undefined | Better HN

0 pointsmcphage8mo ago0 comments

It shouldn’t, but it does. As a civilization, we’ve eliminated resilience wherever we could, because it’s more cost-effective. Resilience is expensive. So everything is resting on a giant pile of single point of failures.

Maybe this is the event to get everyone off of piling everything onto us-east-1 and hoping for the best, but the last few outages didn’t, so I don’t expect this one to, either.

0 comments

11 comments · 5 top-level

foinker8mo ago· 2 in thread

No shot that happens until an outage breaks at least an entire workday in the US timezones. The only complaint I personally heard was from someone who couldn't load reddit on the train to work.

geodel8mo ago

Well by the time it really happens for a whole day Amazon leadership will be brazen enough to say "OK, enough of this my site is down, we will call back once systems are up so don't bother for a while". Also maybe responsible human engineers would fired by then and AI can be infinitely patient while working through insolvable issues.

BeFlatXIII8mo ago

No complaints from folks who couldn’t load reddit at work?

1 more reply

mschuster918mo ago· 1 in thread

> Maybe this is the event to get everyone off of piling everything onto us-east-1 and hoping for the best, but the last few outages didn’t, so I don’t expect this one to, either.

Doesn't help either. us-east-1 hosts the internal control plane of AWS and a bunch of stuff is only available in us-east-1 at all - most importantly, Cloudfront, AWS ACM for Cloudfront and parts of IAM.

And the last is the one true big problem. When IAM has a sniffle, everything else collapses because literally everything else depends on IAM. If I were to guess IAM probably handles millions if not billions of requests a second because every action on every AWS service causes at least one request to IAM.

TheNewsIsHere8mo ago

The last re:Invent presentation I saw from one of the principals working on IAM quoted 500 million requests per second. I expect that’s because IAM also underpins everything inside AWS, too.

1 more reply

2d8a875f-39a2-48mo ago· 1 in thread

> we’ve eliminated resilience wherever we could, because it’s more cost-effective. Resilience is expensive.

You are right. But alas, a peek at the AMZN stock ticker suggests that the market doesn't really value resilience that much.

Cthulhu_8mo ago

Stocks stopped being indicative of anything decades ago though.

Trasmatta8mo ago· 1 in thread

The irony is that true resilience is very complex, and complexity can be a major source of outages in and of itself

lanstin8mo ago

I have enjoyed this paper on such dynamics: https://sigops.org/s/conferences/hotos/2021/papers/hotos21-s...

It is kind of the child of what used to be called Catastrophe Theory, which in low dimensions is essentially a classification of folding of manifolds. Now the systems are higher dinemsional and the advice more practical/heuristic.

agos8mo ago· 1 in thread

when did we have resilience?

BoredPositron8mo ago

Cold War was pretty good in terms of resilience.

j / k navigate · click thread line to collapse

0 comments

11 comments · 5 top-level

foinker8mo ago· 2 in thread

No shot that happens until an outage breaks at least an entire workday in the US timezones. The only complaint I personally heard was from someone who couldn't load reddit on the train to work.

geodel8mo ago

BeFlatXIII8mo ago

No complaints from folks who couldn’t load reddit at work?

1 more reply

mschuster918mo ago· 1 in thread

> Maybe this is the event to get everyone off of piling everything onto us-east-1 and hoping for the best, but the last few outages didn’t, so I don’t expect this one to, either.

TheNewsIsHere8mo ago

The last re:Invent presentation I saw from one of the principals working on IAM quoted 500 million requests per second. I expect that’s because IAM also underpins everything inside AWS, too.

1 more reply

2d8a875f-39a2-48mo ago· 1 in thread

> we’ve eliminated resilience wherever we could, because it’s more cost-effective. Resilience is expensive.

You are right. But alas, a peek at the AMZN stock ticker suggests that the market doesn't really value resilience that much.

Cthulhu_8mo ago

Stocks stopped being indicative of anything decades ago though.

Trasmatta8mo ago· 1 in thread

The irony is that true resilience is very complex, and complexity can be a major source of outages in and of itself

lanstin8mo ago

I have enjoyed this paper on such dynamics: https://sigops.org/s/conferences/hotos/2021/papers/hotos21-s...

agos8mo ago· 1 in thread

when did we have resilience?

BoredPositron8mo ago

Cold War was pretty good in terms of resilience.

j / k navigate · click thread line to collapse