How an Amazon engineer's slip-up started a 20-hour Netflix cock-up
Xmas cloud outage sparked by fumbled delete op
Ensure Ease of Recovery with Asigra’s Agentless Software
An Amazon engineer hit the wrong button on Christmas Eve, deleting critical data in its load balancers and ultimately knackering vid streaming biz Netflix for 20 hours.
The Netflix outage hit customers in the US, Canada and Latin America on 24 December, particularly those using games consoles and mobiles to watch films, while desktop Mac and PC users suffered time-outs and delays. A mistake at Netflix's hoster - Amazon Web Services - caused the downtime and Amazon's developer team worked through the night into Christmas morning to get the problems fixed by 8am 25 December.
Statements from Netflix and Amazon explained that the problem started when a developer accidentally wiped important data on how video traffic should be directed by the Elastic Load Balancers (ELBs) at Amazon Web Services.
These load balancers juggle requests from devices to servers and spread the workload across systems. The ELBs rely on information referred to as state data to control their operation and track what requests are going where.
On Christmas Eve an engineer running a maintenance process accidentally directed it at this vital state data and, as a result, deleted the information on the production ELBs in the East USA region. The unlucky bod didn't realise his or her mistake and it took the Amazon team a while to work out exactly what had gone wrong since many requests for media were still being processed as usual. At the peak of the cock-up 6.8 per cent of the AWS balancers were out of action.
After realising the problem, Amazon engineers worked through the night to restore the missing ELB state data from a backup taken just before midday on Christmas Eve and merge new data from the past 20 hours with the historic snapshot.
Netflix uses hundreds of Elastic Load Balancers grouped together by the type of device supported by the service. That was why console and mobile users were affected to a greater extent than users on other machines.
Amazon has slapped a number of protections on the Elastic Load Balancers to prevent this happening again. Access to the state data has been restricted. Amazon added that it has streamlined its data recovery process following a few bungles in the attempt to get the service back up and running.
Netflix said the breakdown revealed the challenges of maintaining a globally available cloud service. Both companies have apologised to customers whose festive film-watching was disrupted. ®
COMMENTS
In various projects I've worked on that involve critical data, we usually have a ban on major changes on Fridays or just before a public holiday, and a change freeze until Christmas is well out of the way. What went wrong at Amazon/Netflix that allowed this to happen?
Huh ?
I would have thought that by definition, "Elastic Load Balancing" would be an adaptive process. Just deleting the state data would temporarily unbalance things until it "learned" again.
At least that's how *I* would have implemented it. If I was going to call it "Elastic".
Re: Huh ?
I would have made it so that if you strain it too hard it snaps and the pieces go flying across the room and hurt people. they didnt even invite me to an interview though.
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Enabling efficient data center monitoring
