The InfoQ Podcast

In this week’s podcast, Thomas Betts talks with Haley Tucker, a Senior Software Engineer on the Playback Features team at Netflix. While at QCon San Francisco 2016, Tucker told some production war stories about trying to deliver content to 65 million members. Why listen to this podcast: - Distributed systems fail regularly, often due to unexpected reasons - Data canaries can identify invalid metadata before it can enter and corrupt the production environment - ChAP, the Chaos Automation Platform, can test failure conditions alongside the success conditions - Fallbacks are an important component of system stability, but the fallbacks must be fast and light to not cause secondary failures - Distributed systems are fundamentally social systems, and require a blameless culture to be successful Notes and links can be found on: http://bit.ly/2hqzQ6K 2m:05s - The Video Metadata Service aggregates several sources into a consistent API consumed by other Netflix services. 2m:43s - Several checks and validations were in place within the video metadata service, but it is impossible to predict every way consumers will be using the data. 3m:30s - The access pattern used by the playback service was different than that used in the checks, and led to unexpected results in production. 3m:58s - Now, the services consuming the data are also responsible for testing and verifying the data before it rolls out to production. The Video Metadata Service can orchestrate the testing process. More on this: Quick scan our curated show notes on InfoQ. http://bit.ly/2hqzQ6K You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. bit.ly/24x3IVq

In this week's podcast, QCon chair Wesley Reisz talks to Kolton Andrus. Andrus is the founder of Gremlin Inc. He was a Chaos Engineer at Netflix, focused on the resilience of the Edge services. He designed and built FIT: Netflix’s failure injection service. Prior, he improved the performance and reliability of the Amazon Retail website. Why listen to this podcast: - Gremlin, Kolton Andrus' new start-up, is focused on providing failure testing as a service. Version 1, currently in closed beta, is focused on infrastructure failures. - Lineage-driven Fault Injection (LDFI) allowed Netflix to dramatically reduce the number of tests they needed to run in order to explore a problem space. - You generally want to run failure tests in production, but you can't start there. Start in developemnt and build up. - Having failure testing at an application level, as Netflix does, so you can have request level fault injection for a specific user or a specific device. - Being able to trace infrastructure with something like Dapper or Zipkin offers tremendous value. At Netflix, the failure injection system is integrated into the tracing system, which meant that when they caused a failure they could see all the points in the system that it touched. More on this: Quick scan our curated show notes on InfoQ. http://bit.ly/2fT9YiM You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. bit.ly/24x3IVq

As InfoQ previously reported in March 2016, Dropbox announced that they had migrated away from Amazon Web Services (AWS). In this week's podcast Robert Bluman talks to Preslav Le. Preslav has been a software engineer at Dropbox for the past three years, contributing to various aspects of Dropbox’s infrastructure including traffic, performance and storage. He was part of the core oncall and storage oncall rotations, dealing with high emergency real world issues, from bad code pushes to complete datacenter outages. Why listen to this podcast: - Dropbox migrated away from Amazon S3 to their own data centres to allow them to optimise for their specific use case. - They are experimenting with Shingled Magnetic Recording (SMR) drives for primary storage to increase storage density. All writes go to an SSD cache and then get pushed asynchronously to the SMR disk. - Their average block size is 1.6MB with a maximum block size of 4MB. Knowing this allows the team to tune their storage system. - Three languages are used for the backend infrastructure. Python is used mainly for business logic, Go is the primary language used for heavy infrastructure services, and in some cases, for example where more direct control over memory is needed, Rust is also used. - Dropbox invest very heavily in verification and automation. A verifier scans every byte on disk and checks that it matches the checksum in the index. - Verification is also used to check that each box has the block keys it should have. Notes and links can be found on http://bit.ly/preslav-le Dropbox’s motivation for moving off the cloud 2:40 - Dropbox used Amazon S3 and other services where it made sense, but they stored all the metadata in their own data centres. 3:30 - Initially this was done because Amazon had poor support for persistent storage at the time. This has since improved but it didn’t make sense for dropbox to move the metadata back. 4:01 - By that time the dropbox team was ready to tackle the storage problem and built their own in-house replacement for S3, called Magic Pocket. Magic Pocket allowed Dropbox to move away from Amazon altogether. 4:30 - The move saved money, but also allowed DropBox to optimise for their specific use case and be faster. More on this: Quick scan our curated show notes on InfoQ. http://bit.ly/preslav-le You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. bit.ly/24x3IVq

In this week's podcast QCon chair Wesley Reisz talks to Randy Shoup. Shoup is the vice president of engineering at Stitch Fix. Prior to Stitch Fix, he worked for Google as the director of engineering and cloud computing, CTO and co-founder of Shopilly, and chief engineer at Ebay. Why listen to this podcast: - Stitch Fix's business is a combination of art and science. Humans are much better with the machines, and the machines are much better with the humans. - Stitch Fix has 60 engineers, with 80 data scientists and algorithm developers. This ratio of data science to engineering is unique. - With Ruby-on-Rails on top of Postgres, the company maintains about 30 different applications on the same stack. - The practice of Test Driven Development makes Continuous Delivery work, and the practice of having the same people build the code as those who operate the code makes both of these things much more powerful. - Microservices gives feature velocity, the ability for individual teams to move quickly and independently of each other, and independent deployments. - Microservices solve a scaling problem. They solve an organisational scaling problem, and a technological scaling problem. These are not the problems that you have early on in the startup. - In the monolithic world, if you're not able to continue to vertically scale the application or the database or whatever your monolith is. And so for scaling reasons alone you might consider breaking it up into what we call microservices. Notes and links can be found on http://bit.ly/randy-shoup-podcast Data Science and Stitch Fix 1m:57s - Stitch Fix re-imagines retail, particularly for clothing. When you sign up, you fill out survey of the kinds of things that you like and you don't like, and we choose what we think you're going to enjoy based on the millions of customers that we have already. And we use a ton of data science in that process. 3m:00s - That goes into our algorithms and then our algorithms make personalised recommendations based on all the things we know about our other customers... there's a human element as well: we have 3,200 human stylists that are all around the United States and they choose the five items that go into the box [of clothing]. 3m:29s - What we like is that this is a combination of art and science. Modern companies combine what machines are really good at, such as chugging through the 60 to 70 questions times the millions of customers, and combining that with the human element of the stylists, figuring out what things go together, what things are trending, what things are appropriate... Humans are much better with the machines, and the machines are much better with the humans. [...] More on this: Quick scan our curated show notes on InfoQ. http://bit.ly/randy-shoup-podcast You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. bit.ly/24x3IVq

In this week's podcast, QCon chair Wesley Reisz talks to Tal Weiss, CEO of OverOps, recently re-branded from Takipi. The conversation covers how the OverOps product works, explores the difference between instrumentation and observability, discusses bytecode manipulation approaches and common errors in Java based applications. A keen blogger, Weiss has been designing scalable, real-time Java and C++ applications for the past 15 years. He was co-founder and CEO at VisualTao which was acquired by Autodesk in 2009, and also worked as a software architect at IAI Space Industries focusing on distributed, real-time satellite tracking and control systems. Why listen to this podcast: - OverOps uses a mixture of machine code instrumentation and static code analysis at deployment time to build up an index of the code - Observability is how you architect your code to be able to capture information from its outputs. Instrumentation is where you come in from the outside and use bytecode or machine code manipulation techniques to capture information after the system has been designed and built. - Bytecode instrumentation is a technique that most companies can benefit from learning a bit more about. Bytecode isn’t machine code - it is a high-level programming language. Being able to read it really helps you understand how the JVM works. - There are a number of bytecode manipulation tools you can use to work with bytecode - ASM is probably the most well known. - A fairly small number of events within an application’s life-cycle generate the majority of the log volume. A good practice is to regularly review your log files to consider if what is being logged is the right thing. Notes and links can be found on http://bit.ly/2fInGsW SaaS vs On-Premise 5:43 - OverOps started as a SaaS product, but given that a lot of the data it collects is potentially sensitive, they introduced a new product called Hybrid. Hybrid separates the data into two independent streams: data and metadata. 6:42 - The data stream is the raw data that is captured which is then privately encrypted using 256 bit AES encryption keys which are only stored on the production machine and by the user when they need to decrypt it. The metadata stream is not sensitive since it is just an abstract mathematical graph. 7:18 - Because the data stream is already privately encrypted, that stream can be stored behind a firewall and never needs to leave a company’s network. More on this: Quick scan our curated show notes on InfoQ. http://bit.ly/2fInGsW You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. bit.ly/24x3IVq

In this week's podcast InfoQ’s editor-in-chief Charles Humble talks to Data Scientist Cathy O’Neil. O'Neil is the author of the blog mathbabe.org. She was the former Director of the Lede Program in Data Practices at Columbia University Graduate School of Journalism, Tow Center and was employed as Data Science Consultant at Johnson Research Labs. O'Neil earned a mathematics Ph.D. from Harvard University. Topics discussed include her book “Weapons of Math Destruction,” predictive policing models, the teacher value added model, approaches to auditing algorithms and whether government regulation of the field is needed. Why listen to this podcast: - There is a class of pernicious big data algorithms that are increasingly controlling society but are not open to scrutiny. - Flawed data can result in an algorithm that is, for instance, racist and sexist. For example, the data used in predictive policing models is racist. But people tend to be overly trusting of algorithms because they are mathematical. - Data scientists have to make ethical decisions even if they don’t acknowledge it. Often problems stem from an abdication of responsibility. - Auditing for algorithms is still a very young field with ongoing academic research exploring approaches. - Government regulation of the industry may well be required. Notes and links can be found on http://bit.ly/2eYVb9q Weapons of math destruction 0m:43s - The central thesis of the book is that whilst not all algorithms are bad, there is a class of pernicious big data algorithms that are increasingly controlling society. 1m:32s - The classes of algorithm that O'Neil is concerned about - the weapons of math destruction - have three characteristics: they are widespread and impact on important decisions like whether someone can go to college or get a job, they are somehow secret so that the people who are being targeted don’t know they are being scored or don’t understand how their score is computed; and the third characteristic is they are destructive - they ruin lives. 2m:51s - These characteristics undermine the original intention of the algorithm, which is often trying to solve big society problems with the help of data. More on this: Quick scan our curated show notes on InfoQ. http://bit.ly/2eYVb9q You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. bit.ly/24x3IVq

In this week's podcast QCon chair Wesley Reisz talks to Machine learning research scientist John Langford. Topics include his Machine Learning system Vowpal Wabbit, designed to be very efficient and incorporating some of the latest algorithms in the space. Vowpal Wabbit is used for news personalisation on MSN. They also discuss how to get started in the field and it’s shift from academic research to industry use. Why listen to this podcast: - Vowpal Wabbit is a ML system that attempts to incorporate some of the latest machine learning algorithms. - How to learn ML: take a class or two, get accustomed with learning theory and practice. - ML has moved from the research field into the industry, 4 out of 9 ICML tutorials coming from the industry. - It’s hard to predict when you have enough data. - AlphaGo is a milestone in artificial intelligence. It uses reinforcement learning, deep learning and existing moves played by Go masters. - Deep Learning is currently a disruptive technology in areas such a vision or speech recognition. - What’s trendy: Neural Networks, Reinforcement and Contextual Learning. - Machine Learning is being commoditized. Notes and links can be found on http://bit.ly/2b4YNqQ How to Approach Machine Learning 6m:12s To start learning Machine Learning, Langford recommends taking a class or two, mentioning the course by Andrew Ng and another course by Yaser S. Abu-Mostafa. 6m:50s It is recommended to get accustomed with learning theory to avoid some of the rookie's mistakes. Quick scan our curated show notes on InfoQ. http://bit.ly/2atBFgk You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. http://bit.ly/24x3IVq

In this week's podcast, professor Barry Burd talks to Shuman Ghosemajumder. Ghosemajumder is VP of product management at Shape Security and former click fraud czar for Google. Ghosemajumder is also the co-author of the book CGI Programming Unleashed, and was a keynote speaker at QCon New York 2016 presenting Security War Stories. Why listen to this podcast: With more of our lives conducted online through technology and information retrieval systems, the use of advanced technology gives criminals the opportunity to be able to do things that they weren't able to do. - Cyber-criminals come from all over the world and every socioeconomic background, so long as there's some level of access to computers and technology. - You see organised cyber-crime focusing on large companies because of the fact that they get a much greater sense of efficiency for their attacks. - Cyber-criminals are getting creative, and coming up with ways to interact with websites we haven't thought of before. - You can have very large scale attacks that are completely invisible from the point of view of the application that's being attacked. - The context of what are you are using software for is more important than just going through an understanding of the code level vulnerability. Notes and links can be found on http://bit.ly/2atBFgk The People Behind Cyber-Crime 5:28 - There are all kinds of different personalities and demographics involved. Cyber-criminals come from all over the world and every socioeconomic background, so long as there's some level of access to computers and technology. Even in cases where a cyber criminal doesn't know how to use technology directly, or how to create something like a piece of malware, they can still be involved in a cyber-criminal's scheme. 6:29 - A scheme which uses large groups of individuals and which doesn’t necessarily need to have skills itself, is stealing money from bank accounts. Being able to transfer money using malware on people’s machines from one account to another account that the cyber-criminal controls still involves getting that money out. That last step can involve a set of bank accounts that are assigned to real individuals. More on this: Quick scan our curated show notes on InfoQ. http://bit.ly/2atBFgk You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. http://bit.ly/24x3IVq

In this week's podcast, QCon chair Wes Reisz and Werner Schuster talk to Caitie McCaffrey. McCaffrey works on distributed systems with the engineering effectiveness team at Twitter, and has experience building the large scale services and systems that power the entertainment industry at 343 Industries, Microsoft Game Studios, and HBO. McCaffrey's presentation at QCon New York was called The Verification of a Distributed System. Why listen to this podcast: - Twitter's engineering effectiveness team aims to help make dev tools better, and make developers happier and more efficient. - Asking someone to speak at your conference or join your team solely because of their gender does more harm than people think. - There is not one prescriptive way to make good, successful technology. - Even when we don't have time for testing, there are options to increase your confidence in your system. - The biggest problem when running a unit test is that it is only testing the input you hard code into the unit test. Notes and links can be found on http://bit.ly/2al6BRp Engineering Effectiveness 1:24 - The purpose of the engineering effectiveness team is to help make dev tools better, and to make Twitter's developers happier and more efficient. 2:44 - The team is trying to make infrastructure so that not every team has to solve the distributed problem on their own, and give developers some APIs and tools so that they can build systems easily. More on this: Quick scan our curated show notes on InfoQ. http://bit.ly/2al6BRp You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. http://bit.ly/24x3IVq

In this week's podcast, Barry Burd talks with Wendy Closson. With over a decade of experience immersed in development and championing agile practices, Closson coaches technology leaders to manage effectively, respond reasonably, and navigate the choppy waters of business. Closson's presentation at QCon New York was entitled Syntactic Sugar for English: Pragmatic Eloquence. Why listen to this podcast: - Software is a very abstract experience, so it can be difficult to communicate ideas about software to people outside. - The majority of people in teams want to remain in their comfort zone, so don't want to change. - Many problems that may seem technical in nature have to do with outside experiences. - The algorithmic approach to communicating has to do with creating new habits around our speaking. - With a single word you can elevate a population or destroy a friendship. - Simplicity is divinity, where someone can look at your code and understand your intentions, and the same in real-life communication. - Compromise isn't always the best thing. If no one's really feeling passionate about it, that's not going to create the best code. Notes and links can be found on http://bit.ly/29Co4X2 How Understanding Developers Helps Coaching 1:20 - Software is a very abstract experience. It doesn't really live in the physical word, so it can be difficult to communicate ideas about software - using it or creating it - to people outside the software world. 1:58 - It's possible to manage without direct experience... When you think of your job as a service leadership job. It's your job to facilitate, to trust, to understand what people are saying. But without the background, that trust can be hard to keep; a lot of things can get lost in translation. More on this: Quick scan our curated show notes on InfoQ. http://bit.ly/29Co4X2 You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. http://bit.ly/24x3IVq

In this week's podcast, Barry Bird talks to Courtney Hemphill, a partner and tech lead at Carbon Five. With over ten years of experience in software development, Hemphill has done full stack development for both startup and enterprise companies. Hemphill's presentation at QCon New York was entitled Algorithms for Animation. Why listen to this podcast: - Why developers in startups or enterprise firms should care about creating animations - The interfaces we interact with in software are becoming more dynamic - If you don't know what's wrong, you don't know how to fix it - The most common code smells, according to Llewellyn Falco: Clutter, long lines, long methods, duplication, and inconsistency - How do we make- in an agile way- the architectural work visible, and not ignore it? - How do you have an incremental architecture and get measurements? If you say you're going to go away for six months and figure it out, that's not very measurable. Notes and links can be found on InfoQ: http://bit.ly/29kq2ds Why Developers Should Care About Creating Animations 1m:05s - The interfaces we interact with in software are becoming more dynamic. 1m:30s - We are moving closer to natural user interfaces, and this is something software engineers across the board need to consider when they are developing programs. You don't just have a pointer and a mouse and a keyboard- you can squish and stretch things, using your fingers and your hands. 1m:55s - Animations need to feel real, and that is all based in Math and Physics. 2m:15s - The animations you see on websites have always been an opportunity for us to have a more fundamental learning about what the program does without needing a lot of instruction. 2m:38s - Animation functions almost as a way for people to discover and explore an interface so they can interact and engage with it more easily. The Importance of Animation Resembling Reality 3m:00s - If you've ever put on an Oculus Rift and experienced "judder" and felt immediately sick, that's the most extreme version. 3m:31s - If a computer is running slowly and you see frames dropped, you are sensing something underlying that is not right, and you immediately distrust it. 3m:42s - The further away you get from something that is smooth, the more you start to mistrust the platform and the data behind it. Natural Textures vs Cartoon-Like Textures [...] Quick scan our curated show notes on InfoQ. http://bit.ly/29kq2ds You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. http://bit.ly/24x3IVq

In this week's podcast Richard Seroter talks to James Shore, author of The Art of Agile Development and one of the original signatories of the Agile Manifesto. Also on the podcast are Llewellyn Falco, creator of the open source testing tool ApprovalTests and co-founder of Teaching Kids Programming, and Rebecca Wirfs-Brock, inventor of Responsibility-Driven Design, as well as the author of books including Designing Object: Oriented Software and Object Design: Roles, Responsibilities and Collaborations. Why listen to this podcast: - A lot of people know how to do TDD and refactoring for the back end, but not for the font, but the basics are the same. - The basics of Test-Driven Development are the same for the front or back end. - If you don't know what's wrong, you don't know how to fix it. - The most common code smells, according to Llewellyn Falco: Clutter, long lines, long methods, duplication, and inconsistency. - How do we make, in an agile way, the architectural work visible, and not ignore it? - How do you have an incremental architecture and get measurements? If I say to you I'm going to go away for six months and figure it out, that's not very measurable. Notes and links can be found on InfoQ: http://bit.ly/1Pse2r1 1m:10s - The talk 'Agile Engineering for the Web' was about how do you bring typical Agile engineering ideas like TDD and refactoring to the front-end languages. 1m:33s - A lot of people know how to do these things on the back-end, but when you get to the front end a lot of people just throw up their hands. 2m:24s - I see CSS bugs all the time, because it's very hard to refactor CSS without breaking something. Quick scan our curated show notes on InfoQ. http://bit.ly/1Pse2r1 You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. http://bit.ly/24x3IVq

In this week's podcast Richard Seroter talks to Lisa Crispin who works on the tracker team at Pivotal Labs, and is an organiser of the Agile Alliance Technical Conference. Lisa is the co-author of several books on Agile Testing, and is also the 2012 recipient of the Agile Testing Days award for Most Influential Agile Testing Professional Person. Richard also talks to Justin Searls, software craftsman, presenter of "How to Stop Hating Your Tests" and co-founder of Test Double, a company whose goal is to "improve how the world writes software." Why listen to this podcast: - Agile is mainstream, and being adopted by big enterprises, but there's a place to help small companies and startups. - Cloud Foundry pair testers to write production code with the programmers. - Developers have to be focused on right now, testers have freedom to look at more of the big picture - People know testing is good and there a lot of tools for it, but some tools are ill-conceived. - We need a better language for talking about good QA and full stack testing. Notes and links can be found on InfoQ: http://bit.ly/1U0ip8Q 2m:00s - The first XP universe conferences were mainly about XP practices, values and principles, and were attended by developers 2m:17s - Over time, topics moved towards processes and frameworks, and the number of developers who attend Agile conferences has gone down dramatically. 3m:51s - Now Agile is mainstream, it's being adopted by big enterprises, but there's a place to help small companies and startups. That's usually where the innovation comes from, and the Agile Alliance wants to encourage innovation. Quick scan our curated show notes on InfoQ. http://bit.ly/1U0ip8Q You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. http://bit.ly/24x3IVq

In this week's podcast QCon chair Wesley Reisz talks to Heather Fleming, who is the VP of product and program management at GILT, where she is responsible for not only the customer-facing website, but also back office things from distribution to order processing. Why listen to this podcast: - GILT treats every person as an individual, with a skillset that is outside their responsibilities. - You should be able to be your authentic self wherever you are. - Google found creating a psychologically safe work environment was key to high performing teams. - You can kill a great team by taking away their autonomy and empowerment. - Great engineers that want to be managers are fearful of losing their skill, and great engineers that don't want to be managers are put in those roles and are terrible managers. Notes and links can be found on InfoQ: http://bit.ly/1U2Wgq9 1m 49s - One of the things that makes the culture at GILT so special is the "ingredients framework" that considers every person an individual, with a skillset that is outside what their title might say and what their role and responsibilities might be. 3m 29s - One of the team ingredients is called "motivator" - the ability to make sure that the team understands what they're working on, and more importantly the "why" and how it's driving business or customer value. 4m 35s - The relationship you have with your co-workers should be deeper than many of us are allowing them to be, because they are like your second family. Quick scan our curated show notes on InfoQ. http://bit.ly/1U2Wgq9 You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. http://bit.ly/24x3IVq Attend Heather Fleming's session at QCon New York 2016, Jun 13-17: http://bit.ly/1U2f3og

In this week's podcast QCon chair Wesley Reisz talks to Matt Ranney who is the Chief Systems Architect at Uber, where he's helping build and scale everything he can. Why listen to this podcast: - Expanding a company and team at this rate is genuinely hard. Lots of mistakes have been made along the way. - Microservices allow companies to grow rapidly but have a cost in terms of aggregate velocity. - Uber is gradually moving its marketplace development from Node.js to Go and Java. Java is used for the map services. - Aggressive failure testing is used extensively in Uber. - Some early design choices - like using JSON over HTTP - make formal verification basically impossible. Notes and links can be found on InfoQ: http://bit.ly/1TH8app You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. http://bit.ly/24x3IVq Attend Matt Ranney's session at QCon New York 2016, Jun 13-17: http://bit.ly/1TH75ht