Architecture Weekly #84
Architecture Weekly Issue #84. Articles, books, and playlists on architecture and related topics. Split by sections, highlighted with complexity: π€ means hardcore, π·ββοΈ is technically applicable right away, Β πΌ - is an introduction to the topic or an overview. Now in telegram as well.
WARNING πΊπ¦
It's already been a year and a half since Russia's crazy, brutal and unjustified war against Ukraine. We condemn this war and want it to stop ASAP. We continue this newsletter so you can advance your skill and help the millions of Ukrainian people in any way possible. If you want to help directly, visit this fund.
Big thanks to Nikita, Anatoly, Oleksandr, Dima, Pavel B, Pavel, Robert, Roman, Iyri, Andrey, Lidia, Vladimir, August, Roman, Egor, Roman, Evgeniy, Nadia, Daria and Dzmitry for supporting the newsletter. They receive early access to the articles, influence the content and participate in the closed group where we discuss the architecture problems. They also see my daily updates on all the things I am working on. Join them at Patreon or Boosty! Β
Highlights
Building Meta's Threads App πΌ
Following the havoc at Twitter Meta decided to build it's competitor at the end of 2022. Greenfield is always a pleasure for engineers and a challenge at the same time. Gergely Orosz asked questions from the Threads app engineers how it went, how the app was built(spoiler: native mobile apps with Python backend) and how they prepared for the 1m users in 1 hour.
The post lacks some technical aspects like planning for db load covering it all under 'we reused Meta reliable infrastructure'. However, a takeaway - you can build such an app in 5 months, but only if you have the backend figured out and plenty of engineers with relevant experience.
#casestudy
How we built Pingora, the proxy that connects Cloudflare to the Internet π·ββοΈ
Cloudflare recently announced Pingora, an advanced HTTP proxy developed in Rust. Replacing their previous infrastructure, NGINX, Pingora boasts significant performance improvements, consuming 70% less CPU and 67% less memory. This enhancement leads to faster response times and efficient connection management. With its developer-centric design, Pingora paves the way for future innovations, with Cloudflare hinting at plans to open-source it.
#api
Mitigating serverless cold starts through predicting computational resource demand Β π€
In a recent study, researchers introduced the Adaptive Serverless Invocation Predictor (ASIP), a groundbreaking tool designed to predict serverless function invocations based on real-time user distribution across web applications. The study's findings reveal that ASIP can significantly reduce average response times, showcasing its potential in enhancing serverless computing efficiency. However, the tool's success hinges on specific circumstances, including its design and methodology. The research also underscores the importance of web monitoring tools, like Google Analytics, in gathering essential traffic data for ASIP's functionality. While the study offers promising insights, it also acknowledges limitations related to the context, function invocation quantity, serverless platforms, and web application complexity.
#serverless #paper
Follow-Up
Event Storming, Black Magic or Real? πΌ
I already included several articles on Event Storming including my own. Here you will find another piece which demonstrate real world example of event storming with the details we were not talking before, but essential to the process: actors, systems, policies and other stuff.
#eventstorming #ddd
Message Translator Pattern π·ββοΈ
Imagine you split your system into microservices around the bounded contexts. However, the DDD still requires ubiquitous language in each of the contexts. How do you translate entities from one to another? Meet the Message Translator pattern which can pass messages as is or translate into other entities. The pattern description inside.
#patterns #serverless
Resilience and Observability as a scale bottleneck π·ββοΈ
Martin Fowler's piece dives into the nitty-gritty of keeping things running smoothly as companies grow. As things get more complex, it's all about having systems that don't freak out when something goes wrong and tools that let you peek under the hood to see what's up. He chats about the difference between just regular monitoring and really getting what's happening inside the system. Plus, he gives a nod to the usual growing pains, like dealing with old tech and getting everyone on the same page. The takeaway? If you're scaling up, make sure your systems can take a hit and that you've got the right tools to see what's going on.
#scalability #resilience
A guide to observability at Birdie π·ββοΈ
In this Medium post, the engineering team at Birdie shares their journey and insights into the world of observability. Observability, as they describe, is the ability to understand a system's internal state from its outputs, allowing engineers to ask questions about a running system, understand its behavior, and identify issues without changing the code. Birdie emphasizes the importance of both logging and tracing, highlighting the power of combining them for a deeper understanding of system interactions. They've adopted tools like OpenTelemetry SDK for collecting traces and Honeycomb for monitoring, which helps them visualize service performance and track error rates in real-time.
#observability
Building Kafka Event-Driven Applications with KafkaFlow π·ββοΈ
Kafka for Event-Driven application is a standard de-facto, however the development can be cumbersome occasionaly due to necessity of graceful shutdown, serialization support and other. InfoQ features a post about KafkaFlow opensource project for .NET which simplifies it by offering useful abstractions. More details inside!
#kafka #eventdriven
mTLS: When certificate authentication is done wrong. π·ββοΈ
TLS is frequently used for server authentication, however it can be used both ways - thus the name of Mutual TLS. But are you sure the client certication check is implemented properly in your security solution, say KeyCloak? It appears it's not always the case. Michael Stepankin from the Github Blog shows how the freedom of interpretation of the TLS standard can lead to severe security vulnerabilities.
#security
That's all for today folks! Next week I am on vacation, so see you in 2 weeks!