CodeIsGo.com

A big part of ensuring the availability of your applications is establishing and monitoring service-level metrics—something that our Site Reliability Engineering (SRE) team does every day here at Google Cloud. By Adrian Hilton, Customer Reliability Engineer, SRE.

The concept of SRE starts with the idea that metrics should be closely tied to business objectives. In addition to business-level SLAs, we also use SLOs and SLIs in SRE planning and practice. The main parts of this article:

• Defining the terms of site reliability engineering
• Service-Level Objective (SLO)
• Service-Level Agreement (SLA)
• Service-Level Indicator (SLI)

SRE begins with the idea that availability is a prerequisite for success. An unavailable system can’t perform its function and will fail by default. Availability, in SRE terms, defines whether a system is able to fulfill its intended function at a point in time. In addition to its use as a reporting tool, the historical availability measurement can also describe the probability that your system will perform as expected in the future. Nice one!

Every application contains bugs, and even if it doesn’t, it will. And even if you’re not a notorious bug producer and your code quality is generally good, the conditions programmers work in are often suboptimal - you will often find yourself pulling your hair out over code written years ago by someone no longer involved in your project. By Michał Buszkiewicz.

In this article, you will find out what approaches and tools are efficient in debugging Elixir applications - often contrary to popular beliefs within the community:

• Debugging is an art
• Being naive: IO.inspect/2
• Being professional: IEx
• Pry
• Break
• Debugging pipelines
• Debugging Phoenix apps: Battling timeouts
• Erlang debugging: Real debugger, clumsy usage
• Visual Studio Code & ElixirLS

Elixir isn’t the easiest language to debug, and there are several tools you can use - it’s good to spend some time trying out them all to ensure you’ll choose the right tool for a particular job in the future. Very good article!

In the world of digital transformation, keeping the focus on the customer experience is paramount. Systems are complex and increasingly distributed, which makes it difficult to stay on top of things when something goes wrong. By Julie Gunderson.

Customer service teams are the gateway to the customer, and more often than not they are the first line of defense when something goes wrong. The role of customer service teams is critical to maintaining and exceeding customer expectations.

The article then focuses on:

• Full-case ownership
• Metrics that matter
• The missing link in DevOps
• Shared goals and values

The article also provide sthe links to further reading, e.g. to their to learn more about customer service ops and full-case ownership, check out PagerDuty’s newest Ops Guide. Good read!

The DevOps Institute recently released their latest report entitled “Upskilling 2021: Enterprise DevOps Skills Report”. The report found that automation and security remain vital to business success. By Matt Campbel and Eveline Oerhlich.

Source @DevOpsInstitute: https://www.infoq.com/articles/oerhlich-devops-culture/

This article which captures Q&A session with Eveline Oerhlich focuses on:

• Demand for SRE and DevOps roles remains high as companies scale to meet new business demands
• A successful adoption of DevOps requires a strong learning culture. The best learning cultures focus on nurturing new and expansive ideas coupled with strong feedback and feedforward loops
• Security continues to shift left by being baked in earlier with stronger adoption of identity as code, privacy as code, and policy as code approaches
• Successful implementation of organizational topologies and value stream management helps drive a strong DevOps transformation

These challenges include an inability to secure and develop the right talent, an aversion to risk-taking and idea generation, and a fixation on past failures. The report highlighted the human skills to focus on to prepare existing staff for a successful DevOps transformation. Good read!

Software has undoubtedly become more complex over the last two decades. In 2000, it was estimated that there were 3.4 million internet users. The expectation of all software today has increased tremendously. To support these expectations, organizations have had to invest in reliability and operability of their systems. Zero downtime deployments, high levels of resilience to failure, and ease of restoring service are all key characteristics for any software system today. By Abigail Bangser.

More than ever we need teams to think about building the right thing for our customers, while also building to the right level of scalability and quality from the beginning.

Further in the article:

• Automate more than tests
• Assess risk at scale
• Tirelessly focus on end user experience
• Don’t be a bottleneck

SLO (Service Level Objective ) is a metric which can alert teams to declining user experience based on key indicators. As an SRE you will need to understand what user expectations are and how your team can measure these expectations using production data and all that without infringing on user privacy. The feedback from measuring these SLOs then feeds into team prioritization between defect management and shipping new features.

In conclusion, an SRE mindset is very similar to that of testing and test automation, but the roles do have space to work in tandem. Many testers and automation engineers work tirelessly to build high quality functionality for their users. Great read!

With the newest edition of the gRPC protocol, microservices-based systems will no longer need separate stand-alone service mesh sidecars, noted Megan Yahya, Google’s product manager for gRPC, in her talk at KubeCon+CloudNativeCon EU earlier this month. By Joab Jackson.

Instead, for those already using gRPC, they can extend the service directly to the control plane, and have it take over the work formerly done through proxy services, such as the Cloud Native Computing Foundation’s Envoy, one of the most popular sidecar proxies in use today.

Recent editions of gRPC come with the ability to process requests directly from the control plane, eliminating the need for sidecar proxies, Yahya pointed out. It can support a range of service mesh duties, including load balancing and service discovery. This is done thanks to its use of the XDS data plane APIs, first developed by the Envoy team.

Out of the box, it works well with Google Cloud’s Traffic Director service mesh and has experimental (no documentation) support of Istio, Google’s own open source control plane software. Check the link to presentation on youtube in the article. Nice one!

Welcome to the world of code-splitting where you can lazy-load (dynamically) your JavaScript bundle dynamically, only when the user requested it. By Amandeep Singh.

All modern JavaScript bundlers, like Webpack. Rollup, and parcel, supports code-splitting feature out of the box. These bundlers can create multiple bundles that can be dynamically loaded at run time, thus improving the web performance for your users.

The article explains:

• Route-based splitting
• Component-based splitting
• Lazy-loading via React.lazy
• Lazy-loading in NextJS

This article helps you think about why do we need to implement the code-splitting in the first place. Remember that your beautiful app is of no good use if it takes minutes to load. Good read!

Cloud account compromises cost organisations millions of dollars every year, with many IT professionals stating takeovers are a significant risk to their organisations. By Catherine Knowles.

Proofpoint and Ponemon Institute have released the results of a new study on ‘The Cost of Cloud Compromise and Shadow IT'.

According to the study, the average cost of cloud account compromises reached $6.2 million over a 12-month period. In addition, 68% of these survey respondents believe cloud account takeovers present a significant security risk to their organisations, with more than half indicating the frequency and severity of cloud account compromises has increased over the last 12 months.

Less than half (44%) of survey respondents believe their organisations have established clearly defined roles and accountability for safeguarding confidential or sensitive information in the cloud.

The survey also found that cloud account compromises are costly incidents and present a significant security risk.

According to 86% of respondents, the annual cost of cloud account compromises is over $500,000. Survey respondents also reported 64 cloud account compromises per year on average, with 30% exposing sensitive data.

Nearly 60% of respondents indicated Microsoft 365 and Google Workspace accounts are heavily targeted by brute force and phishing-based cloud attacks. Overall, over 50% of respondents say phishing is the most frequent method attackers use to acquire legitimate cloud credentials.

In addition, the survey highlights that shadow IT is creating substantial risks for organisations. How scary!

A study published in the journal Science has upended 80 years of conventional wisdom in computational neuroscience that has modeled the neuron as a simple point-like node in a system, integrating signals and passing them along.? By William Brown, resonance science research scientist.

This neuron-as-integrator model, also known as the “dumb” neuron model, has severely restricted the conception of what a neuron is capable of doing, and hence how neuronal networks and the brain as a whole functions. This has not only impeded the development of a complete understanding of neuronal activity in the higher brain regions of the cortex, but it has also adversely affected computer science, significantly limiting the development of neuromorphic computational networks because they have been based on an incomplete model. Empirical investigations are now suggesting that scientists re-evaluate neuronal information processing as a much more complex system—one that may not have direct parallels with our computational technologies.

The scale-free complexity associated with the biological system in general, and the neuron in particular, means that within each cell there is a veritable macromolecular brain, at least in terms of structural complexity, and perhaps to a certain degree functional complexity as well—a fractal hierarchy

William Brown

The new research by Professor Matthew Larkum, a neuroscientist at Humboldt University, and his team has uncovered a rarely before seen information processing system in single dendrites of pyramidal neocortical neurons that uses graded signal processing with calcium-mediated dendritic action potentials, as opposed to the typical all-or-nothing action potentials observed in sodium and potassium ion flux. Very interesting read!

In this blog post, we introduce the Greykite library, an open source Python library developed to support LinkedIn’s forecasting needs. Its main forecasting algorithm, called Silverkite, is fast, accurate, and intuitive, making it suitable for interactive and automated forecasting at scale. Co-authors: Reza Hosseini, Albert Chen, Kaixu Yang, Sayan Patra, Rachit Arora, and Parvez Ahammad.

To support LinkedIn’s forecasting needs, we developed the Greykite Python library. Greykite contains a simple modeling interface that facilitates data exploration and model tuning. Its flagship algorithm, Silverkite, is highly customizable, with tuning parameters to capture diverse time series characteristics. The output is interpretable, allowing visualizations of the trend, seasonality, and other effects, along with their statistical significance.

The article then describes in detail:

• Forecasting applications
• Algorithm design
• Case studies
• User experience
• Evaluation

The Greykite library provides a fast, accurate, and highly customizable algorithm (Silverkite) for forecasting. Greykite also provides intuitive tuning options and diagnostics for model interpretation. Very interesting read!