Architecture Weekly #185 - 24th June 2024
Welcome to the new week! For many years, I’ve been trying to convince others that Event Sourcing is not so scary and is quite useful. I truly believe in that, yet… I see a chasm between its initial simplicity and its use in production. In our past webinar, Alexey Zimarev said that we need Event Sourcing frameworks. After thinking about it, I agree with that take. We’re not yet in the adoption phase to not need a framework or library. I have started packing my Node.js samples into the package in the last few months, resulting in… Emmett: a framework that will take your applications back to the future. The idea behind Emmett was to make it easier to create business-focused applications and cut unnecessary code without using magic. The combination of using events and their business focus, the expressiveness of TypeScript and the lightness of Node.js is supposed to help with that. Take an open mind, cover it with a Constructive Critic hat if necessary, and see and discuss live what you think about it! We’ll built live a simple, but real-world API and discuss what’s next for Emmett! The webinar will happen on Wednesday, June 26th, at 6 PM CEST (UTC+2) and last 1-1.5h depending on the number of discussions. Become a paid subscriber and join us live! I got positive feedback about my recent DevOps stuff and Docker Compose (like load balancing with Nginx), so here we go with another one! This time, I showed how to set up pgAdmin with a Docker database automatically. I also explained how to improve the local development experience by eliminating annoying papercuts like having to always log in or set up a connection inside pgAdmin. That setup is quite often missing. Read more in: Architecture is about making decisions, those important ones. Making decisions can be hard; I wrote about it in Why are we afraid of our decisions? It can be painful, especially if we don’t have other people to discuss and challenge our thoughts. Quite often, we bounce back and forth, going through all the stadiums: happiness about revelation, denial, frustration, and (hopefully) acceptance. Pierre Pureur and Kurt Bittner touched on this in their latest article: They went through the rational process of making those decisions and trying to make it less frustrating. They suggested the following things to improve your decision process:
Read more; the article is good for thoughts; also check past webinar with Laïla Bougriâ on debugging our thinking: Some people say architecture and system design is the art of balancing coupling. I’m not a big fan of such a statement, as coupling is a vague term. It can mean anything, depending on who’s saying that. To me, coupling is an attribute of our system, and low coupling shouldn’t be the end goal. Why? If we managed to somehow get zero coupling, then it’d mean that we don’t have system design but systems design. Literally, it means that those pieces are not having any relationship with each other. Wikipedia states that:
If we don’t have interaction, then we don’t have coupling, which also means we don’t have a system. So, no-coupling is, to me, more like a political statement or a talk-to-the-hand type of argument to stop discussion. We should focus more on real/business capabilities rather than discussing coupling. A great article on that comes from Gregor Hohpe when he analysed the many faces of coupling: Another interesting take on this topic is Connascence metric:
Check also more in the good talk by Jim Weirich: Switching to another topic, but not that far, as we’ll get back to the outcome of a not-great tradeoff analysis. Three weeks ago, I wrote about the Snowflake at centre of world’s largest data breach. We learned more about that, or didn’t we? Let’s have a look. To recap, Hackers stole terabytes of data from Ticketmaster, Santander and 165 other Snowflake cloud database engine customers. They got to those accounts because Snowflake exposed public databases without the need for a private connection or MFA. The tradeoff was to enable quick onboarding, ignoring common security practices. One of the most common security investigators, Mandiant (now part of Google), released a report confirming that hackers stole credentials from third-party contractors. However, they didn’t give more clues on how they did it. Still, the report show some additional details on what came later: Wired, in their coverage, claiming that they spoke with one of the hackers, wrote that the contracting company was EPAM. This is a big outsourcing company that’s an official partner of Snowflake. EPAM denied those claims: Sounds like a blame game has started. Nevertheless, of whose credential was stolen, the issue is always that if you’re using a foot gun solution, then you’ll eventually shoot yourself. And that’s what Snowflake did, exposing databases publicly without MFA. I’ll keep you posted on the next news, as I feel that this story is just starting to unfold. Not to end up with a bad taste in the mouth, let’s finish with good coverages of observability and nice tools to enhance that:
I’m personally plan to spend some time checking Clickhouse for the telemetry data correlation with business processes. Check also other links! Cheers Oskar p.s. I invite you to join the paid version of Architecture Weekly. It already contains the exclusive Discord channel for subscribers (and my GitHub sponsors), monthly webinars, etc. It is a vibrant space for knowledge sharing. Don’t wait to be a part of it! p.s.2. Ukraine is still under brutal Russian invasion. A lot of Ukrainian people are hurt, without shelter and need help. You can help in various ways, for instance, directly helping refugees, spreading awareness, and putting pressure on your local government or companies. You can also support Ukraine by donating, e.g. to the Ukraine humanitarian organisation, Ambulances for Ukraine or Red Cross. Architecture
DevOps
DatabasesFrontend
AIAzureGoJava.NET
WebAssemblySecurity
TriviaYou're currently a free subscriber to Architecture Weekly. For the full experience, upgrade your subscription. |
Older messages
Architecture Weekly #184 - 17th June 2024
Monday, June 17, 2024
It's a new Monday, the right time for the new set of software architecture materials! This time, we started with visualisations that were made right for great explanations of queuing concepts. I
Architecture Weekly #183 - 10th June 2024
Monday, June 10, 2024
To GraphQL or not to GraphQL, that's the question we started this edition. We discussed the different perspectives on that. One of the issues is authorisation management, and from that, we went
Architecture Weekly #182 - 27th May 2024
Monday, June 3, 2024
Let's start this edition with the security. We always put it as the last point, but should we? We started with a spectacular Snowflake breach. We discussed if LLMS could help to avoid it (spoiler:
Papers We Love #2 - How do committees invent? (Melvin E. Conway)
Monday, June 3, 2024
Watch now (73 mins) | Hey! 😀 In the 2nd edition of Papers We Love, we tackled the famous article Mel Conway's article where he introduced his law. You probably already know the quote: Organizations
Architecture Weekly #181 - 27th May 2024
Monday, June 3, 2024
Boy, is it a new week already? It is, so let's see what #ArchitectureWeekly brought to you this time! We started with a discussion about Mel Conway's law, its wide impact and whether we could
You Might Also Like
Will Data Centers Ruin Your Neighborhood?
Saturday, September 28, 2024
Top Tech Content sent at Noon! A dev conference with discussions, workshops, and 1:1 feedback sessions Read this email in your browser How are you, @newsletterest1? 🪐 What's happening in tech today
🐍 New Python tutorials on Real Python
Saturday, September 28, 2024
Hey there, There's always something going on over at Real Python as far as Python tutorials go. Here's what you may have missed this past week: Python Virtual Environments: A Primer In this
ALERT - Critical Linux Printing System Flaws Could Allow Remote Command Execution
Saturday, September 28, 2024
THN Daily Updates Newsletter cover [Watch LIVE] Building a Successful Data Security Posture Management Program Learn From the Leaders: Early DSPM Adopters Reveal Their Data Security Success Secrets
Monitor Your Heart Health Every Day
Saturday, September 28, 2024
Withings is reducing the price of BPM Connect to $99.95 in the US, reaffirming our dedication to accessible health tech. With nearly half the adult population affected by high blood pressure, we're
📧 Breaking It Down: How to Migrate Your Modular Monolith to Microservices
Saturday, September 28, 2024
Breaking It Down: How to Migrate Your Modular Monolith to Microservices Read on: my website / Read time: 9 minutes The .NET Weekly is brought to you by: Integrate e-signatures into your workflows
💻 12 Hidden macOS Sequoia Features Worth Trying — YouTube TV's Multiview Is Amazing
Friday, September 27, 2024
Also: Which Amazon Fire Tablet Model Do I Own? and More! How-To Geek Logo September 27, 2024 Did You Know Until the late 1960s, it was common for wedding dresses to simply reflect the styles of the day
SWLW #618: Conducting a time audit, Learning to call BS, and more.
Friday, September 27, 2024
Weekly articles & videos about people, culture and leadership: everything you need to design the org that makes the product. A weekly newsletter by Oren Ellenbogen with the best content I found
Daily Coding Problem: Problem #1569 [Easy]
Friday, September 27, 2024
Daily Coding Problem Good morning! Here's your coding interview problem for today. This problem was asked by Microsoft. Implement a URL shortener with the following methods: shorten(url) , which
MVP!
Friday, September 27, 2024
Make Your MVP an MVP Add Minimum Viable Product to the list of good ideas that have become buzzwords and, as a result, horribly misapplied. Once framed as a way to get validated learning about your
🔒 The Vault Newsletter: September issue 🔑
Friday, September 27, 2024
Get the latest business security news, updates, and advice from 1Password. ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏