Architecture Weekly Issue #85. Articles, books, and playlists on architecture and related topics. Split by sections, highlighted with complexity: 🤟 means hardcore, 👷‍♂️ is technically applicable right away,  🍼 - is an introduction to the topic or an overview. Now in telegram as well.


It's already been a year and a half since Russia's crazy, brutal and unjustified war against Ukraine. We condemn this war and want it to stop ASAP. We continue this newsletter so you can advance your skill and help the millions of Ukrainian people in any way possible. If you want to help directly, visit this fund.

Big thanks to Nikita, Anatoly, Oleksandr, Dima, Pavel B, Pavel, Robert, Roman, Iyri, Andrey, Lidia, Vladimir, August, Roman, Egor, Roman, Evgeniy, Nadia, Daria and Dzmitry for supporting the newsletter. They receive early access to the articles, influence the content and participate in the closed group where we discuss the architecture problems. They also see my daily updates on all the things I am working on. Join them at Patreon or Boosty!  


Why Frameworks Are Killing Architecture 🍼

You definitely heard(including from this newsletter!) about Zachman framework, TOGAF Framework and other names which are widely used in Enterprise Architecture. Paul Preiss argues that despite frameworks could be potentially useful, they also limit the creativity as they mandate the deliverables rather then outcome, which is actually desirable by the business. Find more details!

Why Frameworks Are Killing Architecture
Let me start by contradicting my headline. I love frameworks. DODAF, FEAF, MODAF, TOGAF, Zachman etc. are all excellent tools for architecture teams to use when they are ready and when the team…


Unlocking Architectural Design Excellence 👷‍♂️

We used to call the Non-Functional Requirements Architecture Attributes. Somebody call them Architectural Characteristics. A useful exercise is to break those characteristics into groups, so that an architect can work easier with them. You fill find the classification in the article below!

Unlocking Architectural Design Excellence: A Guide for Your Application | Cygnet Digital
Discover the key to exceptional architectural design in our comprehensive guide. Elevate your application with expert insights. Read the blog now!

#nfr #attributes

Understanding CDC 👷‍♂️

Super-short intro into Change Data Capture. Several reasons why you would like to implement this pattern like listening to changes, replicating data across boundaries and keeping data at sync at Serverless Land blog!

Serverless Land
Your resource for learning serverless technology.

#cdc #serverless


Staying safe from Pegasus and other API mobile malware 👷‍♂️

You probably saw an article of mine on preventing Zero-Day attacks in mobile world. And it's not an empty threat: dedicated companies create software to infect the mobile devices of targeted users like lawyers, activists and world leaders, and governments keen to buy those! Find the strategies how to lower the risk of being infected in this awesome post by Costin Raiu.

Staying safe from Pegasus, Chrysaor and other APT mobile malware
One of the biggest stories of 2021 — the investigation by the Guardian and 16 other media organizations, published in July — suggested…

#security #mobile

Balancing security and usability 🍼

Increasing the security requirements for the users like more complex passwords rotated more frequently can lead to decreased security, because people start to reuse the passwords or write them down. How do you balance the security and usability in this complex world? My new article for the rescue.

Balancing security and usability
Originally posted to Licel Blog As we integrate apps more deeply into our everyday lives, the need for robust security measures surges. It’s ironic, but the very security that aims to protect users can, at times, diminish user experience (and security itself). Take the example of new security poli…


Building a Control Plane for Lyft's Shared Development Environment 🤟

Development Efficiency and decreasing the feedback loop is crucial for short time to market. At Lyft they created a tool to spin up an environment with the changes to test them. But the problem they faces is how to point the mobile apps and web clients to this temporary environment and how to share the links to it? Envoy proxy, Context ID and development menus helped to do the trick. All the technical details - inside!

Building a Control Plane for Lyft’s Shared Development Environment
Note: This publication assumes you have basic familiarity with the service mesh pattern (e.g. Istio, Linkerd, Envoy — created at Lyft!)

#apigateway #devex

Distributed transaction patterns for microservices compared 👷‍♂️

Oh, you have to write data into 2 storages at the same time, and you want to make sure the writes are consistent. Welcome to a classical problem of dual write in the distributed system. Bilgin Ibryam shares a post with the list of possible solutions, like modular monoliths, 2-Phase commit, orchestration,  different types choreography etc. Great post!

Distributed transaction patterns for microservices compared | Red Hat Developer
How to approach the dual write problem: A comparison of 5 patterns for coordinating dual writes in a microservices architecture.


Consistency & Coordination 👷‍♂️

Continuing the topic of dual writes. When consistency requires coordination? If we think about it, then it happens that in our system we can have invariants, such "there are no double bookings on doctor appointments" and operations that might violate or not violate those. Like removing a booking does not violate it ever, thus it does not require coordination; adding one can. The conclusion is that all writes do not necessarily require coordination, but some definitely do.

Issue #37 - Consistency & Coordination
When Does Consistency Require Coordination?

#distributedsystem #consistency

The Pyramid of Alerting 🍼

A short note on different levels of monitoring and alerting. So you have different levels at your system: infrastructure level where virtual machines or pods reside, data source level and business level. You need to have alerts on all the levels understanding the health of VMs and the business metrics at the same time. More details inside.

The Pyramid of Alerting
We all came across it before. Your company is processing thousands of data points. All goes well on...