ShipTalk

Site Reliability Engineering 101 - Bob Strecansky - MailChimp

November 03, 2020 Bob Strecansky Season 1 Episode 0
ShipTalk
Site Reliability Engineering 101 - Bob Strecansky - MailChimp
Show Notes Transcript

In this episode, we talk to Bob Strecansky who is a Staff SRE at MailChimp. A packed podcast about all things Site Reliability Engineering (SRE). Learn about how to become an SRE, the rise of blameless culture, a clear definition of black-box vs white-box approaches, and much more!

Ravi Lachhman:

Well, Hi everybody, my name is Ravi Lachhman. And today on this episode of Ship Talk, I'm really happy to be having one of my buddies here, Bob Strecansky who is a Staff SRE at a company called MailChimp. thanks for being on.

Bob Strecansky:

Hey, Ravi, thanks for having me. Excited to be here. Absolutely.

Ravi Lachhman:

Iactually learned a lot from Bob. You know, it's Bob and I a little bit history I use Bob I used to work together years ago, and then our kind of careers took took us to different places. But I always keep running into Bob and SRE related event. So a lot of my learnings in Reliability Engineering actually comes from Bob, you know, he has he's very well grounded in the profession. But today, we're going to be talking about if you don't know what an SRE even is. Site Reliability Engineering, well, let's talk about what is reliability? Why is it important? What do these SREs do? How can you become an SRE? And anything in between that? So, Bob, let me ask you the first question, like what and how? How would you define Site Reliability Engineering, or maybe some of the lead up to like how SREs became popular today?

Bob Strecansky:

Sure, I'm happy to talk about that. So Site Reliability Engineering was an idiom defined by Google a couple years ago. And essentially what they did is they took a lot of the toil or like repeatable, boring work that just like war on engineers, and they put software engineers into positions that are class that were classically to find a system or systems roles. So to give you a little background on that, many years ago, when you would have a large scale website or a web app, or whatever you would have, you'd have individual servers that were artisanally crafted. So you would, you would install the operating system by hand, you would add Apache and PHP and all sorts of other packages like this. And then each server was individual we got we often call them pets. So like in this particular idiom. So after a while, we realized that this wasn't tenable for for a number of reasons, like creating new servers is a process and it takes up a lot of time. And then keeping all these servers up to date, and making sure that they're on track for whatever you need them for is bad. So things like Puppet and Chef and Ansible started coming out where we can automate server platforms. Next, we came out with all sorts of other things like mezzos, and Kubernetes. That allows that allow us to do more infrastructures code. So this all ties into Site Reliability Engineering, because Site Reliability engineers tend to put put code on paper for things that used to be manual 12 some tasks. So the primary goal of a certain liability engineer is to automate away toil and to make a much better experience for the developers that work on your product.

Ravi Lachhman:

Yeah, that makes makes perfect sense. It's kind of a natural evolution of like, and you like just like, keep the listeners, like Bob made a very important point there. I always like to talk about engineering burdens, the back of the day, you know, back in my day, it used to be like a one engineer to maybe like 10 server ratio, right? Like, yeah, one engineer can, you know, maintain 10 servers, right? And that's asinine to think about today. But that time wasn't that long ago, because you have to go manually patch things, manually update things. And, you know, if you have to update the version of like something in the operating system match how long it took you on your Windows laptop, just one of them right? Now you do, what if I had 10? Yeah, like, that's how long stuff to like, versus today, if we're dealing with Bob mentioned a few containerization technologies like Kubernetes, or mezzos. And so we're dealing 10s of thousands or hundreds of thousands to one engineer. And so like, the approach that you have to take at scale is quite different. And this is where the, I love what you said about artisanally crafted, I thought of a beer when you said artist of a craft beer versus, you know, a keg of like PBR, right, like which one, but both are both are good and their use cases, right? But that's, that's hit the nail on the head, like, hey, just because the nature of the beast nature that the firepower that we did, the focus is a little bit different, you know, kind of the approach, it is a much more software engineering based approach. Actually, I stole that for Bob, a while ago. He said, it's a beautifully like, Ah, you know, it's like software engineers facing system engineering problems. And I think a natural question for our listeners might be well, Bob, a lot of what you said was like, sounds like a DevOps engineer helping out the engineers. But let's talk about somewhat of like, your specific skills, your specific skill set more around reliability, and then we could talk about how you got there because like, I, if I was still engineer, I would want to be an SRE, like, if I assume engineering, so, but let's talk about some specific skills that essary like brings to the table. Let's say I was an app owner. I had Ravi's Application It's like, okay, you have enough traffic now. So you can essary like what would be something some Bob would talk to me about.

Bob Strecansky:

So SREs is very frequently defined differently at many different companies. The way that my company MailChimp, handles Site Reliability Engineering is we help to enable the developers continue their momentum with feature sets. And very frequently, this is done with something called the service level indicator and objective pattern. If you're curious about reading more about those, we wrote a podcast for the deliver better website that you can read about us SLIs and SLOs

Ravi Lachhman:

is really good. Yeah, I learned a lot.

Bob Strecansky:

Thanks but to wrap it all up into a nice neat bow is Service Level Indicators indicate the current state of a service and service level objectives or goals that you want to set for the service that you're working on. These both tie up into something called an SLA, which you may or may not be familiar with. That is normally the agreement, the service level agreement that you give to your customer. So like, very frequently, people in software engineering will say, Oh, I expect 99.9% uptime for this, or I expect to have very few errors, expect to have a good experience with duration. So these things are all measured and quantified and put into monitoring patterns so that developers can can continue momentum until they recognize Oh, I need to be careful, because the service level indicator that I have for my product isn't up to snuff. And the objective that we set isn't being met. So I need to slow down my, my product velocity and ensure that we're giving our customers the best experience possible.

Ravi Lachhman:

Yeah, that makes perfect sense. I think a lot of times like what like, like, so to bring in an expert like Bob, right, like, I'll play devil's advocate used to be an active manager, or app owner, you know, we would focus a lot on the SLA, like, we had the API, and we had to have a 500 millisecond response time, or at least some sort of response. Right. But that's it like as, as we get more sophisticated, you know, I only had a few endpoints, so it was like, okay, and everything. But as we get more complicated, yeah, we have to have other ways to track right. So like SLI is so close, you're leading up to the ultimate SLA like subdividing things. So that's, that's perfect, helping, and I actually, that was the first time I ever heard that explanation of an SLA. Usually they're there, you know, it's it being developer focus that I like that type of championship, right? Like, Hey, your partners, sometimes you need to focus on are you your future velocity too fast? versus are we doing quality work, or technical debt work to make sure that we're making at least maintaining our mission? That's, that's actually a really solid, a really solid definition of it.

Bob Strecansky:

So maybe for, okay, so that, yeah, that's how Google has this with their, with their SREs, they say, Okay, well, we'll be happy to have an essary work on your product with you. But we have to set the Service Level Indicators and objectives to make sure that we're reaching our goals. Very frequently, it's so simple as a software engineer to go, Oh, I just want to implement this additional feature, oh, I just want to add this, this new pinwheel, or I just want to add this letter, the next thing, but what you have to remember is, as the web continues to scale, both horizontally and vertically, you need to ensure that your service has the ability to run first, and then second, run at a rate that's acceptable to your customers, if you start getting page load times that are 10 or 20 seconds, customers are gonna lead you leave your site, if you start spewing out a lot of errors, customers aren't going to want to come back and they're going to lose faith in your service. So you have to balance product momentum and stability. And that's what, that's the that's right in the Site Reliability engineers wheelhouse.

Ravi Lachhman:

Yes, that's pretty awesome. I mean, I'm excited about essary, you know, not want to be one again. But for some of the listeners, you know, who like maybe dipping their toes into, like, you know, I have a long term goal of being an SLA. But most like about your journey, Bob, like, if, let's say, I was fresh out of like, school, you know, what would you tell me about? I want to be more like, Bob, how can you give me some coaching on that, Bob?

Bob Strecansky:

That's a good question. Ravi. So right out of school, engineers are usually trained in a different manner than what happens in quote unquote, the real world, right? For sure. We learn about it, you learn about data structures and algorithms, you might learn a couple different programming languages, you might learn memory management, or CPU utilization, or you know, whatever. But when you get into industry, you start recognizing, like, okay, all of these, of these things that we learned in computer science classes are important and it's important to understand how they work, but we also need to make sure that we have the ability to implement In these programming languages and these idioms on actual computers to serve actual customers, so the thing that I would tell a new software engineer that wants to move towards essary, is make sure that you're monitoring everything. When you push out a new feature, make sure you're understanding how the deployment process works, make sure you understand how to monitor for errors and duration and request count and things like that. There is a very famous paper by Tom Wilkie about red metrics, requests, errors and duration, that's a really great way to understand, like the importance of of monitoring those three things, the request rate, the error level and the duration count. And so I think that that's the most important thing, like understand how to implement a logging pipeline properly and understand how to set alerts for when things aren't working, as you expect. And that's like, that's a very large step towards being an essary.

Ravi Lachhman:

Yeah, that's, that's awesome. I think, in my software engineering career, a lot of what you just mentioned, there was usually like an afterthought, right? So like, it used to be an afterthought, right? Okay, we need some sort of alerting. So like, right, we're about to deploy new features, like, yeah, I think if we violate, like, some egregious SLA, you know, let's, let's alert to send it to like some sort of knock or something and alert to it. Versus like, it actually becomes very much at the forefront. If you look at what happened in the last five years, right? That afterthought has become the forefront like, Hey, you need to understand how to measure your application when you're building it. And a lot of times that expertise is not what they teach you in school. It's not what they teach you when developing software, it's usually like ah lets includes some log statement. That's usually what I would do, right? Yeah, listen, log it here, then we'll turn the verbosity off if you do anything, but you know, there's there's definitely a science to it, because you can impact a lot. Like the common, the common argument around turning logging up is that it takes a lot of horsepower to log something. And so there's, you know, Bob definitely dissect the science of like, what, like, when do you do certain things? How do you measure certain things? And this leads me to, so I'll jump ahead to a board vents. That's the topic. And so when you start talking to like, SREs, and let's say they're trying to engage like the resilience of the system, Bob, there's a there's a term called Black Box versus white box monitoring. So why don't we talk about in generic terms, what is a blackbox? What is a lightbox? And how does that change your approach? What do you what do you just do do anything?

Bob Strecansky:

Got it. So blackbox monitoring, is monitoring where you act as the end user, you don't have the ability to see inside the distributed system that you're attempting to monitor. And then blackbox monitoring is just like a, you can think of it as like a clear cube, you can see all the different pieces of the puzzle that makes up a request to the application that you're serving. These are both very important for monitoring the resiliency of a system. blackbox monitoring is very important because it gives you empathy into the into how the end user sees your application. You can say this, this particular endpoint takes, like, as Ravi mentioned, like 200, or 500, or 1000 milliseconds to, to report back, then you go, oh, wow, that's way too long for this particular API endpoint, or that's way too long for this admin portal, or that's way too long for this. XYZ. Same thing with errors. Same thing with request rate, like, you know, actually, I guess, request weight rate wouldn't really fit into that. But duration areas are certainly very important for blackbox monitoring, for white box monitoring, that gives you the ability to look at all the different pieces of the request, right? Like, you may be making a request to an app server, or database, or a key value store or some other distributed piece of technology that gives you the answer that you need, so that you can respond to the client correctly. Being able to see all the different pieces of that distributed system helps you to determine where a problem might be arising. blackbox monitoring is really great to catch egregious errors and large scale things. Like facts. Monitoring is also often completed from outside of your infrastructure. This is very important. Because if you have blackbox monitoring inside of your distributed system, your distributed system could fail. And then your monitoring for your distributed system will fail, which which puts you in a very, very bad place.

Ravi Lachhman:

Don't monitor the system you're monitoring with the system, right?

Bob Strecansky:

Yeah. It makes somebody Inception stuff, right. Yeah. Yeah. blackbox monitoring is important to build that empathy and to understand where your where your system is failing from a customer perspective. white box monitoring is more for understanding where in what part of the chain is broken in your request flow.

Ravi Lachhman:

That's an awesome explanation. I think Like that this this cheating, like, you know, any sort of SRE event I go to, there's always some sort of talk about that right? Like, Hey, what do you have control over? versus what you don't have control over? Like, just what, that's actually more ornate way? It's actually a very good way. First of all I heard usually it's like blackbox imagine it's like a piece of packaged software like Siebel, you know, like you don't own it, right? If you don't like it's up to the vendor, like, you know, to kind of tell you how to more what are they monitoring for versus an application? Let's say, Ravi, Inc. Ravi's what's for lunch application, like, I wrote it. So I have complete control over all the calls. And so we know how to, like we can have different ways of instrument and you have different ways of measuring it, versus like, you know, Thou shalt not touch this java file, this JAR inside of Siebel, right, like, Oracle will come find you. But that's it very, very interesting way, I think, what would be also a very intrinsic question. Um, and this is always great to hear how essary would answer this question. You know, like, it's about technology choice. Like, if, let's say, we want to look at a new technology. Everybody has a different answer, like, Oh, you know, feeds and speeds. This is a new, cool, hot, shiny penny. But as an essary, let's say we were I'm very curious about this these days to like, if we were investigating any new technology, like, hey, I want to say I work at MailChimp. Like Bob, I want to leverage, you know, the Kubernetes. You might be using it there. But like I say, I'm the first team to do it. Like, I must have two of them. Because I read an article, it's the latest and greatest, like, what would be some of your decision criteria? Like if you're like, advising people, just any sort of new technology? Like, like, what would be your train of thought for that?

Bob Strecansky:

So an ex coworker of mine, Dan McKinley wrote a great article, it's called choose choose boring technology, which, as a software engineer isn't very fun or exciting, right? That's true. Everybody wants to use the new cool piece of software. And everybody just always assumes, oh, you know, this, this new JavaScript framework, or this new Kubernetes thing, or this new logging pipeline, or this new pub sub q or whatever, you know, whatever the new technology here, these are all the new

Ravi Lachhman:

technologies. Yeah, you must read. You read the InfoQ sir, I see.

Bob Strecansky:

hackaday. I've been on Hacker News before. But what you have to remember is, at the end of the day, all of us are that are working in the software field or getting paid to deliver some product to some customer, whether it be b2b, b2c, internal developer tooling, doesn't really matter. We are all working to deliver software for somebody else. And this is important to remember, because you have the if you have the choice, if you make the choice to choose boring software, or only spend your we call them innovation tokens. So like a new project should have one innovation token. If you only spend your innovation tokens on something that's going to help the business, then you have the ability to still iterate and choose new technology that will be fruitful for the project that you're working on. And it allows you to slowly iterate into new software, rather than just like diving in the deep end and then floundering around for a while trying to make sure that all of this that you understand all this new software, if you implement new pieces of software slowly and methodically, with good logging, monitoring, alerting, documentation, rules, rollout strategy, all of these things, then you can slowly input introduce these new bits of technology in a meaningful way, rather than just rushing in and shoving them all in

Ravi Lachhman:

That was lik the most insightful piece of dvice I probably heard in the last year. Right. Like, it' , it's a it's actually very, ver artistic, you know, like, how do you bring about change? Don t forget the fundamentals. Rig t. I was thinking in the bac of my head, let's say I was sta ting a new project today. So I w nt to be using sto and Kafka and Kubernetes and I need to hav those. I'm FluentD like I want to I want my resume to be like jam packed. You know, like when I'm done and something that Bob nd I had side conversations on t e outside the podcast be, don' be troubleshooting on the blee ing edge. Imagine I came up with a minimum viable product usin Kafka Kubernetes, let's say ven some sort of serverless like Kay native, I'm using all the uzzwords, I have the buzz ord app, or platform, you know, troubleshooting something on the bleeding edge. It's like you when using something one technology, even it compounds itself, using more than one technology that's on the bleeding edge. A lot of those operational fundamentals might not be there. Like there's still people bickering about how to what's the best way to trace and metric on a distributed containerized workload, right. So like, we can sit here and talk for like an hour on that right but like That's right. Like introducing one piece at a time, like once you get the fundamentals right, like, Hey, this is the minimum standard of an app. So yeah, like very, very beautifully said there, Bob. incremental success builds succe

Bob Strecansky:

as the owner of a as the owner of opentelemetry. php, I can tell you that a distributed tracing system is not easy ever.

Ravi Lachhman:

Yeah, well, yeah, you do. You do have a new package out there. Maybe you want to talk about a minute like, Hey, what's your open telemetry PHP package like Bob has? is bringing open telemetry? Actually, you're an author, too. Let's plug Bob a little bit, Bob. I got. It's over in the corner, though. I need to get you to sign it next time I come visit you. Yes.

Bob Strecansky:

Yeah, post post COVID. book signings.

Ravi Lachhman:

I want you to write a letter.

Bob Strecansky:

Yeah, so I wrote a book. It's called handles on high performance with the go, it's available on Amazon and packt Publishing websites. It's it talks about how to implement go Lang effectively in your distributed systems. And I'm currently working on the open telemetry project, which is a distributed tracing library, I am slowly and surely working with others to build the PHP version of this library, and contributors are welcome. Open telemetry is a new age tracing library that allows people to trace across distributed systems in a meaningful way and post the records to tracing aggregators that can help you determine where there is a fault in your system, sort of like the white box monitoring that we were talking about earlier in the podcast.

Ravi Lachhman:

Awesome. Yeah, be sure to check out like the openSUSE monitor PHP, or like, paste the link to like Bob's book, I, I got a copy of it. I'm learning a lot about go. That's what we go for in Hollywood gophers needs.

Bob Strecansky:

I'm glad that you brought that up, Ravi, b cause one of the really nice t ings in distributed systems n w is these companies are s arting to distribute more v sible binaries. So for I'm g ing to use your gr example t at we were talking about. Y ah, like, so. Ravi was tal ing about Siebel, which is an a counting software that is that t at's Oracle. Right.

Ravi Lachhman:

Yeah, that's Oracle. Yeah, it's like a, it's like a financial and like customer service, like, like CRM software, but yeah,

Bob Strecansky:

So, previous y, Siebel would be a complete black box to Ravi, right? L ke, you run that jar, and then maybe it'll give you some log ing output if you're lucky. A d you just have to hope that the the Java, the Java, virtual nvironment doesn't explode nd spew bits everywhe e. Now, one of the big Site Rel ability Engineering paradigm that's been very warmly w lcomed, is having somethin called an exporter that goe along with your, your particul r, binary or service or whatever And the exporter exposes ome of the internal metrics or a binary or a service r so on and so forth. And you an use services like Promethe s to view the those exports nd determine what to do with you closed system. It's there, t is idea of an exporter and usin something like a time series, ut like for me, yes. It's rea ly it's a really nice way to m nitor a historically seen as lackbox monitor. Yeah, blackbox system.

Ravi Lachhman:

That makes a lot of like, there's only a huge rise in that. Yeah, if folks are like seeing, like, you know, going back to Hacker News and info q like words like promethease, FluentD StatsD, yo r, you know, like, all these pa ticular like CNCF projects t at are out there, there's kind o like a meteoric rise in that. A d it shows that, hey, there's d fferent ways of thinking about m nitoring different ways of c pturing metrics. So that e porter examples actually a g eat one, because you're spot o , like, if the JVM crashed? No S l. So not a lot, right? Like I w uld what, you'll get a, you m ght get a crash report from t e JVM, but that's it, like the m trics will stop at some point v rsus having some sort of s decar process. Like, it's b sically introducing like s ftware engineering excellence i to problems that were always a afterthought, right? Like, if y u and I sat down and we said, l ke, take it back like a decade a o, like Bob, like, actually, we might have been in the same te m. So it was a team. You know, we if instead of being an afterthought, we put it to like a fourth thought saying, We must make sure that we get metrics, even in case of a crash, we would we would organize our logging or organize the processes that produce that in a different format, which would max to export it to today, right? So like, it's been a lot of catch up, but there's a lot of emphasis on being more proactive versus reactive, right. So as these SL A's become more tight, you know, require uptime, it's definitely a shift to becoming from becoming reactive. I need to wait There's a problem versus, okay, we can like kind of like foresee that there's a problem, I'm giving you a slight plug of like how a consumer expectation is just like, we expect things to be up all the time, right? So you just have to be proactive, funny story. You know, for the owner better, we actually use Bob's company MailChimp to manage our contact list. If for some odd reason, like, what what especially like, last week, I think, Bob, I couldn't log into MailChimp. And I was like, what, like, I know exactly who I should go. Talk to evolves like, Yeah, I got the on call alert for your particular record. It was you, Ravi. Oh, that's pretty funny with him that the problems like resolve, like, you know, with very, very quickly, and I was like, Hey, I can just try like a different link written word about it. But that was amazing, right? Like the amount of proactiveness that you know that some still that like MailChimp, chose the essary discipline is super strong. Like, you're able to capture that I had a problem before, like, within like, milliseconds of me even knowing I had a problem. Like, what does that culture take off like that? That's the basic stuff.

Bob Strecansky:

So this is that's a great, that's a great lead in Ravi. I think this t es back to our service level i dicators and objectives. I a tually am disappointed in that i cident, because of the way t at you experience downtime. B t I am proud of the fact that w were able to quickly r mediate the problem you had t at. So having these metrics l ke we were just talking about, i 's sort of all ties together. N w. Having exporters' export m trics, and being able to m nitor them over a long time g ves us the ability to see t ends, right. So in your p rticular case, like one server j st started trending upward in C U and disk utilization. And as w as we caught that, we noticed t at it was getting to a point w ere it was where it needed to b fixed immediately. So it was f xed immediately. But we a tually set an alert based on t at trend. So the next time we s art seeing that slow, slow S c rve up, we can start going up, m ybe we need to restart the s rvice or rate limit some e regious API users or do some, y u know, shed some load that t at may or may not need to be s ed, right, like bot traffic o , or malicious people making r quests or so on and so forth. S load prioritization is always s per important. And the more t at we can have visible insight i to our systems, the faster we c n react to these, these p rticular incidents, it's b tter than the yesteryear of O , man, are patchy instances a e completely smoke, let's r start them all.

Ravi Lachhman:

The problem, please fix the problem

Bob Strecansky:

of Kubernetes to do that restart for us.

Ravi Lachhman:

Yeah. And we'll put that readiness probe to like one second later. Thank you. I think so like kind of, like, you know, I think get into last, like 25% of our podcast, we can talk about some intrinsic stuff. And like, Bob was like super stealler. Just like, hey, like this is the profession, and thi is how we move forward. I wan to talk about blameless cultur for a second. So like, definitely got blamed for a lo of problems. Like I kind o missed the blameless cultur portion of it. I was part of th blame culture. I don't know, Bo remembers my my severe inciden I had in our company, w together, I had to go to like tribunal and explain the outage right? Like, you know, it there's always like, what, wha was the root cause of this? Wh don't we talk? So one of th things that if you if you'r dealing with SREs, you're alway brought in at the worst. Like there's this romantic idea tha you're firefighting all th time. And that's supe stressful, like, no one coul survive, like, you know, what every time they're brought i the metrics are red, and like we immediately have to make revenue decision. But but a lo of stuff that Bob and his tea does. Bob is more of a senior like a more of a staff like h recently got promotion congratulations, like you'r helping for the thought o SRE is that for now? It's m re being proactive. But let's t lk about in that firefight, t e incident like, can you tell u a little bit or tell the v ewers or listeners a little b t about blameless culture, l ke, there's no root cause? And t at's very true. It's c mplicated. What what is what d es that mean? There's no root c use for blameless culture.

Bob Strecansky:

Sure. So blameless culture is an idiom that says, hey, don't blame this particular person for an incident that might have occurred to, you know, I'll use myself as an example because that's an easy one. Like, let's just say I'm clacking away, and I accidentally push code that does 1000 requests a second instead of 10. And I take down a service. So that's bad. It's very bad. And, you know, there could be business impacts for this. There could be emotional toil aspects of this. There could be all sorts of Other things. So classically, in a software engineering setting, I would get blamed very hard for this, like, Bob, why did you do this? Why didn't you test this better? Why didn't you, you know, x y,

Ravi Lachhman:

Yeah

Bob Strecansky:

Yeah, Bob! But what we, what we have to remember is that blame doesn't really help anything, it just gives the software engineer more strife. And it makes them less likely to perform actions that are going to better the company. So a blameless, blameless culture or is very important in software engineering these days to drive things forward. Very frequently, when we have incidents that at MailChimp, we do something called a post mortem. So we go back, and we discuss all the things that happened, leading up to the incident in order for the incident to happen. And we always do blameless post mortems. So rather than saying, Bob pushed out the code that made 1000 requests happened per second, rather than 10. We say, an engineer made this made a push for 1000 requests happen rather than a second. And that small, small change in words makes a big difference. It doesn't blame Bob for the incident that he caused. It allows people to be more objective about how to fix the problem. People aren't saying, oh, man, Bob broke this again, really, they're saying, it starts to help us to realize like, Okay, well, maybe we should make a check in our continuous integration software that says, Oh, you should, there's no reason we should ever be making 1000 requests a second in this particular for this particular call, we should all we should limit it to 100. And we should have, we should throw back an error in our continuous integration when, when somebody makes an egregious call like this in their software.

Ravi Lachhman:

That's huge. Yeah.

Bob Strecansky:

So having blame, having blameless culture allows you to be a little bit more innovative. And it allows engineers to be a little happier.

Ravi Lachhman:

It really like I really believe that right? Like, you know, it helps you build more resilient and robust systems to prevent problems, because it's one thing like, yeah, Bob for that. So like, you will think like, Oh, that's never gonna happen. Again, we need to blame Bob. And so that situation, you know, only Bob would cause that versus like, if you say an engineer did it, it could happen to anybody. So you're more like in tuned in a generic approach to take a more generic protection, right? Like, we're not just going to call off Bob's, like get access, you know, that would be the ultimate protection. But it's like, you take a more generic approach saying this can happen to anybody. And let's make it better for everybody like that, that was actually very specific to like, Blip, blameless culture. It's very funny, like, you know, those, those post mortems are so important. in Agile Software, there's a concept called retrospective or retro. So it's just bringing that like, it's bringing software engineering rigor into an incident, right? Like, hey, we were engineers. Why did our engineering discipline stop at the incident? Like, it goes out the window, sometimes it's like fight or flight, right? Like, blah, blah, to keep our job, blah, blah, you know, this person did that. Like having that like that level of discipline? Like you had discipline through 99% of the sdlc? Why did that 1% stop? Why did pandemonium occur? You know, and I think that's, that's very critical for blameless culture. Very funny aside, I was teaching a class Tuesday night. So we had about 30 users like so for a harness, like God, we're a continuous delivery platform. So I had about 30 users in like Singapore and Australia. Like we're showing them how to like validate deployments with Prometheus on a Kubernetes cluster. And so I was just like, as guinea pigs, I was like, I want to see how much like firepower, like, I want to make a smaller cluster because I had a very large Eks cluster. And I thought that I opened up another terminal window. And instead of running like a top command on the nodes, I actually ran the Delete command at Eks CTL. And it took the cluster down. So clearly, I wasn't one to blame, because everyone saw it on the like, you can see it on the screen recording like I'm like, Well, I guess class is over now. Because the cluster there's no post mortem on that one. It's just like Ravi. Ravi, an engineer did that. Y ah. I like it. I want to see a engineer. Track. Yes. Yeah. S like in the last couple a c uple of minutes. While we're w apping up. I always like to e d on like this one question. L ke, Bob, if you met Bob, you k ow, 15 years ago. What is like o e piece of advice? You know, J e and Bob coming out of his g aduate degree program at C emson. Like what would you t ll Bob

Bob Strecansky:

Go tigers, Go Ti ers. Now I tell I would tell young Bob to be brief. Make make changes that are going to help your business Don't worry about the Don't worry about resume as a service like don't care. Don't really don't try and implement the the new shiny thing just because it's a new shiny thing. be pragmatic in your delivery of new bits of software

Ravi Lachhman:

Not like

Bob Strecansky:

You should always have some sort of monitoring tab open whenever you're deploying new best bits of software. Look for your errors quickly. People don't mind if you make mistake mistakes if you remediate them quickly, and be confident in your delivery and make sure that you measure twice and cut once.

Ravi Lachhman:

That's awesome, Bob. Well, thank you so much for being on the podcast like very pragmatic advice. You know, definitely Bob. Bob is very skillful in the profession. You can catch Bob at local events and national events around sov work. And yeah, you know, just thank you so much for being on the podcast today, Bob.

Bob Strecansky:

Thanks for having me around.

Ravi Lachhman:

Cheers.