Anything that can go wrong will go wrong! That’s how Murphy’s law states that the fact that outages are inevitable and systems often misbehave. As developers, we are working hard to build reliable and scalable systems, and it’s our job to keep the ship floating and the services up. In this session, we will talk about fires, how to put them out, and how to be ready for them. We will discuss abuser stories, degradation of service, and dependencies management as possible techniques to fight fires. We will discuss these techniques through some war stories and how they helped or could have helped service owners. Agenda: - What brought me here? - What is fire? - Firefighting Vs. The dev team - How do you end up with fire? - Your dependencies will fail. - Feature toggles are your friends - Abuser stories

1. Fire Fighting
A developer's story

2. Ahmed Eid
Software Developer
Booking.com, Amsterdam
crouchsays

3. Agenda
• What to expect?
• What brought me here?
• What is a fire?
• Fire-fighting vs. The team
• Mapping out dependencies
• Feature toggles
• Abuser Stories
• The unknown unknowns!

4. What to
expect?
Why fires aren't only harming
your SLIs?
A pro-active approach to fire-
fighting.
What could they have done
better? (War stories)

5. What brought
me here?
• Same process, different problem
• The scale matters
• Less fire-fighting = Higher productivity

6. What? Why? How?

7. What is a fire?
Anything that would require an emergency re-
allocation of resources.
IOW, anything that would require you to drop
whatever you have in hands right now and start
working on.

8. Why is it a
problem?
Disturb the planned work
Hero culture
Stressful for fighters
Patches make it chronic

9. How does it
happen?
• Cutting corners while solving problems
• Too many problems and no enough time
• Allowing others control the project agenda
• No priorities, everything is urgent

10. How to be ready?

11. Dependencies
Think about your subsystems
and dependencies
Document impact in case of
failure
Think of fallbacks or degradation
of service

12. login​ list_products checkout​
Users DB​ Fatal​ N/A​ Needed​
User activity stream​ Needed​ Needed​ Needed​
Products DB​ N/A​ Fatal​ Fatal​
Stored Cards​ N/A​ N/A​ Needed​

13. Features
• What are they?
• Release Toggles vs Long-lived Switches
• Document them:
• When to use?
• What is the impact?

14. login​ list_products checkout​
Users DB​ Fatal​ N/A​ Needed​
User activity stream​ Needed​ Needed​ Needed​
Products DB​ N/A​ Fatal​ Fatal​
Stored Cards​ N/A​ N/A​ Needed​

15. Abuser
Stories
• Evil users
• It's important to change hats
• Prepare for the worst

16. War stories?
• As an abuser, I'd like to live stream violent
content(video) and make it go viral. - Facebook
• As an abuser, I want to post social engineering-
based scams and make them go viral. - Twitter

17. There are known knowns. There
are things we know we know. We
also know there are known
unknowns. That is to say, we
know there are some things we
do not know. But there are also
unknown unknowns, the ones we
don't know we don't know.
Donald
Rumsfeld

18. Knowns Unknowns
Known Known
Knowns
(Facts)
Known Unknowns
(Questions)
Unknown Unknown
Knowns
(Intuition)
Unknown
unknowns
(Exploration)

19. The unknown
unknowns
You don't know what you don't
know
Users use systems in
unexpected ways
Log messages & metrics are
your best friends

20. * https://twitter.com/DZoneInc/status/1301603469267214338

21. Procedure
ASSESS CONTAIN INVESTIGATE
RESOLVE DOCUMENT

22. Thanks