Links 2016-07-18

Thoughts and recipes to build and run systems and services.

  • How to build stable systems
    The first decision is easily the most important. It is one of ideology: the developers are in control of the software. Not the other way around. Managers are not in control of the software. Product Owners are not in control of the software. Developers are.
  • The 15-point DevOps Check List
    The checklist could help you proceed with setting up a DevOps culture but don’t consider it as a unique way to proceed with your organization transformation.
  • 10 Philosophies for Engineers
    In this post and podcast episode, I convey some loose philosophies about modern software engineering. These are strong opinions weakly held. I welcome debate and discussion.
  • 3 Reasons AWS Lambda Is Not Ready for Prime Time
    When I first sat down to write my microservice using Lambda, I really wanted it to be the greatest thing since sliced bread. […] Sadly, it was too good to be true.
  • Microservices & Einradfahren
    Zu meiner großen Enttäuschung muss ich nun feststellen, dass die Leute in der IT, bzw. Developer wie sie heute genannt werden, mit den gleichen Denkmustern arbeiten wie die Business Kasper.
  • Creating a Microservice? Answer these 10 Questions First
    Microservices appear simple to build on the surface, but there’s more to creating them than just launching some code running in containers and making HTTP requests between them.

DevOpsDays Kiel 2016

I finally attended my first DevOpsDays in Kiel. I cannot compare to other events in the DevOpsDays series, but in any case it was a wonderful small one-track IT conference. One with the cosy atmosphere because with less than 200 attendees you can talk to everyone. We had two great days with a beautiful venue on the science campus, good catering, several sponsors, competent speakers, and last but not least a professional and dedicated organizing team.

One interesting observation: DevOps certainly has become mainstream already; because even IBM tells us how to do it.

To see more impressions take a look at the flickr albums. For summaries of the talks read Manuel Pais’ articles on InfoQ (Day 1, Day 2).

Links 2016-05-17

A failure, a success story, and several thoughts on system design.

  • Inside the sad, expensive failure of Google+
    Create a social network or risk everything.
  • Jetbrains: The unicorn Silicon Valley doesn’t like to talk about
    The reason why Jetbrains has such little competition is because few startups and programmers are willing to learn and embrace non-sexy tech.
  • Why I Strive to be a 0.1x Engineer
    Given the cost of maintaining everything we build, it would literally be better for us to do 10% the work and sit around doing nothing for the rest of our time, if we could figure out the right 10% to work on.
  • Boring Systems Build Badass Businesses
    Build the most minimal solution you possibly can. See if customer’s like it, use it, and will pay enough for it. Only then build it into a full solution.
  • Logging v. instrumentation
    Logging and instrumentation are two perennially hot topics in software development generally, and seem to be enjoying a certain renaissance in the context of microservices particularly. And I see quite a lot of confusion on the topic.
  • How to build stable systems — Medium
    The first decision is easily the most important. It is one of ideology: the developers are in control of the software. Not the other way around. Managers are not in control of the software. Product Owners are not in control of the software. Developers are.

OSDC 2016

This year was my second OSDC, and the first one as a speaker. Thanks to Netways for organizing this great conference (and also for inviting me to talk there). The conference archive for 2016 with all presentation slides is now online.
Read the rest of this entry »

AWS Summit Berlin 2016

A few remarks on the AWS Summit in Berlin this April…

Thanks to several sponsors the event was free of charge and a welcome opportunity to visit Berlin. Given this background it is probably not fair to compare it to normal tech conferences. Although it did have several tracks with technical talks and presentations, most of them were on an introductory level so you might as well watch a few AWS webinar videos. So one has to see the summit as a pure marketing event, one you should attend to celebrate AWS itself, meet fellow AWS user group members, and see a few product demos as well as startup pitches.

Chemnitzer Linuxtage 2016


Und noch ein kleiner Hinweis: Bei den Chemnitzer Linux-Tagen sind nun seit einigen Tagen die Audio-Aufzeichnungen der Vorträge online.

Getreu dem Motto „Es ist Dein Projekt“ fand ich viele Vorträge recht kleinteilig und bastelig (à la „Meine drölfzigste Raspberry Pi Lampensteuerung“). Meine persönlichen Highlights waren dann auch zwei Vorträge, die mehr zu meinem eigenen Arbeitsbereich passen: Valentin Haenels Vorstellung des AWS Federation Proxy (leider noch ohne Audio) und René Kochs Übersicht zu oVirt.

Links 2016-03-02

Politik & Menschen

Links 2016-02-29

Security & Crypto edition

  • On the Juniper backdoor, Matthew Green
    And while every reasonable person knows you can’t just drop “passive decryption vulnerability” and expect the world to go on with its business, this is exactly what Juniper tried to do. Since they weren’t talking about it, it fell to software experts to try to work out what was happening by looking carefully at firmware released by the company.
  • Why I don’t care that Dell installs Rogue Certificates On Laptops, Tom Limoncelli
    Every new machine should be wiped and reloaded with your organization’s “standard build”. Having a “standard build” is one of the foundational pieces of infrastructure that your organization is responsible for. It is so fundamental that not having this kind of infrastructure is negligent.
  • The Moral Character of Cryptographic Work, Phillip Rogaway
    As computer scientists and cryptographers, we are twice culpable when it comes to mass surveillance: computer science created the technologies that underlie our communications infrastructure, and that are now turning it into an apparatus for surveillance and control; while cryptography contains within it the underused potential to redirect this tragic turn.
  • The IPv6 Numeric IP Format is a Serious Usability Problem, Adam Ierymenko
    While the IPv6 protocol itself is fine, its original designers made some truly bizarre decisions around how to represent numeric addresses.
  • How to C (as of 2016), Matt Stancliff
    The first rule of C is don’t write C if you can avoid it. If you must write in C, you should follow modern rules.
  • Mozilla SSL Configuration Generator
    The goal of this document is to help operational teams with the configuration of TLS on servers.