Slashdot Mirror

← Back to Stories (view on slashdot.org)

Keeping an Eye Out When Sites Go Down

Posted by timothy on from the he-said-go-down dept.

miller60 writes "Are major web sites going down more often? Or are outages simply more noticeable? The New York Times looks at the recent focus on downtime at services like Twitter, and the services that have sprung up to monitor outages. When a site goes down, word spreads rapidly, fueled by blogs and forums. But there have also been a series of outages with real-world impact, affecting commodities exchanges, thousands of web sites and online stores."

27 of 77 comments (clear)

  1. Short version... by MRe_nl · · Score: 4, Insightful

    Is downtime really more frequent? Or is it just more visible?
    The answer is both.

    --
    "Kill 'em all and let Root sort 'em out"
    1. Re:Short version... by arth1 · · Score: 5, Insightful

      I think monopolization plays a role too.
      Back when people jumped between Altavista, Hotbot, Jeeves and other engines, one of them going down wasn't so bad -- you just used another, and a day later, you wouldn't even remember that one of them had been down. But these days, everyone and his dog uses Google, and if Google goes down, people won't know what to do. Similar for other sites and hubs -- they've become too big, and users have become too reliant on them.

      So even if uptime has increased, the impact of downtime has become larger, in part due to the larger reliance on single systems.

  2. New sites are more complicated... by Anonymous Coward · · Score: 4, Interesting

    So they're more likely to suffer downtime as any one of the many pieces can break, causing it to all go down. Look at a site like Drudge Report that gets massive traffic, but is really VERY simple to run. Then look at a site like Twitter or YouTube or something like that, which has many more services to operate and keep running together.

  3. The twitter factor by ximenes · · Score: 5, Insightful

    Twitter's infrastructure is notoriously poorly thought out, and I sort of doubt they employed any systems administrators (or service engineers, or operations engineers, or whatever) up until recently.

    I think the barrier to entry from an engineering standpoint has been lowered such that you can more easily make a site that appears to be pretty decent and attracts an audience. What is often missing is the behind-the-scenes work which ensures that the service is:

    - Deployed properly, with testing and staging environments that actually mirror production.
    - Fault-tolerant at every practical level. This gets expensive, so you see datacenter failures take down large swaths of sites who don't have multiple locations.
    - Constantly monitored, including performance metrics, to find issues quickly or ever before they happen.

    This is the kind of work that always seems to take a back seat to development due to resource constraints, but it really needs to occur in tandem with the development process.

    If you don't design a site from the ground up to be redundant and highly performing, its pretty difficult to flip a switch and make it that way later. Which is basically what Twitter has found out. Whether or not this mentality is taking over the Interworld is another story though.

    1. Re:The twitter factor by Anonymous Coward · · Score: 2, Insightful

      Twitter made a big mistake by basing their technology around Ruby on Rails.

      Ruby on Rails is, of course, great for CRUD-style websites. It makes development lighting fast, and easy as sin. Twitter doesn't exactly fall into that category. Although Ruby on Rails is flexible enough to develop a small-scale version of the Twitter application, it just isn't capable of scaling.

      They really need to be looking into Erlang. Erlang is perfect for the type of software they need to provide the service they offer (see ejabberd for example). Plus it's open source, and it has a vibrant online community, and frequent releases, numerous conferences, interfacing with other languages, and other goodies.

      Erlang originated from, and has been successfully used within, the telecom industry, which is very similar to the market Twitter is involved with. Thus they should learn from the masters, and use Erlang wherever possible for their core services.

    2. Re:The twitter factor by jnovek · · Score: 5, Insightful

      "If you don't design a site from the ground up to be redundant and highly performing, its pretty difficult to flip a switch and make it that way later. Which is basically what Twitter has found out."

      And really, that's OK.

      Sites like Twitter are popping up precisely because the bar is very low to get your idea out on the 'net and compete. Sure, the cost in dollars and person hours is much higher to refactor for stability later, but would Twitter have even come into existence if that was a requirement from the start? Would its founders have considered it a worthwhile risk?

      Jason

    3. Re:The twitter factor by Anonymous Coward · · Score: 2, Interesting

      This is the kind of work that always seems to take a back seat to development due to resource constraints, but it really needs to occur in tandem with the development process.

      That's not true. As the Twitter, Digg, Flickr, etc. examples clearly show, it's much more important to appear "pretty decent" when you corner the market than anything else. The cost of doing it properly from the get go can not be shouldered by a company with an unproven concept, neither time- nor money-wise. Most of these services are 99.9% user base and 0.1% implementation. If you can get the users with a rough sketch, it is then much easier to get the resources for even a complete rewrite of the server software. Besides, this isn't even a business biased view: Most programmers agree that the first implementation is for understanding the problem and the second implementation is for solving it.

    4. Re:The twitter factor by ximenes · · Score: 2, Insightful

      OK, lets explore this. If I was to log to syslog, only the ErrorLog supports it. In order to do this with an AccessLog, I would have to use the piped log output feature to route to a script that I write which in turn writes to syslog for Apache.

      This is exactly the sort of bespoke stuff I'm referring to. Why should this need to be implemented 1,000 times at company after company to accomplish the exact same thing?

    5. Re:The twitter factor by LEMONedIScream · · Score: 2, Insightful

      Did you just get paid to write that?

    6. Re:The twitter factor by ximenes · · Score: 2, Insightful

      I agree to an extent, but I also think that not all of these sites will survive their re-implementation periods in the face of better-designed competitors. Flickr, for instance, is internally a mess. I presume part of this is due to poor initial implementation, but its further compounded by a need to Yahooize it at every level.

      I presume Twitter will encounter a mass exodus at some point, as its users are likely to be very keen to move on to the next big (and possibly more reliable) thing.

      Every time a site is down, you run the risk of irretrievably losing a portion of your users. Once you get enough bad will going, you don't even have to have failures; just having a reputation as not being reliable can be enough.

    7. Re:The twitter factor by dubl-u · · Score: 3, Insightful

      Sites like Twitter are popping up precisely because the bar is very low to get your idea out on the 'net and compete. Sure, the cost in dollars and person hours is much higher to refactor for stability later, but would Twitter have even come into existence if that was a requirement from the start? Would its founders have considered it a worthwhile risk?

      That's a common after-the-fact excuse for not thinking at all about performance, but I've concluded that it's mostly bullshit.

      Sure, if you consider these questions up front and know what you're doing, it's completely possible to defer most of the work until things start to pick up. That's a very legitimate business decision, and if you get a big surprise in your growth curve, it's possible to get crushed. But with a little load testing, responsible development practices, and a little forethought, you've got a very good chance of avoiding a disaster. And none of that needs to be a big barrier to just getting something out.

      On the other hand, if you just don't think about those questions at all, building things willy nilly with no preparation for refactoring and growth down the road, then that's just idiotic. You are in effect betting that you will fail, in that your site will work only if it doesn't get popular. And with something like Twitter, where the network effect is king and you could only make money with a shitload of traffic, massive growth is the only way to succeed.

      From what I can tell, Twitter is firmly in that second camp. They've been going for nearly two years, and they've been shaky for most of it. One black eye from a sudden surge is acceptable, and for some is even a badge of honor. But more than a year of load-based suckage, to the point where you are an international joke, is a sign of plain incompetence. Although it hasn't killed Twitter, it has killed other businesses, and Twitter is not out of the woods yet.

    8. Re:The twitter factor by nabsltd · · Score: 2, Interesting

      Fault-tolerant at every practical level. This gets expensive, so you see datacenter failures take down large swaths of sites who don't have multiple locations.

      I work on a site that has pretty much every conceivable fault-tolerance you can get short of multiple sites: multiple separate ISPs leading to router and firewall hardware that is redundant for each ISP along with multiple load-balanced front-end web servers connected to load-balanced database and file servers (with every server running Solaris). Everything has multiple power supplies connected to different mains feeds and different generators. All of this is frightfully expensive and heavily monitored.

      Yet, the #1 thing that is causing downtime is the failure of the clustering software on the file servers to actually fail over if something goes wrong. So, whenever the file system mounts fail, the whole system is down until those servers are rebooted, which takes 1-2 hours because of the clustering software.

      Yet, if those file servers would have been relatively cheap with no redundancy, they could have been re-booted quickly and the file system mounts automatically recovered within 15 minutes.

      So, the moral here is that more fault-tolerance isn't always the best way to maintain uptime. Carefully deciding where to spend money on what type of fault-tolerance is going to get you more uptime in the long run of the real world, instead of spending unwisely to increase statistical uptime.

    9. Re:The twitter factor by dubl-u · · Score: 3, Insightful

      By the time you get big enough to really have to worry about scalability more than just turning on caching, you ought to be able to produce enough revenue to reimplement the site. If not, obviously you aren't relevant (or you aren't clever enough.) :)

      I've heard this theory a lot. With regrettable frequency, it's part of noob entrepreneur business plans. I see three big problems with it.

      1. If a sudden surge in popularity is forcing you to work on scalability, that's exactly the point that you don't want to work on scalability. Finally, people care about your site! So now you want to give them cool new features regularly, so they don't go away again. Plus, they discover (and create) problems that you need to solve with new code.
      2. Scaling is much harder to do when you're behind than when you're ahead. If you're already creaking under load, you run around doing a lot of quick fixes that do nothing for the long term. All of the budget you planned for that rebuild can quickly get eaten up just keeping things from catching on fire.
      3. Per-user margins have been steadily declining for pretty much the life of the web. Decreased hardware and bandwidth costs mask some of that. And the vast growth of the internet audience makes up for the rest. But over time you have needed larger and larger numbers of people to have a viable web business. So you need to serve a lot more people to support a staff than you did early on.

      Twitter is a good example of all of these problems. They surely started out saying they would worry about scaling later. Then later came, and they had other things to do: new features, dealing with abusers, setting up a customer support infrastructure. Their quick scaling fixes kept their heads barely above water, but they didn't do much for the long term. And they are still in the "grow big, grow fast" stage, so they don't have any revenue and would rather wait a while longer to deal with that.

    10. Re:The twitter factor by Jeff+DeMaagd · · Score: 2, Insightful

      It might even be better savings that way, but the way people talk about how Twitter is set up, it sounds like the people that set it up didn't even know what they were doing, like maybe they dropped out of school halfway through the database class. Given that they are still having problems, I think it's reasonable to suggest that they still don't know what they are doing, even though their VC funding should have allowed them to hire enough qualified people to fix the problem. The way it is now, I wonder if there really is any resale value in the company. At this point, they have no revenue stream, not even ads as far as I can tell, so it looks like they're looking to build a service that gets bought out by a big company. I think whoever buys them would almost certainly not be buying them for the employees, the organization, the code or the infrastructure, but rather, just the users and only the users. I see little value in anyone anything there except in what amounts to buying the users.

  4. But what happens by Anonymous Coward · · Score: 2, Funny

    when the site you're using to monitor whether a site is down goes down?

    PANIC AT THE DISCO!!

    1. Re:But what happens by Geak · · Score: 3, Interesting

      I can't really trust those network monitoring sites. They aren't accurate. All they can tell is that the site is down "from their location". I work for a webhosting company, and I've run into numerous cases where a customer is screaming that his website is down because they network monitoring site sent him a report saying so. The truth of the matter was the site was up the entire time (even the customer could get to the site when I had them actually try). If a node goes down anywhere between the monitoring site and the user's website, they get a false positive. On top of that, you have to wonder if any of these monitoring sites are also deliberately sending false reports. Back when I was working for an ISP, I remember there was some kind of network monitoring software that came out, and a number of people were installing on their computers. It would start warning customers that their "network connection was saturated - blah blah blah" and customers would call in blaming us. Within a few days I started seeing reviews on the net about the product, and some research showed that it was deliberately generating false reports for anybody that wasn't with a certain large coaster shipping ISP. Apparently the software company was a shareholder. I can't remember what the name of the product was however, this was back in the old dialup days.

  5. More sites using multiple external sources by urbanriot · · Score: 2, Interesting

    These days web pages comprise of multiple sources, often displaying content from multiple servers. Consider that 'back in the day' a web site was a static HTML file with multiple links. These days we have a 'site' linking to an image server, media server, advertising server, with sql backbones and other content providers. When one of these sites fail, often the whole works goes down.
     
    Personally, I don't notice an increased frequency in site downtimes with any of the services that I use and I don't feel this is newsworthy. Of course, I don't use Twitter so maybe that's why.

    1. Re:More sites using multiple external sources by Stanislav_J · · Score: 2, Insightful

      These days web pages comprise of multiple sources, often displaying content from multiple servers. Consider that 'back in the day' a web site was a static HTML file with multiple links. These days we have a 'site' linking to an image server, media server, advertising server, with sql backbones and other content providers. When one of these sites fail, often the whole works goes down.

      Which is also why many major sites are so slow to load on less than optimal connections (which many are still stuck with). Personally, I find all the bells and whistles distracting, complicating, and useless. It seems like sites compete to see how crowded and busy they can make their pages. Right up at the top of the list for me are sites that insist on displaying some stupid Flash screen (that adds nothing to the meat and potatoes content/function of the site) and give you no option for bypassing it. The Internet could be a marvelous animal for information if website designers could just resist the impulse to throw every possible widget and geegaw into the mix. It not only adds little to the basic functionality of the site, but as pointed out above, just increases the number of individual elements that can fail and slow or stop a site in its tracks.

      Me, if I want the MLB scores, or the news headlines, or to compare prices between a few retailers, all I need is the information, please -- I don't need need a floor show accompanying it.

      --
      "Every great cause begins as a movement, becomes a business, and eventually degenerates into a racket." -- Eric Hoffer
  6. Re:no... by Nick+Fel · · Score: 5, Funny

    I've seen Google down. Not completely unreachable, but not working. It was terrifying.

  7. Re:no... by Koiu+Lpoi · · Score: 3, Interesting

    Agreed. Google and Slashdot are the two (depending on my mood) sites I test to see if I have an internet connection. If I can't reach one, I don't even bother testing the other - I assume it's on my end, and I've not yet been wrong.

  8. Blackstart capability by Animats · · Score: 4, Interesting

    What with the "software as a service" and "outsourcing system administration" fads, more sites are relying on other sites being up when they power up. This could become a problem in bringing a site back up after an outage. It's important to know which sites have "black start" capability; they can start up without any resources from the outside.

    You can save money by outsourcing Linux system administration to Tomsk, Russia, or Lotus system administration to India. "Remote System Administration for your Lotus Notes/Domino Servers, Infrastructure". But can you then restart your data center from a cold start, when the offshore admin people can't yet get in?

    1. Re:Blackstart capability by dubl-u · · Score: 3, Insightful

      An important, related issue is the loss of local knowledge.

      If you did a web startup ten years ago, you pretty much had to hire a sysadmin. If you had a good one, they would yell at your developers about their retarded, unscalable designs. Having a scary bearded man threaten you with defenestration has its downsides, but it does give you an incentive to consider the impact to operations.

      The ever-lower cost of hosting is also a problem. If you tried to just throw $250k of hardware at a scaling issue back then, hopefully some executive would come by and ask some WTF-ish questions. (Unless you were at Boo.com or Webvan, natch.) But now, monthly rental on equivalent computing power is circa $400. Who'd bitch about that? Which allows you to really settle in to a totally unscalable architecture.

  9. Thanks, Grisoft by FilterMapReduce · · Score: 4, Funny

    Are major web sites going down more often?

    A bit more often now thanks to AVG?

  10. Slashdot uncertainty principle by CrazyJim1 · · Score: 5, Funny

    We're not sure if the sites are already dead, or if the observers changed the outcome.

    --
    God spoke to me.
  11. Re:no... by Opportunist · · Score: 2, Funny

    Just because you searched for "sex" and "porn" and didn't get any results but linkpages and squatters doesn't mean the search engine's broken, ya know? :)

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  12. Re:or... by Buran · · Score: 3, Insightful

    So don't go there, don't click on links to it, and stop bitching about it. It only annoys you if you let it.

    Or do you just like to whine?

    Yes, they got a mention, because they can't fucking make the damn thing stop dying. If you want to be that prominent you need to get your shit together, or take the flak.

    --
    i am a soviet space shuttle
  13. no, but... by ClarisseMcClellan · · Score: 2, Interesting

    AVG is probably why we have this post this week. There were a lot of timeouts last week, although Grisoft was not the only problemo. For a while Virgin Media customers in the UK lost a couple of continents last week, with the U.S.A. and Australia dropping off the map. I had to read Pravda instead of Slashdot for an hour or two...

    My backup route actually worked fine and I was just in the middle of getting a squid proxy server of my own up and running when the network problems magically fixed themselves. There are lessons to be learned, if you need your internet more than is healthy then you also need a backup plan. This could be a wifi sharing agreement with the neighbours or a proxy server at work that you can dial into at home. The internet does not dynamically re-route stuff when there is a problem with a major link. This is a problem. I thought we would have TCP/IP over ATM or something like that to solve that by now.