More falsehoods programmers believe …
List<ArticleSection<Falsehood>>
Aug 31, 2018 · 4 min read
Without further ado, I present to you — more falsehoods programmers believe…
… about data storage
- Data is written to the underlying storage hardware as soon as the write command returns success.
- Data is written to the underlying storage hardware as soon as the flush command returns success.
- You can confirm data was in fact written to a storage medium by reading it back and comparing it with the data you have elsewhere.
- Check-sums guarantee data integrity.
- File locks are reliable.
- File locks.
- Storage hardware will retain data written to it, indefinitely.
- Storage hardware will retain data written to it, for a specific amount of time.
- Okay, storage hardware will retain data written to it for some, usually predictable amount of time?
- Oh my…
- Data written to storage hardware will not decay over time.
- Data decay is predictable.
- Data decay is predictable for a specific storage type.
- Having RAID and/or software mirroring is enough.
- Having local backups is enough.
- Having backups in the same data center is enough.
- Having backups made by your IaaS provider is enough.
- Having backups is enough.
… about common software and hardware components
- CPU’s don’t have bugs.
- Memory controllers (MCU’s) don’t have bugs.
- ECC will protect you from pretty much any kind of memory corruption.
- ECC will protect you from most common kinds of memory corruption.
- ECC RAM modules are reliable and they have no hard errors.
- Disk controllers don’t have bugs.
- RAID controllers don’t have bugs.
- Network hardware doesn’t have bugs.
- Linux kernel doesn’t have bugs.
- Operating systems don’t have bugs.
- Operating systems have few bugs.
… about network and data transmission
- Data transmitted over the network will be received exactly as transmitted.
- Data transmitted over the network will be received in the same order/sequence/etc as it was transmitted.
- Data received by networked recipient contains all of the data I sent over the network.
- Data received by networked recipient contains some of the data I sent over the network.
- Data received by networked recipient contains any of data I sent over the network.
- Data transmitted over the network will not be altered.
- Data transmitted within local network will not be altered.
- Data transmitted over the secure network layer will not be altered.
- Recipient can consume data as quickly as I can send it.
- Recipient can consume data as quickly as the network allows it to be transmitted.
- Data transmitted over the network will be received once.
- Okay, but data transmitted over the network will be received zero or one times.
- Ugh…
- Data will be transmitted over the network.
- Data will be received over the network.
- Loopback network has unlimited bandwidth.
- UNIX domain sockets have unlimited bandwidth.
- Network partitioning is unlikely.
- Network is.
… about redundancy and recovery
- N+1 redundancy is enough for anything.
- N+1 redundancy is enough for something?
- Replication can replace backups.
- More than single node failure is highly unlikely at the same time.
- Failure of majority of services is near improbable.
- Cascade failure can be prevented.
- Having network isolated, append only logs and offsite backups is clearly an overkill.
- Fully automated backup restoration is a good idea.
- Fully automated disaster recovery of any kind is a good idea.
- Backups are consistent.
- Backups are correct.
- Backups are.
- SaaS services have no downtime.
- SaaS services do not loose data.
- SaaS services require no redundancy.
- High grade redundancy will undoubtedly prevent catastrophic failure of epic proportions.
… about programming and runtime environment
- My code will be executed exactly as I intended it to be executed.
- My code will be executed exactly as I have written it.
- My code will be executed.
- Compilers have no bugs.
- My programming language has no bugs.
- My tests have no bugs.
- 100% code coverage means something.
- Unit testing is enough.
- Any kind of automated testing is enough.
- You do not test in production.
- Processes will not get terminated unexpectedly.
- Threads will not get terminated unexpectedly.
- Network transmissions will not get terminated unexpectedly.
- File operations will not get terminated unexpectedly.
- Running out of memory is unlikely.
- Running out of memory can be reliably managed.
- Disk space is infinite and needs no constant monitoring.
- Same software configured equally will perform equally.
- Same software on equal hardware will perform equally.
- Same software on equal hardware hosted by equal operating system will perform equally.
- Automatic deployment.
- No redundancy for SaaS services in deployment pipeline.
… about security
- Memory region allocated to my program can never be accessed by any other program.
- Only I have access to my server hardware.
- My hosting provider will always securely wipe the disks for the server I just cancelled and had my secrets stored on.
- Only you have access to the data you have in your cloud storage service.
- Security vulnerabilities are known.
- Security keys stored in RAM are safe.
- SELinux is not needed.
- SELinux is all that is needed.
- Firewalls.
Disclaimer.
Please, take on these falsehoods with a grain of salt. ECC RAM modules and even consumer grade RAM modules, they do not fail left and right, out of the sky, and neither do CPU’s etc. But it can happen, and it is useful to be aware that potential for these issues to happen is still high enough to be a concern. Not a concern for your personal blog server. But a big concern for industrial control systems, medical, transportation, automotive, power grid systems, and literally everything that can be a cause of harm to human life in case of uncontrolled failure.
