#211 — April 10, 2019

Read on the Web

Web Operations Weekly

The Stack Overflow Developer Survey 2019 Results— Stack Overflow, the popular developer copy and pasting site, does a fantastic annual survey. This year observations include:

• Devops specialists and site reliability engineers are amongst the highest paid and happiest developers — yay!
• Devops specialists and sysadmins are far less likely to be women than for other types of developer —🙍‍♀️
• Chef and Puppet are two of the most ‘dreaded’ developer tools.
• About half of developers are using containers.

Stack Overflow

Cloud Scalability: Scale Up vs. Scale Out— The ability to handle unexpected growth or shifts in demand has become a major benefit of cloud services, but it can become a liability if not managed properly. In this article, we compare scale-up vs. scale-out strategies to assure performance.

Turbonomic sponsor

Google Unveils Cloud Run, Their Newest Serverless Stack— Cloud Run is Google’s new serverless compute platform for running stateless HTTP-driven containers (as opposed to Cloud Functions’ purely function-based approach). It can also run within GKE on existing GKE clusters.

If you’re on the platform, Google also slips in some news in this post about updates to Cloud Functions and App Engine (which now supports Ruby 2.5 and Java 11 in alpha).

Google Cloud

Which AWS Technology Should You Use for Your Open Source Database?— Databases are a key part of deploying apps to the cloud and AWS (in)famously has a lot of options in this regard. Here are some of the reasons you might choose between the various options.

The New Stack

Using Serverless 'Reapers' to Lower Your AWS Bill— A look at how serverless functions can be used to keep your AWS bill in check by automatically destroying resources you’re not actually using.

Kyle Galbraith

Google to Offer 7 Popular Open Source Data Projects as Managed Services— Google is adopting a collaborative approach with the projects’ creators but offering unified billing for customers. Systems from companies like MongoDB, Elastic, Neo4j and Redis Labs will be in the initial mix.

The New Stack

💻 Jobs

✉️ Want to Contribute to GitHub @ a Fortune 100 Company?— We live and breathe open source. Please check out our open-source on GitHub. Do you have the passion to write code with tests? Come join our team which powers the enterprise.

Find A WebOps Job Through Vettery— Vettery specializes in tech roles and is completely free for job seekers. Create a profile to get started.

Vettery

📖 Tutorials & Stories

Websites That Keep Loading, and Loading, and Loading…— A look at what happens when a user minimizes the browser on their phone.

Doug Sillars

Orchestrating Backend Services with AWS Step Functions— Step Functions is an easy to use service for orchestrating backend workflows that has “probably the coolest console among all the AWS services.” Here’s a brief introduction.

Jay Dadhania

My First DDoS: Lessons Learned From Jerks on the Internet— An experience no-one will be jealous of, but which usually brings some important lessons.

Sergio Mattei

From Bare-Metal to Kubernetes— A walk through how a company moved from bare-metal infrastructure to a Kubernetes cluster hosted on Google Container Engine solving many engineering issues along the way.

Hugues Alary

What Is Chaos Engineering? SREs Define the Practice & Where It's Going

Gremlin sponsor

'We Found A Massive Spam Operation — and Sunk Its Server'

TechCrunch

🛠 Code & Tools

CapRover: An Automated, Scalable PaaS Package (using Docker and NGINX)— Formerly known as CaptainDuckDuck, this platform bills itself as an open source “Heroku on Steroids”. Dokku is another player in this space, although CapRover has a web-based UI.

CapRover

Kong 1.1: A Cloud-Native API Gateway— Kong can act as a gateway for microservices requests providing load balancing, logging, authentication, rate-limiting, transformations, and more through plugins.

Kong

HermiTux: A Binary-Compatible Unikernel— A unikernel is a rapidly booting, minimal operating system essentially built to host a single app. HermiTux is interesting as it’s binary-compatible with Linux.

HermiTux

Get the Fastest Website Deployments. Ever.

Buddy sponsor

Crossplane: An NGINX Configuration File Parser and Builder— A reliable way to convert NGINX configurations into JSON and back if you want to work with them dynamically.

NGINX, Inc.

InSpec: An Auditing and Testing Framework for Infrastructure— Write tests to check firewall rules, installed packages, etc, and run locally or remotely. Targets most production OS including Windows.

InSpec

Algernon: A Small Self-Contained Pure Go Web Server— With Lua, Markdown, HTTP/2, QUIC, Redis and Postgres support.

Alexander F. Rødseth

FTPGrab: Grab Files Periodically from a Remote FTP or SFTP Server Easily

Crazy Max

#212 — April 17, 2019

Read on the Web

Web Operations Weekly

Migrating 23TB From S3 to B2 in Just 7 Hours— The tale of how a multiplayer game server provider moved 23TB of customer backups from AWS S3 to Backblaze’s B2 in just several hours with the goal of making large egress savings.

Nodecraft

EdgeDB: The Best of Both NoSQL and SQL?— EdgeDB is an open-source object-relational database attempt to bring the simplicity of NoSQL to the relational world. PostgreSQL is used under the hood with Edge’s own SQL-esque query language (EdgeQL) compiled to SQL behind the scenes.

Yury Selivanov and Elvis Pranskevichus

What is Chaos Engineering? SREs Define the Practice & Where It's Going— Learn how Chaos Engineering studies complex large-scale computer systems. How the practice is growing in implementation and interest. Why are some of the most successful companies in the world adopting it and hear thoughts and opinions from experts in diverse roles.

Gremlin sponsor

The Wide World of Microsoft Windows on AWS— Running Windows has been a built-in feature on AWS for 11 years now and here AWS’s Chief Evangelist looks at the current Windows-on-AWS ecosystem in detail from SQL Server to license management and running C# on AWS Lambda.

Jeff Barr (Amazon)

Google Search Now Supporting Instant-Loading AMP Pages From Your Own Domain— Google are rolling out support for ‘signed exchanges’ in Google Search’s AMP web results. This enables displaying the publisher’s own domain when AMP content is loaded via search results.

Google

Let's Encrypt to Transition to Their Own Root— From July, Let’s Encrypt will issue certificates from their own intermediate CA as opposed to their current IdenTrust cross-signed intermediate. Now Let’s Encrypt is so widely trusted, it makes sense to move to their own system.

Scott Helme

💻 Jobs

DevOps Engineer at X-Team (Remote)— Join the most energizing community for developers. Work from anywhere with the world's leading brands.

X-Team

Find A WebOps Job Through Vettery— Vettery specializes in tech roles and is completely free for job seekers. Create a profile to get started.

Vettery

📖 Tutorials & Stories

The Web Developer's Guide to DNS— A little DNS know-how “shines some light on a fundamental, enduring part of the Internet’s plumbing”.

RJ Zaworski

Linkerd v2: How Lessons from Production Adoption Resulted in a Rewrite of the Service Mesh— Amongst other things, the popular service mesh moved from being written in Scala to a split between Go and Rust.

William Morgan

Architect Your Cloud Apps for Peak Performance— Need to know how to architect cloud apps for peak performance? A Cloud Guru will provide an introduction to the AWS Well-Architected Framework (WAF).

AWS sponsor

Migrating a Retail Monolith to Microservices— At a recent event, a developer working on a monolithic app maintained by 2 teams explained how they broke things down to 270 microservices managed by 48(!) teams.

Jan Stenberg

Testing the Performance of the NGINX Ingress Controller for Kubernetes— A look at the performance you can achieve with the NGINX Ingress Controller for Kubernetes in terms of requests per second, SSL/TLS transactions per second, and throughput.

NGINX, Inc.

'Google AMP Lowered Our Page Speed, and There's No Choice But to Use It'— A blistering critique of AMP based both upon Google’s management of it as well as its ability to actually achieve its goal of improving performance.

Walid Halabi

📕 20 Patterns to Watch for in Engineering Teams

GitPrime sponsor

▶  An Introduction to Monitoring Serverless Apps— A 5 part (but growing) series of videos looking at different serverless monitoring approaches, such as AWS X-Ray, Artillery, and Epsagon.

Marcia Villalba

🛠 Code & Tools

Kubernetes External Secrets: A Tool to Use External Secret Management Systems in K8s— Engineering teams at GoDaddy use AWS Secrets Manager from Kubernetes to handle their secrets, but the different ways different teams use Secrets Manager has demanded they produce a tool to assist in the process.

GoDaddy Engineering Blog

Red Hat's Quarkus Brings Natively Compiled Java to Kubernetes

Mike Melanson

NGINX Plus R18: NGINX's Enterprise Level HTTP Server— Based upon their popular open source releases, the latest NGINX Plus includes dynamic loading of SSL/TLS certificates, along with improvements to enterprise-level features like health checks and clustering.

NGINX, Inc.

VSCodium: It's Visual Studio Code, Sans Microsoft— Telemetry, tracking, and trademarks have all been ripped out of the increasingly popular code editor.

Peter Squicciarini

GNU Awk 5.0 Released— AWK is a popular part of the sysadmin’s text (and log) processing toolkit. 5.0’s big new feature is namespaces which will help if you’re building more complex systems.

Arnold Robbins (GNU)

HTTPS-PORTAL: An Automated HTTPS Server— Powered by Nginx, Let’s Encrypt and Docker. The just released 1.7.0 version adds TLS 1.3 support and drops TLS 1.0 and 1.1.

Weiyan Shao

Flagger: A Kubernetes Operator for Handling Canary Deployments— Uses Istio or App Mesh routing to provide progressive delivery of new features, etc.

Weaveworks

#213 — April 24, 2019

Read on the Web

Web Operations Weekly

Tinder’s Move to Kubernetes— Over the past two years, popular dating service Tinder has moved its platform over to Kubernetes as part of a drive towards containerization and making its deployment processes more efficient. But.. “It wasn’t easy.” Here’s the full story.

Tinder Engineering

NGINX 1.16.0 Released: The Latest Stable Branch— The popular HTTP server’s annual fork that becomes the new stable branch. 1.16 bakes in all of the 1.15.x goodies such as dynamic loading of SSL certificates and TLS 1.3 early data support.

NGINX

How To Set Up a Private Docker Registry for DO Kubernetes— Deploy your private Docker registry to a DO Kubernetes cluster using Helm and Spaces object storage.

DigitalOcean sponsor

The Top Two Most Popular Docker Base Images Have 500+ Vulnerabilities— A brief summary of a larger PDF report on Docker security that looks at detected vulnerabilities (many of which are minor in nature, before you get too scared) in popular Docker images.

Brian Vermeer and William Henry (Snyk)

▶  GraphQL's Lee Byron on Rebuilding GraphQL from Scratch— A 30 minute podcast interview with one of the creators of GraphQL on the history of GraphQL and how it underwent a major rebuild.

The New Stack podcast

“Google Cloud Run [is] providing people with a system that is going to make them complacent with traditional architecture, and not push them to gain the immense benefits of shifting [..] to service-full architecture..”

___
Ben Kehoe in The Good and the Bad of Google Cloud Run on how truly 'serverless' Google's newest serverless platform is, and whether it matters.

HTTP Toolkit: 'X-Ray Debugging' Tools for HTTP— A collection of open source tools (with paid-for 'pro' level versions) for debugging, testing and working with HTTP(S). It can also detect third party APIs you’re working with and provide more information.

Tim Perry

💻 Jobs

DevOps Engineer/ System Administrator (w/m/d) - insertEFFECT (Nürnberg, Germany)— Are you a passionate developer with an interest in Continuous Integration and Delivery? Help us shape the digital future of mobility.

INSERTEFFECT

Have You Tried Vettery?— Vettery specializes in tech roles and is completely free for job seekers. Create a profile to get started.

Vettery

📖 Tutorials & Stories

Elixir, Phoenix, Absinthe, GraphQL, React, and Apollo: An Absurdly Deep Dive— A really deep dive into the practical challenges and issues faced adopting a new stack of webapp technologies.

Zach Schneider

Setting Up Docker for Windows and WSL to Work Flawlessly— The WSL (Windows Subsystem for Linux) can be used when working with Docker on Windows if you prefer that environment.

Nick Janetakis

Investigating What 'Up To' Means on AWS EC2's 'Network Bandwidth' Numbers— If you’re running any EC2 instances, you will get something out of this thread.

Daniel Vassallo on Twitter

6 Tips Before You Write Your Next Bash Cronjob— Covers output redirection, improving ‘infinite’ loops, and adding timeouts.

Yasoob Khalid

Understanding WebViews— A good overview of what a WebView is (essentially a native component that lets you render Web-based content within another app), what they’re used for and some of their limitations.

Kirupa Chinnathambi

Tips for a Disciplined Git Workflow— The basics of getting a little better at git, IMHO.

Drew DeVault

Setting Up Kubernetes Pod Security Policies

Josh Rosso

🛠 Code & Tools

MicroK8s: Fast, Light, Upstream Developer Kubernetes— Promising ‘zero-ops Kubernetes on just about any Linux box’, it’s as simple as sudo snap install microk8s --classic to get a single node Kubernetes cluster working for dev purposes.

Canonical

Secure Shell for Enterprises— Open source SSH secure shell with 2FA, logging, team session sharing and recording. 7000+ stars on GitHub. Try Teleport.

Gravitational sponsor

docker-debug: A Tool to Help with Debugging Running Containers— Introduces a new container into an existing container that joins various useful namespaces of the existing container so you can run debugging tools without having them already installed.

zeromake

OpenSSH 8.0 Released— Fixes a weakness in the scp tool and protocol, while noting that the ‘scp protocol is outdated, inflexible and not readily fixed.’

OpenSSH

Gitea: A Self-Hosted Git Service— If you want a variety of GitHub-esque niceties, a Web interface, etc. without the weight of GitLab, this is worth a try. Check out a live instance here.

Gitea

Get the Fastest Website Deployments. Get Started Free

Buddy sponsor

Ant Media Server: A Low Latency WebRTC Live Streaming Media Server— It’s open source with a commercial option.

Ant Media

git-bug: A Distributed Bug Tracker Embedded in git— Uses git’s internal storage so no files are added to your project.

Michael Muré

🕯 In Memoriam

Joe Armstrong, the Creator of Erlang, Has Died— “Whilst he may no longer be with us, his work has laid the foundation which will be used by generations to come.”

Francesco Cesarini on Twitter

#214 — May 1, 2019

Read on the Web

Web Operations Weekly

Amazon S3 Batch Operations: A New Way to Launch Batch Jobs for Large Numbers of S3 Objects— A way to do things with a large number of S3 objects at the same time. For example, change their tags, invoke an AWS Lambda on each one, or copy them to another bucket.

Jeff Barr (AWS)

Docker Hub Hacked, Sensitive Data Possibly Exposed— While ‘less than 5%’ of users were affected, if you have a Docker Hub account, you might want to double check you don’t have an email from them asking you to change your password (something you might wish to do anyway).

Kent Lamb (Docker)

Restricted Shells: Sometimes Persuasive, but Usually Fallacious— Why do companies ask for "secure" restricted shells? We think a solution should be secure even if the details of an implementation are known and that compliance should be achieved with effective security controls that don’t rely on security theater.

Gravitational sponsor

How LinkedIn Engineered Its 'Reactions' Feature— A nice high level look at the organizational, design, and UI concerns around adding a new feature to LinkedIn.

Allison Yamamoto

▶  Developing Hundreds of Kubernetes Services at Scale with Airbnb— One of Airbnb’s infrastructure engineers relates Airbnb’s experience with using Kubernetes at scale, focusing on the tooling and developer experience. Note: It’s a talk but there’s a full, readable transcript.

Melanie Cebula

▶  Testing and Deployment Best Practices for AWS Lambda Apps— An Amazon tech talk that deftly covers the entire background to AWS Lambda, building serverless functions, through to practical considerations of Lambda-based tooling and deployment practices. This is a really neat AWS Lambda primer.

Chris Munns

💻 Jobs

DevOps Engineer at X-Team (Remote)— Join the most energizing community for developers. Work from anywhere with the world's leading brands.

X-Team

Have You Tried Vettery?— Vettery specializes in tech roles and is completely free for job seekers. Create a profile to get started.

Vettery

📖 Tutorials & Stories

Optimizing M3: How Uber Halved Its Metrics Ingestion Latency— This is a really technical one! Uber noticed increased latency in its metrics platform and it ultimately resulted in finding an issue in the Go(lang) runtime for which a fix was duly provided.

Richard Artoul

Everything You Need To Know About API Rate Limiting— Perhaps not quite everything but a lot of concepts are covered here from request queues to throttling and algorithmic-based rate limiting.

J Simpson

From Poll to Push: Transform APIs using Amazon API Gateway REST APIs and WebSockets— I’ve been playing with API Gateway’s new(ish) WebSockets support and it opens up some really neat architectural patterns, as seen here.

Adam Westrich

How Cloud Native is Unlocking a Multicloud World

Turbonomic sponsor

Optimizing Frontend Performance With Resource Hints— Resource Hints are a simple and effective way for frontend developers to help the browser stay one step ahead of the user and keep pages fast by doing things like DNS prefetching.

Drew McLellan

Dockerizing Django with Postgres, Gunicorn, and Nginx— Goes into a lot of depth.

Michael Herman

▶  Building the New Facebook.com with React, GraphQL and Relay— Facebook’s forthcoming redesign is fully powered by React and Relay and this 35 minute talk from F8 digs into the React-related technicalities of making it all work behind the scenes.

Facebook for Developers

The Many Benefits of Using a Monorepo— A monorepo is the idea of storing all of a company’s (or project’s) code in a single repo when it might otherwise be split across multiple repos.

Peter Steinberger

5 Common Misconceptions About Serverless in 2019— Serverless is all about functions, it’s a new frontier, a security nightmare, super cheap, and.. oh, no, it’s none of these things 😂

Gracie Gregory (Stackery)

🛠 Code & Tools

WTF: The Personal Information Dashboard for Your Terminal— It’s written in Go and could be of interest to all terminal fans with things to keep an eye on.

WTFUtil

Gravitational Wormhole: WireGuard for Kubernetes— Wormhole is a Kubernetes network plugin that combines the simplicity of flannel with encrypted networking from WireGuard.

Kevin Nisbet

Dockly: An Immersive Terminal Interface for Managing Docker Containers and Services

Liran Tal

Announcing AWS X-Ray Analytics: An Interactive Approach to Trace Analysis

Amazon Web Services, Inc.

redis-Tui: A Redis Text-Based UI Client— A terminal-based Redis ‘client’ for navigating a Redis database in a slightly more visual way than using redis-cli.

管宜尧

haproxy Container: A Built-from-Source Container Image of the HAProxy Load Balancer

Ricard Bejarano

#215 — May 8, 2019

Read on the Web

Web Operations Weekly

Microsoft Announces .NET 5— One of the biggest announcements so far from this week’s Build conference is that .NET’s future lies in .NET 5, a bringing together of .NET Core and mainstream .NET. It’ll support Windows, Linux, macOS, iOS, WebAssembly, and more, and ultimately form the core of the entire Microsoft-oriented development ecosystem. Its final release is due in November 2020.

.NET Blog

What Does Unsplash Cost to Run in 2019?— If you’ve been reading this newsletter for a while, you know I love it when companies explain what infrastructure, services, and stack they use and how much it costs, so this roundup from free stock photo company Unsplash is fantastic. Spoiler: It’s $100K per month, including $5K/mo on logging alone!

Luke Chesser (Unsplash)

How to Test Software: Mocking, Stubbing, and Contract Testing— We’ll cover the techniques of mocking and stubbing, and test-driven development to help each testing layer. First, let’s review the test pyramid. This helps illustrate the difference between different kinds of tests and when it’s advantageous to do them.

CircleCI sponsor

The New Evergreen Googlebot— Googlebot, the spider that Google uses to crawl sites for its index, is now using the latest Chromium rendering engine (currently 74) meaning it now supports many more modern Web standards such as Web Components and ES6.

Google

JMAP: A Modern, Open Email Protocol— FastMail and the IETF have been working on a new standard for email, creatively incrementing IMAP to JMAP. JMAP is flexible enough to support RFC 5322 compliant mail but stores mail in a structured JSON format.

Bron Gondwana and Neil Jenkins

Amazon S3 Deprecating Path-Style Requests in 2020— This has the potential to break all sorts of older code. Basically, if you’re using URLs like //s3.amazonaws.com/bucketname/key then those aren’t going to work after September 30, 2020, and you need to upgrade to the new, host-based ways. Hacker News had an extensive discussion about this move.

Amazon

💻 Jobs

DevOps Engineer at X-Team (Remote)— Join the most energizing community for developers. Work from anywhere with the world's leading brands.

X-Team

Find A WebOps Job Through Vettery— Vettery specializes in tech roles and is completely free for job seekers.

Vettery

📖 Tutorials & Stories

HTTP Headers for the Responsible Developer— A nice primer to some of the fundamentals every developer should know about HTTP (and HTTPS) that moves on to talk about particular headers like Strict-Transport-Security, Content-Security-Policy and Cache-Control. This is a good one to share with the team to plug up any knowledge gaps.

Stefan Judis (Twilio)

Negotiations Failed: Has Oracle Killed Java EE?— “Oracle announced that Java EE will be open sourced [..] After 18 months of intensive negotiations the effort has come to an end: It failed. There will be no trademark agreement.”

Markus Karg

How Far Out is AWS Fargate?— Fargate is AWS’s service for running containers without managing servers (or clusters) and while AWS doesn’t bill it as in the ‘serverless’ realm, ultimately serverless concepts have had a huge inspiration. Michael compares it to Lambda here.

Michael Lavers

Technical Debt — Leverage or Liquidate?— A look at three signs that existing tech debt might soon cause you problems.

Matthew O'Riordan

Repeatable MongoDB Performance Tests: How CPU Options Are Best Disabled— A great post from the MongoDB Engineering Journal looking at recent efforts to improve the repeatability of MongoDB performance tests being run on EC2 instances. In short, there are a variety of CPU options that can make tests ‘noisier’, so turn them off if you want to do direct comparisons.

Henrik Ingo

🛠 Code & Tools

Windows to Get a New Open Source Terminal with All The Modern Trimmings— Microsoft is launching a brand new Windows Terminal app built on the updated and refactored Windows console subsystem with support for lots of new features and capabilities.

Mary Branscombe

Linux 5.1 Arrives— Linus Torvalds stresses that it’s a ‘normal’ release with no big, exciting features, but it does include support for non-volatile memory to be used as RAM (such as with NVDIMMs), a SafeSetID security module, and Atomic Replace which will help in updating systems without dreaded reboots.

Steven J. Vaughan-Nichols (ZDNet)

Future-Proof Your Platform with a Video Stack That Scales

Mux sponsor

Up Your AWS CloudFormation Testing Game using TaskCat— TaskCat is an open source tool developed by the AWS Quick Start team to automate the testing of AWS CloudFormation templates.

Amazon Web Services

CSS Only Chat: A 'Truly Monstrous' Async Web Chat using No Frontend JS— This is firmly in the “don’t do this, but it’s good to know this is possible” stable of experiments. Background images loaded via pseudo-selectors are the vector here.

Kevin Kuchta

#216 — May 15, 2019

Read on the Web

Web Operations Weekly

Better HTTP/2 Prioritization for a Faster Web— Cloudflare has pushed out a change to HTTP/2 prioritization that will ‘make the web much faster’, but how and why? This post goes into a lot of interesting detail.

Patrick Meenan (Cloudflare)

Amazon S3's Path Deprecation Plan – The Rest of the Story— Last week, we mentioned that AWS subtly noted that they would be deprecating ‘path-style’ requests to S3 in 2020.. this has now turned into a bigger story with a lot more detail.

Jeff Barr (AWS)

How to Build a Live Streaming App— Use Mux's simple, but powerful, video APIs to build live streaming into your application.

Mux sponsor

Oak: An Open Certificate Transparency Log from Let's Encrypt— Certificate Transparency (CT) is a system for logging and monitoring certificate issuance and now Let’s Encrypt have one of their own which is free and open to all.

Let's Encrypt

How Azure Functions is Advancing the Serverless Developer Experience— Reflections on some of the recent things the Azure Functions team are doing to make the serverless developer experience better on their platform. Perhaps the biggest thing is KEDA, built in partnership with Red Hat, which introduces event-driven auto scaling to Kubernetes.

Eduardo Laureano (Microsoft)

Intel CPUs Impacted by New 'Zombieload' Side-Channel Attack— Unlike with last year’s Meltdown and Spectre, Intel is prepared and has microcode updates rolling out as we speak.

ZDNet

💻 Jobs

Senior Site Reliability Engineer - Invoca (Santa Barbara, CA or Remote)— Join our team of Operations Engineers deploying code to our production SaaS platform & public cloud infrastructure multiple times per day.

Invoca

Find A WebOps Job on Vettery— Vettery specializes in tech roles and is completely free for job seekers.

Vettery

📖 Tutorials & Stories

The Parallel Streaming of Progressive Images with HTTP/2— Image-optimized HTTP/2 multiplexing makes all progressive images across a page appear visually complete in half of the time. Here’s how.

Andrew Galloni and Kornel Lesiński (Cloudflare)

📕 20 Patterns to Watch for in Engineering Teams— Actionable insights to help you debug your development process with data. Get your copy.

GitPrime sponsor

6 Lessons Learnt Sending High Volumes of Emails with AWS Lambda— For those new to serverless architectures, here’s an interesting look into what went wrong, what went right, and what ‘went random’.

Austin Huminski

A Review of the AZ-900 Microsoft Azure Fundamentals Exam— Thoughts on what it takes to pass an official Azure certification exam.

Sonia Cuff

▶  An Interview with Charity Majors on Infrastructure Engineering— An interview with Charity Majors, CTO of Honeycomb, about infrastructure engineering and testing in production.

The Maintainable Software Podcast podcast

Validating OAuth 2.0 Access Tokens with NGINX— NGINX can act as an OAuth 2.0 Relying Party, sending access tokens to the Identity Provider for validation and only proxying requests that pass the validation process.

Liam Crilly (NGINX, Inc.)

How To Set Up WordPress with MySQL on Kubernetes Using Helm

DigitalOcean sponsor

▶  Discussing Facebook's Development Practices— Software Engineering Daily is a very popular podcast and it’s interesting to hear Nick Schrock, an ex-Facebook engineer of some 8 years, talk about how Facebook’s engineering teams work. Pete Hunt was also on a similar episode earlier this week.

Software Engineering Daily podcast

🛠 Code & Tools

Flipt: A Feature Flag System for Running Experiments— Add ‘feature flag’ support to your existing applications, with a simple, single UI and API. More info on the official homepage.

Mark Phelps

kubernetes-rust: A Rust Client for Kubernetes

ynqa

#217 — May 22, 2019

Read on the Web

✳️ Over the next few weeks you're going to gradually see a shift in this newsletter. We'll explain more in next week's issue but we'll be refining the focus to better suit today's development world — watch this space! 😄

Web Operations Weekly

.. soon to become Statuscode Weekly

Introducing NGINX 1.16 and 1.17— 1.16 is now considered the stable branch, 1.17 the ‘mainline’ branch. 1.16 includes TLS 1.3 Early Data support, dynamic certificate loading, and more, while 1.17 looks to the future with forthcoming QUIC and HTTP/3 support.

NGINX, Inc.

SCAR: 1-Click Static Site Deployment on AWS— A simple tool that creates the right CloudFormation templates to roll out a static site on AWS complete with custom domain, DNS, SSL and CDN in one go.

Kelvin Jiang

Get the Fastest App Deployments. Get Started Free— Unlike most Continuous Integration (CI) solutions, Buddy only re-builds the parts of your application that have changed and deploys your updates in seconds to any app store. Start building better apps faster with Buddy.

Buddy sponsor

How We Moved from Heroku to Google Kubernetes Engine— Rainforest, a QA platform, migrated from Heroku to Google Kubernetes Engine. Here’s what that process entailed and the challenges faced in migrating a production app.

Emanuel Evans

WebKit's Solution for Privacy Preserving Ad Click Attribution for the Web— The WebKit team present a new technology (included in Safari Technology Preview 82+) called Intelligent Tracking Prevention (ITP) which introduces more privacy to ad click attribution without killing it entirely.

John Wilander

💻 Jobs

Senior Site Reliability Engineer - Invoca (Santa Barbara, CA or Remote)— Join our team of Operations Engineers deploying code to our production SaaS platform & public cloud infrastructure multiple times per day.

Invoca

Find a WebOps Job on Vettery— Vettery specializes in tech roles and is completely free for job seekers.

Vettery

📖 Tutorials & Stories

How Stripe Rapidly Trains Machine Learning Models with Kubernetes— Machine learning plays a significant role at payment processor Stripe, principally as a way to detect fraud. To do this at scale they built Railyard an API and job manager for ML tasks that scales using Kubernetes.

Rob Story (Stripe)

A Kubernetes Any% 'Speedrun'— A sassy look at what it took one Kubernetes-confused consultant to get his app running on it. I think many of us could identify with his frustrations.

Elliot Speck

Using AWS CloudWatch Insights to Fine Tune Lambda Functions— Every AWS service produces detailed logs and CloudWatch Insights provides fast, interactive analytics on those logs meaning you can analyze what your Lambda functions are doing too.

Kyle Galbraith

WAFL: A Scalable MVP Alternative— WAFL stands for “Well Architected, Functionally Limited.” The idea is to create (or recreate) the basic functionality of a project in a codebase that can scale.

CircleCI sponsor

The Negotiability of 'Severity' Levels— If you have a variety of ‘severity’ levels in terms of incidents relating to the operation of your software systems, it’s worth reflecting on them and what they really mean.

Adaptive Capacity Labs

▶  DevOps is Dead with James Turnbull— A 30 minute chat with a chair of O’Reilly’s Velocity conference and former CTO of Kickstarter.

Real World DevOps podcast

A Vector for Stealing Downloads from Slack Users— The odds of this being a useful attack are pretty low, but it’s an interesting one technically.

David Wells

Good Practices for Improving Your Dockerfile

Chris Noring (Microsoft)

🛠 Code & Tools

graphql-codegen: A GraphQL Code Generator— A tool that generates code out of your GraphQL schema for various stacks and tools from TypeScript and React to MongoDB and Reason.

Tomek Poniatowicz

Announcing NGINX Ingress Controller for Kubernetes Release 1.5.0— A daemon that runs alongside NGINX in a Kubernetes environment that automatically configures NGINX to route and load balance traffic to appropriate services.

NGINX, Inc.

Distributed Tracing and Real-Time Analytics for Web App Performance. Try Datadog APM Free

Datadog APM sponsor

Cipherli.st: Strong Ciphers for Apache, NGINX and Lighttpd— A helpful resource that is updated from time to time so you can get that A+ SSL Labs test rating (and be more secure, naturally).

Remy van Elst

Awesome WAF: A Curated List of Web-App Firewall Stuff— Web-App Firewalls (WAFs) often sit between end users and APIs or webapps. This epic roundup includes ways to fingerprint WAFs or to work around their limitations. One for the security crowd!

Infected Drake

Ansible Role to Generate TCP/UDP Stream Configuration Files for NGINX— .. based upon the backend servers and ports provided. Will also update your AWS security groups to fit.

Recon InfoSec

#218 — May 29, 2019

Read on the Web

Web Operations Weekly

..soon to become Statuscode Weekly

Building Facebook's Service Encryption Infrastructure— The tale of how Facebook (who run thousands of microservices serving, they claim, ‘billions of requests per second’) migrated from using Kerberos to TLS as their backend authentication protocol.

Facebook Code

Why Tim Bray Thinks AWS SQS (Simple Queue Service) is Nearly Perfect— A love letter of sorts to SQS which is simple, scalable, and just gets the job done. This post provoked an extensive Hacker News discussion.

Tim Bray

SRE Best Practices for Incident Management— Understand the origins of modern incident management best practices, how they align with the emerging discipline of Site Reliability Engineering (SRE), and how incidents can be proactively prevented with thoughtful failure injection.

Gremlin sponsor

endoflife.date: Quickly Check 'End of Life' Dates for Tools and Technologies— So far it covers PHP, Ruby, Node.js, Drupal, Django, Debian, Windows, and 12 other systems. Pull requests are encouraged to extend it further.

endoflife.date

Will Only Enterprise Chrome Installs Have Full Ad-Blocking? An Update on Manifest v3— A rather deep and technical thread but essentially Chrome is deprecating the blocking capabilities of the webRequest API in its new standards Chrome extensions will have to adhere to. This will likely have impacts on how things like ad blockers work. The Register has a more accessible writeup.

Simeon Vincent

💻 Jobs

Senior Site Reliability Engineer - Invoca (Santa Barbara, CA or Remote)— Join our team of Operations Engineers deploying code to our production SaaS platform & public cloud infrastructure multiple times per day.

Invoca

Find a WebOps Job on Vettery— Vettery specializes in tech roles and is completely free for job seekers.

Vettery

📖 Tutorials & Stories

About MetricsDB: A Time Series Database for Storing Metrics at Scale at Twitter— Twitter’s time series ingestion service is handling 83 million metrics a second and to scale into the future, they had to seek a new approach. MetricsDB, which went live in 2017, gives an overall cost reduction of 10x and latency by 5x compared to traditional key value stores.

Satish Kotha and Ilho Ye (Twitter)

Atlassian's Journey Scaling Low Latency, Multi-Region Services on AWS— Atlassian went ‘all in’ on AWS in 2016 and has faced (and solved!) a variety of challenges in scaling stateless, high-availability cloud services on it. Here’s some of what they faced.

Atlassian

📕 20 Patterns to Watch for in Engineering Teams

GitPrime sponsor

Broken by Default: Why You Should Avoid Most Dockerfile Examples— A quick look at how even a basic Dockerfile can be broken and what to look for.

Itamar Turner-Trauring

Deploying Active-Active Postgres on Kubernetes— A step-by-step guide on how to deploy an active-active Postgres cluster on Kubernetes using Symmetric-DS (an open source database replication tool).

Dave Cramer

Why We’re Switching to gRPC— “Although building gRPC APIs requires a bit more work upfront, we found that having clear API specifications and good support for streaming more than makes up for that.”

Levin Fritz

SOC 2 Compliance using Git: A Developer's Guide— A practical list of Git best practices to help you get SOC 2 quick wins and improve developer productivity.

Datree sponsor

GraphQL Predictions for 2019 and Beyond

Robert Matyszewski

Right Sizing Your Instances Is Nonsense— Many cost optimization companies will talk about right-sizing instances or VMs as if it were trivial. AWS cost optimization guru Corey Quinn disagrees.

Corey Quinn

🛠 Code & Tools

Postgres 12 Beta 1 Released— The draft release notes go into detail on what’s new but new support for a pluggable table storage is sure to open up opportunities.

PostgreSQL Global Development Group

Announcing Terraform 0.12

HashiCorp

Sheetson: Quickly Turn Any Google Sheet Into a CRUD API

Ralph Ngo

Cloudflare Unveils Workers KV, A Highly Distributed Database— Cloudflare has built a distributed, eventually consistent key-value store aimed at users of its Workers serverless platform.

Ashcon Partovi (Cloudflare)

AWS Auto Remediate: Functions to Remedy Common Security Issues via AWS Config

Servian

#219 — June 5, 2019

Read on the Web

Web Operations Weekly

..soon to become Statuscode Weekly

Why You Should Self-Host Your Static Assets— Why is it so much better to self-host your static assets? It’s not just about avoiding risks (e.g. outages) but you can also gain more performance, particularly if using HTTP/2.

Harry Roberts

Google Cloud Explains Sunday's Service Disruption— A wide array of Google services suffered a significant outage on Sunday, June 2, and Google have been very quick to explain what happened. In short, a minor configuration change got applied to the wrong machines. We’ve all been there.. if not at Google’s scale!

Benjamin Treynor Sloss (Google Cloud)

DigitalOcean Kubernetes is Now Getting Even Better— Provision a cluster in minutes while we manage and optimize the services you need to run Kubernetes.

DigitalOcean sponsor

AWS Unveils a 'Data API' for Amazon Aurora Serverless— Rather than make a traditional database connection from a serverless function, Data API (which is only on the MySQL variant of Aurora Serverless for now) lets you make queries quickly over HTTP and returns results in JSON.

Jeff Barr (AWS)

Assessing Your Options for Real-Time Message Buses— Modern real time data processing systems often rely on message buses with stream processing systems sat on top. This post rounds up some of the former, including Apache Kafka, RabbitMQ, and ActiveMQ.

Datanami

💻 Jobs

DevOps Engineer at X-Team (Remote)— Join the most energizing community for developers. Work from anywhere with the world's leading brands.

X-Team

Land a New Dev Job on Vettery— Vettery specializes in tech roles and is completely free for job seekers.

Vettery

📖 Tutorials & Stories

Will It Cluster? Running Lightweight Kubernetes on a Raspberry Pi— Ready to experiment with that Raspberry Pi you’ve left collecting dust? k3s is a stripped down Kubernetes distribution that can run on it, and here’s what’s involved.

Alex Ellis

5 Ways to Extend HAProxy with Lua— HAProxy is easily my favorite piece of Web related infrastructure software and this just shows how to make it even better using Lua.

Adis Nezirović

6 Tips from 10 Years of Preparing for Peak Traffic Events

Gremlin sponsor

A Tale of SQL Query Optimization— “We went from a query time of ~24 mins to 2 seconds, an extremely dramatic performance improvement”

Manish Gill

Linux Server Daemon Performance: An Introduction— A series of tutorials walking through the development of a toy HTTP server called ZeroHTTPd and how different approaches help it scale and work faster.

Unixism

Predictive CPU Isolation of Containers at Netflix— When your containers are sharing CPU time with others, ‘noisy neighbors’ can become a problem.. something Netflix was encountering a lot. So they’ve built a curious data-driven solution for improving CPU isolation.

Benoit Rostykus and Gabriel Hartmann (Netflix)

Cache Concurrency Control at Braze— “This is the story of how we debugged a performance issue within our system and implemented a caching pattern to fix it.”

Jon Hyman (Braze)

🛠 Code & Tools

59 Linux Networking Commands and Scripts— “I decided to create a network tools go-to-list for myself. Then, I thought, why not turn the list into a blog post?” Why not, indeed? But this is pretty neat as far as lists go.

Hayden James

Flares: A CloudFlare DNS Backup Tool— An ‘ASCIIcast’ of a tool you can use to export your CloudFlare DNS entries to local BIND-formatted zone files.

Leonardo Faoro

Bloom: HTTP REST API Caching Middleware— Designed to be used between load balancers and REST API workers. Written in Rust and uses Redis to cache data.

Valerian Saliou

A Serverless Component to Transcribe Audio Stored in an S3 Bucket— A template and function for turning an S3 bucket of audio into an S3 bucket of transcriptions via AWS Lambda and Amazon Transcribe.

Alexander Simovic

actix_web: A Small, Pragmatic and 'Extremely Fast' Rust Web Framework

Nikolay Kim

#220 — June 12, 2019

Read on the Web

Web Operations Weekly

..soon to be Statuscode Weekly

The Periodic Table of Amazon Web Services— What I found really interesting about this is it’s not built by hand but by this Python script which crawls AWS’s product pages so it’s always up to date. The depth of AWS is frankly mind-boggling and now you can see it in real-time.

Jerry Hargrove

The Performance Speed Limits of Code— How fast can your code go? I think a lot of developers will learn something from this post taking an interesting technical dive into the practical limits of execution performance, right down at the CPU and x86 level.

Travis Downs

The Container Conundrum— We recently surveyed over 800 IT professionals for our 2019 State of Multicloud Report. Learn about how they handle container adoption and management, where the multicloud and cloud native environments are headed, and more.

Turbonomic sponsor

Former npm, Inc. CTO Announces Entropic, a Decentralized Package Registry— CJ Silverio, ousted from npm Inc. last year, stepped back into the limelight at the recent JSConf EU event with a talk covering the history and status of package management and a potential new solution to the current problems.

Sarah Gooding

Do You Really Need ReCAPTCHA?— If you’ve been on a site and had a Google powered popup ask you to click on parts of a photo that contain traffic lights, you’ve used ReCAPTCHA.

Kevin Davis

NGINX Unit: A Modern App Server for Modern Apps— NGINX Unit has been around for a while now, but this post digs into why NGINX felt it necessary to introduce yet another app server (of which v1.9.0 has just been released).

NGINX, Inc.

A Look at 'Micro Frontends'— How to split up your large, complex, frontend codebases into simple, composable, independently deliverable apps.

Cam Jackson

💻 Jobs

Wanted: Curious Developers with ❤️— Stagnating? Check C5 out: New projects, tech, and challenges perfectly paired with kind, supportive, and brilliant people.

Carbon Five

Land a New Dev Job on Vettery— Vettery specializes in tech roles and is completely free for job seekers.

Vettery

📖 Tutorials & Stories

Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF)— A draft white paper from the NIST on how to mitigate security risks when building software by applying a variety of best practices (the ‘framework’ in question).

Dodson, Souppaya and Scarfone

Will the Future Kubernetes Mimic What Facebook Already Does?— “If you want to see what the future of the Kubernetes container management system will look like, then the closed source, homegrown Tupperware container control system that Facebook has been using and evolving since 2011 .. might be a good place to find inspiration.”

Timothy Prickett Morgan

Revisiting IPFS: It's Not There Yet..— IPFS is a peer to peer protocol aimed at creating a universal way of storing and sharing hypermedia. Is it viable to run a Web site on? No, as Tom discovers here.

Tom MacWright

How to Get Started with Site Reliability Engineering (SRE)— Google SRE Stephen Thorne shares some best practices for starting an SRE team at your own company.

Nikki McDonald

Spin Up a GoCD Continuous Delivery Server in Less Than 5 Minutes— Use new GoCD test drive to see how to solve your CI/CD challenges with our first class pipelines, visualizations, and more.

GoCD sponsor

Less Capabilities, More Security: Minimizing Privilege Escalation in Docker— Don’t run your containers as root and run them with fewer capabilities.

Itamar Turner-Trauring

Implementing Effective Container Security Strategies

Tim Mackey

Meet 'About': The Owner’s Manual for PowerShell— about files provide detailed information on how different things work in PowerShell.

Michael Bender

▶  Discussing the Security of the Web with Let's Encrypt's Co-Founder— A 20 minute chat between Josh Aas, a co-founder of Let’s Encrypt, and Craig Ingram of Heroku (who are now sponsoring the project).

Heroku podcast

Project Svalbard, or The Future of 'Have I Been Pwned'— Troy Hunt has been single handedly running the Have I Been Pwned data breach checking service — now it’s time to take the next step, he says.

Troy Hunt

A Collection of Public Kubernetes Failure/Horror Stories

Henning Jacobs

🛠 Code & Tools

Just Write Code: Improving the Cloudflare Workers Developer Experience— Workers, Cloudflare’s globally distributed serverless platform, gets a CLI developer tool, the ability to run apps on workers.dev without using your own domain, new docs, and a free tier to make it easier to try it out.

Rita Kozlov (Cloudflare)

Respond to (and prevent) Incidents with Modern Monitoring and Chaos Engineering

Gremlin sponsor

A Regular Expression Tester for NGINX— Quickly find out if a regex for a location or map block matches values as you intend.

Rick Nelson (NGINX, Inc.)

IBM Open Sources Razee, a Pull-Based Kubernetes Continuous Delivery Tool

Mike Melanson

Certs: A Let's Encrypt Certificate Manager for Kubernetes

Mathieu Naouache

#221 — June 19, 2019

Read on the Web

Web Operations Weekly

..soon to be Statuscode Weekly

HAProxy 2.0 Released— I have a huge soft spot for HAProxy, so this is really exciting. HAProxy is a powerful and easily configurable TCP and HTTP load balancer that you can put in front of almost anything when wiring up Web infrastructure. HAProxy 2.0 features:

• end-to-end HTTP/2 support
• full gRPC support
• a ‘Data Plane API’ for on-the-fly configuration
• traffic shadowing
• native support for providing metrics to Prometheus
• end-to-end TCP Fast Open support

Daniel Corbett

▶  Demystifying Web Speed Tooling— Paul Irish and Elizabeth Sweeny of Google gave a talk at Google I/O that dug deep into the world of user experience, Web performance, and the tools available to improve matters on your own site.

Google I/O ’19

Powerful CI/CD Pipelines. Pay Only for What You Use— Built for developer productivity, Semaphore 2.0 allows you to model any CI/CD workflow with fully customizable, powerful pipelines. With the new pricing model you pay only for what you use. Sign up free with GitHub and give it a run-through.

Semaphore 2.0 sponsor

Docker ❤️ WSL 2: The Future of Docker Desktop for Windows— Microsoft has announced a major new version of their Linux compatability layer, WSL. WSL 2 will eschew emulation and actually provide a real Linux kernel which means Docker will be able to integrate much better with Windows.

Simon Ferquel

Some Digital Ocean and AWS IPs Banned in Russia?— A developer noticed that his blog was inaccessible from Russia and used the ‘Is It Blocked In Russia’ tool to confirm it (it seems 206.189.0.0/16 is blocked). It might be worth trying on your own sites.

Ibrahim Diallo

DNS Cookies: Using DNS Caches to Identify Related Network Flows— An interesting side-channel to be aware of.

Daniel Dent

💻 Jobs

Senior Node.js + DevOps Engineer - (Remote)— Engineers wanted to deploy Node.js applications that depend upon individual cryptocurrency daemons using AWS servers.

Exodus

Land a New Dev Job on Vettery— Vettery specializes in tech roles and is completely free for job seekers.

Vettery

📖 Tutorials & Stories

Teaching A Cheap Ethernet Switch New Tricks— An interesting story of hacking a cheap router that involves running Go code on it. If you’re a networking/hardware geek who loves a good story, this is for you.

Ben Cox

▶  Scaling an Erlang Cluster to 10,000 Nodes— Maxim Fedorov demonstrates an example of a live Erlang cluster being scaled from just a few nodes to 10,000 machines with no service interruption.

InfoQ

How to Deploy a Resilient Go Application to DigitalOcean Kubernetes— Learn how to deploy a dockerized Go application to a Kubernetes cluster in this step-by-step tutorial.

DigitalOcean sponsor

Alerting on SLOs like Pros— SLOs, alerting, and error budgets are central concepts of Site Reliability Engineering (SRE).

Björn Rabenstein (SoundCloud)

Server-Sent Events (SSE): A Conceptual Deep Dive— SSE is a lightweight, subscription-based protocol for event-driven data streams that’s supported by most major browsers (Edge will gain support once the switch to the Chromium engine is complete).

Ably Realtime

Web Single Sign-On, the SAML 2.0 Perspective— SAML is a standard for different parties to trade authorization data so that a user could, say, sign in with a single provider but then access numerous other services.

Guillaume Klaus

Seven Surprising Bash Variables— The TMOUT one was a real eye opener to me.

Ian Miell

'Why Google Refunded $200 Because I Missed 5 Lines of Code'— A developer forgot to acknowledge payments in his app. Oops. Always good to hear a nice customer support story though.

Aswin Mohan

9 SRE Best Practices for Incident Management

Gremlin sponsor

How Spotify Paints a Picture of Its Infrastructure in Minutes— A quick look at how Spotify has been able to create graphs of its Google Cloud-based infrastructure by using Cloud Asset Inventory and Neo4j, the graph database.

Carly Schneider (Spotify Labs)

What Redditors Think About The State of GraphQL

Robert Matyszewski

▶  Bringing Scalable Real-Time Analytics to The Enterprise— A 35 minute podcast interview with two guys from Rockset, a company working on low latency big data analytics.

O'Reilly Data Show podcast

🛠 Code & Tools

Pika CDN: A CDN for Modern JavaScript— An interesting proxy that serves up JavaScript packages that use the ES Module syntax so you can use them directly on the Web using import.

Pika

API Platform: A REST and GraphQL Framework on Top of Symfony and React

Kévin Dunglas

macOS-Simple-KVM: Tools to Set Up a Quick macOS VM in QEMU— Running Linux but got some testing to do on macOS..?

Foxlet

YIG: A New Object Storage Server with an S3 Compatible API

Journey Midnight

Clojerl: Clojure, but for the Erlang VM— Clojure is a popular Lisp dialect but it’s (mostly) limited to the JVM. This project ports it to Erlang’s famously stable and scalable VM.

Clojerl

#222 — June 26, 2019

Read on the Web

Web Operations Weekly

..soon to be Statuscode Weekly

How a BGP Optimizer Knocked Large Parts of the Internet Offline— BGP is a protocol that defines how traffic should be routed around the Internet and an accidental ‘leak’ of some very specific routes this Monday led to a lot of the Internet’s traffic being routed to a single small company in Pennsylvania. Here’s what happened.

Tom Strickx (Cloudflare)

The Raspberry Pi 4 Has Been Released— The Raspberry Pi has been a popular, budget single board machine since its launch in 2012 and it has been surprisingly popular for ops related experiments (with people building things like Pi-powered Kubernetes clusters). The latest version is significantly faster, has gigabit Ethernet, and supports up to 4GB RAM. Wondering what to use one for? Hacker News has an extensive thread answering that.

Raspberry Pi

Troubleshoot Across Hundreds of Microservices with Datadog— Datadog’s Service Map automatically plots out the dependencies in your microservices architecture for seamless, context-rich troubleshooting.

Datadog sponsor

AWS Load Balancer Now Supports UDP— AWS’s high performance network load balancer now supports the ability to load balance UDP traffic (in addition to the usual TCP). Why is this cool? It opens up opportunities with DNS, QUIC (HTTP3), SIP, SNMP, and other UDP-based protocols.

Jeff Barr (AWS)

AWS Control Tower: A Way to Set Up and Manage a Multi-Account AWS Environment— At a certain scale, it’s common to set up multiple AWS accounts within a company to separate concerns (e.g. staging vs production services). Control Tower is a new AWS service to make this whole process simpler to manage.

Jeff Barr

💻 Jobs

Senior Node.js + DevOps Engineer - (Remote)— Engineers wanted to deploy Node.js applications that depend upon individual cryptocurrency daemons using AWS servers.

Exodus

Find a WebOps Job on Vettery— Vettery specializes in tech roles and is completely free for job seekers.

Vettery

📖 Stories and Opinions

The Case for Regulatory Capture at ICANN— ICANN is reviewing how the .ORG domain registry’s contract works, part of which would involve removing the current price cap on such domains, something almost no-one supports.

Kevin Ohashi

Athena: Automated Build Health Monitoring at Dropbox Engineering— Dropbox’s engineering team runs 35,000 builds and millions of automated tests everyday so they created a build monitoring system to minimize the manual intervention necessary to detect and quarantine flaky tests.

Hrishikesh Barua

Manifold Launches Marketplace-as-a-Service— Developer-facing platforms can now add a cloud services marketplace to their ecosystem with little effort and zero upfront costs.

Manifold sponsor

Raspberry Pi on Raspberry Pi— We featured the launch of the Raspberry Pi 4 above, but did you realize that the Pi is more than powerful enough to host its own Web site?

Mythic Beasts

How Do You Delegate to a Group of People?

Anna Shipman

An Overview of Spam Detection APIs— A look at some of the main options when it comes to detecting spam content.

Chris Coyier

💡 Tutorials

A Minimalist Guide to Lossless Compression— A brief history of lossless compression followed by a brief look at its use in a Hadoop scenario.

Mark Litwintschik

▶  A Live Walkthrough of Creating a Raspberry Pi 4 Kubernetes Cluster— Uses k3s to keep things light.

Alex Ellis

3 Strategies for Implementing A Microservices Architecture— Dump the monolith and get into microservices with these three ideas.. the ‘strangler’ method, the Lego strategy, or how about the nuclear option!

GitLab

Build Your Own Real-Time Voice Translator with AWS— Yes, there are such a ridiculous number of AWS services now that there’s an entire periodic table of them but one bonus is it’s so easy to stitch them together to create interesting projects like this.

Amazon Web Services

Working Backward: From IAM Policies and Principal Tags to Standardized Names and Tags for Your AWS Resources— If you’re an AWS user, this tutorial will help kick your use of IAM policies up to another level. If you’re not an AWS user.. this tutorial might scare you away from trying it 😂

Michael Chan

Learning to Build Distributed Systems

Marc Brooker

Spin Up a GoCD Continuous Delivery Server in Less Than 5 Minutes

GoCD sponsor

Writing HTML in HTML— CMSes, static site generators.. are they all just getting in the way of what we really want.. plain old HTML?

John Ankarström

Multicloud Strategies Are Important for Developer Ergonomics

Jevon MacDonald

Ask HN: What’s The Legality of Web Scraping?— A lot of takes on the topic here.

Hacker News

#223 — July 3, 2019

Read on the Web

Web Operations Weekly

..soon to be Statuscode Weekly

▶  GraphQL: The Documentary— How and why did GraphQL come to be and what impact is it having? To learn more, enjoy this smoothly produced 30 minute documentary on GraphSQL starring its co-creators and other ‘big names’ from the community.

Honeypot

Mozilla's SSL Configuration Generator— Mozilla has made a big update to their easy-to-use secure configuration generator that not only targets things like httpd, nginx, and HAProxy, but Postgres, Postfix, and AWS ELB too.

April King

Git Best Practices for SOC 2 Compliance Quick Wins— A practical list of Git best practices for SOC 2 compliance, written from a developer's perspective. Learn how implementing them can help you satisfy SOC 2 requirements, while improving developer productivity.

Datree.io sponsor

Scaling From 2,000 to 25,000 Engineers on GitHub at Microsoft— It was over a year ago that Microsoft announced their acquisition of GitHub, but Microsoft has been a heavy GitHub user for years. Here’s a lot of depth on how they’ve made it work at the organizational level.

Jeff Wilcox

July 2nd Cloudflare Outage Caused by Bad Software Deploy— Did you notice huge swathes of the Web going down yesterday? If not, you were lucky, as Cloudflare had a pretty significant outage that affected a lot of sites (including the site I use to check if other sites are down!)

John Graham-Cumming (Cloudflare)

Choose Boring Technology— An easy to digest Web version of a popular talk that tries to make the argument that you should focus on a core selection of flexible tools (e.g. PostgreSQL for your database, one programming language like Python..) rather than dividing up your attention learning and using new tools, even if they’re a better fit. Controversial but interesting.

Dan McKinley

ICANN Lifts All Price Caps on .org Domain Names— The same applies to .info as well, despite only 6 out of over 3000 comments being in favor of removing caps. Could .com be next?

Domain Name Wire

How GitLab Diagnosed and Discussed a Web Performance Problem— The actual incident is not the interesting thing here, but seeing how a company diagnosed and resolved the incident (which related to their use of Redis) in public is.

GitLab

💻 Jobs

DevOps Engineer at X-Team (Remote)— Join the most energizing community for developers. Work from anywhere with the world's leading brands.

X-Team

Land a New Dev Job on Vettery— Vettery specializes in tech roles and is completely free for job seekers.

Vettery

📖 Stories and Opinions

Using AWK and R to Parse 25TB of Data— This is a fun, practical look at severals approaches taken to process a large data set, including the dead ends and lessons learned before settling on a reasonably ‘rustic’ solution.

Nick Strayer

How Google Pagespeed Works: How to Improve Your Score— A look at how PageSpeed calculates its critical ‘speed score’ which not only reflects user experience but also has some input into how Google will rank your site.

Ben Schwarz

The New HAProxy Data Plane API: Two Examples of Programmatic Configuration— You already know I’m a big HAProxy fan, so it’s neat to see how the new data plane API lets you configure HAProxy 2 on the fly over a REST API.

Nick Ramirez

How to Create Chaos Engineering Dashboards with Datadog and Gremlin— In this post, Gremlin shares how they create Datadog dashboards to monitor Chaos Engineering experiments during internal "GameDays."

Gremlin sponsor

Mistakes We Made Adopting Event Sourcing (and How We Recovered)

Nat Pryce

Why Do Many Modern Programming Languages Eschew OOP Features?

Hacker News

Google’s New ReCAPTCHA Has a 'Dark' Side— “It’s always a double-edged sword,” … “You gain something, but you’re also giving Google a little more control over everything online.”

Katharine Schwab

💾 Code and Tools

LazyDocker: A Terminal-Based UI for Working with Docker— Not only is this a useful app for working with Docker, it’s a great example of a terminal-based app with a complete UI too.

Jesse Duffield

Hello, OpenAPI-to-GraphQL 1.0.0— A library to auto-generate GraphQL wrappers for existing REST(-like) APIs.

Alan Cha (IBM Research)

Google's robots.txt Parser is Now Open Source— Google is attempting to make a formally de-facto standard into a more defined one by opening up its own code (a C++ library it uses to parse robots.txt files found on sites it crawls.)

Google Search Open Sourcing Team

ORY Hydra 1.0: A Certified OAuth 2.0 and OpenID Connect Server— Written in Go and runs almost anywhere. GitHub repo.

Ory Corp

Make Your Images & Videos Load Fast & Look Beautiful with Cloudinary

Cloudinary sponsor

Meet the Family: The 'Other' AWS Serverless Services— A lot of people treat serverless and FaaS as synonyms, but it’s just not the case, and this is a good demonstration of why.. S3, DynamoDB, and AppSync are ‘serverless’ too!

Yan Cui

Astronomer: A Tool to Detect Illegitimate Stars From Bot Accounts on GitHub Projects— We monitor stars on GitHub a lot as a way to see up and coming Go projects and you wouldn’t believe just how much people try to game the system, so this is an interesting project.

Brendan Le Glaunec

Serverless Offline: Local Emulation of AWS Lambda and API Gateway— An interesting alternative to AWS SAM Local that supports Node, Python, and Ruby runtimes.

David Hérault

The Source for the Linux Kernel Used in Windows Subsystem for Linux 2— Did I ever think I’d be linking to an open source repository of Microsoft’s Linux kernel? No. (Historical trivia.. Microsoft’s first publicly released OS was actually a Unix..)

Microsoft

#224 — July 10, 2019

Read on the Web

Web Operations Weekly

..soon to be Statuscode Weekly

British Authorities to Fine British Airways £183.39m ($235m) for Data Breach— European authorities are starting to exercise the serious powers given to them by the much maligned GDPR data protection regulations. BA’s huge fine follows a cyber incident late last year, and Marriott are also due to be fined £99m ($125m) over a 4 year international security weakness that involved a leak of EU citizens’ data.

Information Commissioner's Office

The Impressive Stats Behind Amazon’s Dominance of the Cloud— Some interesting infographics based on a variety of statistics from Garner, Statista, and AWS themselves. Apparently “Each day, AWS adds as much infrastructure as they used to run in total 7 years back”(!)

Jeff Desjardins

Video for Serverless: Build Video in Just Two API Calls— Mux Video is an API-first platform, powered by data and designed by video experts to make beautiful video possible for every development team.

Mux sponsor

The Future of Websites: Headless CMSes?— An increasing number of CMSes have been shunning traditional database-driven systems in favor of API driven ones, known as “headless CMS”es. Here’s a run through some pros and cons of the approach.

Dan Fries

Amazon Aurora PostgreSQL Serverless Now Generally Available— Amazon's performance-oriented database that provides MySQL and Postgres compatibility and charges by the hour now supports a serverless ‘pay as you go’ (to a point) approach for Postgres users.

Amazon Web Services

strong_password v0.0.7 Ruby Gem Hijacked— Here is an example of why being diligent with your dependencies is a must. Tute was looking at the changelogs for gems in their app and found out one had been sneakily taken over.

Tute Costa

💻 Jobs

DevOps Engineer at X-Team (Remote)— Join the most energizing community for developers. Work from anywhere with the world's leading brands.

X-Team

Land a New Dev Job on Vettery— Vettery specializes in tech roles and is completely free for job seekers.

Vettery

📖 Tutorials

There's More Than One Way to Write An IP Address— While it goes into somewhat more depth than this, if you didn’t know you can write 127.0.0.1 as 127.1.. this is for you.

Mattias Geniar

How to Enable DNS-over-HTTPS (DoH) in Firefox— A step by step guide to enable DNS-over-HTTPS (DoH) support in the Firefox browser (the only browser that supports it so far).

Catalin Cimpanu

How the Dat Protocol Works— A surprisingly in-depth and highly visual explanation of the P2P hypermedia protocol.

Duncan Keall

How to Run A Small Social Network Site for Your Friends— A well thought out introduction to an interesting topic. It’s not so much the tech that’s important here but the social issues.

Darius Kazemi

▶  Securing Serverless and Container Services— An hour long talk focusing on best practices, patterns, and demos on securing serverless services using a combination of approaches.

Tomas Clemente Sanchez

An Introductory Guide to Dockerfile Best Practices

Tibor Vass

💬 Stories and Opinions

How a Malicious Site Could Make Zoom Users Enable Their Cameras Without Permission— This week’s big security story has been around Zoom, a popular video conferencing service, and their Mac client which kept a Web server running in the background on people’s machines which could be triggered to launch a video conference without permission.

Jonathan Leitschuh

Ten Years of Erlang— “These last 10 years have been amazing. What’s interesting is that the Erlang community is still small and mostly untapped.”

Fred Hebert

▶  Break Things on Purpose: The Chaos Engineering Podcast | Episode 3

Gremlin sponsorpodcast

Migrating 6.5TB of Data to AWS S3 - A Journey Concluded— The tale of taking 6.5TB of FileStream data from SQL Server and getting it into AWS which wasn’t entirely straightforward.. complete with a ‘near-heart-attack moment’(!)

Michael Saunders

The Slow Climb of PostgreSQL and the Value of Persistence— Dr. Michael Stonebraker recently gave an account of how he helped bring Postgres into the world.

Joab Jackson (The New Stack)

The Evolving Infrastructure of .NET Core— A look behind the scenes at what is a rather complex project that doesn’t fit into Microsoft’s classical project management approach.

.NET Blog

Organizations Running on More Clouds Less Likely to See Security Threats— IMO, it’s because companies using multiple clouds often need more automation and policies around the management of things..

Lawrence Hecht

Here’s What Disney+ Traffic Could Be Worth To CDNs— Disney’s new streaming service could result in a huge payday for a variety of CDN providers.

Dan Rayburn

Myths About Perl 6— The Perl world is notoriously esoteric (and it was my main language for 8 years!) but this clears up some of the long standing myths.

Tyler Limkemann

🛠 Code and Tools

Lookyloo: Scrapes A Site and Displays A Tree of Domains Calling Each Other— A visual way to look at a ‘dependency’ graph (of sorts) of the various third party assets a site uses.

Computer Incident Response Center Luxembourg

Hub: Use GitHub from the Command Line— An extension to git that’s for performing common GitHub-specific tasks (e.g. check out pull requests) without having to leave the terminal.

GitHub

A Partner for Your Database Operations— PGX provides operational support for PostgreSQL databases. We keep your database going, so you can focus on your business.

PostgreSQL Experts, Inc sponsor

DuckDB: A New, Embeddable SQL OLAP Database System— Built in C++, DuckDB bills itself as ‘the SQLite for Analytics’ and has bindings for C/C++, Python, and R. GitHub repo.

CWI Database Architectures Group

The Dhall Configuration Language: A 'Non-Repetitive' Alternative to YAML— Check out the live demos on the homepage for a feel of how it works.

Gabriel Gonzalez et al.

#225 — July 17, 2019

Read on the Web

⚠️ Several weeks ago we announced that Web Operations Weekly would be gradually becoming StatusCode Weekly, a still ops-leaning but more general development newsletter, reflecting the state of the developer scene in general.

Things are going well and over the next few weeks you'll see the From address and our domain name change, so be aware of that. For now, though, thanks for your ongoing support and we hope you enjoy this issue 🙂
— Peter Cooper, editor

Amazon EventBridge: Event-Driven AWS Integration for SaaS Apps— Most companies now use a vast array of SaaS apps for various tasks (customer service, monitoring, CRM, etc.) and EventBridge aims to.. bridge the divide between these apps and your own by way of a serverless event bus that connects application data from your own apps, SaaS, and AWS services. Trek10 think it's the biggest thing since AWS Lambda.

Jeff Barr (AWS)

QuickJS: A New, Small, Embeddable JavaScript Engine— Fabrice Bellard, the genius behind FFMPEG and JSLinux, is back with another project.. a complete JS engine (supporting the ES2019 spec!) built in a relatively tiny amount of C. This won’t replace engines like V8 in most cases, but could find a use in embedded or WebAssembly-oriented scenarios such as in this live demo.

Fabrice Bellard

Do You Need Golang or Kubernetes Training?— We offer on-site corporate training for engineers that want to learn Go (Golang) or Kubernetes. Having trained over 4,000 engineers since 2013, we have carefully crafted these classes for students to get as much value as possible.

Ardan Labs sponsor

A Deeper Dive into Cloudflare's July 2 Outage— Cloudflare suffered an hour’s outage on July 2nd and here’s pretty much every detail about the outage that’s worth knowing. The crux of the issue in this case? A bad regular expression!

John Graham-Cumming

YugaByte DB Relicenses as 100% Open Source— Yugabyte has been around for a few years and is a high performance, distributed database that supports both SQL and Cassandra APIs. It’s now fully open source including its previously closed-source, enterprise features.

Karthik Ranganathan (YugaByte)

ListMonk: A High Performance, Self-Hosted Newsletter and Mailing List Manager— It’s always great to see new entries in this space as there are so few solid options.

Kailash Nadh

💻 Jobs

DevOps Engineer at X-Team (Remote)— Join the most energizing community for developers. Work from anywhere with the world's leading brands.

X-Team

Land a New Dev Job on Vettery— Vettery specializes in tech roles and is completely free for job seekers.

Vettery

📖 Tutorials

Using fzf to Turn CLI Tools into Live REPLs— This is a clever idea. It uses the fzf‘fuzzy finder’ and its preview feature to turn command-line tools into a mini live REPL of sorts.

Pawel Duda

▶  Blazor: A Framework for Browser-Based .NET Apps— Blazor takes .NET into the browser via WebAssembly and can interoperate with JavaScript. One to watch.

Steve Sanderson

Using Time Series for Application Performance Monitoring to Win at the Flight E-ticket Sales Game

InfluxData sponsor

▶  How to Build Your Own Virtual Machine with /dev/kvm and Rust— A brief 10 minute talk that covers the foundational concepts of creating a bare-bones VM of your own.

Josh Triplett

A Guide to Building Scalable Web Scrapers with Scrapy— Scrapy is a popular open-source Python framework for writing scalable web scrapers.

Daniel Ni

💬 Stories and Opinions

How I Made AWS Lambda Work for My SaaS— I always like a good story-meets-case-study. Here, we get the story of how an API monitoring service uses AWS Lambda coupled with distributed background jobs to keep things running.

Tim Nolet

What Happens If You Try To Get 'Your' Username on Various Sites— One man’s attempt to get ‘his’ username on a variety of services, even when that name was already taken. It’s worth thinking about your own policies on this matter if you run a popular online service.

Terence Eden

Your Nines Are Not My Nines— Just because your service has 99.999% availability doesn’t mean there aren’t customers suffering significant problems..

Rachel Kroll

📕 20 Patterns to Watch for in Engineering Teams

GitPrime sponsor

Why Benchmarking Distributed Databases Is So Hard— Benchmarks are hard to get right, and many articles touting benchmarks are actually ‘benchmarketing’, showcasing skewed outcomes to sell products.

Ana Hobden (PingCAP)

Ask Hacker News: When Does It Make Sense to Roll Your Own 'X'?— Hacker News users discuss when it makes sense to adopt a dependency or roll your own.

Hacker News

.NET Reunified: Microsoft’s Plans for .NET 5— Microsoft is proposing to merge the source code streams of several key frameworks—.NET Framework, .NET Core and Xamarin/Mono.

Microsoft

From Laptop to Lambda: Outsourcing Everyday Jobs to Thousands of Transient Functional Containers— An academic paper presenting gg, a toolset for letting people execute ‘everyday’ applications (e.g. compilation, video encoding, test runs) across thousands of cloud-hosted parallel threads.

Fouladi, Romero, et al.

🛠 Code and Tools

Martian: A Library for Building Custom HTTP/S Proxies— An interesting (unofficial) Google project for inspecting, mocking or otherwise messing with passing HTTP traffic.

Google

Toxiproxy: A TCP Proxy to Simulate Chaotic Network and System Conditions— A fantastic tool you can use to see how your app copes with outages in third party APIs, databases, network accessible caches, etc. It’s written in Go but there are client libraries for Go, Ruby, Python, .NET, PHP, Node.js, Java and Haskell, so you can integrate it directly into your test suites.

Shopify

Microsoft Open Sources Q#, its Quantum Computing DSL— Want to dip a toe into the nascent world of quantum development? MS has open sourced a new F#-based DSL and toolchain.

Microsoft

simdjson: A C++ Library for Parsing Gigabytes of JSON Per Second— JSON is more heavily used as a data interchange format now than ever and servers spend a lot of time parsing JSON documents. This project is an experiment in making such parsing extremely fast.

Daniel Lemire

#226 — July 24, 2019

Read on the Web

Microsoft Says We Need A Safer Systems Programming Language— And, spoiler alert, Microsoft actually thinks it’s Rust! A huge boost for the still up and coming language originally built at Mozilla, but should we get ready for see R# soon? 😄

Microsoft Security Response Center

Smashtest: A Language for Describing Test Cases— A Cucumber-esque way to write end to end tests in a more natural way but which essentially boil down to JavaScript powered tests. The examples on the homepage do a good job of selling the idea.

Smashtest

The Early Security Engineer’s First 90 Days Checklist— Check out the latest best practices for WebOps and security engineers to prioritize and ramp up their security efforts.

Sqreen sponsor

HTTP Security Headers - A Complete Guide— A description of each security header of significance, its importance, and how to use them to secure sites you manage in one way or another.

Charlie Belmer

Introducing Osgood: A New V8-Based Platform for Building HTTP Servers— Built using Rust and the V8 JavaScript engine, Osgood is a new platform (a la Node) focused around building secure HTTP services. Security comes by demanding that I/O requirements are specified and enabled ahead of time. GitHub repo.

Thomas Hunter II

Economics-Based Answers to 'Why Wasn't This Page Found?'— A fun find on the Financial Times site where their 404 Not Found page explains why the page wasn’t found using different economic theories and principles (e.g. socialism or Keynesian economics).

The Financial Times

💻 Jobs

CI/CD Solutions Engineer - Semaphore CI (Remote - Europe)— You will apply your DevOps and CI/CD expertise to be the creative force behind the successful onboarding of Semaphore's customers.

Semaphore

Find a Job Through Vettery— Vettery matches top tech talent with growing companies. Create a profile to get started.

Vettery

💬 Stories and Opinions

When A Rewrite Isn’t: Rebuilding Slack on the Desktop— A brief look behind the scenes at how chat service Slack has made significant improvements to their Web technology-based desktop client.

Mark Christian and Johnny Rodgers (Slack)

Standby in Production: Scaling at the Second Largest Classified Site in the World— Avito is Russia’s largest classified ads site and stores 20TB of data across a hundred PostgreSQL nodes. Here’s a very detailed, behind the scenes look at their Postgres high availability setup.

Konstantin Evteev

How Uber, Facebook, and Netflix Do SSH— A look at three companies who are setting an example for others to follow and who have written publicly how they’re approaching SSH.

Jon Silvers

Do You Need Golang or Kubernetes Training?— On-site corporate training. Having trained over 4,000 engineers since 2013, we've crafted classes for students to get as much as possible.

Ardan Labs sponsor

What It's Like to Be a Developer in Iran— Censorship and sanctions undoubtedly play a role.

Shahin Sorkh

How We Built a GDPR Compliant Website Analytics Platform Without Cookies— It involves creating multiple complex hashes for each visitor that can’t be connected to one another.

Fathom Analytics

The Business Executive's Guide to Kubernetes— Some ‘hard truths’ about Kubernetes and what it means for your business.

Jessie Frazelle

8M Lines of Hotel-Related Code Exposed in Elasticsearch Database Configuration Failure?— If you don’t have a system around setting and checking both the authentication and network access policies of all your database systems, now is the time to start.

SiliconANGLE

📖 Tutorials

What's Coming in Python 3.8— The next version of Python is feature complete and will finally release in October.

Jake Edge

Do-Nothing Scripting: The Key to Gradual Automation?— An interesting idea for handling manual procedures within ops teams by creating scripts that give instructions but don’t perform any tasks themselves.

Dan Slimmon

Algebraic Effects for the Rest of Us— A nicely accessible introduction to algebraic effects, a concept from functional programming research that Dan hopes will catch on in at least one mainstream language soon.

Dan Abramov

The History and Effective Use of vim— A must-read for Vim fans.

Joe Nelson

Managing a Secure JSON Web Token Implementation

Daniel Fanfara

What Were CGI Scripts?— If you were building webapps prior to 2005, you probably encountered CGI scripts, essentially scripts or executables that would be run on a per-request basis (we used one for newsletter signups till 2014!)

Rick Carlino

🛠 Code and Tools

Fork: A 'Fast and Friendly' Git Client for Mac and Windows— An attractive and feature-rich Git client which, while it’s ‘freeware’, is not open source.

Dan Pristupov and Tanya Pristupova

Redis Gears: A New Scripting Language for Redis— An interesting addition to the Redis data structure key/value store. Gears is a new module that adds a Python-based, cluster-aware scripting language for performing more advanced queries upon data. GitHub repo.

Redis Labs

Pantheon’s Webops Platform Achieves 156% ROI and CMS Upgrade Management by 1.7x on Average

Pantheon sponsor

Announcing Docker Enterprise 3.0 General Availability

David Hamdani (Docker)

The Original Apollo 11 Guidance Computer (AGC) Source Code— An interesting historical artefact, and if you want to actually understand it in full, Pluralsight has released a free course covering how it works.

Chris Garry

#227 — July 31, 2019

Read on the Web

'How I Use The Good Parts of AWS, While Filtering Out All The Hype'— A rolled up Twitter thread that was very popular last week and raised some interesting points in how to use AWS well (which controversially involves avoiding Lambda, API Gateway, Kubernetes, and more..)

Daniel Vassallo on Twitter

Amazon's Text-to-Speech Service, Polly, Gets a Major, ML-Driven Quality Upgrade— Polly is the AWS service for turning text into speech, and I’ve found it rather.. robot-like till now. This update with new ML-based ‘neural text-to-speech’ and ‘newscaster-style’ reading helps a lot. There are lots of examples right in the post.

Julien Simon (AWS)

Exploring Domain-Driven Design at CircleCI— Domain-Driven Design connects software architecture and relevant domains by using a universally accepted model. For my team, there are two concepts that have been helpful to us: defining our Bounded Contexts and our Ubiquitous Language.

CircleCI sponsor

GitHub Blocks Developers in Iran, Syria and Crimea— The impact of U.S. trade restrictions is trickling down to the developer community, including at Microsoft-owned GitHub where developers in countries like Iran have been unable to access private repositories.

TechCrunch

Registrar Namecheap Stands Up to ICANN to Keep Domain Prices in Check— ICANN recently announced that it would remove price caps for the .org TLD which could significantly increase domain prices. As a major domain registrar, Namecheap has officially asked ICANN to reconsider its decision.

Richard Kirkendall (Namecheap)

💻 Jobs

Find a Job Through Vettery— Vettery matches top tech talent with growing companies. Create a profile to get started.

Vettery

💬 Stories and Opinions

Just How Can It Take 'Days' to Unsubscribe Someone From an Email List?— An interesting story in a Twitter thread that answers the question of why it can sometimes take multiple days to be removed from an email list (not ours!) .. manual labor, antiquated systems, and 24 hour delayed SQL queries play a role.

Joe Pettersson on Twitter

S3 Bucket Namesquatting: Abusing Predictable S3 Bucket Names— A warning and call to check out your own setup if you’re using S3 with region substitution in bucket names.

Ian Mackay

How Mux Routed Around a Major Network Outage— Read about how we used dynamic CDN selection to maintain the performance of Mux Video during the June Verizon outage.

Mux sponsor

Tracking DNS Records in Version Control— How the company behind Business Insider keeps (structured) track of their Dyn and NS1-based DNS records.

Mahmoud Dolah

The Pipeline Driven Organization: Enabling True Continuous Delivery— “The less human bottlenecks stand in the way of pipelines, the more pipeline driven we become, which enables true continuous delivery.”

Roy Osherove

How Much Does It Cost to Host a Podcast on Amazon AWS?— Versus using a dedicated podcasting host.. the spoiler is, avoid AWS for this unless you really know what you’re doing.

James Cridland

Don't Ask If A Monorepo Is Good for You – Ask If You're Good Enough for A Monorepo..

Yossi Kreinin

📖 Tutorials

Kubernetes Deployments: The Ultimate Guide— What you need to know about Kubernetes deployments to deliver your Docker containers to production.

Jérôme Petazzoni

How SAML 2.0 Authentication Works— Security Assertion Markup Language (SAML) provides a way to exchange authorization and authentication information between services, such as in SSO situations.

Russell Jones

Chaos Engineering Through Staged Resiliency

Gremlin sponsor

Cache Me If You Can: HTTP Caching Concepts Explained— A walk through a variety of HTTP caching concepts and techniques.

Léo Jacquemin

A Dive into PostgreSQL on AWS Aurora— Amazon Aurora boasts PostgreSQL compatibility but what does it really offer, how is it to use, and what are its limitations? Viorel Tabara takes a look.

Severalnines

How to Scan Docker Images for Vulnerabilities with Harbor— Harbor is an open source cloud native registry that stores, signs, and scans container images for vulnerabilities.

Jack Wallen

C++20 Is Feature Complete; Here’s What Changes Are Coming— If you haven’t played with C++ in many years, there’s a lot to enjoy (including the goodies from C++11 and C++17 like lambdas and auto).

Sven Gregori

🛠 Code and Tools

DB Fiddle: An SQL Database Playground— I’ve found this tool useful for testing out little bits of SQL. It lets you run basic queries upon several versions of MySQL, PostgreSQL, and SQLite, right from the browser.

Status200

Introducing AWS Chatbot: ChatOps for AWS— A new service that enables devops teams to receive AWS notifications and execute commands in Slack channels and Amazon Chime chat rooms.

Ilya Bezdelev (AWS)

LinkedIn Open Sources Brooklin: Near Real-Time Data Streaming at Scale— Brooklin is a distributed service for working with streaming data at scale and has been heavily used by LinkedIn for the past few years. It’s built in Java and is now open source.

LinkedIn Engineering

SFTPGo: A Full Featured SFTP Server Built in Go— Supports password and public key auth, is database driven, includes a REST API for user and quota management, and more.

GitHub

Liftbridge: Lightweight, Fault-Tolerant Message Streams— A server that implements a durable, replicated message log for NATS.

Liftbridge

#228 — August 7, 2019

Read on the Web

PartiQL: A Universal, SQL-Compatible Query Language— PartiQL is a new query language that extends SQL to be able to support non-relational, schemaless and other data formats too. It’s open source and already in use internally in various AWS systems. One of its co-creators also created SQL++ (which saw implementation via Couchbase’s N1QL) several years ago.

Papakonstantinou, Goo, et al.

CapitalOne's Data Breach: What They Got Wrong (and Right)— CapitalOne recently suffered a huge data breach at the hands of a former AWS employee which involved a variety of S3 buckets being scanned and downloaded. Here’s some further technical explanation.

Corey Quinn

Git Best Practices for SOC 2 Compliance Quick Wins— A practical list of Git best practices for SOC 2 compliance, written from a developer's perspective. Learn how implementing them can help you satisfy SOC 2 requirements, while improving developer productivity.

Datree.io sponsor

Cloudflare (and Others) Terminate 8Chan's Hosting Services— 8chan is/was a weakly moderated message board which served as a base for numerous disturbing communities, some of which have been implicated in recent tragedies. 8chan used Cloudflare as a CDN and for DDOS protection, but Cloudflare, well known for its neutrality as a service provider, has had enough. A company that provided servers that 8chan was hosted on has also pulled the plug.

Matthew Prince (CloudFlare)

Amazon Won't Spin Off AWS, and That's Too Bad for AWS— Many customers are not using AWS the way it’s designed to be used, as a holistic, deeply integrated platform, and the looming shadow of Amazon is the reason why.

Forrest Brazeal

RTB RIP? The Writing Could Be On The Wall For Real-Time Bidding In Europe— Real-time bidding (RTB) is a technique in which Web advertising inventory is bought and sold via instantaneous auctions, but with laws like GDPR, its days could be numbered.

Allison Schiff

💻 Jobs

DevOps Engineer at X-Team (Remote)— Join the most energizing community for developers. Work from anywhere with the world's leading brands.

X-Team

WebOps Developers Are in Demand on Vettery— Ready for a bold career move? Make a free profile, name your salary, and connect with hiring managers from top employers today.

Vettery

💬 Stories and Opinions

All The Best Engineering Advice I Stole From Non-Technical People— Some interesting bits and pieces in here. If you like stuff like this, check out our Code Wisdom Twitter account as well :-)

Marianne Bellotti

How I Finally Won My Name from Domain Squatters After 9 Years of Waiting— If, like me, you take a special interest in domain names (and buying too many of them) this tale of woe-made-good will be up your street.

Jerry Alex

Chaos Conf Is Back— Now in its second year, Chaos Conf is a must-attend for anyone interested in Chaos Engineering and resilience.

Gremlin sponsor

Why I Turned Down an AWS Job Offer— “I once turned down a job offer from AWS, who told me my reasoning was preposterous. Last week they did exactly what I was afraid of.”

Corey Quinn

How TCP Segment Size Can Affect Application Traffic Flow— I doubt many of us are working with firewalls down at such a low level, but an interesting dig into the nitty gritty of TCP nonetheless.

Shashank Suresh Kumar (Walmart Labs)

Don’t Underestimate Grep Based Code Scanning— When it comes to scouring source code for security issues, a naive approach can get you a rather long way..

Crazy Contini

How CircleCI Processes Over 30 Million Builds Per Month

StackShare

📖 Tutorials

A History of Amazon Web Services— The visualization is not the best, but this is a pretty neat list of AWS’s almost 150 (yes!) services and when they were first announced and released.

Jerry Hargrove

▶  PID Loops and the Art of Keeping Systems Stable— A developer involved in building EC2, S3, and other AWS services shows what PID loops (essentially feedback and control loops - nothing to do with process IDs!) look like in the context of modern systems, and how exponential backoff, flow-control, and other techniques can be wielded to build self-healing systems.

Colm MacCárthaigh

▶  What is Observability and How to Measure the Quality of Microservices— A 35 minute interview with Charity Majors of Honeycomb on observability and going beyond logs and dashboards to better understand the systems we build.

Charity Majors and Darko Fabijan podcast

Picture Perfect: How JPEG EXIF Data Hides Malware— The metadata stored inside JPEG images isn’t an obvious attack vector.. which is partly what makes it a dangerous one.

Shyam Sundar Ramaswami

🛠 Code and Tools

ipify: A Simple Public IP Address API— A free and open service to quickly grab your public-facing IP address in various formats.

Randall Degges

Seashells: Pipe Output from CLI Programs to the Web in Real Time— Keep the security implications in mind, of course.

Anish Athalye

Test Drive GoCD in Minutes

ThoughtWorks GoCD sponsor

LF: A Fully Decentralized, Fully Replicated Key/Value Store— It’s billed as ‘beta’ software, but this is an interesting experiment in creating a fast data store for ‘small but critical’ pieces of information (think etcd but suitable for open, decentralized systems).

ZeroTier, Inc.

Gitea 1.9.0 Released— This self-hosted Git service, written in Go, has just reached version 1.9.0. It contains various security fixes that could not be backported to 1.8 — as such, updating is strongly recommended.

Gitea

Artichoke Ruby Playground: A New Ruby Interpreter— Artichoke Ruby is a Ruby interpreter built in Rust (GitHub repo). They’ve released a cool in-browser playground for playing with it and it has some exciting potential usages given it can compile to WebAssembly.

Artichoke

#229 — August 14, 2019

Read on the Web

A Proposal to Shorten Maximum TLS/SSL Certificate Lifetimes to 13 Months— A new CA/Browser Forum proposal being discussed now would shorten maximum certificate lifetimes to 13 months. This comes after lifetimes were reduced from 39 to 27 months in 2018.

Timothy Hollebeek

Paged Out! A New Security and Hacking Developer Magazine— Topics in the first issue run the gamut from JavaScript to C#, PNGs, the NES, reverse engineering and rsync. It's freely downloadable as a 12MB PDF.

Paged Out! Institute

Tutorial: How to Build APIs Your Users Love— Learn about common pitfalls and gotchas when designing an API. Plus, hear about how Mux uses an OpenAPI driven toolchain to accelerate product development.

Mux sponsor

GitHub Actions Now Supports CI/CD (Free for Public Repos)— Actions, GitHub’s process and workflow automation platform, now includes built-in CI/CD.

The GitHub Blog

Are Microsoft's License Changes 'Bad for the Cloud Industry'?— Last week we mentioned how Microsoft’s new licensing terms will impact users using on-prem services on ‘dedicated hosted cloud services’ (e.g. AWS). Cloud economist Corey Quinn thinks this is a bad move and represents ‘old Microsoft’ rearing its head.

Corey Quinn

NGINX Updates Mitigate Latest HTTP/2 Vulnerabilities— NGINX has unveiled a variety of updates to its HTTP server in response to the recent discovery of security vulnerabilities in several HTTP/2 implementations.

NGINX, Inc.

AWS Lake Formation Now Generally Available— Not got enough time to build a data warehouse..? Just throw your data into a ‘data lake’, basically a giant pit of all of your data which you can query at leisure. Lake Formation makes the process simpler if you’re using AWS.

Amazon Web Services

💻 Jobs

Lead Cloud Security Engineer— Make an impact as our first Security Engineer, focusing on driving innovation and best practices around our cloud security efforts.

Cockroach Labs

WebOps Developers Are in Demand on Vettery— Ready for a bold career move? Make a free profile, name your salary, and connect with hiring managers from top employers today.

Vettery

💬 Stories and Opinions

How We Built a Logging Stack at Grab— Before the work outlined in this post, “performing a query for a string from the last three days was something only run before you went for a beverage.” I think we can all sympathize.. Elasticsearch to the rescue!

Daniel Kasen

Why Our Team Cancelled Our Move to Microservices— A headline like that is always going to attract attention. An interesting story, though, and proof that no one architecture is a one-size-fits-all.

Steven Lemon

Monolith to Microservices to Serverless: One Company's Journey— It’s brief and high level, but here’s the tale of how call tracking service ResponseTap broke their monolithic app into Docker-ised microservices and then embraced AWS and serverless computing.

Ben Jones

Chaos Conf Is Coming Back to San Francisco. Tickets Start at $299

Gremlin sponsor

Not Sold Yet, GraphQL: A Humble Tale from Skeptic to Enthusiast— Garrett Heinlen talks about how Netflix builds and deploys GraphQL and how they are running it in production.

InfoQ

Lorem Picsum – Death by A Million Pixel-Gigabits— Or how to serve half a billion placeholder images a month on a budget. A short but sweet case study where Varnish, Redis, and DigitalOcean Kubernetes all make an appearance.

David Marby

How a Scalable SQL Database Powers Real-Time Analytics at Uber

MemSQL

Building a Real-Time Anomaly Detection System for Time Series at Pinterest

Kevin Chen and Brian Overstreet

Everything You Need to Know About Automation Testing— It’s time to take advantage of automation tools to streamline WebOps and DevOps.

Zephyr sponsor

A Look at Serverless Framework's EventBridge Integration— AWS EventBridge provides a serverless, event-driven way to connect third party services and AWS services together. Serverless Framework now has a way to work directly with it – here’s two use cases.

Philipp Müns (Serverless, Inc.)

The Traits of Serverless Architecture— Low barrier-to-entry, hostless, stateless, elasticity, distributed, and event-driven.

Wisen Tanasa (ThoughtWorks)

What I Do as a 'DevOps Engineer'— It’s all about being a jack of all trades.

André Ilhicas dos Santos

🛠 Code and Tools

Ciao: An Open Source HTTP Monitoring Service— Built on Ruby on Rails, but easily deployed anywhere with Docker, Ciao is an open source webapp that checks HTTP endpoints and can send notifications when things occur (e.g. a site goes down or throws an error).

Brot and Games

Kubernetes Gated Deployments— A look at a Kubernetes extension GoDaddy has built and open sourced that automates regression testing and canary analysis, complete with rollbacks if things go back.

GoDaddy Engineering

OpenCensus Web: Full End-to-End Observability for Your Entire Stack— OpenCensus Web is a tool to trace and monitor the user-perceived performance of your web pages.

Google

Preview Release of the new AWS Tools for PowerShell— AWS have been refactoring their popular PowerShell AWS Tools which have exploded to a hard-to-manage 6000 cmdlets spanning 160 services.

Amazon Web Services

AWS Amplify Gets Local Mocking and Testing Features— The Amplify Framework can now locally mock AppSync GraphQL APis, AWS Lambda functions, S3, Cognito pools and more, making the development process a lot easier. Here’s a practical walkthrough of the features.

Amazon Web Services

🥇 A Golden Oldie

A Readable Specification of TLS 1.3— It’d be great if more people made things like this 😄 An engineer has created a “biased copy of RFC 8446” (which defines TLS 1.3) complete with explanatory videos. It’s still very technical but easier to digest nonetheless.

David Wong

#230 — August 21, 2019

Read on the Web

How AWS Powered Amazon's Prime Day 2019— Amazon drove a ‘record breaking’ amount of traffic and sales on this year’s Prime Day, all powered by AWS services like CloudFront, DynamoDB (which peaked at serving 45.4 million requests per second), and Aurora.

Jeff Barr

Microsoft Introduces Beta of Its Chrome-Based Edge Browser— Available for Windows and macOS, the beta release of Edge is the third and final preview release of Microsoft’s new Chromium-based browser, although Microsoft is declaring it ‘ready for everyday use’ with this release. It also includes the ‘Internet Explorer mode’ for back compatibility with IE 11.

Joe Belfiore (Microsoft)

How to Develop a Successful DevOps Testing Strategy— Everything you need to know about building a DevOps strategy starts here. Get expert tips and tools that will streamline and automate your entire software delivery lifecycle.

Zephyr sponsor

Cloudflare Plans to Go Public, Here's Its S-1— When a company wishes to offer its shares for public sale in the US, it has to file a document with the authorities to disclose info about their business, how it’s performing, etc. Here’s Cloudflare’s.

SEC

IETF Publishes JMAP Spec, An Attempt to Modernize Email— We’ve briefly mentioned this before, but the specifications for the ‘JMAP’ email protocol have now been reviewed and published by the Internet Engineering Task Force (IETF). It remains to be seen if providers other than Fastmail and Topicbox adopt it, however.

Fastmail

Highlights from Git 2.23: Alternatives for git checkout— Yes, there’s a new version of git. The biggest tweak comes via two new commands, git switch and git restore which aim to break down the git checkout experience into something more controllable.

The GitHub Blog

💻 Jobs

DevOps Engineer at X-Team (Remote)— Join the most energizing community for developers. Work from anywhere with the world's leading brands.

X-Team

WebOps developers are in demand on Vettery— Make a free profile, name your salary, and connect with hiring managers from top employers.

Vettery

💬 Stories and Opinions

The Architecture of a Static, Wiki-Like Site from 1996— I saw this on Hacker News and thought it was interesting, particularly through the lens of the renaissance of static site generation. It involves forms, email, and turning emails into site edits.

Colin Wright

How 21st Century Datacenter Locations Can Be Driven by 19th Century Politics

George Moore

The (Not So) Hidden Cost of Sharing Code Between iOS And Android— Dropbox used to share C++ code between their iOS and Android apps but the overhead of doing so turned out to be more costly than just writing two versions..

Eyal Guthmann (Dropbox)

📕 20 Patterns to Watch for in Engineering Teams— Actionable insights to help you debug your development process with data. Get your copy.

GitPrime sponsor

Why Software Architects Must Be Involved in the Earliest Systems Engineering Activities

Sarah Sheard

What I've Learnt in a Year of Working Remotely— Working remotely as a software developer is increasingly common, and despite the obvious advantages, there are a lot of complicated tradeoffs too.

Mike Davidson

Behind The Scenes of Pinterest’s Next-Gen Content Moderation Platform, Pinqueue3.0

James Man (Pinterest Engineering)

📖 Tutorials and Knowledge

Some Distributed Systems Vocabulary— Brief, high level explanations of CAP, ACID, Harvest and Yield, BASE, CALM, consistency levels, and more. All things worth knowing (or knowing how to look up!)

Will Larson

How to Start Your Own ISP— A practical guide to starting your own (wireless) Internet Service Provider.

Graham Castleton

Do You Need Go or Kubernetes Training?

Ardan Labs sponsor

Using Callback URLs for Approval Emails with AWS Step Functions— A clever use for a Step Functions state machine – sending out an email and then awaiting for a user to click an approve/reject link within the mail.

Ben Kehoe

Bringing Serverless to a Page Near You with Hugo and Kubernetes— Discover how to migrate a Hugo-powered static site over to OpenFaaS complete with custom domains, TLS, and CI/CD.

OpenFaaS

You Can Now Trigger Kernel Panics on Your EC2 Instances— Initially it sounds like one of those “but why?” features but it’s basically to help you diagnose problems with unresponsive instances.

Sébastien Stormacq

🛠 Code and Tools

Ruby on Rails 6.0 Released— The latest big release of the popular rapid webapp development framework for Ruby is out.

Official Rails Blog

MongoDB 4.2 Released— The popular document-oriented database takes a step forward with support for distributed ACID transactions, on-demand materialized views, and retryable reads and writes (for handling transient cluster failures). Client-side field-level encryption is also in beta.

Eliot Horowitz (MongoDB)

Going 'Serverless' on Google Cloud Platform— A roundup of what GCP offers when it comes to no-ops services from the Firebase backend to Cloud Functions, App Engine, Cloud Run, and Compute Engine.

Tyler Treat

A New Way to Run .NET 'Apps' Directly From a GitHub Gist— A look at an interesting open source project that now brings an embeddable JavaScript-inspired scripting language, #Script, to .NET Core and .NET apps.

Scott Hanselman