Discover more from The Engineering Value Chain Revolution
EVC #3: Headless orchestration, a bug that exposed Russian espionage, and a DYI k8s cluster
Over the last few years, the JAMstack has started to gain a lot of mainstream attention. There’s been a ton of innovation in this space across the stack, with companies like Netlify (CDN), Gatsby (Frontend), Strapi (OSS CMS), Contentful (CMS), GraphCMS (CMS + mesh), Nacelle (Commerce), and more leading the charge of this “Headless Everything” movement. I remember when all you had to setup a static website was Jekyll :)
One thing I’ve heard from multiple people though, is that it’s becoming hard for teams to manage all the different products. If you work at an ecommerce company, you have to log into one site to build forms, another one to update the blog, they then have to update the ecommerce items on yet another platform, and each time they have to make sure it rebuilds the site. To run an A/B test you need to have the engineering team manually create a new branch, deploy it, then go on Netlify to set how often it gets shown. As an engineer, you need to build two-way sync logic for all these services manually, which is a nightmare in itself.
I think the orchestration middleware for all these APIs will be one of the most interesting spaces to watch over the next couple years. GraphCMS is building a content federation middleware, TakeShape also has a “Mesh” product in beta, and I’m sure more of these will pop up. It feels like the “best in breed” to “all-in-one” pendulum swings every 5-10 years (please not WordPress again at least…), but great tooling could actually let us enjoy best in breed without the orchestration overhead. Please do share any other cool tools you might see here, or solutions you have built yourself!
A Cryptologic Mystery: Matt Blaze tells the story of how a bug in a random numbers generator in a Cuban numbers station helped the FBI uncover a Russian espionage ring in Boston (These are the same spies from the “The Americans” TV show, FYI!)
Anatomy of my Kubernetes Cluster: One way to deal with latencies caused by testing on remote clusters is to make them local instead! Antonin Stefanutti explains how he used a Raspberry Pi to build a rig that could run his k8s clusters at home and make his dev process more efficient.
Anatomy of a Hack: SolarWinds and Ripples Beyond: a podcast with Joel de la Garza (former CSO of Box) and Steven Adair from Volexity breaking down the SolarWinds hack. Fascinating to see how the attackers infiltrated the build process and leveraged DNS’ CNAME values to initiate attacks.
troff was not so widely usable: how John Gilmore and his team reverse engineered Adobe’s fonts from the ROM of a LaserWriter in the 1980s. Includes the reverse-engineered source code too!
Founder Bolt ⚡
Rick Lamers is the founder of Orchest. Orchest is a new kind of IDE for Data Science. It allows you to quickly iterate on your ideas by integrating Jupyter Notebooks with a visual pipeline builder. The integrated scheduler can run your pipelines as cron jobs allowing you to go from idea to production all from within the same integrated environment.
What’s one productivity hack that you really love? (Automation, dotfiles tweaks, etc)
`regex`! I find myself writing regexes for all kinds of text. I typically open it up in Sublime Text and then do some regex search/replace to get something into a shape that I like. After a course in Automata it clicked completely. Before that course I was scared of writing and reading regexes. It's actually not difficult once the concept clicks (repeating patterns) and a tool like https://regex101.com/ gives you a powerful playground with code snippet generation.
What’s the latest product your engineering team has adopted at work?
PostHog: it's a fantastic product analytics product that's open source, and as a result lets us protect our users' privacy while enabling us to improve the product experience of Orchest.
What technology/architecture are you the most excited about trying? What about getting rid of?
I want to spend more time with Julia. I think the concept of best in class libraries being written in the language itself is a really powerful language feature and something that makes Python with its C-based modules inferior. If possible, we should get rid of `bash`. The syntax is arcane, behavior is inconsistent across platforms, and it makes reuse and proper abstractions near impossible.
What’s one side project you started but never finished?
A browser based MMORPG!