"Fake autonomy" and the delusion of autonomous services

  • Thread starter SlurrerOfSpeech
  • Start date
In summary, the conversation discusses how a system can have a dependency on another service, and how in the event of that service going down the system can still function. However, the system may not be functioning properly due to the dependency.
  • #1
SlurrerOfSpeech
141
11
Let's say I run an ecommerce business and I have one service for handling shipping and another service for handling customer profiles such as name, address, age, etc. Call them Customer Management Service and Shipping Service.

SS has an interest in knowing the customer address of which CMS is the source of truth. One way it can get this information is whenever it needs it, with a "get customer info by id" API call.

Many software architectures will say that design creates a "dependency" of SS on CMS and that the dependency could be broken if only CMS published an "address changed" event and SS subscribed to the event and updated its internal copy of the customer address.

Ok, true, now if CMS is down SS can continue to operate. It is "independent" in some sense.

But, does this solve any problem for the entire system? Look at the bigger picture. If CMS service is down, the messages aren't arriving, and we're potentially shipping out products to the wrong addresses. This will need fixed. In fact, this is probably worse than if we couldn't ship anything due to the CMS being down.
 
Technology news on Phys.org
  • #2
Everything you say is true (almost, see below), but what's your point? Terminology is really irrelvant. What matters is whether or not your system gets the job done properly.

And by the way having an address update service alone is insufficient. You'd need coordination (automated or manual) such that the SS does not run before the CMS is complete so that it HAS an address, and that address is not really an update (a change of address), its an addition.

The best way to deal with it is to have the customer data in a database that is accessible to both systems, but even then you have to make sure the SS doesn't try to run first.
 
  • #3
There are many ways you can resolve downtime of one service needed by other services, but the specific example you describe make little sense to me. You describe this strange system where customer orders are finalized by (or sent to) the SS without the customer approving his shipping address (i.e. that the shipping address is not part of the order data) and then that the SS due to CMS downtime decides to use an old cached address. I would question why SS would have customer addresses (separate from orders) in the first place, why SS don't just wait for CMS to come back up, and how the customer can change his address if CMS is down? Even if SS maintained a local address DB updated by push-data from CMS there should be a keep-alive signal to let SS know it is not currently receiving from CMS and that any local addresses may be stale. I mean, if you describe a system that is ill-designed then, almost by definition, it is not too surprising that it can fail to work as intended in some cases.

In general, if failure of a service is fatal for other services that have to process data in a time critical manner you would probably make steps to ensure the dependent service has a fail-over mode or similar, perhaps even in hot-swap mode. Such a service and its communication protocols are not trivial to design right. On the other hand, if a failure is not time-critical for other services one could also just wait for the service to come back up. In any case, each service can (if really needed) still be defined and operated in an manner that appears autonomous for other dependent services.

In case I have completely misunderstood your question perhaps you could describe what you consider an autonomous system to be and what "condition" in that you think gets broken?
 
  • #4
I think this is backwards: the CMS pulls data from the purchasing system, not vice-versa.

The idea that a customer has exactly one shipping address associated with them at any given time is false: a single customer may have a primary home address, a holiday home address, a work address, and the addresses of the people they regularly send gifts to. Corporate customers may have multiple sites to which they want orders delivered. Even the idea that there is a single billing address at any given time is probably false.

Fulfilling an order is part of a transactional process, which is backed by a transactional system. The shipping address is data associated with the purchase order header. The billing address, which is probably what the CMS actually wants to look at, is also data associated with the purchase order header (and subsequently the invoice header).

A CMS tends generally to be used for business intelligence and marketing, and pulls data from a data warehouse which is populated by looking at the data from multiple transactional systems, working out which master customer record each relates to, and whether data associated with that master record should be updated as a result.

Now you might try to make life easier for the customer by allowing them to select from a list of addresses which they have used before, if you can identify them with sufficient certainty - which is likely only the case if they have registered an account and are logged in. But that's not essential to the fulfilment process: The purchase order record has a shipping address attached to it, and the fulfilment system doesn't know or care whether the customer selected that from a list of previously entered addresses obtained from the CMS or whether the customer typed it in manually.
 

1. What is "fake autonomy"?

"Fake autonomy" refers to the false belief that a service or technology is autonomous, meaning it can operate independently without human intervention. In reality, these services are often controlled or influenced by humans behind the scenes.

2. What are some examples of fake autonomy?

Examples of fake autonomy include chatbots, virtual assistants, and self-driving cars. While these services may appear to operate autonomously, they are often programmed and controlled by humans and can make mistakes or require human intervention.

3. Why is the delusion of autonomous services a concern?

The delusion of autonomous services can lead to overreliance on technology and a false sense of security. This can result in serious consequences, such as accidents with self-driving cars or incorrect information from chatbots.

4. How can we distinguish between real and fake autonomy?

One way to distinguish between real and fake autonomy is to consider the level of human involvement in the service. If humans are involved in programming, monitoring, or controlling the service, it is likely not truly autonomous.

5. What are potential implications of the belief in autonomous services?

The belief in autonomous services can have ethical and societal implications. It can perpetuate the idea that humans are no longer needed for certain tasks, leading to job displacement. It can also raise questions about responsibility and accountability when things go wrong with autonomous services.

Similar threads

Requesting suggestions for languages, libraries, and architectures for parallel (and sometimes non parallel) numerical and scientific computations
    • Programming and Computer Science
Replies
8
Views
2K
Did You Receive a Fake eBay Email? How to Protect Your Account Today
    • General Discussion
Replies
12
Views
6K
Ten most overpaid jobs in America No scientists on the list
    • General Discussion
Replies
7
Views
29K
News Bush Honest & Trustworthy Until How Many Lies?
    • General Discussion
2
Replies
65
Views
8K

Hot Threads

Recent Insights

Back
Top