Professional Documents
Culture Documents
Screen-Shot-2016-04-05-at-4.56.12-PM-s2.jpg
Click to Open Overlay Gallery
Google
When was the last time you needed to Google something and Google
wasnt there?
Odds are, you dont remember that ever happening. Sure, there are
times when you cant reach Google because your internet connection
is down. But Googles primary online services, from its search engine
to Gmail to Google Docs and more, are nearly always accessible. The
companys Google Apps suite, including Gmail and Docs, was available
about 99.97 percent of the time in 2015, according to the companys
own numbers. The world pretty much takes this for granted, but its a
remarkable reality. The billions who use Google hardly stop to consider
how Google made something so impressive seem so mundane.
Google explains the feat in three words: Site Reliability Engineering.
OK, they arent the best three words. But thats the rather unsexy
name Google gave to this seminal philosophy more than a decade ago.
Its a rather nuanced and expansive philosophy, but it really boils down
to one central idea: Dont get IT people who specialize in running
Internet services to run your Internet services. Have software coders
run them instead. If you do this, the thinking goes, the software coders
will build tools that can help run the operation without the active
involvement of real live people.
'We long for the day when nobody runs anything.' Todd Underwood,
Google
The result of our approach, writes Googler Ben Treynor Sloss in a new
essay, is that we end up with a team of people who will quickly
become bored by performing tasks by hand and have the skill set
necessary to write software to replace their previously manual work.
For many in Silicon Valley, that may seem like a common idea. This
kind of thing is now practiced across the tech world, from Amazon to
Box.com. People call it DevOpsdevelopment plus operationsan
effort to combine the ways of the software coder with the aims of the
systems administrator. But the DevOps movement, embodied by tools
like Chef and Puppet, evolved separately from and largely after the
SRE philosophies that arose inside Google (and similar ideas that took
hold at Amazon). Its just that Google has kept largely quiet about this
over the last decade, as it often did when the topic was the inner
The shift is particularly interesting when you consider that dev and ops
were traditionally opposing forces. The devs wanted to build new
software and change it and get the changes out to the public as a fast
as possible. But the ops folks wanted to ensure that nothing went
wrong, and the best way to do that was to keep changes to a
minimum. These are incommensurate goals, Underwood says. The
trick is that, if you combine dev and ops, you can start to eliminate
their competing aims.
Underwood calls it a Hegelian thesis-antithesis synthesis. He then
acknowledges that when he says this, no one really buys it. People
just dont read Hegel anymore, he quips. But the description is spot
on. And once this synthesis was in place, Google accelerated the
process by adding all sorts of other Googly ideas to the mix.
The Error Budget
One big idea is that, in an effort to reduce the conflict between dev and
ops, the company doesnt strive for 100 percent uptime. The reality,
Sloss writes, is that you dont need an internet service to be 100
percent available. Users cant really tell the difference between 100
percent and, say, 99.999 percent (their laptop or WiFi or electricity or
ISP are down far more than 0.001 percent of the time). If you set a
reasonable uptime goal below 100 percentan error budgetyou
have more room to make changes and role out experiments.
The use of an error budget resolves the structural conflict of
incentives between development and SRE, Slosser says. An outage is
no longer a bad thing. It is an expected part of the process of
innovation, and an occurrence that both development and SRE teams
manage rather than fear.
At the same time, the company put rules in place to ensure that SREs
didnt end up morphing into good old fashioned sysadmins. Basically, it
decreed that no SRE could spent more than 50 percent of his or her
time on traditional operations as opposed to coding. If ops starts to
take precedence over dev on a particular SRE team, Google shifts
some of the ops load onto the team that is typically just build the
softwarethe regular Google software engineers. Consciously
maintaining this balance between ops and development work allows us
to ensure that SREs have the bandwidth to engage in creative,
autonomous engineering, Sloss writes, while still retaining the
wisdom gleaned from the operations side of running a service.
Chefs Jacob says that the ratio here50 percentisnt that important.
But he likes the attitude. This is just economics, he says. Theres