今日已更新 412 条资讯 | 累计 19972 条内容
关于我们

标签:#Reliability

找到 18 篇相关文章

AI 资讯

Treat Per-Task Model Switching as a Concurrency Protocol

Changing the model for a running AI task is not a settings update. It is a distributed operation: read current task -> prepare credentials/config -> request restart -> receive result -> persist active model If two switches overlap, completion order can differ from request order. The system needs a rule for which intent wins. The concrete case At commit c58bcd4 , MonkeyCode records model-switch attempts with from/to model IDs, request ID, load-session flag, success, message, session ID, and timestamps in TaskModelSwitch . The reviewed task use case creates a switch record, asks taskflow to restart with the target model configuration, and completes the switch record and task model based on the response. The accompanying tests cover success and failure paths. From this source review, I could not establish an explicit compare-and-swap generation or a per-task serialization contract around overlapping requests. That does not prove an exploitable race: serialization may exist elsewhere in the deployment or taskflow boundary. It means concurrency semantics deserve an explicit test and contract. Why last completion is unstable Assume request A selects model A, then request B selects model B: time -> A: request ---- restart ---------------- complete B: request -- restart -- complete If each successful completion writes its model, B applies first and late A overwrites it. Reverse network timing and the result changes. The companion simulator makes that order dependence visible: export function naiveCompletionOrder ( completions ) { let model = " initial " ; for ( const completion of completions ) { if ( completion . success ) model = completion . model ; } return model ; } [A, B] ends on B. [B, A] ends on A. The caller's latest intent is not part of the rule. Add a monotonic generation Assign a generation while accepting each request: A -> generation 41 B -> generation 42 Completion may update active state only when its generation equals the task's current requested generatio

2026-07-14 原文 →
AI 资讯

OpenAI Fixes 18-Year-Old GNU libunwind Bug by Treating Crash Debugging Like Epidemiology

OpenAI found two unrelated bugs masquerading as one in ChatGPT's data infrastructure. Silent hardware corruption on one Azure host and an 18-year-old race condition in GNU libunwind's setcontext function with a one-instruction vulnerability window. The breakthrough came from switching to population-level crash analysis rather than examining individual core dumps. By Steef-Jan Wiggers

2026-07-09 原文 →
AI 资讯

The 10 Most Expensive Software Failures in History — and the One Thing They Share

The biggest losses in software history were, with one deliberate exception, not attacks. They were silent, correlated, self-inflicted — and they teach the exact risk autonomous AI agents are about to make expensive again. At 9:30 in the morning on August 1, 2012, Knight Capital Group was one of the largest trading firms in the United States, executing a sixth of all the volume on the New York Stock Exchange. By 10:15 it was, for practical purposes, finished. In those forty-five minutes a piece of its own trading software (not a hacker's, its own) fired more than four million unwanted orders into the market, accumulating roughly $7 billion in positions the firm never meant to hold and a loss of about $440 million by the time humans understood what their machine was doing. The cause, documented in the SEC's administrative proceeding, was almost insultingly small: a deployment that updated seven of eight servers. The eighth still carried a dormant piece of code called Power Peg, retired years earlier, and the new release reused the old feature flag that woke it up. No one attacked Knight Capital. The market data was accurate, the exchange functioned perfectly, and every system reported itself healthy while the company bled ten million dollars a minute. That shape (no adversary, no alarm, one change propagating everywhere at once) turns out to be the shape of almost every entry on the list below. We've written before about the biggest bug-bounty payouts in history , the ledger of what it costs when someone does attack. This is the other ledger, the bigger one: what software has cost when nobody attacked at all. Every figure below states what it counts, and comes from a primary or authoritative source (inquiry boards, SEC filings, statutory inquiries) linked at the end. The ledger 1. CrowdStrike outage (2024) — roughly $5.4 billion in direct losses to Fortune 500 companies alone (estimate). One faulty content update to the Falcon Sensor security agent blue-screened Windo

2026-07-09 原文 →
AI 资讯

Airbnb Shares Architecture Behind Sitar-Agent Dynamic Configuration Sidecar for Kubernetes Services

Airbnb engineers detailed Sitar-agent, a Kubernetes sidecar for dynamic configuration delivery across tens of thousands of pods, processing updates several times per minute. The system was redesigned with Java, Amazon S3 snapshot bootstrapping, and a migration from Sparkey to SQLite to improve reliability, startup performance, and configuration availability at scale. By Leela Kumili

2026-07-08 原文 →
AI 资讯

Presentation: Designing AI Platforms for Reliability: Tools for Certainty, Agents for Discovery

Aaron Erickson explains how NVIDIA designs and tests purpose-built AI agent hierarchies. For senior developers and architects, he outlines why balancing deterministic tools with agentic discovery is crucial. Discover how to leverage rare context, implement LLM-as-a-judge test pyramids, and avoid the paradox of choice to build highly reliable, production-grade AI systems at scale. By Aaron Erickson

2026-07-07 原文 →
AI 资讯

Presentation: Practical Robustness: Going Beyond Memory Safety in Rust

Andy Brinkmeyer shares how engineering leaders and architects can use Rust to build failure-proof systems. Moving beyond memory safety, he explains how ownership, enums, and the typestate pattern embed complex runtime protocols into compile-time checks. Learn to eliminate entire classes of bugs, manage real-world resources safely, and maximize codebase robustness effortlessly. By Andy Brinkmeyer

2026-07-06 原文 →
AI 资讯

Your Guardrails Are a Firewall. Your Failures Are a Cascade

TL;DR— Most production AI teams build safety layers using the content-moderation mental model: classify input, classify output, block or pass. But the incidents that actually take down AI systems in production look like distributed-systems failures— retries amplifying bad state, cascading errors across agent steps, silent drift with no rollback path. Guardrails need to borrow from SRE, not from trust-and-safety. Ask a team how they handle AI safety in production and you'll get the same answer almost every time: an input classifier, an output classifier, maybe a moderation API bolted on the side. This is the content-moderation mental model— filter bad stuff in, filter bad stuff out. It's borrowed wholesale from trust-and-safety teams who spent a decade building spam filters and abuse detectors. It's also the wrong model for most of what actually breaks AI systems in production. The incidents that page you at 2am rarely look like a jailbreak slipping past a classifier. They look like distributed-systems failures: a retry loop that amplifies a bad tool call, a hallucinated intermediate result that poisons every downstream step, a silent shift in output distribution that nobody notices until a customer complains three weeks later. These are not content problems. They're systems problems, and they need systems solutions. The Cascade, Not the Jailbreak Consider a typical agent pipeline: retrieve context, call a model to plan, call tools, call a model again to synthesize, maybe loop if a tool fails. Each step has some non-zero error rate. In a single-call chatbot, that error rate is the whole risk surface. In a five-step agent chain, errors compound, and worse, they compound non-linearly because failed steps often trigger retries, and retries on a stateful action are not free. A model that hallucinates a tool argument doesn't just produce one bad output— it produces a bad state that the next step reasons over as if it were true. If that next step is another LLM call, it wi

2026-07-05 原文 →
AI 资讯

I Spent $200 Solving a $2 Problem. That Is Why AI Site Reliability Will Matter.

So this weekend I spent $200 solving a $2 problem. Not because I was careless. Not because the system was broken in the old way. It happened because the tool was powerful, fast, confident, and wrong for just long enough. That is the strange thing about AI systems. They do not always fail loudly. A cloud server goes down, an alert fires, a dashboard turns red, someone opens an incident bridge, and the team knows what kind of movie they are in. AI failure is softer. The answer looks useful. The workflow keeps moving. The agent tries another path. The model explains itself beautifully. The bill keeps climbing. With cloud reliability, we learned how to survive machines failing. We built retries, failover, backups, autoscaling, health checks, runbooks, and incident reviews. The cloud taught us that infrastructure is never perfect, so systems must be designed to bend without breaking. AI is teaching us something different. The machine may be running perfectly and still produce the wrong result. The API may be healthy, the latency may be fine, the token stream may complete, and the business outcome may still be bad. That is why AI Site Reliability is going to become its own serious discipline. It will not be enough to ask, “Is the model available?” We will have to ask, “Is the model still useful?” “Is it drifting?” “Is it spending too much?” “Is it using the right tools?” “Is it looping?” “Is it making the same mistake with more confidence?” “Is a human needed before this continues?” In the cloud world, uptime was the king metric. In the AI world, usefulness will matter just as much. A model that is always available but often wrong is not reliable. An agent that finishes every task but spends 100 times more than needed is not reliable. A chatbot that gives answers with perfect grammar but poor judgment is not reliable. The next generation of reliability engineering will care about cost, correctness, context, and control. Cost matters because AI turns thinking into metered

2026-06-29 原文 →
AI 资讯

Synthetic Monitoring vs Real User Monitoring (RUM): The Difference

Two monitoring approaches answer two different questions. Synthetic monitoring answers "would the checkout flow work right now if someone tried it?" Real user monitoring answers "what did the checkout flow actually do for the 4,000 people who tried it today?" The first is a robot testing a path on a schedule; the second is instrumentation recording reality as it happens. Teams reach for one when they need the other, then conclude monitoring "doesn't work." The fix is understanding what each is structurally good at — and where each is blind. Synthetic monitoring: proactive, scripted, continuous Synthetic monitoring runs scripted checks against your application from the outside, on a fixed schedule. An HTTP check hits an endpoint and asserts on the response; a browser check drives a headless Chromium through a journey — log in, add to cart, pay — and asserts on what the user would see. The defining property is that it does not need real traffic. The check runs every 30 seconds whether or not anyone is using the app, from datacenters you choose, testing exactly the journeys you scripted. When a deploy breaks checkout at 3 AM, a synthetic check catches it at 3 AM — not at 9 AM when the first customer wakes up. Real user monitoring: passive, real, traffic-dependent RUM instruments your actual frontend with a JavaScript snippet that reports back what real visitors experience: page load times, Core Web Vitals (LCP, INP, CLS), JavaScript errors, the device and network and geography of every session. It is a recording of reality with perfect fidelity — these are real people, real conditions, real outcomes. The cost of that fidelity is that RUM is entirely traffic-dependent and entirely retrospective. It can only report on paths real users took, after they took them. A page nobody visited generates no RUM data. A broken deploy at 3 AM is invisible to RUM until a real user hits it and the error is recorded. The core difference, side by side Dimension Synthetic monitoring Real

2026-06-20 原文 →
AI 资讯

Synthetic Monitoring Best Practices: What to Monitor and How Often

Most synthetic monitoring setups fail in one of a few predictable ways. They monitor everything and alert on nothing useful. They assert on status code 200 and miss the empty response body. They run flaky browser checks that page someone at 2 AM for a problem that fixed itself by 2:01. Or they go stale — the checkout flow changed three months ago and the check has been failing-then-being-ignored ever since. These are not exotic failures. They are the default outcome of setting up synthetic monitoring without a discipline. Here is the discipline. 1. Monitor the journeys that cost money, not everything Every browser check costs compute and, more importantly, costs maintenance. A check on a path that does not matter is worse than no check — it generates noise that trains your team to ignore alerts. Rank your journeys by cost of silent failure and monitor the top of the list: Authentication — login, signup. The gate to everything else. The revenue path — checkout, upgrade, add payment method. The core product action — the one thing your product exists to do. Critical third-party handoffs — OAuth redirects, payment iframes, SSO. Leave static pages, read-only endpoints, and admin screens to cheaper uptime and API checks . A good rule: if a path breaking would not generate a support ticket or lose revenue, it does not need a browser check. 2. Assert on what the user sees, not just the status code The entire point of synthetic monitoring is catching the failure that a 200 OK hides. So your assertions have to go past the status code. // Weak: passes even when the page renders an error await page . goto ( " https://shop.example.com/checkout " ); expect ( page . url ()). toContain ( " /checkout " ); // Strong: asserts the user can actually complete the action await page . getByRole ( " button " , { name : " Pay now " }). click (); await expect ( page . getByText ( " Order confirmed " )). toBeVisible ({ timeout : 10000 , }); await expect ( page . getByTestId ( " order-number "

2026-06-20 原文 →
AI 资讯

Surviving the region you run in: failover on Aurora DSQL, and what the demo proves

The thesis Quorum is built on is uncomfortable and true: the tools a team uses to coordinate an incident often live in the same region as the thing that is failing. When the region goes, the incident response goes with it. You are now coordinating a region outage over a status page that the region outage took down. Quorum is an incident command plane designed to survive a region loss. This post is about how the failover works, what the live demo does and does not prove, and where the survival story currently ends, because a database audience will ask all three and they deserve a straight answer. What DSQL gives you A multi-region DSQL cluster in the US set is three regions: two full regions, which for Quorum are us-east-1 and us-east-2, and a log-only witness in us-west-2 that has no cluster endpoint of its own. Both full-region endpoints present a single logical database with strong consistency, and the architecture is designed for 99.999% multi-region availability with no single point of failure and automated failure recovery . The behavior that matters for an incident tool is stated plainly in the GA announcement : applications can keep reading and writing with strong consistency even when they are unable to connect to a region's cluster endpoint, and the third region acts as a log-only witness with no cluster resource or endpoint. The survivor keeps serving; the witness holds the log so the surviving region keeps commit quorum. Quorum is, in effect, a live demonstration of that reference behavior with an incident-command product wrapped around it. Quorum's failover layer AWS's guidance for multi-region DSQL is to put routing in front of the endpoints: either DNS-based routing with Route 53, or application-level routing logic, so traffic redirects automatically when an endpoint becomes unreachable. This is laid out in Implement multi-Region endpoint routing for Amazon Aurora DSQL . Quorum, a Next.js app on Vercel, does the application-level version: it detects an

2026-06-15 原文 →
AI 资讯

Sliding-Window Spend Guard: the $47K Loop Per-Call Caps Miss

Sliding-Window Spend Guard for AI Agents: Catch the $47K Loop Per-Call Caps Miss A sliding-window spend guard sums what your agent has spent over the last N minutes and refuses the next call before it dispatches — which is the thing a per-call cap can't do. A per-call cap asks "is this one call too expensive?" The runaway loops that empty a budget are built from calls that each pass that check. The damage lives in the sum, not in any single call. In short: a sliding-window spend guard tracks a trailing window of calls and blocks the next one when cumulative spend or a repeated near-identical call breaches a per-window rule. In my run it stopped an Analyzer-Verifier ping-pong at call 12, $45.80 in, after a naive per-call $5 cap let all 12 through. Stdlib, keyless, runs in seconds. AI disclosure: I wrote window_guard.py with AI assistance and ran it myself before publishing. Every number in the output blocks below is pasted from a real run of that script on a fixture I'll show you. The $47K incident is someone else's, and I link the postmortem next to it. I label which is which. A $47K agent loop where every single call was fine In November 2025 a team woke up to a $47,000 bill from a single agent deployment. Four LangChain agents, talking to each other over A2A, and two of them — an Analyzer and a Verifier — got into a ping-pong. Analyzer hands work to Verifier, Verifier kicks it back, repeat. For 264 hours. The cost didn't spike. It escalated , week over week: $127, then $891, then $6,240, then $18,400. The author of the postmortem, Gabriel Anhaia, describes the root cause in a way I keep coming back to: the dashboard was green for eleven days, and there was no step cap, no per-conversation USD budget, no orchestrator deciding when the work was done ( dev.to/gabrielanhaia, Nov 2025 ). The dashboard showed the number. It just showed it after each call, never before the next one. A follow-up teardown by the Waxell team sharpened the line into the title of their piece:

2026-06-14 原文 →
AI 资讯

Safe Operating Throughput (SOT) as a First-Class SRE Metric: Derivation and Operationalization

In the summer of 2016, Pokémon GO launched to a user base roughly fifty times larger than its capacity planning had anticipated. The engineering team had done load testing. They had throughput thresholds. They had autoscaling configured. Within hours of launch, the service was degraded globally — not because the infrastructure could not scale, but because it scaled too slowly against an arrival rate that exceeded every modelled scenario, and because the metric that was driving scaling decisions (CPU utilisation) lagged behind the actual saturation signal by several minutes. By the time CPU registered critical, the request queue had already grown to the point where p99 latency had crossed into the range where users were abandoning sessions faster than new sessions were being created. The engineering post-mortem identified the same root cause that appears in the post-mortems of most capacity-related incidents: the organisation's operational metrics were measuring how hard the infrastructure was working, not how much work the service could safely accept. CPU percentage is a resource utilisation metric. Memory percentage is a resource utilisation metric. IOPS is a resource utilisation metric. None of them is a service throughput metric. None of them tells you, with precision, at what arrival rate your SLO begins to degrade. Safe Operating Throughput is that metric. It is not a new concept in queueing theory or systems engineering — the idea of a safe operating ceiling predates modern distributed systems. What is new is its treatment as a first-class SRE metric: formally derived from load test data and SLO targets, continuously monitored for drift, and operationally enforced as a constraint in autoscaling configuration, capacity planning decisions, and deployment pipeline gates. Why Existing Capacity Metrics Are Insufficient The canonical capacity management approach in most organisations works like this: observe CPU or memory utilisation, set an autoscaling threshold (t

2026-06-09 原文 →
AI 资讯

Model Selection for Weibull Series Systems: When Simpler Models Suffice

When can you safely use a simpler model for a series system? I ran extensive simulation studies with likelihood ratio tests to get a quantitative answer. The Problem In series system reliability, you estimate component parameters from masked failure data. For Weibull components, that means estimating (2m) parameters: shape (k_j) and scale (\lambda_j) for each of (m) components. But what if the components have similar failure characteristics? A reduced model with homogeneous shape parameters uses only (m+1) parameters (one common (k) plus (m) scales). This roughly halves the parameter count and has a nice property: the system itself becomes Weibull-distributed. The question is when this simplification is justified. Key Findings Robustness of the Reduced Model For well-designed series systems (components with similar failure characteristics), the result is striking: The reduced homogeneous-shape model cannot be rejected even with sample sizes approaching 30,000, far larger than anything typically available in practice. With realistic sample sizes (50 to 500), the likelihood ratio test shows no evidence against the reduced model when components truly have similar shapes. This is strong justification for using the simpler model. Sharp Boundaries The paper pins down exactly how much heterogeneity it takes to trigger rejection: Shape Deviation Sample Size LRT Decision 0.25 30,000 Fail to reject 0.50 1,000+ Reject 1.0 100+ Strong reject 3.0 50+ Very strong reject Even modest deviations in a single component's shape parameter provide evidence against the reduced model. The boundaries are clean. Practical Guidance Use the reduced model when: Components come from similar manufacturing processes Historical data suggests similar wear-out patterns Sample sizes are moderate ((n < 500)) You need a quick reliability assessment Use the full model when: Components have fundamentally different failure modes (infant mortality vs wear-out) Large samples are available ((n > 1000)) Precis

2026-06-07 原文 →
AI 资讯

Presentation: Architecting a Centralized Platform for Data Deletion at Netflix

The speakers discuss the architectural challenges of executing safe data deletion across distributed datastores. Balancing durability, availability & correctness, they explain how to orchestrate multi-system deletion propagation without impacting live traffic. They share lessons on controlling tombstone accumulation, building continuous audit loops, and gaining trust with a centralized platform. By Vidhya Arvind, Shawn Liu

2026-06-04 原文 →
AI 资讯

Beyond DORA: A Five-Metric Framework for SRE Maturity in Regulated Enterprises

The DORA research programme is the most rigorous empirical study of software delivery performance ever conducted. Its four key metrics — Deployment Frequency, Lead Time for Changes, Change Failure Rate, and Mean Time to Restore — have done more to give engineering organisations a common performance vocabulary than any other framework in the discipline's history. If you work in software and you have not read the State of DevOps Report, stop and read it before finishing this paragraph. Now: the DORA Four were derived primarily from organisations with cloud-native architectures, on-demand deployment infrastructure, and relatively unconstrained ability to release software when it is ready. The research cohort skews toward technology companies that have already made the cultural and architectural investments that make high-frequency, low-risk deployment possible. This is not a criticism of the research. It is an observation about its generalisability — and it has a specific consequence for practitioners who work in regulated enterprises: banks, healthcare systems, utilities, insurance carriers, government agencies. In these environments, the DORA Four are necessary but structurally insufficient. They measure the delivery pipeline accurately. They do not measure the operational sustainability of the team running that pipeline — and in regulated enterprises, operational sustainability is where SRE programmes go to die quietly, years before anyone realises the damage is permanent. This post proposes a fifth metric. Not to replace the DORA Four, but to complete them — to close the measurement gap that leaves regulated enterprise SRE teams flying blind on the dimension that most reliably predicts long-term programme failure. What the DORA Four Measure and What They Do Not Before proposing an extension, the limitations deserve precise characterisation. Imprecise criticism of a well-validated framework is noise. The limitations described here are structural — arising from the d

2026-06-02 原文 →
AI 资讯

Presentation: Designing AI Platforms for Reliability: Tools for Certainty, Agents for Discovery

Aaron Erickson discusses the evolution of AI workflows, shifting from "vibe checking" to building reliable, multi-agent frameworks. He explains how to combine deterministic software guardrails with agentic discovery, optimize agent hierarchies, leverage time-series foundation models, and implement rigorous evaluation pyramids to ensure architecture scales effectively in production. By Aaron Erickson

2026-05-27 原文 →