with Tensorflow.js
ML in the Browser: Interactive Experiences with Tensorflow.jsC4Media
 
Build Your Own WebAssembly Compiler
Build Your Own WebAssembly CompilerBuild Your Own WebAssembly Compiler
Build Your Own WebAssembly CompilerC4Media
 
User & Device Identity for Microservices @ Netflix Scale
User & Device Identity for Microservices @ Netflix ScaleUser & Device Identity for Microservices @ Netflix Scale
User & Device Identity for Microservices @ Netflix ScaleC4Media
 
Scaling Patterns for Netflix's Edge
Scaling Patterns for Netflix's EdgeScaling Patterns for Netflix's Edge
Scaling Patterns for Netflix's EdgeC4Media
 
Make Your Electron App Feel at Home Everywhere
Make Your Electron App Feel at Home EverywhereMake Your Electron App Feel at Home Everywhere
Make Your Electron App Feel at Home EverywhereC4Media
 
The Talk You've Been Await-ing For
The Talk You've Been Await-ing ForThe Talk You've Been Await-ing For
The Talk You've Been Await-ing ForC4Media
 
Future of Data Engineering
Future of Data EngineeringFuture of Data Engineering
Future of Data EngineeringC4Media
 
Automated Testing for Terraform, Docker, Packer, Kubernetes, and More
Automated Testing for Terraform, Docker, Packer, Kubernetes, and MoreAutomated Testing for Terraform, Docker, Packer, Kubernetes, and More
Automated Testing for Terraform, Docker, Packer, Kubernetes, and MoreC4Media
 
Navigating Complexity: High-performance Delivery and Discovery Teams
Navigating Complexity: High-performance Delivery and Discovery TeamsNavigating Complexity: High-performance Delivery and Discovery Teams
Navigating Complexity: High-performance Delivery and Discovery TeamsC4Media
 
High Performance Cooperative Distributed Systems in Adtech
High Performance Cooperative Distributed Systems in AdtechHigh Performance Cooperative Distributed Systems in Adtech
High Performance Cooperative Distributed Systems in AdtechC4Media
 

Mais de C4Media (20)

Software Teams and Teamwork Trends Report Q1 2020
Software Teams and Teamwork Trends Report Q1 2020Software Teams and Teamwork Trends Report Q1 2020
Software Teams and Teamwork Trends Report Q1 2020
 
Understand the Trade-offs Using Compilers for Java Applications
Understand the Trade-offs Using Compilers for Java ApplicationsUnderstand the Trade-offs Using Compilers for Java Applications
Understand the Trade-offs Using Compilers for Java Applications
 
Kafka Needs No Keeper
Kafka Needs No KeeperKafka Needs No Keeper
Kafka Needs No Keeper
 
High Performing Teams Act Like Owners
High Performing Teams Act Like OwnersHigh Performing Teams Act Like Owners
High Performing Teams Act Like Owners
 
Does Java Need Inline Types? What Project Valhalla Can Bring to Java
Does Java Need Inline Types? What Project Valhalla Can Bring to JavaDoes Java Need Inline Types? What Project Valhalla Can Bring to Java
Does Java Need Inline Types? What Project Valhalla Can Bring to Java
 
Service Meshes- The Ultimate Guide
Service Meshes- The Ultimate GuideService Meshes- The Ultimate Guide
Service Meshes- The Ultimate Guide
 
Shifting Left with Cloud Native CI/CD
Shifting Left with Cloud Native CI/CDShifting Left with Cloud Native CI/CD
Shifting Left with Cloud Native CI/CD
 
CI/CD for Machine Learning
CI/CD for Machine LearningCI/CD for Machine Learning
CI/CD for Machine Learning
 
Fault Tolerance at Speed
Fault Tolerance at SpeedFault Tolerance at Speed
Fault Tolerance at Speed
 
Architectures That Scale Deep - Regaining Control in Deep Systems
Architectures That Scale Deep - Regaining Control in Deep SystemsArchitectures That Scale Deep - Regaining Control in Deep Systems
Architectures That Scale Deep - Regaining Control in Deep Systems
 
ML in the Browser: Interactive Experiences with Tensorflow.js
ML in the Browser: Interactive Experiences with Tensorflow.jsML in the Browser: Interactive Experiences with Tensorflow.js
ML in the Browser: Interactive Experiences with Tensorflow.js
 
Build Your Own WebAssembly Compiler
Build Your Own WebAssembly CompilerBuild Your Own WebAssembly Compiler
Build Your Own WebAssembly Compiler
 
User & Device Identity for Microservices @ Netflix Scale
User & Device Identity for Microservices @ Netflix ScaleUser & Device Identity for Microservices @ Netflix Scale
User & Device Identity for Microservices @ Netflix Scale
 
Scaling Patterns for Netflix's Edge
Scaling Patterns for Netflix's EdgeScaling Patterns for Netflix's Edge
Scaling Patterns for Netflix's Edge
 
Make Your Electron App Feel at Home Everywhere
Make Your Electron App Feel at Home EverywhereMake Your Electron App Feel at Home Everywhere
Make Your Electron App Feel at Home Everywhere
 
The Talk You've Been Await-ing For
The Talk You've Been Await-ing ForThe Talk You've Been Await-ing For
The Talk You've Been Await-ing For
 
Future of Data Engineering
Future of Data EngineeringFuture of Data Engineering
Future of Data Engineering
 
Automated Testing for Terraform, Docker, Packer, Kubernetes, and More
Automated Testing for Terraform, Docker, Packer, Kubernetes, and MoreAutomated Testing for Terraform, Docker, Packer, Kubernetes, and More
Automated Testing for Terraform, Docker, Packer, Kubernetes, and More
 
Navigating Complexity: High-performance Delivery and Discovery Teams
Navigating Complexity: High-performance Delivery and Discovery TeamsNavigating Complexity: High-performance Delivery and Discovery Teams
Navigating Complexity: High-performance Delivery and Discovery Teams
 
High Performance Cooperative Distributed Systems in Adtech
High Performance Cooperative Distributed Systems in AdtechHigh Performance Cooperative Distributed Systems in Adtech
High Performance Cooperative Distributed Systems in Adtech
 

Último

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 

Último (20)

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 

Debugging Microservices in Production

  • 2. InfoQ.com: News & Community Site • 750,000 unique visitors/month • Published in 4 languages (English, Chinese, Japanese and Brazilian Portuguese) • Post content from our QCon conferences • News 15-20 / week • Articles 3-4 / week • Presentations (videos) 12-15 / week • Interviews 2-3 / week • Books 1 / month Watch the video with slide synchronization on InfoQ.com! http://www.infoq.com/presentations /debugging-microservices- production
  • 3. Purpose of QCon - to empower software development by facilitating the spread of knowledge and innovation Strategy - practitioner-driven conference designed for YOU: influencers of change and innovation in your teams - speakers and topics driving the evolution and innovation - connecting and catalyzing the influencers and innovators Highlights - attended by more than 12,000 delegates since 2007 - held in 9 cities worldwide Presented at QCon San Francisco www.qconsf.com
  • 4. Debugging in the beginning...
  • 5. Debugging in the beginning... — Sir Maurice Wilkes, 1913 - 2010
  • 6. Debugging in the beginning... — Sir Maurice Wilkes, 1913 - 2010
  • 7. Debugging in the beginning... — Sir Maurice Wilkes, 1913 - 2010 “As soon as we started programming, we found to our surprise that it wasn't as easy to get programs right as we had thought. Debugging had to be discovered. I can remember the exact instant when I realized that a large part of my life from then on was going to be spent in finding mistakes in my own programs.”
  • 8. Debugging • The first non-trivial program for the EDSAC (a program to calculate a table of Airy integrals) had 120 lines and 20 errors — including one not debugged until four decades later! • This experience remains modern for anyone in software today, and many spend much of their career debugging • Yet there is little formalized about debugging: few books on it; little research; no conferences — and no university courses! • Is it any surprise that debugging anti-patterns persist?
  • 9. Debugging anti-patterns • For too many, debugging is the process of making problems go away rather than understanding the system! • The view of bugs-as-nuisance has many knock-on effects: • Fixes that don’t fix the problem (or introduce new ones!) • Bug reports closed out as “will not fix” or “works for me” • Users who are told to “restart” or “reboot” or “log out” or anything else that amounts to wishful thinking • And this is only when the process has obviously failed...
  • 10. Darker debugging anti-patterns • More insidious effects are felt when the problem appears to have been resolved, but hasn’t actually been fully understood • These are the fixes that amount to a fresh coat of paint over a crack in the foundation — and they are worse than nothing • Not only do these fixes not actually resolve the problem, they give the engineer a false sense of confidence that spreads virally • “Debugging” devolves into an oral tradition: folk tales of problems that were made to go away
  • 11. Thinking methodically • The way we think about debugging is fundamentally wrong; we need to think methodically about debugging! • When we think of debugging as the quest for understanding our (misbehaving) systems, it allows us to consider it more abstractly • Namely, how do we explain the phenomena that affect our world? • We have found that the most powerful explanations reflect an understanding of underlying structure — beyond what to why • This deeper understanding allows us to not only to explain but make predictions
  • 12. Predictive power • Valuing predictive power allows us to test our explanations: if our predictions are wrong, our understanding is incomplete • We can use the understanding from failed predictions to develop new explanations and new predictions • We can then test these new predictions to test our understanding • If all of this is sounding familiar, it’s because it’s science — and the methodical exploration of it is the scientific method
  • 13. The scientific method • The scientific method is to: • Make observations • Formulate a question • Formulate a hypothesis that answers the question • Formulate predictions that test the hypothesis • Test the predictions by conducting an experiment • Refine the hypothesis and repeat as needed
  • 15. Science, seriously. • Software debugging is a pure distillation of scientific thinking • The limitless amount of data from software systems allows experiments in seconds instead of weeks/months/years • The systems we’re reasoning about are entirely synthetic, discrete and mutable — we made it, we can understand it • Software is mathematical machine; the conclusions of software debugging are often mathematical in their unequivocal power! • Software debugging is so pure, it requires us to refine the scientific method slightly to reflect its capabilities...
  • 16. The software debugging method • Make observations • Based on observations, formulate a question • If the question can be answered through subsequent observation, answer the question through observation and refine/iterate • If the question cannot be answered through observation, make a hypothesis as to the answer and formulate predictions • If predictions can be tested through subsequent observation, test the predictions through observation and refine/iterate • Otherwise, test predictions through experiment and refine/iterate
  • 17. Observation is the heart of debugging! • The essence — and art! — of debugging software is making observations and asking questions, not formulating hypotheses! • Observations are facts — they constrain hypotheses in that any hypothesis contradicted by facts can be summarily rejected • As facts beget questions which beget observations and more facts, hypotheses become more tightly constrained — like a cordon being cinched around the truth • Or, in the words of Sir Arthur Conan Doyle’s Sherlock Holmes, “when you have eliminated all which is impossible, then whatever remains, however improbable, must be the truth”
  • 18. Making the hypothetical leap • Once observation has sufficiently narrowed the gap between what is known and what is wrong, a hypothetical leap should be made • Debugging is inefficient when this leap is made too early — like making a specific guess too early in Twenty Questions • A hypothesis is only as good as its ability to form a prediction • A prediction should be tested with either subsequent observation or by conducting an experiment • If the prediction proves to be incorrect, understanding is incomplete; the hypothesis must be rejected — or refined
  • 19. Experiments in software • A beauty of software is that it is highly amenable to experiment • Many experiments are programs — and the most satisfying experiments test predictions about how failure can be induced • Many “non-reproducible” problems are merely unusual! • Debugging a putatively non-reproducible problem to the point of a reproducible test case is a joy unique in software engineering
  • 20. Software debugging in practice • The specifics of observation depends on the nature of the failure • Software has different kinds of failure modes: • Fatal failure (segmentation violation, uncaught exception) • Non-fatal failure (gives the wrong answer, performs terribly) • Explicit failure (assertion failure, error message) • Implicit failure (cheerfully does the wrong thing)
  • 21. Taxonomizing software failure Implicit Explicit Non-fatal Fatal Gives the wrong answer Returns the wrong result Leaks resources Stops doing work Performs pathologically Emits an error message Returns an error code Assertion failure Process explicitly aborts Exits with an error code Segmentation violation Bus Error Panic Type Error Uncaught Exception
  • 22. Microservices prehistory • The late 1990s saw the rise of three-tier architectures consisting of presentation, application logic and data tiers • Many names for roughly the same notion: “Service-oriented architecture”, “Model/View/Controller”, etc. • The AJAX+REST revolution of the mid-2000s gave rise to true web applications in which application logic could live on the edge • Led to some broader architectural questioning...
  • 23. Post-AJAX questions • Why should HTTP be restricted to the web? • Why should REST be restricted to web apps? • Instead of having one monolithic architecture, why not have a series of (smaller) services that merely did one thing well? • In case this sounds vaguely familiar...
  • 24. The Unix Philosophy • The Unix philosophy, as articulated by Doug McIlroy: • Write programs that do one thing and do it well • Write programs to work together • Write programs that handle text streams, because that is a universal interface • The single most important revolution in software systems thinking! • Applying it to HTTP-based services...
  • 25. Microservices • Microservices do one thing, and strive to do it well • Replace a small number of monoliths with many services that have well-documented, small HTTP-based APIs • Larger systems can be composed of these smaller services • While the trend it describes is real, the term “microservices” isn’t without its controversy...
  • 28. Debugging microservices • Veteran nerd rage may be being provoked by proponents of microservices not fully appreciating the risks… • Microservices turn a monolithic system into a distributed one • While resilient to certain classes of force majeure failures, distributed systems remain vulnerable to software defects • Distributed systems are infamously nasty to debug — not least because they often must be debugged in production
  • 29. Microservices in production • Microservices are tautologically small — they don’t need their own dedicated physical hardware, or even dedicated virtual hardware! • Microservices are a particularly good fit for containers, virtual OS instances pioneered by FreeBSD jails and Solaris zones
  • 30. Containers at Joyent • Joyent runs OS containers in the cloud via SmartOS — and we have run containers in multi-tenant production since ~2006 • Adding support for hardware-based virtualization circa 2011 strengthened our resolve with respect to OS-based virtualization • OS containers are lightweight and efficient — which is especially important as services become smaller and more numerous: overhead and latency become increasingly important! • We emphasized their operational characteristics — performance, elasticity, tenancy — and for many years, we were a lone voice...
  • 31. Containers as PaaS foundation? • Some saw the power of OS containers to facilitate up-stack platform-as-a-service abstractions • For example, dotCloud — a platform-as-a-service provider — built their PaaS on OS containers • Struggling as a PaaS, dotCloud pivoted — and open sourced their container-based orchestration layer...
  • 33. Docker revolution • Docker has used the rapid provisioning + shared underlying filesystem of containers to allow developers to think operationally • Developers can encode deployment procedures via an image • Images can be reliably and reproducibly deployed as a container • Images can be quickly deployed — and re-deployed • Docker complements the small-system ethos of microservices!
  • 34. Docker at Joyent • We wanted to create a best-of-all-worlds platform: the developer ease of Docker on the production-grade substrate of SmartOS • We developed a Linux system call interface for SmartOS, allowing SmartOS to run Linux binaries at bare-metal speed • In March 2015, we introduced Triton, our (open source!) stack that deploys Docker containers directly on the metal • Triton virtualizes the notion of a Docker host (i.e., “docker ps” shows all of one’s containers datacenter-wide) • Brings full debugging (DTrace, MDB) to Docker containers
  • 36. A more apt metaphor...
  • 37. Microservice failure modes Implicit Explicit Non-fatal Fatal Gives the wrong answer Returns the wrong result Leaks resources Stops doing work Performs pathologically Emits an error message Returns an error code Assertion failure Process explicitly aborts Exits with an error code Segmentation violation Bus Error Panic Type Error Uncaught Exception
  • 38. Cascading microservice failure modes Implicit Explicit Non-fatal Fatal Gives the wrong answer Returns the wrong result Leaks resources Stops doing work Performs pathologically Emits an error message Returns an error code Assertion failure Process explicitly aborts Exits with an error code Segmentation violation Bus Error Panic Type Error Uncaught Exception
  • 39. Debugging fatal failure • When software fails fatally, we know that the software itself is broken — its state has become inconsistent • By saving in-memory state to stable storage, the software can be debugged postmortem • To debug, one starts with the invalid state and reasons backwards to discover a transition from a valid state to an invalid one • This technique is so old, that the terms for this saved state dates back to the dawn of the computing age: a core dump • Not as low-level as the name implies! Modern high-level languages (e.g., node.js and Go) allow postmortem debugging!
  • 40. Debugging fatal failure: microservices • Postmortem analysis lends itself very well to microservices: • There is no run-time overhead; overhead (such as it is) is only at the time of death • The microservice/container can be safely (automatically!) restarted; the core dump can be analyzed asynchronously • Tooling need not be in container, can be made arbitrarily rich • In Triton, all core dumps are automatically stored and then uploaded into a system that allows for analysis, tagging, etc. • This has been invaluable for debugging our own services!
  • 41. Debugging non-fatal failure • There is a solace in fatal failure: it always represents a software defect at some level — and the inconsistent state is static • Non-fatal failure can be more challenging: the state is valid and dynamic — it’s difficult to separate symptom from cause • Non-fatal failure must still be understood empirically! • Debugging in vivo requires that data be extracted from the system — either of its own volition (e.g., via logs) or by coercion (e.g., via instrumentation)
  • 42. Debugging explicit, non-fatal failure • When failure is explicit (e.g., an error or warning message), it provides a very important data point • If failure is non-reproducible or otherwise transient, analysis of explicit software activity becomes essential • Action in one container will often need to be associated with failures in another • Especially for distributed systems, this becomes log analysis, and is an essential forensic tool for understanding explicit failure • Essential observation: a time line of events!
  • 43. Debugging implicit, non-fatal failure • Problems that are both implicit and non-fatal represent the most time-consuming, most difficult problems to debug because the system must be understood against its will • Wherever possible make software explicit about failure! • Where errors are programmatic (and not operational), they should always induce fatal failure! • Microservices break at the boundaries: two services each think that they are operating correctly, but together they’re broken • Data must be coerced from the system via instrumentation
  • 44. Instrumenting production systems • Traditionally, software instrumentation was hard-coded and static (necessitating software restart or — worse — recompile) • Dynamic system instrumentation was historically limited to system call table (strace/truss) or packet capture (tcpdump/snoop) • Effective for some problems, but a poor fit for ad hoc analysis • In 2003, Sun developed DTrace, a facility for arbitrary, dynamic instrumentation of production systems that has since been ported to Mac OS X, FreeBSD, NetBSD and (to a degree) Linux • DTrace has inspired dynamic instrumentation in other systems (see @brendangregg’s talk!)
  • 45. Instrumenting Docker containers • In Docker, instrumentation is a challenge as containers may not include the tooling necessary to understand the system • Docker host-based techniques for instrumentation may be tempting, but they should be considered an anti-pattern! • DTrace has a privilege model that allows it to be safely (and usefully) used from within a container • In Triton, DTrace is available from within every container — one can “docker exec -it bash” and then debug interactively
  • 46. Instrumenting node.js-based microservices • We have invested heavily in node.js-based infrastructure to allow us to meaningfully instrument microservices in production: • We developed Bunyan, a logging facility for node.js that includes DTrace support • Added DTrace support for node.js profiling • An essential vector for iterative observation: turning up the logging level on a running microservice!
  • 47. Debugging microservices in production • Debugging methodically requires us to shift our thinking — and learn how to carefully observe the systems we build • Different types of failures necessitate different techniques: • Fatal failure is best debugged via postmortem analysis — which is particular appropriate in an all-container world • Non-fatal failure necessitates log analysis and dynamic instrumentation • The ability to debug problems in production is essential to successfully deploy and scale microservices!
  • 48. Watch the video with slide synchronization on InfoQ.com! http://www.infoq.com/presentations/debugging- microservices-production