http://ayende.comAyende @ RahienCopyright (C) Ayende Rahien 2004 - 2021 (c) 202660If anyone here hasn't read Release It!, follow Ayende's advice and do it know. It was one of the more interesting books I read in the last year. http://ayende.com/3147/amazon-s3-outage#comment7http://ayende.com/3147/amazon-s3-outage#comment7Sun, 17 Feb 2008 17:58:49 GMTIn case I had an outage like that, I would just go out and get laid http://ayende.com/3147/amazon-s3-outage#comment6http://ayende.com/3147/amazon-s3-outage#comment6Sun, 17 Feb 2008 05:19:58 GMTOne pattern in Release It! is bulkheads. With so many users and so many services relying on authentication, perhaps segmenting the services might stop excess demand in one area taking down other services. At least then the outage might be localised to a percentage of users? PS: Thanks for recommending that book :) http://ayende.com/3147/amazon-s3-outage#comment5http://ayende.com/3147/amazon-s3-outage#comment5Sat, 16 Feb 2008 18:22:19 GMTHehe, Release It! came to my mind immediatly as well. It is an outstanding book... Btw, there's a video of a talk by Ebay architect Randy Shoup on InfoQ, where he explains what they do in order to scale: http://www.infoq.com/presentations/shoup-ebay-architectural-principles. Interesting stuff. http://ayende.com/3147/amazon-s3-outage#comment4http://ayende.com/3147/amazon-s3-outage#comment4Sat, 16 Feb 2008 17:19:23 GMTYeah, there's that (authorization). Maybe they could have a cached list/index of 'public' items somewhere and when a request comes in, they know whether they can bypass authorization or not. If it's not public, then we have to authenticate and authorize them (expensive). But don't do it unless you need to. http://ayende.com/3147/amazon-s3-outage#comment3http://ayende.com/3147/amazon-s3-outage#comment3Sat, 16 Feb 2008 16:45:11 GMTChad, I assume that you need to validate that you are access your own resources and not someone else? http://ayende.com/3147/amazon-s3-outage#comment2http://ayende.com/3147/amazon-s3-outage#comment2Sat, 16 Feb 2008 16:42:33 GMTIt seems silly to authenticate/authorize each request. Even if you authorized 1/10 or 1/100 requests, it would still be unusable for anyone trying to do anything significant with your system, thus discouraging people taking advantage of it. And you could sweep through the logs after the fact if you needed some accountability or auditing or things like that. http://ayende.com/3147/amazon-s3-outage#comment1http://ayende.com/3147/amazon-s3-outage#comment1Sat, 16 Feb 2008 16:39:32 GMT