#209 — March 27, 2019

Read on the Web

Web Operations Weekly

'Why We Love QUIC and HTTP/3' — QUIC (Quick UDP Internet Connections), originally prototyped at Google, is being standardized at the IETF and forms the heart of the next version of HTTP (HTTP/3). But despite all the upsides, there are downsides too.

Jana Iyengar (Fastly)

The Journey to 90%(ish) Serverless at Comic Relief — This case study looks at how a major British fundraising movement moved from a containerized, EC2-based approach to an almost fully serverless approach. A great case study of approaching using serverless in a high throughput, high profile scenario.

Adam Clark

Build & Deploy Serverless Apps on a Global Cloud Network — Learn how to start writing serverless APIs in JavaScript, and reserve a custom subdomain for your next project.

Cloudflare Workers sponsor

The Anatomy of an AWS Key Leak to a Public Code Repository — It's in every developer’s top 10 worst nightmares: you’ve accidentally committed a critical access token into a publicly visible repo. What happens next? Here’s one story.

Maish Saidel-Keesing

Kubernetes 1.14 Released — Persistent local volumes are now GA and there’s now production level support for Windows-powered nodes. Doug Tidwell of Red Hat has an easier to read What You Need to Know guide to the release.

Kubernetes Release Team

Authorization at LinkedIn’s Scale — With over 700 microservices in play at LinkedIn, they have to think seriously about authorization. Here’s their approach.

LinkedIn Engineering

💻 Jobs

Lead DevOps Engineer - CI/CD — You'll be leading the Delivery Platform team's technical vision and creating the best platform for all Heetch engineers.


Find A Job Through Vettery — Vettery specializes in dev roles and is completely free for job seekers.


📖 Stories

Bug Bounties and Black Swans: How Heroku Expects the Unexpectable — A brief story about how a bug bounty researcher helped Heroku detect and implementation a mitigation for a security vulnerability in Postgres even before a patch was released.


Using Machine Learning to Ensure the Capacity Safety of Individual Microservices — How Uber has used machine learning to power operational metric forecasting and API-driven load generation to conduct adaptive, automated capacity safety tests for its microservices.

Ranjib Dey

How to Build a Serverless Video Live Streaming App — Use Mux's simple, but powerful, video APIs to build live streaming into your application.

Mux sponsor

Scaling LaunchDarkly From 4 to 200 Billion Feature Flags Daily — LaunchDarkly is a feature management service for third parties to adopt feature flags in their own apps. Here’s a look at some of the tools they use in their stack.


▶  The Certainties About Your Job as a Site Reliability Engineer — A 30 minute chat with Steve Herrod about what SRE’s are and how the role is changing.

The New Stack

Is ‘AWS vs Kubernetes’ The New ‘Windows vs Linux’?

Ian Miell

Intel Gets Ready to Go Live with Servers with 12TB Optane? — Some dot joining leads Chris Mellor to speculate Intel will soon announce some seriously beefy 4 socket, 112 core server options supporting up to 12TB of Optane memory.

Chris Mellor

Was MongoDB Ever the Right Choice?

Justin Etheredge

📘 Tutorials

10 Docker Image Security Best Practices — A pretty good roundup of tips.

Liran Tal

How to Build Your Own CDN with Kubernetes — This tutorial is firmly in the “Interesting, but..” camp. You might pick up some useful ideas for distributing a stateless app geographically, though, but I’d leave running an actual CDN to, well, a CDN provider.

Ilhaan Rasheed

📈Data-Driven Guide to Engineering Leadership

GitPrime sponsor

Enriching Event-Driven Architectures with AWS Event Fork Pipelines — AWS Event Fork Pipelines is a serverless design pattern on top of SNS, SQS and Lambda for building scalable, highly available event-driven systems of your own.

Otavio Ferreira

So You Want Your Site to Work in China…? — It’s not just as simple as not annoying the Chinese government.

David Chanin

🛠 Code & Tools

NGINX 1.15.10 Released — Introduces support for port ranges in `listen directives and the loading of SSL certificates and secret keys from variables.

NGINX on Twitter

.NET Core Container Images Now Published to Microsoft Container Registry — The goal is for Microsoft’s container registry to be the canonical source of Microsoft-related container images which are then syndicated out to other places like Docker Hub.

.NET Blog

k3d: A Fast Kubernetes Dev Environment — Fast to start and with a minimal footprint, all organized around a clean, simple CLI tool.

Rishabh Gupta

Endlessh: An SSH Tarpit — Uses a quirk of the SSH protocol to waste attackers’ time. I ran this on a bare Linode VPS for fun and it caught a lot of malicious clients for 10 minutes at a time. The next level up is something like Cowrie which pretends to be a full on legitimate server.

Chris Wellons

📣 Some vendor-y news items

You Can Now Deploy CodeSandbox Sites to NetlifyCodeSandbox is a really neat online development environment and it now lets you deploy straight to Netlify’s static hosting platform.

AWS Config Adds Support for Amazon API Gateway — The TLDR is this lets you track and audit changes to API Gateway configurations.
Amazon Web Services

Watch the AWS Summit Santa Clara Keynote Later Today — Amazon’s CTO will be giving a keynote at 9am Pacific today (March 27).
Amazon Web Services