Back to Home

Bitrix gives knowledge - all materials #FailOverConf / 1C-Bitrix company blog

fault tolerance · failover · failoverconf

Bitrix Gives Knowledge - All Materials #FailOverConf



    On April 8th, the already traditional conference dedicated to the fault-tolerant and fast web - FailOverConf - took place.

    As you already know, this time we decided to completely change its format. We set a goal - the widest possible reach of the audience, which will be able to obtain useful and practical knowledge. Therefore, they made the conference completely online and free. And, it seems, the goal has been achieved. :) About 2500 people took part in the event.

    And now, as we promised earlier, we publish all the conference materials (presentations and videos).

    Programming languages


    “Going to Failover: How does language affect architecture and why do fault-tolerant projects choose Go?” (Aleksey Naydenov, ITooLabs) - presentation

    For its very short history, the Go language has gained the most popularity among developers of distributed fault-tolerant and highly loaded systems. Why did this happen? What are the benefits, obvious, and not so, that Go brings to developers? Should You Choose Go For Your Future Failover Project?

    In the report, I will give a brief overview of the Go language, tell about the history of its origin and development, and give typical examples of use in the industry. I will also share my experience of operating a scalable fault-tolerant telecommunication system and talk about how and why we rewrote it to Go, and what we got as a result.




    “How Badoo switched to PHP7 and saved $ 1M” (Yuri Nasretdinov, Badoo) - presentation

    - Introduction
    - Experiments with HHVM
    - Corrections in the kernel and extensions
    - Changing the testing infrastructure
    - Utilities and application code
    - “Launch” and results




    “Defensive Programming and Strong Typing: From Python to JavaScript” (Grigory Petrov, Voximplant) - presentation

    - Microservices, errors and fault tolerance
    - Why we make mistakes: complexity and Miller’s wallet
    - Setting traps for errors using strong typing
    - Strong typing: C # , Java, Python, PHP, Ruby, JavaScript
    - Gradual Type Checking




    Databases and NoSQL


    "Tarantool: cases of use" (Denis Anikin, Postal Services Poster ) - presentation



    “Options for building fault-tolerant systems based on PostgreSQL” (Mikhail Kulagin, Postgres Professional) - presentation

    1. Approaches to building fault-tolerant systems using the OpenSource DBMS MySQL and PostgreSQL
    1.1 as an example . Logical and physical replication
    1.2. Building approaches and problems of multimaster systems
    1.3. Strengths and weaknesses of each approach, points of possible data loss

    2. Native failover capabilities of PostgreSQL
    2.1. Synchronous and asynchronous streaming replication
    2.2. Features of configuration and monitoring points

    3. Automation of failover cluster management using Pacemaker / Corosync as an example
    4. PostgreSQL logical replication options
    5. The near future of Postgres: current developments




    Operation and monitoring


    “Mail.Ru Group media projects : workdays of the director of the amusement park” (Stanislav Mikhalsky, Mail.Ru Group) - presentation. The

    average daily audience of Mail.Ru media projects is about ten million visitors generating about sixty million views. In my speech I will tell:
    - about how we ensure uninterrupted operation in conditions of such a high load.
    - about common bottlenecks for all these projects, as well as about individual product and technological nuances
    - about monitoring, DevOps and the domino effect when using external services
    - about whether there is a difference between one and ten projects in terms of fault tolerance, recovery and prevention,
    - about the advantages and disadvantages of scaling and caching
    - and of course a couple of tales and funny things from an eyewitness.




    “99.999% fault tolerance with your own hands” (Nikolai Matsievsky, WEBO Software) - presentation

    I’ll tell you how to use the available tools to ensure maximum availability for web projects, and how much it can cost. I’ll touch upon the availability and reliability of hosting, the point of failure of the site, balancing DNS and IP Anycast. I’ll also tell you how to guarantee the availability of 4-5 nines in a short time and modest budget.



    “24x7 tracking of key business scenarios on your site. Automatically ” (Stepan Ovchinnikov, Intervolga) - presentation

    - You need to be sure that the key site scenarios: main, catalog, order, basket, personal account - always work.
    - It is necessary that you find out about mistakes earlier than clients.
    - It is necessary that such "functional monitoring" is inexpensive, but it works well.

    We tell you about the following points: Problem - Solutions - To whom it suits - What you can check - Reports - Real cases - Cost - Connection algorithm.




    “Fault tolerance from the point of view of a service provider - a recipe from Acronis” (Ivan Prokhorov, Acronis) - presentation

    - Why is fault tolerance important to a service provider? - What needs to be protected and from what? - 404 or 500 - how to fight? - Fast recovery - myth or reality?



    “Predictive maintenance - the use of machine learning to reduce monitoring and operating costs. Algorithms and Technologies ” (Alexander Serbul,“ 1C-Bitrix ”) - presentation

    Covering a web project with a test grid is not enough to prevent accidents, detect attacks and preventively respond to changing operating conditions. A new approach - analysis of metrics and prevention of accidents (detection of threats) using machine learning algorithms - will not only reduce the cost of providing fault tolerance, but also respond before problems arise! Interesting - come, we will tell you in simple words and show with examples how it works.



    Fault tolerant development


    “Continuous Integration. Managing releases as they are ” (Ivan Mikheev, Agima) - presentation

    The delivery process of the developed functionality is always based on compromises between delivering quickly and not losing quality. Moreover, the more time is spent on deployment, the less time is left on quality. The problem becomes more and more urgent with each stage of production growth. There are a variety of different methodologies and technologies designed to standardize deployment and release processes, and in my report I want to talk about what process we have set up for ourselves, and how this helped us devote more time to quality.

    - Establishment of software delivery processes in custom web development - where to start organizing “chaos”;
    - Temporary profit - saving time with the correct deployment (in the short and long term), comparing options for manual and automated deployment using our projects as an example;
    - Tools that we used at different stages of our growth: GIT, gitolite, gitlab, TeamCity etc.
    - Simple, but such important hooks - how to simply make these technologies bring you real benefits and save developers time;
    - Automatic deployment, continuous delivery, builds and auto tests - when you really need it, and when you can neglect it - using different types of our projects as an example;
    - Previously, it was “compiled”, now it is “tested” - inadequately long delivery process - how to get rid of blocker auto-tests.




    Backups


    “Organization of backup of complex online stores” (Evgeny Potapov, “Summa IT”) - presentation

    1. Database backup.
    1.1. How often do backups? Than?
    1.2. How to ensure the safety of "fresh data".
    1.3. Quick recovery after the "human factor", accidental deletions.

    2. Backup of static files, code and configuration files
    2.1. File backup - backup, synchronization.
    2.2. Prompt recovery from large backups, pitfalls
    2.3. Backing up configuration files

    3. Monitoring and checking backups
    3.1. Monitoring the process of creating backups.
    3.2. Monitoring backup storage.
    3.3. Test deployment of backups.




    Security


    “Who is protecting your site?” (Mikhail Kondrashin, Trend Micro Russia) - presentation

    Cloud technology is the future for all IT and now you need to imagine how the protection used against traditional threats, such as remote hacking and malicious code, will fit into a new reality. Even a superficial analysis shows that traditional approaches are unsatisfactory. It is imperative that the security provided by the cloud service provider seamlessly integrates with the company's internal security system. On the other hand, this security should take into account the specifics of the tasks that the customer solves in the cloud. Each resource transferred to the cloud must be provided with protection, which is individually configured and undergoes regular audits that determine the current level of security. Only in this case, the transfer of IT components to the cloud will not be a compromise with security.



    "Tempesta FW: Yet Another Web-accelerator?" (Alexander Krizhanovsky, NatSys Lab)

    Tempesta FW is an Open Source hybrid of Web accelerator and firewall, developed specifically for processing and filtering large volumes of HTTP traffic. Tempesta FW is built into the Linux TCP / IP stack and has a lightweight in-memory database optimized for NUMA systems for storing the Web cache and filtering rules. The main scenarios for using the system are protection against application-level DDoS and simply delivery of large volumes of HTTP traffic with low hardware costs.

    In the report, I will talk about:
    - why do we need another Web-accelerator and what is its difference from Nginx, Varnish, HAProxy and even TUX and kHTTPd;
    - Typical usage scenarios (CDN, cloud, filtering networks, etc.);
    - main features (caching, load balancing, filtering);
    - Frequent issues related to the implementation of the project in the OS kernel, performance and reliability;
    - system requirements, configuration examples, and, simply, how to assemble and run it all.




    “How to achieve A + rating for SSL certificate on your website and other aspects of hosting security” (Igor Cherednichenko, Rusonyx) - presentation

    - Pitfalls of SSL, how to not offend anyone.
    - Pros and cons of standard openssl.
    - SSL increase the speed of negotiation.




    “An analytical review of Internet content protection tools” (Maxim Levin, CDNvideo) - presentation

    - Modern methods of theft of various content and the scale of the problem.
    - The enemy will not pass: how to protect the content before it is stolen.
    - It’s too late to drink Borzh? .. How to protect content after it has been stolen.
    - Do not touch the exhibits with your hands! Methods for protecting graphic content.
    - Melodies and rhythms of modern pirates. Methods of protecting audio content.
    - And now - the slides! Methods of protecting video content.




    “Security of web applications 101 or an introduction for non-information security professionals” (Denis Bezkorovayny, Cloud Security Alliance) - presentation

    - Who attacks web applications and how and what to defend against.
    - Web Application Security Audit - What to Choose? Static code analysis and dynamic analysis of web applications - pros and cons, areas of application.
    - Active protection systems for web applications - typology, deployment options, scope.
    - Security monitoring and attack detection.
    - Response plan for attacks and incidents, corrective measures, practical recommendations.




    Performance


    “How we made Cyber ​​Monday” (Alex von Rosen, 220 Volt Group of Companies) - presentation

    - What to do if today you find out that in a month and a half you need to launch a highload project.
    - Highload team.
    - Highload site.
    - How to start and not fall.
    - What to do next.




    * * *

    Like, share, retweets! :) And - see you next year!

    Read Next