Architecture Weekly Issue #78. Articles, books, and playlists on architecture and related topics. Split by sections, highlighted with complexity: ๐ค means hardcore, ๐ทโโ๏ธ is technically applicable right away, ย ๐ผ - is an introduction to the topic or an overview. Now in telegram as well.
WARNING ๐บ๐ฆ
It's already been a year since Russia's crazy, brutal and unjustified war against Ukraine. We condemn this war and want it to stop ASAP. We continue this newsletter so you can advance your skill and help the millions of Ukrainian people in any way possible. If you want to help directly, visit this fund.
Big thanks to Nikita, Anatoly, Oleksandr, Dima, Pavel B, Pavel, Robert, Roman, Iyri, Andrey, Lidia, Vladimir, August, Roman, Egor, Roman, Evgeniy, Nadia, Daria and Dzmitry for supporting the newsletter. They receive early access to the articles, influence the content and participate in the closed group where we discuss the architecture problems. They also see my daily updates on all the things I am working on. Join them at Patreon or Boosty! ย
Highlights
Why you should think twice about creating custom security ๐ผ
As the sheer range of cybersecurity threats widens, it can be tempting to want to create custom security solutions to deal with them. Sadly, though, this can lead to you simply reinventing the wheel. And the end result can actually be a less secure application. Find out the examples of custom made solutions and protocols which led to serious problems.
#security
Cloud Automation a la DDD ๐ทโโ๏ธ
New post from Gregor Hohpe. Here he reasons about applicability of Domain-Driven Design to technical domains, consider EventBridge as an example and shows, how ubiquitous language help building better technical systems.
Gregor Hohpe
#ddd
HashiCorp State of Cloud ๐ผ
State of the cloud report from HashiCorp reports interesting trend of boosting cloud spending from high mature organizations in an attempt toactually save money, going multicloud at the same time for efficiency and talent attraction. However, the part of companies who is wasting money on cloud remains high. Find more details inside the report. ย
HashiCorp
#cloud #report
Follow-Up
A Modern Approach to Securing APIs ๐ทโโ๏ธ
The last highlight for today from The New Stack block covers the critical role of APIs in modern, cloud-native applications and the increased security risks they pose. It highlights the need for stronger API security measures due to the expanded attack surface and the fast pace of application development. Ory Segal suggests a modern approach to API security, which includes API risk profiling, shifting left with application security, and implementing multiple layers of defense. It emphasizes the importance of collaboration between developers and security practitioners to ensure scalable, flexible, multilayered security.
#security
F1: A distributed SQL Database that scales ๐ค
Murat published a new blog post which discusses Google's F1, a distributed SQL database that replaced the sharded MySQL implementation for AdWords. However, the paper lacked a clear narrative and didn't provide explicit lessons for building a distributed SQL database. F1, built on top of Spanner, offers features like distributed SQL queries, transactionally consistent secondary indexes, and optimistic transactions. Despite higher database latency, F1 maintains user-facing latency similar to the previous MySQL system. The author calls for a follow-up paper to provide more insights and evaluations of specific optimizations and techniques.
Murat
#distributedsystems #db #spanner
Building and operating a pretty big storage system called S3 ๐ทโโ๏ธ
How complex could be a Simple Storage Service(S3)? Well, it turns out you would need several years only to realize the complexity of the whole system. However, you have a chance to take a glance at the problems the folks at S3 face in order to make their service reliable and efficient, starting with error rates of hard drives to heat distribution. Find an awesome post in AWS CTO's blog.
#aws #s3
Costwiz: Saving cost for LinkedIn enterprise on Azure ๐ทโโ๏ธ
LinkedIn developed Costwiz, a tool designed to reduce costs by monitoring budgets and resource utilization on Azure. The tool identifies and alerts teams about cost-saving opportunities and under-utilized resources. It also provides a unified experience for leaders to forecast Azure budgets more accurately. The blog post discusses the challenges, progress, and lessons learned from the Costwiz journey. The tool has had a significant impact on the way LinkedIn manages Azure costs, creating a culture of continuous optimization in cloud deployments.
Deven Walia
#azure #cloud #cost
Service Delivery Index: A driver for Reliability ๐ทโโ๏ธ
Slack Engineering introduced the Service Delivery Index - Reliability (SDI-R), a metric that measures the success of jobs-to-be-done by Slackโs users and Slackโs uptime. This index has become a key driver for reliability culture across the organization. It helps teams to speak the same language of reliability and enables them to spot trends, identify regressions, and improvements. The SDI-R is also used as an error budget to balance the prioritization of investments across the company. The blog post discusses the evolution of the SDI-R, its implementation, and the lessons learned from its use.
Matthew McKeen Sr. Site Reliability Engineer Ryan Katkov Director of Engineering, Observability
#reliability
Refresher on the CDC
CDC - Change Data Capture - is essential mechanics for propagating changes or replicating data. Check out a twitter post by Aurimas Griciลซnas on CDC!
What do you need to know about ๐๐๐ (๐๐ต๐ฎ๐ป๐ด๐ฒ ๐๐ฎ๐๐ฎ ๐๐ฎ๐ฝ๐๐๐ฟ๐ฒ)?
— Aurimas Griciลซnas (@Aurimas_Gr) July 24, 2023
Change Data Capture is a software process used to replicate actions performed against Operational Databases for use in downstream applications.
There are several use cases for CDC. Two of the mainโฆ pic.twitter.com/KqjJO9X7d3
#cdc #db