Architecture Weekly #127 - 15th May 2023
Welcome to the new week!
We released the new major version of Marten: v6. I gathered some of my thoughts/insights/lessons learned about running an Open Source project that came to my mind after releasing it.
If you are:
- running Open Source project
- Marten user,
- interested in my work,
- or just have enough time to read some,
then it may be interesting to you.
See also a nice write-up on the OSS “work” on the GitHub blog:
The funniest event I saw last week was DataDog leaking information that one of the customers spent 65 million dollars on their services. Yes, that’s not a typo. Based on another outstanding research from Gergely Orosz, it seems (not surprisingly) that it was Coinbase - a crypto company. They were getting so much money on the trading that they didn’t bother such small spending. Of course, they recently start to care. Read this article to see the buy/do decision-making drivers and if millions of dollars on observability is always too much (TLDR: it’s not).
Speaking about costs, having zero downtime migrations or deployments can also be an extremely costly process. Rarely it’s entirely justified in regular projects. We should always think realistically about SLA and SLO. Still, sometimes we need that, and it’s good to see the horizon of how to achieve that. We don’t need bulletproof solutions like Netflix, but we can always learn from their example and map it to our case.
Google turned on Autopilot automatically for their managed Kubernetes. It’s a good step in making Kubernetes commodity and infrastructure layer. If we’re starting to use it, and don’t have enough specialists in our team, then having the general best practices and tunning applied for us may be a decent way to solve our scaling, security and costs management. Of course, the basis of trust is to control, so we should be careful and observe if other providers promote such an approach.
I wrote last week about the supply chain attack case made through the SolarWinds software. Check a report about those types of attacks made by SonaType.
Do it, especially if you’re basing on your in-house CI/CD infrastructure.
Speaking about security and Open Source sustainability, I started this release. Interestingly, USA Senate started to have a debate on it. It’s interesting in which directions those legislations will be going on. Unless it’s a blame game on the maintainers, it’s a good thing to put some regulations or best practices, especially into mission-critical software. We need to focus more on security and quality in our industry. I’m unsure if regulations are necessarily the best way to achieve that. Still, it seems that our industry cannot self-regulate and self-reflect on that correctly, so maybe this is the needed way.
Maturity is something that micro frontends are getting. Luca Mezzalira is one of that promoters and shared his story from staying seven years in the trenches.
It’s also a good time to highlight again that architecture is not only about the backend. Frontend applications nowadays can also impact the scaling of our applications. They’re not longer “just UI” but part of the services ecosystem. Not always it’s a best practice, but if we’re doing more computing on edge (user browser, mobile etc.), we can make our application more scalable.
So if you have yet another joke about JavaScript or Single-Page Applications in your pocket, consider hiding it, or at least check if your backend is not just another database over the wire. It may appear, that your frontend app is more sophisticated and have more architecture than CRUD API.
Speaking of which. If it’s just doing mapping on top of DB, then maybe it’s enough to use:
Of course, that’s a joke in general, but also a highlight that you may not always need the full-blown domain process if what you’re doing is a simple app. See more in:
Check also other links!
Cheers
Oskar
p.s. I invite you to join the paid version of Architecture Weekly. It already contains the exclusive Discord channel for subscribers (and my GitHub sponsors), monthly webinars, etc. It is a vibrant space for knowledge sharing. Don’t wait to be a part of it!
p.s.2. Ukraine is still under brutal Russian invasion. A lot of Ukrainian people are hurt, without shelter and need help. You can help in various ways, for instance, directly helping refugees, spreading awareness, and putting pressure on your local government or companies. You can also support Ukraine by donating, e.g. to the Ukraine humanitarian organisation, Ambulances for Ukraine or Red Cross.
Architecture
Motley Fool Transcribing - Datadog (DDOG) Q1 2023 Earnings Call Transcript
Netflix - Migrating Critical Traffic At Scale with No Downtime — Part 1
Luca Mezzalira - Microfrontends Anti-Patterns: Seven Years in the Trenches
Yan Cui - Is serverless overpriced? What can we learn from the PrimeVideo team?
DevOps
Natalie Arellano, Aidan Delaney - Customizing Your Buildpacks Build – Yes You Can!
Google - Autopilot is now GKE’s default mode of operation — here’s what that means for you
Databases
Java
.NET
Tools
Coding Life
Management
Industry
IT Brew - Senate takes action on open-source vulnerabilities in wake of 2022 Log4j attack
BBC - Ex-Uber security chief sentenced over covering up hack
The Byte - IBM Replacing 7,800 Human Jobs With AI, Including Human Resources