Architecture Weekly Issue #85. Articles, books, and playlists on architecture and related topics. Split by sections, highlighted with complexity: 🤟 means hardcore, 👷♂️ is technically applicable right away, 🍼 - is an introduction to the topic or an overview. Now in telegram as well.
WARNING 🇺🇦
It's already been a year and a half since Russia's crazy, brutal and unjustified war against Ukraine. We condemn this war and want it to stop ASAP. We continue this newsletter so you can advance your skill and help the millions of Ukrainian people in any way possible. If you want to help directly, visit this fund.
Big thanks to Nikita, Anatoly, Oleksandr, Dima, Pavel B, Pavel, Robert, Roman, Iyri, Andrey, Lidia, Vladimir, August, Roman, Egor, Roman, Evgeniy, Nadia, Daria and Dzmitry for supporting the newsletter. They receive early access to the articles, influence the content and participate in the closed group where we discuss the architecture problems. They also see my daily updates on all the things I am working on. Join them at Patreon or Boosty!
Highlights
Why Frameworks Are Killing Architecture 🍼
You definitely heard(including from this newsletter!) about Zachman framework, TOGAF Framework and other names which are widely used in Enterprise Architecture. Paul Preiss argues that despite frameworks could be potentially useful, they also limit the creativity as they mandate the deliverables rather then outcome, which is actually desirable by the business. Find more details!
#architecture
Unlocking Architectural Design Excellence 👷♂️
We used to call the Non-Functional Requirements Architecture Attributes. Somebody call them Architectural Characteristics. A useful exercise is to break those characteristics into groups, so that an architect can work easier with them. You fill find the classification in the article below!
#nfr #attributes
Understanding CDC 👷♂️
Super-short intro into Change Data Capture. Several reasons why you would like to implement this pattern like listening to changes, replicating data across boundaries and keeping data at sync at Serverless Land blog!
#cdc #serverless
Follow-Up
Staying safe from Pegasus and other API mobile malware 👷♂️
You probably saw an article of mine on preventing Zero-Day attacks in mobile world. And it's not an empty threat: dedicated companies create software to infect the mobile devices of targeted users like lawyers, activists and world leaders, and governments keen to buy those! Find the strategies how to lower the risk of being infected in this awesome post by Costin Raiu.
#security #mobile
Balancing security and usability 🍼
Increasing the security requirements for the users like more complex passwords rotated more frequently can lead to decreased security, because people start to reuse the passwords or write them down. How do you balance the security and usability in this complex world? My new article for the rescue.
#security
Building a Control Plane for Lyft's Shared Development Environment 🤟
Development Efficiency and decreasing the feedback loop is crucial for short time to market. At Lyft they created a tool to spin up an environment with the changes to test them. But the problem they faces is how to point the mobile apps and web clients to this temporary environment and how to share the links to it? Envoy proxy, Context ID and development menus helped to do the trick. All the technical details - inside!
#apigateway #devex
Distributed transaction patterns for microservices compared 👷♂️
Oh, you have to write data into 2 storages at the same time, and you want to make sure the writes are consistent. Welcome to a classical problem of dual write in the distributed system. Bilgin Ibryam shares a post with the list of possible solutions, like modular monoliths, 2-Phase commit, orchestration, different types choreography etc. Great post!
#distributed
Consistency & Coordination 👷♂️
Continuing the topic of dual writes. When consistency requires coordination? If we think about it, then it happens that in our system we can have invariants, such "there are no double bookings on doctor appointments" and operations that might violate or not violate those. Like removing a booking does not violate it ever, thus it does not require coordination; adding one can. The conclusion is that all writes do not necessarily require coordination, but some definitely do.
#distributedsystem #consistency
The Pyramid of Alerting 🍼
A short note on different levels of monitoring and alerting. So you have different levels at your system: infrastructure level where virtual machines or pods reside, data source level and business level. You need to have alerts on all the levels understanding the health of VMs and the business metrics at the same time. More details inside.
#observability