Architecture Weekly #39
Architecture Weekly Issue #39. Articles, books, and playlists on architecture and related topics. Split by sections, highlighted with complexity: π€ means hardcore, π·ββοΈ is technically applicable right away, Β πΌ - is an introduction to the topic or an overview. Now in telegram as well.
WARNING πΊπ¦
It's already been 235 days since Russia's crazy, brutal, and unjustified war against Ukraine. We condemn this war and want it to stop ASAP. We continue this newsletter so you can advance your skill and help the millions of Ukrainian people in any way possible.
Video
A Video version of this issue is available on YouTube. Subscribe!
Verifying distributed systems with Isabelle π€
Distributed systems are hard to reason about due to the fact that the combined count of inputs and situations is enormous. However, we can go with the approach of formal verification: given the model of the system, we can try to prove mathematically the correctness of the system's behaviour. Martin Kleppmann wrote a blog post about how it can possibly work with Isabelle. High School algebra inside!
#distributedsystems #formalverification #kleppmann
Shift Left Approach for API Standardization π·ββοΈ
We hear "shift left" left, right and center. It usually touches security and another NFR testing. But we can also shift API standardization left as well! When we design APIs across a large organization, it is beneficial for both producer and consumer parties to have a common style guide. Find more details on the problem inside the article, which also provides the set of tools to automate API validation.
#api #shiftleft
Bottlenecks of Scaleups #03: Product vs Engineering πΌ
During last year one of my biggest struggles was to change the culture of an IT organization from "product managers are doing business and order the features from engineering" to "we all work together to deliver value". Such problems cause significant hiccups during software development. Part of the architect's job is to resolve such problems, even when they are more communicational and cultural rather than technical. Find a post in Martin Fowler's blog.
#enterprise
The State of AWS Security by Datadog πΌ
Datadog published their analysis of AWS Security Report. They came up with important signals to secure your AWS accounts. Firstly, minimize the usage of the root account. Then make sure to revoke the users' credentials which are no longer used. Don't forget to analyze your source code for including credentials. And lastly switch the EC2 instances to use Instance Metadata Service version 2, if you don't want to end up hacked like Capital One.
#cloud #security #aws
The Hacker's Guide to Kubernetes Security by Patrycja Wegrzynowicz π·ββοΈ
Devoxx 2022 published the recordings of the talks, and I include the one regarding Kubernetes Security. Patrycja covers the OWASP Top 10 K8s vulnerabilities and makes some impressive demos of hacking a cluster using the said vulnerabilities. Great talk which I watched on the 1,5 speed though :)
#security #k8s #kubernetes
Declarative UIs with Kotlin MultiPlatform Series π·ββοΈ
Mobile Development changed a lot during last couple of years. Flutter became more or less mainstream, Kotlin graduated to a default language for Android, Jetpack Compose was released and last, but not least Kotlin Multiplatform emerged. All those technologies allow us to build several applications natively, but in a very fast manner by reusing major parts of architecture and business logic. Learn, how you can do that with the series by Daniele Baroncelli.
#mobile #kmp
Mastering the next level of architectural design π·ββοΈ
Uwe shared another deck on modern architectural approaches. He goes through the history of ways we used to do architecture from going with a monolith straight away to "we don't need an architect" and back to the realization that the landscape became incredibly complex given the cloud and big data revolution, digital transformation, Mobile and IoT introduction and other factors. So simplicity, separation of concerns, thinking frugal and knowing the different approaches will help you much more than knowing a particular technology. Β
Good abstractions are obvious but difficult to find πΌ
Designing a system requires a good functional separation as we just learned in the presentation above. This proves to be a difficult task in complex business. Gregor Hope, who's articles and talks we included several times wrote an inspiration article for architects where he explains the importance the good abstraction and how to come up with them.
#architecture #systemdesign
PostgreSQL 15 πΌ
New version of PostgreSQL is announced with advancements in performance, developer experience and replication control. Without furder ado, checkout the release notes.
#databases #releases
Resiliency in Distributed Systems π·ββοΈ
Roberto Vitillo is the author of Understanding Distributed Systems book. The newsletter "The Pragmatic Engineer" includes two chapters from this book with the design patterns for downstream and upstream resilience in such systems. You will find Load Shedding, Rate Limiter, Single Point for Retries and others in that issue.
#resilience
Like the newsletter? Consider helping to run it at Patreon or Boosty. Patrons and Boosty subscribers of a certain level also get access to a private Architecture Community. Big thanks to Nikita, Anatoly, Oleksandr, Dima, Pavel and Robert for already supporting the newsletter.