Optimizing for change: Taking risks safely & e-commerce

3,541 views
3,486 views

Published on

now with working fonts

0 Comments
6 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
3,541
On SlideShare
0
From Embeds
0
Number of Embeds
1,583
Actions
Shares
0
Downloads
11
Comments
0
Likes
6
Embeds 0
No embeds

No notes for slide

Optimizing for change: Taking risks safely & e-commerce

  1. 1. Optimizing for change: Taking risks safely & e-commerce Kellan Elliott-McCrea @kellan CTO, EtsyMonday, October 8, 12
  2. 2. Monday, October 8, 12
  3. 3. Launched June 18, 2005 in Brooklyn 875,000 monthly active sellers 33.5MM items for sale $525MM in sales in 2011 1.43B page views, in Aug 102 engineers 74 releases, yesterdayMonday, October 8, 12
  4. 4. Take more risks. Build a better software. Have more fun.Monday, October 8, 12
  5. 5. “Sure that works when you’re building social software but what about a real business with $$$ involved?” - everybody alwaysMonday, October 8, 12
  6. 6. Continuous Deployment: small changes, pushed frequentlyMonday, October 8, 12
  7. 7. you can’t avoid making mistakes you can avoid making BIG mistakesMonday, October 8, 12
  8. 8. What are you optimizing for? MTTR MTBFMonday, October 8, 12
  9. 9. MTTR MTBFMonday, October 8, 12
  10. 10. 4 core techniques: 1. Put a Button On It 2. Branch in Code 3. Trunk is Always Deployable 4. Dark/Incremental LaunchesMonday, October 8, 12
  11. 11. Put a Button On It.Monday, October 8, 12
  12. 12. Branch in code: use features flags 4 core techniques: if ($cfg[‘awesome_new_search’]) { # new hotness $rsp = do_solr(); } else { # boring old stuff $rsp = do_grep(); }Monday, October 8, 12
  13. 13. Branch in code: use features flags 4 core techniques: for free you get: 1% launches admin only launches dark launches split testsMonday, October 8, 12
  14. 14. any engineer can launch an experiment to 1% of users 57 experiments live right nowMonday, October 8, 12
  15. 15. Metrics driven development measure everything! feedback loops!Monday, October 8, 12
  16. 16. Engineers love to measure make it ridiculously easyMonday, October 8, 12
  17. 17. Metrics driven development StatsD::timing("page.render", $msec);Monday, October 8, 12
  18. 18. Metrics driven developmentMonday, October 8, 12
  19. 19. Metrics aren’t optional a feature isn’t done without metricsMonday, October 8, 12
  20. 20. Make metrics visible remove the passwordsMonday, October 8, 12
  21. 21. Some tools: Graphite, Ganglia, Logster*, StatsD*, event beacons, log files, EMR, Vertica, SplunkMonday, October 8, 12
  22. 22. Getting started? Use StatsD StatsD @ Instagram, Pinterest, Github, Mozilla, LAN.com, Zynga, Kickstarter, LivingSocial and 70+ other companiesMonday, October 8, 12
  23. 23. Step 1: your 5 core metrics: @ Etsy: sign ups, logins, checkout, new listings, posts in the bugs forumsMonday, October 8, 12
  24. 24. Who watches the graphs?Monday, October 8, 12
  25. 25. Automate your analysis USE COMPUTERS!Monday, October 8, 12
  26. 26. Automate your analysis holtWintersConfidence(Upper|Lower)Monday, October 8, 12
  27. 27. Automate your analysis continuous integration: unit tests, coding standards, static analysis, risky code pathsMonday, October 8, 12
  28. 28. Make effective security easy by default Make insecure patterns “grep-able”Monday, October 8, 12
  29. 29. Actively monitor for attacks. Spikes in 500s and failed logins are your first clue.Monday, October 8, 12
  30. 30. “I discovered the vuln late Friday afternoon and wasnt quite ready to email it to them. Saturday morning, I confirmed the hole was still there and fixed a few bugs with my demo. I had my girlfriend test it from her house. It didnt work for her. I tested again and it had stopped working for me. Sure enough, it was now properly sanitized and had the correct JSON MIME type. The following Monday I received a response thanking me for reporting it, and telling me I was right. “Monday, October 8, 12
  31. 31. Treat independent security researches with respect.Monday, October 8, 12
  32. 32. “Culture eats strategy for breakfast”* (*possibly apocryphal)Monday, October 8, 12
  33. 33. Thank you!Monday, October 8, 12

×