#ewd: edits | Explore Tumblr posts and blogs

infiniteundo · 8 years ago

Text

Software As Narrative: A Reading List

## A resource for post-information-age software engineers seeking to bring about tentacular devops and staying-with-the-trouble-as-a-service. SKIP INTRO ### INTRO Don't like to jump into the middle of a longread? Get caught up on previous chapters of "Software as Narrative" from the very beginning. ### Want to link to this post? Here is a short url you can use to refer to this post: ### http://bit.ly/devops_reading_list

Why yet another list of devops reading materials?

This reading list is intended as a primer for my students: seekers of the way of tentacular devops and staying-with-the-trouble-as-a-service in the dawning Chthulhucene Epoch or Post-Information Age.

My way of devops is demonstrably impactful you can learn about my success stories by asking members of the teams that used my automated systems to deliver Barnes & Noble Nook iPad and textbook eReader clients or you may ask anyone who has shipped code at Etsy since 2010 about the efficacy of my solutions.

If it's hard to take me seriously, that just shows you have been paying attention. There is an ROI to my madness. And it's an appreciable ROI not trivial in any sense.

If what I have to say about tentacular devops does not gel yet, then you are a student of my way. Welcome to the study, I am but a student as well: a student of the way of the universe, but mostly of technosocial and sociotechnical progress conflict and evolution. My way is a hard one but that is true of any way that is rewarding.

Join me on the road to success in devops and read on!

With the collection of resources below at your disposal you have a mightly library of proto-devopsian wisdom and theory to draw from in your own day-to-day praxis which is my goal here: to empower you the practitioner of Software Architecting and Team Guiding and Code Factoring and Facade Construction and Pipeline Delivery -- all you specific practitioners can be empowered by reading what is below. I hope you will be. It is my intention to empower you by providing a library such as will teach you to adventure on your own into the unevenly distributed (but already fully realized) realm of the future.

This post is constantly being updated

This post unlike others in the series will be update regularly for the foreseeable future. I will add new material AT THE TOP of the list to make it easier to read.

As a style guide for writing about this post (which I hope you will!):

PLEASE DO NOT REFER TO ITEMS IN THIS LIST BY NUMBER AS THE NUMBERS WILL CHANGE

This is a list of reading materials that I think are helpful in understanding my point of view. Note that contradictions between sources exist because I am helping you understand I do not care if you agree with me. Consensus is orthogonal to progress.

The reading list

How we use IRC at Last.fm (2009)

The Log: What every software engineer should know about real-time data's unifying abstraction Engineering

The Three Ways: The Principles Underpinning DevOps

Trunk Based Development

Agile Software Development Philosophy is simple and brief. Here it is in full: Principles behind the Agile Manifesto

Amazon case study #1: At Amazon, new code is deployed to production at a staggering rate of once every 11.6 seconds during a normal business day.

Amazon case study #2: That's 3,000 production deployments per day.

Amazon case study #3: They've invested an enormous amount of time and money into creating an architecture that facilitates small, orthogonal, frequent code pushes.

Architecture and its limitations as a functional allegory for software engineers: E.W. Dijkstra Archive: On the cruelty of really teaching computing science (EWD 1036).

Automation does not obviate the need for human operators: The Ironies of Automation.

Big Ball of Mud is the default design pattern implemented by software engineers: Software Systems As Big Balls of Mud.

Canonical book on failure by Sidney Dekker: The Field Guide to Understanding 'Human Error'

Canonical book on Legacy Codebases and how to fix them: Working Effectively with Legacy Code

Canonical case studies on the Management of Software Projects: The Mythical Man-Month: Essays on Software Engineering, Anniversary Edition (2nd Edition).

Canonical case studies on the Management of Software Teams: Peopleware: Productive Projects and Teams (3rd Edition).

Canonical case study Software methodologies: Characterizing people as non-linear, first-order components in software development.

Canonical explanation of why interruptions are detrimental to code delivery schedules: Human Task Switches Considered Harmful – Joel on Software

Canonical psychology paper on how no one will read the documentation. Ever. : Paradox of the Active User by John Carroll and Mary Beth Rosson

CAP Theorem explained in terms of Web operations: You Can’t Sacrifice Partition Tolerance | codahale.com

Context-Switching Examined From A Pyschological Perspective: Programmer Interrupted.

Dan Ariely is a recognized expert on the New View as it applies to marketing and to work: Dan Ariely: What makes us feel good about our work? (TED Talk).

Dan Pink studies the psychology of productive work: Dan Pink on Autonomy, Master and Purpose.

Definition of Continuous Delivery: Continuous Integration by Martin Fowler.

Definition of Meme: "Memes, The New Replicators" which explains what memes are in technical terms that a programmer can leverage (ie, beyond kitten pics and arial black).

Definition of Safety-I and of Safety-II: From Safety-I to Safety-II: A White Paper.

Definition of Safety-II from a "people perspective": Safe operation as a social construct.

Definition of Safety-II from a risk management perspective: How Complex Systems Fail.

Definition of Testing, where the definition is given by negative example: Classic Testing Mistakes.

Definition of the Software Development Life Cycle (SDLC): Software Development Life Cycle - Wikipedia.

Deming summed up the observation of his life's work on Toyota lean kanban in this slim volume: The New Economics for Industry, Government, Education - 2nd Edition

Devops is testing, testing is devops: "Devops == testing all the time".

Devops' relationship to Ontological Relativism and Post-Modernism explored by Dekker: "Ten Questions about Human Error" by Sidney Dekker.

Dijkstra proposed a postulational model of software design that could be applied to narrative (instead of to pure mathematics as Dijkstra attempted): E.W. Dijkstra Archive: "Real mathematicians don't prove" (EWD1012)

Donna Haraway's case for discarding 20th century paradigms of sociotechnical systems management: The Cyborg Manifesto by Donna Haraway.

Etsy's Way Of Continuous Deployment: The Etsy Way - Code as Craft

Evolutionary Biology Applied To Software Systems: The Selfish Class.

Facebook case study #1: At Facebook, each of 5,000 engineers commits to trunk HEAD at least once a day and the code at trunk HEAD is pushed to production once daily.

Facebook case study #2: Facebook has no dedicated QA team. All responsibility for testing rests with the software engineers.

Facebook case study #3: They've invested heavily in infrastructure that provides zero-downtime deployment at Facebook scale.

Flaky Tests Are Useful Tests Exhibit A: Your test suite is trying to tell you something.

Flaky Tests etc., Exhibit B: Testing Problems Are Test Results.

Meritocracies and "flat hierarchies" thoroughly debunked: The Tyranny of Stuctureless

Google's manual on fast, clean Unit Testing: The Way Of Testivus.

Google case study #1: At Google, 15,000 engineers work from the HEAD revision of a single Perforce trunk.

Google case study #2: 50% of the code will be changed in any given month.

Google case study #3: Google's test infrastructure is legendary and they've written a comprehensive book about how they perform QA while continuously releasing.

Google case study #4: They've also put a lot of effort into scaling Perforce.

Metaphors about software as an architectural endeavor that requires "maintenance" were largely drawn from this volume by Stewart Brand, founder of The Well: How Buildings Learn: What Happens After They're Built

Metaphors about software as architecture were largely drawn from this volume: The Timeless Way of Building

MIT vs. New Jersey or worse-is-better: The Rise of "Worse is Better".

Most articles on "productivity" partially recapitulate this one: Good and Bad Procrastination

Most management books are just partial recapitulations of this classic Chinese manual on conflict management: The Art of War

Most management books are just partial rewrites of this Chinese classic: Tao Te Ching

Most mangaement books crib heavily from this Classic Italian manual on leading a large hierarchical culture in a competetive environment: The Prince by Machiavelli

NASA white paper on code review tools: SCRUB: a tool for code reviews.

NASA white paper on coding standards: The Power of Ten – Rules for Developing Safety Critical Code, Gerard J. Holzmann, NASA/JPL Laboratory for Reliable Software.

NASA white paper on testing and debugging: Reliable Software Systems Design: Defect Prevention, Detection, and Containment by Gerard J. Holzmann.

Neither human nor computer have primacy in the feedback loop of a technosocial system. Read here about neurobiological models that acknowledge digital reality: Out of Our Heads: Why You Are Not Your Brain, and Other Lessons from the Biology of Consciousness

Parallel Rollouts are a core competency of any engineering team practicing devops. But Martin Fowler found a cooler name for Parallel Rollouts: StranglerApplication

Parallel Rollouts are supported by the presence of Feature Toggles or Configuration Flags in the code: Feature Toggles

Parallel Rollouts can be continuously delivered by Dark Launching unfinished code to production: Agile Testing: Dark launching and other lessons from Facebook on massive deployments

Policing as a negative allegory for QA: Don't Become the Quality Police by Bret Pettichord.

Policing viewed from a systems thinking perspective: Intelligent Policing: How Systems Thinking Methods Eclipse Conventional Management Practice.

Programming as Theory Building: Peter Naur – Programming as Theory Building.

QA and Testing algorithms explained in granular computer science (CS) terms: Software Testing Techniques.

QA and Testing explained in pragmatic actionable language: Explore It!: Reduce Risk and Increase Confidence with Exploratory Testing.

Refactoring is a specific discipline not a synonym for "rewriting some code." Read about the practice here: Refactoring: Improving the Design of Existing Code

Risk Management in Devops can be explained (and is explained in this book) as a balance struck between resilience and compliance: The ETTO Principle: Efficiency-Thoroughness Trade-Off: Why Things That Go Right Sometimes Go Wrong.

Risk modeling for Web applications and services: OmniTI ~ Online Application Deployment: Reducing Risk

Science As The Proto-History of Devops: "Deming to Devops: The Science Behind Devops", John Willis (Lightning Talk).

Sniff Test for a codebase: Code Smells by Jeff Atwood.

Sniff Test for a software organization: The Joel Test: 12 Steps to Better Code – Joel on Software

Sniff Test for a test automation framework: Test Smells at XUnitPatterns.com

Software methodologies evaluated: Why don’t software development methodologies work?.

Software presented as a non-zero-sum game: Software development as a cooperative game by Alistair Cockburn

Software presented as a way of life --- a way of seeing.: Teach Yourself Programming in Ten Years

Stage Magic (a narrative performance) as a functional allegory for programming: Magic and Software Design by Bruce Tognazzini

Staying with the Trouble: Staying with the Trouble: Making Kin in the Chthulucene (Experimental Futures) by Donna Haraway.

Systems Thinking case studies from life-critical applications such as health care: Systems Thinking in the Public Sector.

Systems Thinking explained with stick figures: Stick Child’s Guide to Systems Thinking | InspGuilfoyle

Testability: The Relationship Between Testability and Good Design.

Theory X and Theory Y: Theory X and Theory Y - Wikipedia.

Value Stream Analysis explained in terms of ROI: Theory of Constraints.

Visual Iconography explained for a general audience: Understanding Comics: The Invisible Art

Visual Iconography for the Web: Envisioning Information

Web information architecture explained in plain english: Small Pieces Loosely Joined: A Unified Theory Of The Web

Wittgenstein: Philosophical Investigations by Ludwig Wittgenstein.

Zen in programming #0: The Tao Te Chip

Zen in programming #1: The Tao of Programming

Zen in programming #2: The Hacker Koans

Zen in programming #3: The Computer Programming Haiku

Zen in programming #4: The Stories of Master Foo

Devops Videos About QA And Testing

Further Further Meta-Reading

You may enjoy watching these videos which I have collected because I see them as related to the praxis of Tentacular Devops and staying-with-the-trouble-as-a-service in this dawning post-information age (or Cthulhucene Epoch if you prefer).

DEVOPS BACKGROUNDER PLEASE WATCH

youtube

Devops As Scientific Inquiry (5 minutes)

youtube

Sufficiently Advanced Monitoring Is Indistinguishable From Testing (7 minutes)

youtube

Jamy Ian Swiss on Empathy's importance in systems design

vimeo

Look At Your Data: A Devops Case Study

A beautiful story of solving a severe degradation that affected a small percentage of users.

youtube

Dr. Nancy Leveson explains the New View of safety to an SEC panel

vimeo

Nancy Leveson, SEC Technology Rountable 10/2/2012 from jspaw on Vimeo.

Dr. Nancy Leveson speaks on the "Technology and Trading Roundtable: Promoting Stability in Today's Markets" panel on the intersection of Systems Safety and

War Stories Of Scaling Etsy

youtube

Continuous Testing at Etsy

vimeo

Continuous Testing At Google

youtube

Continuous Delivery At Amazon

youtube

Continuous Delivery At Facebook

(function(d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = "//connect.facebook.net/en_US/all.js#xfbml=1"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk'));

Post by Facebook Engineering (FLASH IS REQUIRED TO PLAY THIS VIDEO).

Autonomy, mastery and purpose evangelized with a cool cartoon

youtube

Chad Dickerson's Way Of Engineering Mangement

youtube

Lunivore on cynefin, frogs and bycicles

youtube

Powers Of Ten

It is informative to reflect that the "zooming in" and "zooming out" we do as programmers while understanding our systems, is comparable in the number-of-levels to the zooming-in-and-out shown in this film. The average program contains orders of magnitudes more "levels of detail" than any object in the universe with the exception of the universe itself!

youtube

Russian Rhapsody

An allegory about the origins of "bugs."

Gremlins was the name given to bugs in complex systems back in the early 20th century. We can learn a lot from our own legends!

The Sorcerer's Apprentice

An allegory on attempting to remove humans from the automation loop.

youtube

After reading all that it would not be surprising if you felt curious about "Software as Narrative."

You may have skipped the intro. CLICK HERE TO READ INTRO NOW

Want to link to this post?

Here is a short url you can use to refer to this post rather than looking up the tumblr URL every time!

http://bit.ly/devops_reading_list

1 note · View note

freecreatorlady-blog · 7 years ago

Text

Banker's algorithm

The Banker's algorithm, sometimes referred to as the detection algorithm, is a resource allocation and deadlock avoidance algorithm developed by Edsger Dijkstra that tests for safety by simulating the allocation of predetermined maximum possible amounts of all resources, and then makes an "s-state" check to test for possible deadlock conditions for all other pending activities, before deciding whether allocation should be allowed to continue.

The algorithm was developed in the design process for the THE operating system and originally described (in Dutch) in EWD108.[1] When a new process enters a system, it must declare the maximum number of instances of each resource type that it may ever claim; clearly, that number may not exceed the total number of resources in the system. Also, when a process gets all its requested resources it must return them in a finite amount of time.

Contents

[hide]

1Resources

1.1Example

1.2Safe and Unsafe States

1.3Requests

1.3.1Example

2Limitations

3References

4Further reading

Resources[edit]

For the Banker's algorithm to work, it needs to know three things:

How much of each resource each process could possibly request[MAX]

How much of each resource each process is currently holding[ALLOCATED]

How much of each resource the system currently has available[AVAILABLE]

Resources may be allocated to a process only if it satisfies the following conditions:

request ≤ available, else process waits until resources are available.

Some of the resources that are tracked in real systems are memory, semaphores and interface access.

The Banker's Algorithm derives its name from the fact that this algorithm could be used in a banking system to ensure that the bank does not run out of resources, because the bank would never allocate its money in such a way that it can no longer satisfy the needs of all its customers[citation needed]. By using the Banker's algorithm, the bank ensures that when customers request money the bank never leaves a safe state. If the customer's request does not cause the bank to leave a safe state, the cash will be allocated, otherwise the customer must wait until some other customer deposits enough.

Basic data structures to be maintained to implement the Banker's Algorithm:

Let n be the number of processes in the system and m be the number of resource types. Then we need the following data structures:

Available: A vector of length m indicates the number of available resources of each type. If Available[j] = k, there are k instances of resource type Rj available.

Max: An n×m matrix defines the maximum demand of each process. If Max[i,j] = k, then Pi may request at most k instances of resource type Rj.

Allocation: An n×m matrix defines the number of resources of each type currently allocated to each process. If Allocation[i,j] = k, then process Pi is currently allocated k instances of resource type Rj.

Need: An n×m matrix indicates the remaining resource need of each process. If Need[i,j] = k, then Pi may need k more instances of resource type Rj to complete the task.

Note: Need[i,j] = Max[i,j] - Allocation[i,j].

Example[edit]

Total system resources are: A B C D 6 5 7 6

Available system resources are: A B C D 3 1 1 2

Processes (currently allocated resources): A B C D P1 1 2 2 1 P2 1 0 3 3 P3 1 2 1 0

Processes (maximum resources): A B C D P1 3 3 2 2 P2 1 2 3 4 P3 1 3 5 0

Need = maximum resources - currently allocated resources Processes (possibly needed resources): A B C D P1 2 1 0 1 P2 0 2 0 1 P3 0 1 4 0

Safe and Unsafe States[edit]

A state (as in the above example) is considered safe if it is possible for all processes to finish executing (terminate). Since the system cannot know when a process will terminate, or how many resources it will have requested by then, the system assumes that all processes will eventually attempt to acquire their stated maximum resources and terminate soon afterward. This is a reasonable assumption in most cases since the system is not particularly concerned with how long each process runs (at least not from a deadlock avoidance perspective). Also, if a process terminates without acquiring its maximum resource it only makes it easier on the system. A safe state is considered to be the decision maker if it's going to process ready queue.

Given that assumption, the algorithm determines if a state is safe by trying to find a hypothetical set of requests by the processes that would allow each to acquire its maximum resources and then terminate (returning its resources to the system). Any state where no such set exists is an unsafe state.

We can show that the state given in the previous example is a safe state by showing that it is possible for each process to acquire its maximum resources and then terminate.

P1 acquires 2 A, 1 B and 1 D more resources, achieving its maximum

[available resource: <3 1 1 2> - <2 1 0 1> = <1 0 1 1>]

The system now still has 1 A, no B, 1 C and 1 D resource available

P1 terminates, returning 3 A, 3 B, 2 C and 2 D resources to the system

[available resource: <1 0 1 1> + <3 3 2 2> = <4 3 3 3>]

The system now has 4 A, 3 B, 3 C and 3 D resources available

P2 acquires 2 B and 1 D extra resources, then terminates, returning all its resources

[available resource: <4 3 3 3> - <0 2 0 1> + <1 2 3 4> = <5 3 6 6>]

The system now has 5 A, 3 B, 6 C and 6 D resources

P3 acquires 1 B and 4 C resources and terminates.

[available resource: <5 3 6 6> - <0 1 4 0> + <1 3 5 0> = <6 5 7 6>]

The system now has all resources: 6 A, 5 B, 7 C and 6 D

Because all processes were able to terminate, this state is safe

For an example of an unsafe state, consider what would happen if process 2 was holding 2 units of resource B at the beginning.

Requests[edit]

When the system receives a request for resources, it runs the Banker's algorithm to determine if it is safe to grant the request. The algorithm is fairly straightforward once the distinction between safe and unsafe states is understood.

Can the request be granted?

If not, the request is impossible and must either be denied or put on a waiting list

Assume that the request is granted

Is the new state safe?

If so grant the request

If not, either deny the request or put it on a waiting list

Whether the system denies or postpones an impossible or unsafe request is a decision specific to the operating system.

Example[edit]

Starting in the same state as the previous example started in, assume process 3 requests 2 units of resource C.

There is not enough of resource C available to grant the request

The request is denied

On the other hand, assume process 3 requests 1 unit of resource C.

There are enough resources to grant the request

Assume the request is granted

The new state of the system would be:

Available system resources A B C D Free 3 1 0 2

Processes (currently allocated resources): A B C D P1 1 2 2 1 P2 1 0 3 3 P3 1 2 2 0

Processes (maximum resources): A B C D P1 3 3 2 2 P2 1 2 3 4 P3 1 3 5 0

Determine if this new state is safe

P1 can acquire 2 A, 1 B and 1 D resources and terminate

Then, P2 can acquire 2 B and 1 D resources and terminate

Finally, P3 can acquire 1 B and 3 C resources and terminate

Therefore, this new state is safe

Since the new state is safe, grant the request

Final example: from the state we started at, assume that process 2 requests 1 unit of resource B.

There are enough resources

Assuming the request is granted, the new state would be:

Available system resources: A B C D Free 3 0 1 2

Processes (currently allocated resources): A B C D P1 1 2 2 1 P2 1 1 3 3 P3 1 2 1 0

Processes (maximum resources): A B C D P1 3 3 2 2 P2 1 2 3 4 P3 1 3 5 0

Is this state safe? Assuming P1, P2, and P3 request more of resource B and C.

P1 is unable to acquire enough B resources

P2 is unable to acquire enough B resources

P3 is unable to acquire enough B resources

No process can acquire enough resources to terminate, so this state is not safe

Since the state is unsafe, deny the request

import numpy as np n_processes = int(input('Number of processes? ')) n_resources = int(input('Number of resources? ')) available_resources = [int(x) for x in input('Claim vector? ').split(' ')] currently_allocated = np.array([[int(x) for x in input('Currently allocated for process ' + str(i + 1) + '? ').split(' ')] for i in range(n_processes)]) max_demand = np.array([[int(x) for x in input('Maximum demand from process ' + str(i + 1) + '? ').split(' ')] for i in range(n_processes)]) total_available = available_resources - np.sum(currently_allocated, axis=0) running = np.ones(n_processes) # An array with n_processes 1's to indicate if process is yet to run while np.count_nonzero(running) > 0: at_least_one_allocated = False for p in range(n_processes): if running[p]: if all(i >= 0 for i in total_available - (max_demand[p] - currently_allocated[p])): at_least_one_allocated = True print(str(p) + ' is running') running[p] = 0 total_available += currently_allocated[p] if not at_least_one_allocated: print('Unsafe') exit() print('Safe');

Limitations[edit]

Like the other algorithms, the Banker's algorithm has some limitations when implemented. Specifically, it needs to know how much of each resource a process could possibly request. In most systems, this information is unavailable, making it impossible to implement the Banker's algorithm. Also, it is unrealistic to assume that the number of processes is static since in most systems the number of processes varies dynamically. Moreover, the requirement that a process will eventually release all its resources (when the process terminates) is sufficient for the correctness of the algorithm, however it is not sufficient for a practical system. Waiting for hours (or even days) for resources to be released is usually not acceptable.

References[edit]

Jump up^ Dijkstra, Edsger W. Een algorithme ter voorkoming van de dodelijke omarming (EWD-108) (PDF). E.W. Dijkstra Archive. Center for American History, University of Texas at Austin.(transcription) (in Dutch; An algorithm for the prevention of the deadly embrace)