Architecture Weekly Issue #30. Articles, books, and playlists on architecture and related topics. Every record has the complexity indication: π€ means hardcore, π·ββοΈ is technically applicable right away, Β πΌ - introduction to the topic or an overview. Now in telegram as well.
WARNING πΊπ¦
It's already been 172 days of the crazy, brutal, unjustified war of Russia against Ukraine. We condemn this war and want it to stop ASAP. We continue this newsletter so you can advance your skill and help the millions of Ukrainian people in any way possible.
Scalable Real Time Event Processing with Kafka and Flink π·ββοΈ
A detailed post from DoorDash on the reengineering their event streaming platform. They introduced Kafka to all their services via Kafka Rest Proxy, and the post explaines how they come up with the solution and how they configured it to run in Kubernetes.
Allen Wang
Kubernetes Policy Management Whitepaper π€
Cloud-Native Foundation published a whitepaper on the Kubernetes Policy Management. It highlights how the Policy Management brings security of clusters and workloads and brings the pieces to have proper policy management in place. Read a short note on the whitepaper on infoq.
Mostafa Radwan
Introduction to API Contract Testing πΌ
In my practice, the situation when there is an API agreed between several teams is broken by a typo, misunderstanding or changed requirements, was quite common. Going API First typically helps to improve the situation, but does not guarantee to avoid it. Thus, we introduce testing the contracts to finish the circle. What's that and how to use it in the article by Sauce Labs.
Gabe Kaufman
Mastering the Architecture Mindset πΌ
Gregor Hohpe visited the podcast "Breaking Changes". In this episode he speaks on removing the constraints from the teams and the mindset to use facing new technologies, like what questions you should definitely ask yoursefl. Find the full episode below.
IoT Security Overview π·ββοΈ
There is a whitepaper on ResearchGate, which makes a good, detailed overview on the IoT world and the security concerns within it. It describes the different types of IoT devices, the common IoT system architecture and lists the security concerns for them.
Logical Physical Clocks π€
We know, there is no single time in a distributed system. There are different attempts to solve this: logical clocks, physical time, hybrid approach, etc. Another way of it is a Hybrid Clock algorythm. What's that? Read in the paper.
Architectures for Modern eCommerce Applications π·ββοΈ
eCommerce is the next domain I want to start share design materials on. Find a short note of a reference architecture and highlights of the best practices for the domain.
Supply Chain Integrity Framework π·ββοΈ
The threats of hijacking npm packets or docker containers increased lately. This is one of the attacks on the supply chains, as software delivery is part of one indeed. Google suggested a framework of ensuring the Supply Chain integrity for Software. Read below.
Performance Efficiency in Cloud π·ββοΈ
Going performce efficient in the cloud environment can be tricky. AWS lists the best practices for performance design as a part of their Well-Architected Framework, which contains design principles and reference architectures.
Do you really need Microservices? π·ββοΈ
Microservices can deal well with using different technology stacks, isolate failures or parallelize work between teams. But they come with a high price. Matthew Spence posted a new article on how you can tackle the same problem with less distributed approach.
Matthew Spence
PCI for dummies
Payment Card industry Data Security Standard is a set of measures to ensure that transactions are secure, traceable and convenient. There is a PDF on introduction to PCI which explains what should be done if you store and process card holders data.
This newsletter is hosted on GCP and uses Mailgun to send the emails. The cost is ~$25 per month. Liked it? Consider helping to run this newsletter at Patreon :)