Shadowing production requests

•Download as PPTX, PDF•

0 likes•9 views

This document discusses production request shadowing as a method for testing new software releases without affecting users. It involves duplicating each production request to a shadow environment running the new code. This allows comparing responses to detect regressions before deployment. Challenges include handling state, databases, and external services consistently between environments. But it provides free, real-world testing without risk to users.

Technology

Shadowing production
requests
JAKA ŠUŠTERŠIČ
BACKEND ENGINEER

MOST COMMON QUESTIONS BEFORE A
DEPLOY
• Will the new implemented functionality work?
• Will it break any existing functionality?
- EVERY BACKEND DEVELOPER

ESTABLISHED METHODS OF TESTING
• We only test the edge cases we can think of
• The number of code paths grows with project complexity
• Time and effort

YOLO DRAWBACKS
• Requires active monitoring and reverting
• Users are still affected by regressions

SHADOWING ADVANTAGES
• Users can't be affected by regressions in the new release
• We can compare production and shadow response content and
performance to catch regressions!

SHADOWING ADVANTAGES
• Free real world test inputs
• Free assertions - know good last version

REAL TIME
ZERO EFFORT
RISK-FREE
TESTING
WITH PRODUCTION REQUESTS

DATABASE
• Side effects of concurrently processing the same request on two
application servers
• For better response comparisons we need a shadow DB that has the same
data

DATABASE SOLUTION
• Dynamically mock the database layer (warning, this may be hard)
• Writable production read replica in the shadow environment
• Re-synced once enough changes happen
• Introduces some comparison noise
• Good enough™

EXTERNAL SERVICES
• Sending emails, processing payments, ...
• Data integrity
• Rate limiting + cost

KEEPING STATE ACROSS REQUESTS
• CSRF tokens
• The user doesn't receive the shadow responses
• The production state in invalid in the shadow environment

ACTIVE REQUEST EDITING
• Find state tokens in shadow responses
• Persist tokens in Redis per user IP
• Replace tokens in duplicated shadow requests

RESPONSE COMPARISON NOISE
• Sources of noise
• timestamps
• RNG
• external service data
• intended changes

CONCLUSION
• Risk free for end users
• New releases are subject to real world edge cases
• Automatic regression detection
• Increased trust in new releases

Visit infinum.co or find us on social networks:
infinum.co infinumco infinumco infinum
Questions?

The document provides an overview of a company called SOASTA and their cloud testing solution. It discusses SOASTA being the first cloud testing company established in 2007 and how their cloudtest solution allows customers to perform load and performance testing in the cloud in a fast, affordable and scalable way. Key features of cloudtest mentioned are on-demand test provisioning, real-time analytics dashboards, and full test reports.

Will ServerLess kill containers and Operations

Stephane Woillez

Why Your Next QA Job Might Be in Ops

Edward Rousseau

This document discusses how the role of QA professionals is changing as infrastructure code and cloud native technologies become more prevalent. It argues that while traditional manual testing roles may decline, the QA mindset of testing systems and finding issues before customers do is still needed, especially for validating infrastructure code, security, performance, compliance, and resilience of complex cloud systems. As more code moves to infrastructure domains like DevOps, the testing skills of QA professionals will be applicable to validating these new types of code and systems.

Engineering-Best-Practices

Gaurav Kumkar

The engineering team implemented several best practices that improved the organization. These included clickable mocks, coding standards, code reviews, architecture reviews, automated deployments, runbooks, quality engineering, RESTful APIs, user acceptance testing, build/release processes, and onboarding. The changes led to fewer bugs, better guidance for engineers, standardized decisions, faster iterations with customers, increased development speed, and more. Stakeholders saw the team as being far ahead thanks to the engineering improvements.

Scheduled releases @ Commit Porto 2016

Fábio Oliveira

GetYourGuide keeps their mobile apps on a tight two-week release schedule to move faster with smaller experiments, improve quality and user satisfaction, and establish a solid continuous delivery process. Releasing frequently allows fixes to not be delayed and for unfinished features to be merged and toggled. This has led to 7 releases in the last quarter compared to 3 previously, more experiments launched, and positive app review trends despite moving quickly. Maintaining the process requires continuous work but provides ownership and a stable set of scripts.

Tech trends 2018 2019

Johan Norm

The document summarizes several emerging tech trends for 2018-2019 including: - Micro-frontends, which separate large monolithic applications into independent and modular frontends. - Polly, which records and replays HTTP interactions for deterministic, accurate tests. - HTTP/3 which will officially replace HTTP-over-QUIC. - Architecture Decision Records (ADR) which document architectural choices in a standard format. - Chaos engineering which experiments on distributed systems to build confidence in withstanding turbulent conditions. - Blazor which allows building web UIs using C#/Razor components running natively in the browser via WebAssembly. - Nullable reference types coming to C# 8.

DON'T PANIC: GETTING YOUR INFRASTRUCTURE DRIFT UNDER CONTROL, ERAN BIBI, Firefly

DevOpsDays Tel Aviv

In your ever-changing Infrastructure, some changes are intentional while others are not. Drift is what happens whenever the real-world state of your infrastructure differs from the state defined in your configuration. This can happen for many reasons, sometimes it happens when adding or removing resources, other times when changing resource definitions upon resource termination or failure, and even when changes have been made manually or via other automation tools. While Terraform itself can detect drifts, in most cases, you will be informed about it too late: just before you are about to deploy new changes to your infrastructure. What’s interesting about Terraform though, is that you can apply changes in two separate and distinct steps of “Planning” and “Applying”. This means that you have full visibility of what Terraform is planning on doing beforehand, and if you are satisfied with the changes, you can choose to apply them. So how does this work? When something is changed intentionally, it will appear in the source code, and the Terraform plan will not do anything. However, if any part of the infrastructure has been changed manually, Terraform’s plan will identify this, and alert you to the change. In other words, if your IaC drifted from its expected state, then Terraform’s plan will, in fact, detect it. Applying this simple solution can empower DevOps and developer velocity, with the reassurance and context for unexpected changes in your IaC, in near real-time. This talk will showcase real-world examples, and practical ways to apply this in your production environments while doing so safely and at the pace of your engineering cycles.

Unified Deployment: Including the Mainframe in Enterprise DevOps

Compuware

During this collaborative webcast, Compuware Product Manager Mark Schettenhelm and XebiaLabs VP of Products Tim Buntel demo and discuss how the integration between Compuware’s ISPW mainframe DevOps solution and XebiaLabs’ XL Release Continuous Delivery technology helps enterprises engage in cross-platform release orchestration and create business agility. Mark and Tim: - Overview ISPW’s functionality - Overview XebiaLabs XL Release’s functionality - Demo the ISPW and XL Release integration - Explain the importance of two-platform Continuous Release

This document provides an overview of Siebel Monitoring Tools, an open source project to monitor Siebel environments. The project uses Nagios as a front-end dashboard to check the status of Siebel servers, components, and resource usage. It includes Nagios plugins that can monitor Siebel components as a group or individually. The backbone is a Perl API called Siebel::Srvrmgr that interacts with the srvrmgr program to retrieve data and generate status objects. The tools address limitations of relying only on infrastructure monitoring or using expensive proprietary solutions by leveraging open source software.

Continuous delivery while minimizing performance risks (dutch web ops meetup)

a32an

The document discusses methods for minimizing performance risks when deploying software continuously to production. It recommends blue-green deployments, dark launching, feature toggles, canary releasing, and production immune systems to reduce risks. It also advocates for establishing load testing requirements, using real browsers for user experience testing, making tests deterministic, and monitoring key metrics in all environments to identify performance bottlenecks before production. The overall aim is to provide early feedback through optional and safe pre-production load testing in order to fix issues and gradually implement dark releases and canary testing for continuous delivery with minimized risks.

Enterprise Beacon Object Hive - Siebel Version Control

Milind Waikul

This document discusses the benefits of version control for Siebel objects and describes how Object Hive provides a specialized version control system for Siebel. It notes that traditional version control systems like SVN are built for files, not Siebel objects, and don't integrate seamlessly. Object Hive captures changes directly from the Siebel repository, allows querying objects similar to Siebel Tools, and provides analytics on changes not possible otherwise. It concludes with system requirements and a call to action to try a free demo.

Andreas Grabner - Performance as Code, Let's Make It a Standard

Neotys_Partner

Since its beginning, the Performance Advisory Council aims to promote engagement between various experts from around the world, to create relevant, value-added content sharing between members. For Neotys, to strengthen our position as a thought leader in load & performance testing. During this event, 12 participants convened in Chamonix (France) exploring several topics on the minds of today’s performance tester such as DevOps, Shift Left/Right, Test Automation, Blockchain and Artificial Intelligence.

(SPOT302) Availability: The New Kind of Innovator’s Dilemma

Amazon Web Services

Successful companies, while focusing on their current customers' needs, often fail to embrace disruptive technologies and business models. This phenomenon, known as the "Innovator's Dilemma," eventually leads to many companies' downfall and is especially relevant in the fast-paced world of online services. In order to protect its leading position and grow its share of the highly competitive global digital streaming market, Netflix has to continuously increase the pace of innovation by constantly refining recommendation algorithms and adding new product features, while maintaining a high level of service uptime. The Netflix streaming platform consists of hundreds of microservices that are constantly evolving, and even the smallest production change may cause a cascading failure that can bring the entire service down. We face a new kind of Innovator's Dilemma, where product changes may not only disrupt the business model but also cause production outages that deny customers service access. This talk will describe various architectural, operational and organizational changes adopted by Netflix in order to reconcile rapid innovation with service availability.

Building Reactive applications with Akka

Knoldus Inc.

The document discusses building reactive applications using Akka. Akka allows for building applications that are message-driven, elastic, resilient and able to handle failures. It enables building applications as systems of actors that communicate asynchronously by message passing. This model allows the applications to scale horizontally across clusters of machines and to recover from failures through supervision. The document provides examples of how to model parts of an application, such as a flight search service, as actor systems.

Testing with Rspec

rngtng

Evolve your application

Mário Nogueira

The document discusses refactoring a legacy software application called CAM2 to address issues like increasing difficulty developing new features, bugs being reported faster than they could be fixed, and parts of the codebase being over 20 years old. The company decided to refactor by adding automated tests to detect bugs earlier, migrating to a new document persistence system, and splitting the domain code into independent components to improve testability and development. As a result, the number of new bugs reported decreased significantly and the codebase became easier to develop and maintain going forward.

(Ignite) JOURNEY OF CHAOS EXPERIMENT EXECUTION IN PRODUCTION - LEONID HAIMOV,...

DevOpsDays Tel Aviv

DevOps Tooling event Amazic

Bas van Oudenaarde

This document discusses an organization's transition from a mainframe-based architecture to a microservices architecture using agile principles and DevOps practices. It outlines how the organization set up Enterprise Jenkins to orchestrate continuous integration and continuous delivery pipelines for over 80 microservices. Challenges included establishing automated releases, quality gates, and compliance logging for auditing. Next steps involve further containerization, bringing operations teams into development, scaling Jenkins across the organization, and establishing quality controls in Jenkins.

Infrastructure as code

Aakash Singhal

The document discusses infrastructure as code (IaC) and the tool Terraform. IaC allows infrastructure to be provisioned and managed using code and version control. This makes infrastructure reusable, testable, and maintainable. Terraform is an open-source IaC tool that uses declarative configuration files to manage cloud infrastructure in a cloud-agnostic way. It generates execution plans to show exactly what changes will be made before implementing them. This allows infrastructure to be created reproducibly.

BOSE - Josh Steckler - Automating Automation: Build environments, on-demand

DevOps Enterprise Summit

The goal of centralized tools & support teams is to provide the most value for our development and operations customers with the least amount of overhead. One way of optimizing this delivery of value in large enterprise engineering environments is through standardization and automation. Learn how Bose engineers use ElectricFlow to deliver standardized and integrated build environment to teams in a matter of minutes. In this session we’ll cover: • Effective use of a Procedure Library to abstract away complexity and standardize build procedures • Creation and use of a Build Data Management system to handle dependencies between components • Methods for refactoring existing automation to take advantage of advanced ElectricFlow features • Options for enabling shared visibility into the health of all applications and commit pipelines

Sencha Roadshow 2017: Sencha Upgrades - The Good. The Bad. The Ugly - Eva Luc...

Sencha

Infrastructure as Code

Matt Cowger

This document discusses treating infrastructure as code by defining all components needed to run services (e.g. servers, software, configurations, etc.) in text files that can be version controlled, shared, and programmatically deployed to ensure all infrastructure is consistently configured and deployed. Doing so allows for automation, removes inconsistencies between environments, and prevents human errors that can cause outages. Examples are given of firms that experienced major outages due to manual processes and inconsistencies between environments.

From vagrant to production - Mark Eijsermans

Devopsdays

This document discusses the evolution of HootSuite's development and operations processes over several years as the company grew. It begins with a small co-located team that could release to production anytime with low overhead. It progresses to larger distributed teams releasing every 2-4 weeks through a more complicated process. The current process involves 6-10 releases per day through automation and practices like infrastructure as code that allow anyone to deploy. Key steps along the way included adopting Vagrant for development environments, implementing continuous integration and delivery pipelines, and moving to a microservices architecture.

DevOps Fest 2020. Kohsuke Kawaguchi. GitOps, Jenkins X & the Future of CI/CD

DevOps_Fest

CI/CD process has been something your DevOps engineer purpose-built for your team. But with Kubernetes & cloud-native, that’s becoming “legacy.” The rising level of platform abstraction allows all the good practices that the industry has developed over time to be integrated, hidden, and simplified behind just one practice called “GitOps.” That simplified world is what Jenkins X enables. We will discuss GitOps, Jenkins X, and how that combination drastically simplifies cloud-native web app development. You’ll understand why traditional DevOps is not suitable in a Kubernetes and cloud-native world, explore GitOps principles and discover how they facilitate high-velocity app development. And finally, Kohsuke will make a fool of himself by talking about the future — now that Jenkins X simplifies the CD process, where is the next frontier?

The art of system and solution testing

gaoliang641

The document discusses system and solution testing. It provides an example of how unit tests that pass can fail during system testing. It defines system testing as testing at a product level to find bugs not discoverable through feature testing. Solution testing is defined as customer-oriented end-to-end application testing. The document outlines some key differences between feature, system, and solution testing and discusses common bugs found through system testing.

Debugging,Troubleshooting & Monitoring Distributed Web & Cloud Applications a...

Theo Jungeblut

In the past, applications where created as monolithic entities running on a single server. If this is the past for you, too, you will have experienced the downside of modern distributed and cloud applications, as debugging, troubleshooting, and monitoring is not easily accomplished with traditional approaches. Within this session, we will explore different possibilities for collecting and analyzing the needed information to solve issues on modern distributed application and discuss the advantages and disadvantages of each approach like debugger, log files, performance counter and third party solutions. The focus of this session will be on Developer and DevOps need, as increased release cycles and third party dependency more and more result in the need for troubleshooting also on production system, rather than in an isolated test environment. This session requires a solid understanding of distributed applications and knowledge of SOA, but most principles also apply to and can be beneficial for more traditional application design approaches. The used code examples are in .NET but the shown principles generally apply to other languages, too, and shown software is often available for a variety of environments.

What's hot

Dev/Test scenarios in DevOps world

Davide Benvegnù

DockerCon SF 2015: Cultural Change using Docker

Docker, Inc.

Automatic Undo for Cloud Management via AI Planning

Hiroshi Wada

Infrastructure as Code

Leandro Rosa

Siebel Monitoring Tools

Alceu Rodrigues de Freitas Junior

Continuous delivery while minimizing performance risks (dutch web ops meetup)

a32an

Enterprise Beacon Object Hive - Siebel Version Control

Milind Waikul

Andreas Grabner - Performance as Code, Let's Make It a Standard

Neotys_Partner

(SPOT302) Availability: The New Kind of Innovator’s Dilemma

Amazon Web Services

Building Reactive applications with Akka

Knoldus Inc.

Testing with Rspec

rngtng

Evolve your application

Mário Nogueira

(Ignite) JOURNEY OF CHAOS EXPERIMENT EXECUTION IN PRODUCTION - LEONID HAIMOV,...

DevOpsDays Tel Aviv

DevOps Tooling event Amazic

Bas van Oudenaarde

Infrastructure as code

Aakash Singhal

BOSE - Josh Steckler - Automating Automation: Build environments, on-demand

DevOps Enterprise Summit

Sencha Roadshow 2017: Sencha Upgrades - The Good. The Bad. The Ugly - Eva Luc...

Sencha

Infrastructure as Code

Matt Cowger

From vagrant to production - Mark Eijsermans

Devopsdays

DevOps Fest 2020. Kohsuke Kawaguchi. GitOps, Jenkins X & the Future of CI/CD

DevOps_Fest

What's hot (20)

Dev/Test scenarios in DevOps world

DockerCon SF 2015: Cultural Change using Docker

Automatic Undo for Cloud Management via AI Planning

Infrastructure as Code

Siebel Monitoring Tools

Continuous delivery while minimizing performance risks (dutch web ops meetup)

Enterprise Beacon Object Hive - Siebel Version Control

Andreas Grabner - Performance as Code, Let's Make It a Standard

(SPOT302) Availability: The New Kind of Innovator’s Dilemma

Building Reactive applications with Akka

Testing with Rspec

Evolve your application

(Ignite) JOURNEY OF CHAOS EXPERIMENT EXECUTION IN PRODUCTION - LEONID HAIMOV,...

DevOps Tooling event Amazic

Infrastructure as code

BOSE - Josh Steckler - Automating Automation: Build environments, on-demand

Sencha Roadshow 2017: Sencha Upgrades - The Good. The Bad. The Ugly - Eva Luc...

Infrastructure as Code

From vagrant to production - Mark Eijsermans

DevOps Fest 2020. Kohsuke Kawaguchi. GitOps, Jenkins X & the Future of CI/CD

Similar to Shadowing production requests

The art of system and solution testing

gaoliang641

Debugging,Troubleshooting & Monitoring Distributed Web & Cloud Applications a...

Theo Jungeblut

VoltDB and Erlang - Tech planet 2012

Eonblast

VoltDB and Erlang: two very promising beasts, made for the new parallel world, but still lingering in the wings. Not only are they addressing todays challenges but they are using parallel architectures as corner stone of their new and surprising approach to be faster and more productive. What are they good for? Why are we working to team them up? Erlang promises faster implementation, way better maintenance and 4 times shorter code. VoltDB claims to be two orders of magnitude faster than its competitors. The two share many similarities: both are the result of scientific research and designed from scratch to address the new reality of parallel architectures with full force. This talk presents the case for Erlang as server language, where it shines, how it looks, and how to get started. It details Erlang's secret sauce: microprocesses, actors, atoms, immutable variables, message passing and pattern matching. (Note: for a longer version of this treatment of Erlang only see: Why Erlang? http://www.slideshare.net/eonblast/why-erlang-gdc-online-2012) VoltDB's inner workings are explained to understand why it can be so incredibly fast and still better than its NoSQL competitors. The well publicized Node.js benchmark clocking in at 695,000 transactions per second is described and the simple steps to get VoltDB up and running to see the prodigy from up close. Source examples are presented that show Erlang and VoltDB in action. The speaker is creator and maintainer of the Erlang VoltDB driver Erlvolt.

NoSQL and ACID

FoundationDB

Introduction to Aspect Oriented Programming (DDD South West 4.0)

Yan Cui

My Web Performance Dirty Secrets

Fred Beringer

My Web Performance Dirty Secrets Fred wants to come clean and reveal to all his web performance dirty secrets – it's too much burden to bear. He's been guilty of some malpractices in the past and so are a lot of people in the industry! Time to take a stand and reveal it all. Do you want to know why popular websites are struggling when comes the holiday season? Why black magic is so popular in some web performance team? Why your brand new and shiny F5 load balancer can be sometime a real waste of money? Or why third-party can really spoil the … party? Best of all, you will learn that there is something call 'The Cloud' that is about to become your best buddy and will prevent you from keeping … dirty secrets.

Db trends final

Craig Mullins

Trends and issues impacting database management systems circa 2004 included increasing complexity, lack of resources, and rapid changes in technology. New database management system versions were being released frequently with new features enabled for the internet and real-time usage. Emerging technologies like Java, .NET, and XML were becoming more widely adopted and database systems were taking on additional functionality beyond traditional querying and storage. The internet was driving changes requiring database administrators to have new skills to support increasingly complex enterprise infrastructure and applications.

Building FoundationDB

FoundationDB

FoundationDB is a next-generation database that aims to provide high performance transactions at massive scale through a distributed design. It addresses limitations of NoSQL databases by providing a transactional, fault-tolerant foundation using tools like the Flow programming language. FoundationDB has demonstrated high performance that exceeds other NoSQL databases, and provides ease of scaling, building abstractions, and operation through its transactional design and automated partitioning. The goal is to solve challenges of state management so developers can focus on building applications.

Dynamic Service Configuration and Automated Network Configuration with NETCON...

Tail-f Systems

This document discusses dynamic service configuration and automated network configuration using NETCONF and YANG. It summarizes the problem with a lack of standardization in network device configuration historically. NETCONF and YANG are introduced as a solution, with NETCONF providing a protocol for managing network devices and YANG providing a data modeling language. The document argues this approach will improve service quality, reduce costs for provisioning software and operational staff compared to the current proprietary and manual approaches.

Stay productive_while_slicing_up_the_monolith

Markus Eisele

The document discusses strategies for transitioning from monolithic architectures to microservice architectures. It outlines some of the challenges with maintaining large monolithic applications and reasons for modernizing, such as handling more data and needing faster changes. It then covers microservice design principles and best practices, including service decomposition, distributed systems strategies, and reactive design. Finally it introduces Lagom as a framework for building reactive microservices on the JVM and outlines its key components and development environment.

Client Technical Analysis of Legacy Software and Future Replacement

VictorSzoltysek

The client had a legacy PHP codebase for Google Adword integration with a MySQL database that had become monolithic and difficult to modify. They wanted to replace it with a microservices architecture using Groovy, Cassandra, and separate codebases. However, this led to increased complexity, technical debt, and slower performance than the original system. It would have been better to take an incremental approach, keeping the system simple, and deferring optimizations until proven necessary by real metrics and business needs.

What is Reactive programming?

Kevin Webber

Unified Framework for Real Time, Near Real Time and Offline Analysis of Video...

Spark Summit

The document discusses Conviva's Unified Framework (CUF) for analyzing video streaming data in real-time, near real-time, and offline using Spark and Databricks. It summarizes Conviva's platform for measuring video quality of experience across devices and networks. The framework unifies the three analysis stacks onto Spark to share code and insights. Using Databricks improves the offline analysis speed and enables data scientists to independently explore large datasets and build machine learning models.

Closing Keynote

Neo4j

Dr. Jim Webber presented the closing keynote at a conference. He recapped Neo4j's recent releases, including version 3.0 which delivered new graph capabilities. He discussed future hardware trends and how native graph technology provides performance advantages. He also showed how Neo4j can handle workloads at massive scales of over 1 trillion relationships and 1 million writes per second on a single machine. Finally, he outlined Neo4j's new causal clustering architecture in version 3.1 which provides security, scalability, and fault tolerance for enterprise graph applications.

Migrating IBM i Systems to the Cloud: Exploring the Pros and Cons

Precisely

In today's dynamic IT landscape, businesses running IBM Power Systems are continuously seeking ways to optimize their infrastructure and leverage cutting-edge technologies. Migrating IBM i and AIX workloads to the cloud has emerged as a compelling option for many organizations, offering a host of potential benefits. However, it is crucial to carefully weigh the pros and cons of cloud migration before making a decision. In this webinar, we'll delve into the intricate world of IBM i cloud migration, equipping you with the knowledge to make an informed choice. Join us for this webcast to hear about: • The compelling advantages of migrating to the cloud • The potential challenges of migration • Recommended best practices for undertaking a migration

Moving to software-based production workflows and containerisation of media a...

Kieran Kunhya

- OBE is a specialist in software-based media encoders and decoders that has developed a native, high-performance multivendor IP and cloud software stack using agile software practices. - Moving production workflows to software, containers, and the cloud provides benefits like efficient scaling and reduced costs but also challenges around integration, timing, and multi-vendor interoperability that standards groups are working to address. - While some proprietary solutions currently offer elements of cloud production, widespread adoption requires open standards for ground-cloud-cloud-ground workflows and transport to allow for multi-vendor innovation.

SolarWinds Scalability for the Enterprise

SolarWinds

Tools. Techniques. Trouble?

Testplant

Einführung in RavenDB

NETUserGroupBern

Bei all dem Hype rund um NoSQL übersieht man gerne wie viele einsatzbereite Produkte darauf warten unser Entwicklerleben zu vereinfachen. Eines dieser Produkte ist RavenDB, eine dokumentenorientierte Datenbank mit Transaktionsunterstützung. Im Gegensatz zu vielen NoSQL-Lösungen ist RavenDB voll in die .Net-Welt integriert. So kann man seine Abfragen mittels LINQ formulieren und muss nicht auf JavaScript setzen. Die grosse Erfahrung von Oren Eini bei der Optimierung von NHibernate und Entity Framework wurden in RavenDB aufgenommen. So hilft eine frühzeitige Erkennung von Select N+1 Abfragen spätere Probleme in der Produktion zu verhindern. Neben diesen Eigenheiten wird uns Johnny Graber auch zeigen was es alles für Einsatzmöglichkeiten gibt. Die Flexibilität von NoSQL gepaart mit der Einfachheit von RavenDB ist dabei keineswegs nur etwas für grosse Firmen wie Google, Facebook oder Twitter - der nächste Prototyp kann davon genauso gut profitieren.

Patterns and Pains of Migrating Legacy Applications to Kubernetes

QAware GmbH

Open Source Summit 2018, Vancouver (Canada): Talk by Josef Adersberger (@adersberger, CTO at QAware), Michael Frank (Software Architect at QAware) and Robert Bichler (IT Project Manager at Allianz Germany) Abstract: Running applications on Kubernetes can provide a lot of benefits: more dev speed, lower ops costs and a higher elasticity & resiliency in production. Kubernetes is the place to be for cloud-native apps. But what to do if you’ve no shiny new cloud-native apps but a whole bunch of JEE legacy systems? No chance to leverage the advantages of Kubernetes? Yes you can! We’re facing the challenge of migrating hundreds of JEE legacy applications of a German blue chip company onto a Kubernetes cluster within one year. The talk will be about the lessons we've learned - the best practices and pitfalls we've discovered along our way.

Similar to Shadowing production requests (20)

The art of system and solution testing

Debugging,Troubleshooting & Monitoring Distributed Web & Cloud Applications a...

VoltDB and Erlang - Tech planet 2012

NoSQL and ACID

Introduction to Aspect Oriented Programming (DDD South West 4.0)

My Web Performance Dirty Secrets

Db trends final

Building FoundationDB

Dynamic Service Configuration and Automated Network Configuration with NETCON...

Stay productive_while_slicing_up_the_monolith

Client Technical Analysis of Legacy Software and Future Replacement

What is Reactive programming?

Unified Framework for Real Time, Near Real Time and Offline Analysis of Video...

Closing Keynote

Migrating IBM i Systems to the Cloud: Exploring the Pros and Cons

Moving to software-based production workflows and containerisation of media a...

SolarWinds Scalability for the Enterprise

Tools. Techniques. Trouble?

Einführung in RavenDB

Patterns and Pains of Migrating Legacy Applications to Kubernetes

Recently uploaded

Taking AI to the Next Level in Manufacturing.pdf

ssuserfac0301

Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as: 1. How quickly AI is being implemented in manufacturing. 2. Which barriers stand in the way of AI adoption. 3. How data quality and governance form the backbone of AI. 4. Organizational processes and structures that may inhibit effective AI adoption. 6. Ideas and approaches to help build your organization's AI strategy.

AWS Cloud Cost Optimization Presentation.pptx

HarisZaheer8

This presentation provides valuable insights into effective cost-saving techniques on AWS. Learn how to optimize your AWS resources by rightsizing, increasing elasticity, picking the right storage class, and choosing the best pricing model. Additionally, discover essential governance mechanisms to ensure continuous cost efficiency. Whether you are new to AWS or an experienced user, this presentation provides clear and practical tips to help you reduce your cloud costs and get the most out of your budget.

GenAI Pilot Implementation in the organizations

kumardaparthi1024

Driving Business Innovation: Latest Generative AI Advancements & Success Story

Safe Software

Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency. During the hour, we’ll take you through: Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board. Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes. Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI. We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI. This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!

Ocean lotus Threat actors project by John Sitima 2024 (1).pptx

SitimaJohn

Ocean Lotus cyber threat actors represent a sophisticated, persistent, and politically motivated group that poses a significant risk to organizations and individuals in the Southeast Asian region. Their continuous evolution and adaptability underscore the need for robust cybersecurity measures and international cooperation to identify and mitigate the threats posed by such advanced persistent threat groups.

Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...

saastr

GraphRAG for Life Science to increase LLM accuracy

Tomaz Bratanic

UI5 Controls simplified - UI5con2024 presentation

Wouter Lemaire

Serial Arm Control in Real Time Presentation

tolgahangng

WeTestAthens: Postman's AI & Automation Techniques

Postman

Operating System Used by Users in day-to-day life.pptx

Pravash Chandra Das

Dive into the realm of operating systems (OS) with Pravash Chandra Das, a seasoned Digital Forensic Analyst, as your guide. 🚀 This comprehensive presentation illuminates the core concepts, types, and evolution of OS, essential for understanding modern computing landscapes. Beginning with the foundational definition, Das clarifies the pivotal role of OS as system software orchestrating hardware resources, software applications, and user interactions. Through succinct descriptions, he delineates the diverse types of OS, from single-user, single-task environments like early MS-DOS iterations, to multi-user, multi-tasking systems exemplified by modern Linux distributions. Crucial components like the kernel and shell are dissected, highlighting their indispensable functions in resource management and user interface interaction. Das elucidates how the kernel acts as the central nervous system, orchestrating process scheduling, memory allocation, and device management. Meanwhile, the shell serves as the gateway for user commands, bridging the gap between human input and machine execution. 💻 The narrative then shifts to a captivating exploration of prominent desktop OSs, Windows, macOS, and Linux. Windows, with its globally ubiquitous presence and user-friendly interface, emerges as a cornerstone in personal computing history. macOS, lauded for its sleek design and seamless integration with Apple's ecosystem, stands as a beacon of stability and creativity. Linux, an open-source marvel, offers unparalleled flexibility and security, revolutionizing the computing landscape. 🖥️ Moving to the realm of mobile devices, Das unravels the dominance of Android and iOS. Android's open-source ethos fosters a vibrant ecosystem of customization and innovation, while iOS boasts a seamless user experience and robust security infrastructure. Meanwhile, discontinued platforms like Symbian and Palm OS evoke nostalgia for their pioneering roles in the smartphone revolution. The journey concludes with a reflection on the ever-evolving landscape of OS, underscored by the emergence of real-time operating systems (RTOS) and the persistent quest for innovation and efficiency. As technology continues to shape our world, understanding the foundations and evolution of operating systems remains paramount. Join Pravash Chandra Das on this illuminating journey through the heart of computing. 🌟

Generating privacy-protected synthetic data using Secludy and Milvus

Zilliz

During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.

Azure API Management to expose backend services securely

Dinusha Kumarasiri

A Comprehensive Guide to DeFi Development Services in 2024

Intelisync

DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum. In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance. In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape. At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology. Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!

Columbus Data & Analytics Wednesdays - June 2024

Jason Packer

Trusted Execution Environment for Decentralized Process Mining

LucaBarbaro3

Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...

Jeffrey Haguewood

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on integration of Salesforce with Bonterra Impact Management. Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Monitoring and Managing Anomaly Detection on OpenShift.pdf

Tosin Akinosho

Monitoring and Managing Anomaly Detection on OpenShift Overview Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices. Key Topics Covered 1. Introduction to Anomaly Detection - Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems. 2. Understanding Edge (IoT) - Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source. 3. What is ArgoCD? - Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices. 4. Deployment Using ArgoCD for Edge Devices - Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD. 5. Introduction to Apache Kafka and S3 - Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions. 6. Viewing Kafka Messages in the Data Lake - Learn how to view and analyze Kafka messages stored in a data lake for better insights. 7. What is Prometheus? - Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices. 8. Monitoring Application Metrics with Prometheus - Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system. 9. What is Camel K? - Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes. 10. Configuring Camel K Integrations for Data Pipelines - Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow. 11. What is a Jupyter Notebook? - Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text. 12. Jupyter Notebooks with Code Examples - Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.

Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack

shyamraj55

June Patch Tuesday

Ivanti

Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.

Recently uploaded (20)

Taking AI to the Next Level in Manufacturing.pdf

AWS Cloud Cost Optimization Presentation.pptx

GenAI Pilot Implementation in the organizations

Driving Business Innovation: Latest Generative AI Advancements & Success Story

Ocean lotus Threat actors project by John Sitima 2024 (1).pptx

Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...

GraphRAG for Life Science to increase LLM accuracy

UI5 Controls simplified - UI5con2024 presentation

Serial Arm Control in Real Time Presentation

WeTestAthens: Postman's AI & Automation Techniques

Operating System Used by Users in day-to-day life.pptx

Generating privacy-protected synthetic data using Secludy and Milvus

Azure API Management to expose backend services securely

A Comprehensive Guide to DeFi Development Services in 2024

Columbus Data & Analytics Wednesdays - June 2024

Trusted Execution Environment for Decentralized Process Mining

Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...

Monitoring and Managing Anomaly Detection on OpenShift.pdf

Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack

June Patch Tuesday

Shadowing production requests

1. Shadowing production requests JAKA ŠUŠTERŠIČ BACKEND ENGINEER

2. MOST COMMON QUESTIONS BEFORE A DEPLOY • Will the new implemented functionality work? • Will it break any existing functionality? - EVERY BACKEND DEVELOPER

3. ESTABLISHED METHODS OF TESTING • We only test the edge cases we can think of • The number of code paths grows with project complexity • Time and effort

5. YOLO METHODS

6. BLUE GREEN DEPLOYMENTS

7. CANARY DEPLOYMENTS

8. YOLO DRAWBACKS • Requires active monitoring and reverting • Users are still affected by regressions

9. PRODUCTION REQUEST SHADOWING

10. SHADOW PROXY SERVER

11. SHADOWING ADVANTAGES • Users can't be affected by regressions in the new release • We can compare production and shadow response content and performance to catch regressions!

12. SHADOWING ADVANTAGES • Free real world test inputs • Free assertions - know good last version

13. REAL TIME ZERO EFFORT RISK-FREE TESTING WITH PRODUCTION REQUESTS

14. ARCHITECTURE EXAMPLE

15.

16. PROBLEMS

17. DATABASE • Side effects of concurrently processing the same request on two application servers • For better response comparisons we need a shadow DB that has the same data

18. DATABASE SOLUTION • Dynamically mock the database layer (warning, this may be hard) • Writable production read replica in the shadow environment • Re-synced once enough changes happen • Introduces some comparison noise • Good enough™

19. EXTERNAL SERVICES • Sending emails, processing payments, ... • Data integrity • Rate limiting + cost

20.

21. KEEPING STATE ACROSS REQUESTS • CSRF tokens • The user doesn't receive the shadow responses • The production state in invalid in the shadow environment

22. ACTIVE REQUEST EDITING • Find state tokens in shadow responses • Persist tokens in Redis per user IP • Replace tokens in duplicated shadow requests

23. RESPONSE COMPARISON NOISE • Sources of noise • timestamps • RNG • external service data • intended changes

24.

25. DEVELOPER'S VIEW

26.

27.

28.

29.

30.

31.

32.

33. CONCLUSION • Risk free for end users • New releases are subject to real world edge cases • Automatic regression detection • Increased trust in new releases

34. Visit infinum.co or find us on social networks: infinum.co infinumco infinumco infinum Questions?

Editor's Notes

What are the two main questions you ask before you deploy a new release to production? - does the new functionality work? - did the changes break any existing functionality? My talk is gonna focus on helping us gain confidence to answer the second one with a strong no.
What we usually do to gain confidence is to write a bunch of tests of all shapes and sizes. They are great, but they don't get us there the whole way. There's always that lingering feeling of "what did we miss in tests, will this really work in production?"In essence we are the limiting factor when it comes to tests. We only test the edge cases we can think of, theres a lot of them and testing all possibilities takes too much time and effort. So what can we do?
Test code in production! This seems funny at first but is the core principle of the most well known methods of deployment.
I call these YOLO methods. We push a release to production even though it may have regressions. We don't care about that too much because we are sure we can catch them in time and revert to the previous version
The first of these methods is blue green deployments. It consists of a pair of production like environments, with the production one containing the current production release and the other one containing the next release. The central router routes all user requests to the new release. In case we detect some regressions/ increased error rates we just reroute everyone back to the old production release.
Canary deployment are very similar, but differ in the fact that we only send a small portion of users to the new release.
Both of these methods work to a degree, but they have some drawbacks. We need a monkey/developer to observe the behaviour of the releases and revert back to the old version.Whats even worse is that these methods still allow users to experience regressions. They just limit the exposure to a percentage of users or a time period.Bummer
Production request shadowing is a method that aims at solving these problems. It's not very widely used, I only found mentions in some Amazon patents and Twitter/Cookpad talks.
The core idea of shadowing is that user requests are fed through the shadow proxy server and duplicated to both a production environment and a shadow environment which contains the new release. Both application server process the same request and then return the answer to the shadow proxy server. The user is then sent only the production response.
It's a simple idea, but it brings a lot to the table. Because users only see production responses they can't be affected by regressions in the new release.More importantly we can compare production and shadow content and performance to catch regressions!
We get free real world test inputs from users in production AND free assertions. If the new release response is not the same as the production one we classify it as a regression.
This equates to real time, zero effort, risk-free testing with production requests.
So everything up until now was theoretical, now we'll look at the example I implemented for my thesis. Lets start with the architecture
This looks a bit more complicated than the last picture. We have a bunch of application servers, 2 in the production environment and 1 in the shadow environment. They are using corresponding separate databases. The main 2 components that I implemented were the shadow proxy server and the command & control application.User requests flow as follows: the HTTP server forwards them to either the production environment or to the shadow proxy server. That in turn duplicates them to a production and shadow app instance with the new release. The results are then stored in Redis for comparison by the command & control application. The user then gets sent just the production response
As with anything once you start looking closer a bunch of issues start popping up.
The biggest one is related to the database. Concurrently processing the same user request on two application servers can lead to some unexpected behaviour. Imagine trying to process a requests that wants to delete a record. The faster of the two servers would fire an SQL query and succeed while the second one would return an error as the record wouldn't exist anymore. Same with uniqueness validations. The responses would differ too much To achieve the best response comparison we would want the underlaying production and shadow databases to be separate BIT-BY-BIT copies of each other at all times.
The correct way to do this would be to dynamically mock the database layer in the shadow environment, but that is pretty hard. Twitter supposedly did it. The easier but less correct way I chose was to introduce a writable production read replica using bucardo. This means that the 2 databases are the same most of the time but the shadow one can deviate to a certain degree. Once it deviates too much we re-sync it back with production to improve response comparisons. Having this deviation does introduce some comparison noise but allows us to have a much simpler infrastructure, all we need is another DB.
The next problem is external services. There are certain types of requests we don't want to duplicate - sending emails to clients, processing payment data.. We could also run into rate limiting or high costs by just duplicating external service calls
The solution for this is quite simple - Environment flags. We need to identify and mock all the external service calls in the shadow environment.
Another issue we would quickly run into especially if we render views is keeping state across multiple requests. This can occur for example with CSRF tokens. Because the user only receives the production response and included token, all the consequent requests that he sends to the shadow environment will be invalid.
To solve this we need to actively edit user requests. We need to search for state tokens in the shadow responses, store them per user IP in redis and replace them in the duplicated shadow request.
So once we solve all of those technical problems there comes the biggest usability issue. In a perfect world a request being processed by 2 application servers at the same time with the same release would always return the same response. Sadly this is not true as there are many sources of noise in the responses. A few examples of these are timestamps, values dictated by random number generators, external service data and all the intended changes we made in the new release.
To combat this I implemented global and per-endpoint comparison rules. By default all response changes result in a negative score. Using a regex expression we can catch the part of the data that changes and set it a neutral score modifier. In this example we'r ignoring the CSRF token in the meta tag

Shadowing production requests

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Shadowing production requests

Similar to Shadowing production requests (20)

Recently uploaded

Recently uploaded (20)

Shadowing production requests

Editor's Notes