CodeIsGo.com

X-Ray is AWS’s distributed tracing system. What the hell is a distributed tracing system? That means that you can trace requests as they travel through your architecture. By John T Earl.

When working in a micro-service world distributed tracing is a powerful tool that allows developers, operations, architects, and managers to see the big picture view of the application.

The author then quickly goes over:

• How does AWS X-Ray work?
  • Segments
  • Traces
  • Service Map
• When do I use AWS X-Ray?
• X-Ray language support

X-ray uses an SDK and a daemon/agent. To use X-Ray you’ll need to integrate with the SDK and install the X-Ray agent then you’re good to go. X-Ray will receive data from services in segments. It groups any common segments together into something called traces.

AWS X-Ray is an invaluable tool for micro-services. If you’re working in a micro-service architecture and haven’t enabled X-Ray give it a try. Enabling X-Ray is simple and the service map it provides is great if you’re a visual learner. Like all AWS services, it’s cheap to use. The cost model is 100,000 free traces recorded a month, 1 million traces retrieved or scanned free each month. If you exceed that the cost is .000005 cents per trace or $5 per million traces. Light and to the point!

GraphQL is already known for its good parts. GraphQL helps to build super scalable APIs. It reduces coupling between code and data provider. Deno is one of the fastest-growing frameworks/languages to build APIs. By Deepak Vishwakarma.

However, Deno community still new. So there is a very little framework in the Deno community. Some of them are in a very early stage of development.

In this article, author will explain how you can easily integrate the GraphQL nodejs module with Deno. This is a very basic implementation. The article goes over:

• Introduction
• Prerequisite
• Basic project directory setup
• Velociraptor as script runner
• Basic server using Oak
• Basic mock database
• Create a /GraphQL endpoint to handle GraphQL POST request
• Create GraphQL schema and resolver
• Route to handle Query and execute

You will also get the link to repository with the code so you can follow the steps in the article. Interesting read!

The art of picking up wisdom from many different places. As creative entrepreneurs, we are always relying on inspiration. It’s what drives us forward to make new art and express ourselves in a financially viable way. By Jesty Beatz.

You can have the best idea in the world, but it won’t matter if you lack the knowledge of executing it. For this, we are dependent on those who came before us, those who cultivated their own knowledge through experience: mentors.

Unfortunately, not all of us will have the privilege of directly studying under a capable mentor. That doesn’t mean that you have to go at it without any help whatsoever, nor that you can’t move intelligently on your own. And once you have become successful, you will have the option of becoming the mentor you may never have had for others.

The most important aspect of having or being a mentor is cultivating wisdom from experience. When you put yourself out there, be aware. When you succeed, try to assess exactly why you could be successful in a given venture. What about your actions created a positive effect?

If you continue to succeed, you will eventually find yourself in a position where others rely on you for their livelihoods and inspiration. This is a great privilege, which is all too often taken for granted. Good read!

Asynchronous task management using Gevent improves scalability and resource efficiency for distributed systems. However, using this tool with Kafka can be challenging. By Jessica Zhao and Boyang Wei.

At DoorDash, many services are Python-based, including the technologies RabbitMQ and Celery, which were central to our platform’s asynchronous task-queue system. We also leverage Gevent, a coroutine-based concurrency library, to further improve the efficiency of our asynchronous task processing operations.

However when migrating to Kafka, we discovered that Gevent, the tool we use for asynchronous task processing in our point of sale (POS) system, is not compatible with Kafka. This incompatibility occurs because we use Gevent to patch our Python code libraries to perform asynchronous I/O, while Kafka is based on librdkafka, a C library. The Kafka consumer blocks the I/O from the C library and could not be patched by Gevent in the asynchronous way we are looking for.

The article then describes how and why:

• Why move away from RabbitMQ/Celery to Kafka with Gevent?
• The new challenges of migrating to Kafka
• Replacing Kafka’s blocking call with a Gevent asynchronous call
• Throughput comparison: Kafka vs Celery

We liked: Celery and Kafka show similar results on small loads, but Celery is relatively sensitive to the amount of the concurrent jobs that it runs, while Kafka keeps processing time almost the same regardless of the load. Good read!

Across Spotify, our teams diligently strive to fulfill our mission to “unlock the potential of human creativity by giving millions of creative artists the opportunity to live off their work, and billions of fans the opportunity to enjoy and be inspired by it”. Published by Maria Jernström and Jason Palmer.

Our Golden Paths were created to help engineers start new projects quickly. This tool uses the wizard format to reduce the number of decisions engineers have to make to build backend services, application features, data pipelines, machine learning projects, and web apps. Golden Paths are also accompanied with documentation that describes the best engineering practices for this type of project.

Platform Developer Experience (PDX) Tribe, part of Spotify’s Technology Infrastructure Group, focuses on unlocking the creativity of engineers by building tools and establishing best practices that automate processes to make Spotify a true DevOps company. In Spotify focusing on speed, means quickly turning their ideas into products and experimenting to improve the user experience, growing into new markets, and remaining competitive as a content streaming provider

The article the describes how:

• We need to experiment quickly
• Automating the workflow to decrease build times
• Let’s start with the Golden Path
• Automatically building websites
• Helping engineers confidently perform continuous deployment
• DevOps operations for autonomous teams
• Recapping our efforts to improve our DevOps organization

Previously, it took about 14 days for a web developer to build a campaign site, requiring a heavier lift to manage integrations between different technologies. To create a website developer used to have to complete many steps. There was clearly an opportunity for them to build a new process, automate the project setup, and allow Spotify’s engineers to move faster. As an infrastructure team, they’re consistently pushing the needle forward to create abstractions that reduce low-variance work. Very nice!

NetworkX is a package for the creation, manipulation, and study of the dynamics, functions and structures of networks. It allows us to use complex graph algorithms to solve network-related problems. By Ivan Despot.

Source: https://memgraph.com/blog/how-to-write-custom-cypher-procedures-with-networkx-and-memgraph

This tutorial is split into following sections:

• Introduction
• Prerequisites
• Understanding NetworkX Basics
• Setting up NetworkX in Memgraph
• Writing a Custom Procedure for Cypher
• Editing Graphs with NetworkX
• Passing Arguments to Custom Procedures
• MAGE - Introducing Memgraph Advanced Graph Extensions

… and more. While there are some limited functionalities, Memgraph offers a straightforward way of using the NetworkX package on graph-like objects that can stream the native database graph directly. This kind of implementation improves memory usage significantly and adds in-memory efficiency to NetworkX algorithms. You will get a lot of query examples and links to some more reading. Great!

Angular is one of the most popular front-end frameworks, with 30% of developers preferring it for their projects. Angular is especially useful for large scale projects with many different views and components. By Ryan Thelin.

The key to making these large scale projects engaging is a logical navigation structure that allows users to easily explore and revisit pages. Thankfully, Angular’s routing functionality makes optimizing navigation simple.

Today, we’ll learn more about Angular Router’s capabilities and help you make a fully navigable app. In this article author will cover:

• What is Angular Router
• What are wildcard routes
• Child routes
• The RouterLink Directive
• Adding ActiveLink Styles
• Lazy loading modules
• What to learn next

The Angular Router is an importable package built-in to Angular 2+ by default. It’s used to build Single Page Applications with multiple views that can be navigated by URL, known as “routing”. Routing is the key to keep users engaging with your app, especially for large applications. However, it’s just one part of making an excellent Angular app. You will also get links to further reading, code to follow examples and charts explaining some concepts. Good read!

Anthos Service Mesh is a managed service mesh for Google Kubernetes Engine (GKE) clusters. Anthos Service Mesh allows GKE clusters to use a single logical service mesh, so that pods can communicate across clusters securely and services can share a single Virtual Private Cloud (VPC). By Waheed Brown and Jianhe Liao.

For those who want to get started immediately, there is a Git repo with complete source code and README instructions. There are also bonus sections at the end, for mesh traffic security scanning and external databases respectively.

This guide then walks you through set up process:

• Supported version
• Shared VPCs
• SSL/TLS termination
• Security
• Container workload security
• Container runtime (Containerd)
• Security scanning with Prisma Cloud (formerly Twistlock)
• External databases with Google Cloud SQL for PostgreSQL
• Towards federated clusters

The authors recommend using the cos_containerd runtime for GKE clusters using Anthos Service Mesh. The current Docker container runtime is being sunsetted from GKE. Adopting cos_containerd now will avoid having to migrate in the future. Excellent read!

Alex Birsan recently published his article “Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies” in which he explains how he used language level package managers like npm (Javascript), pip (Python), and gems (Ruby) to get companies to install and run his malicious code on their infrastructure. By Paul Bakker and Kavitha Srinivasan.

The key features of the DGS Framework include: annotation-based spring boot programming model, test framework for writing query tests as unit tests, gradle code generation plugin to create java/kotlin types from a graphql schema, easy integration with graphql federation, integration with spring security, graphql subscriptions (websockets and sse), file uploads, error handling, automatic support for interface/union types, a graphql client for java, pluggable instrumentation.

The article then reads about:

• Why we needed a DGS framework
• Schema-first development
• The framework in action
• Fitting into the GraphQL Server Ecosystem
• Federation
• Framework architecture
• Distributed tracing and metrics

The DGS Framework has been a success at Netflix owing to the efforts of multiple teams coming together. Further, you will find links to the further reading, documentation and tutorials in the article. Good read!

Alex Birsan recently published his article “Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies” in which he explains how he used language level package managers like npm (Javascript), pip (Python), and gems (Ruby) to get companies to install and run his malicious code on their infrastructure. By Nils Adermann.

The problem boils down to companies referencing internal packages by name, e.g. “my-internal-package” and an attacker then publishing a package by the same name “my-internal-package” with a higher version number on the central registry / package repository for that language (for PHP that would be packagist.org).

    "repositories": {
        "private-repo": {
            "url": "https://my-repo.internal"
        }
        "packagist.org": {
            "url": "https://repo.packagist.org",
            "exclude": ["myprefix/*"]
        }
    }

The article then describes what Composer and Packagist have in place to help protect companies from this serious problem:

• Composer package names always include a vendor prefix
• As of Composer 2.0 custom repositories are canonical by default
• Private Packagist has always treated third party mirrored repositories including packagist.org as canonical and never loaded package information from mirrors if a private package by that name exists
• Private Packagist allows you to manually approve each newly mirrored package
• Composer always generates a lock file
• With Composer 2 you can exclude package names or patterns from loading for each repository

Supply chain attacks like the ones described by Alex are a serious threat to businesses and have frequently shown up in the news recently, so it is important that your business understands the risks it is exposed to and takes measures to mitigate them. Good read!