The story of Slack's no-good, very bad day.

Plus some leaked password facts, running apps on EC2 spot instances, and Abstract Wikipedia.

#274 — July 8, 2020 Web Version StatusCode Weekly Covering the week's news in software development, ops, platforms, and tooling. A Terrible, Horrible, No-Good, Very Bad Day at Slack — While I don't think you can take pleasure in someone else's outage, the story behind an outage can make for good reading indeed. So it goes here with a significant outage Slack had in May and it came down to how they were using HAProxy, one of my favorite bits of infrastructure software ever. Laura Nolan ▶  The Story of Building Subversion — A podcast interview (but with full transcript!) with one of the original creators of Subversion, a version control system that saw a lot of popularity in the early 2000s. CoRecursive Podcast podcast The Codified Cloud Security Platform for Developers — Bridge the gap between security and developers with a common language—code. Find, fix, and prevent cloud misconfigs in both run-time (AWS, GCP, etc.) and build-time (Terraform, CloudFormation, etc.). Sign up for free. Bridgecrew sponsor Code Only Says What It Does — But, quite often, the why is useful to know too, and "few topics invite a programmer flame war like comments.." Some basic thoughts worth chewing over. Marc Brooker How Hackers Are Exploiting a 5-Alarm Networking Equipment Bug — "Any company that uses a certain piece of networking equipment from Seattle-based F5 Networks had a rude interruption to their July 4 weekend…" Andy Greenberg ▶  A Professor Tries to Solve 240 Comp Sci Exam Problems in 4 Hours — An almost four hour long video where a CS professor attempts to solve every exam problem from the GATE theory exams (a set of exams administered in India) and explains his thinking along the way. Easy Theory ⚡️ Quick bytes: SUSE is to acquire Rancher Labs, best known for their Kubernetes tooling. Some analysis of millions of leaked passwords shows 123456 is the most popular password (0.722%), plus lots of other fun stats including how few were truly unique. A fascinating Twitter thread about an out-of-the-blue S3 bill for $2700. The creators of FaunaDB have raised $27M – I've been seeing FaunaDB in a lot more places recently (particularly in its serverless niche). docs.github.com is a new, centralized home for all of GitHub's product documenation and here's how they built it. The US Supreme Court has said that generically named domains can now be trademarked (e.g. booking​.com). The Wikimedia Foundation are showing off Abstract Wikipedia, a new, cross-language way to share factual data more universally. 💻 Jobs Find a Job Through Vettery — Use Vettery to connect with growing tech teams at startups and Fortune 500 companies. Vettery DevOps Engineer at X-Team (Remote) — Join X-Team and work on projects for companies like Riot Games, FOX, Coinbase, and more. Work from anywhere. X-Team ℹ️ Interested in running a job listing in StatusCode Weekly? There's more info here. 📕 Tutorials, and Guides Running Spot Instances Effectively with Amazon EKS — One of the developers behind Basecamp's new HEY email service shares some insights on keeping as much of their compute infrastructure on EC2's cheaper spot instances as possible (around 90% so far, they claim). Blake Stoddard (Basecamp) Building Serverless GraphQL API in Node.js with Express and Netlify — A very accessible tutorial that will suit anyone who likes to keep things easy to maintain. Matthew Ström How to Measure Linux Performance Avoiding Most Typical Mistakes: Disk Storage Peter Zaitsev The SaaS Security CTO Checklist — Learn the latest best practices for SaaS CTOs and technical leaders around leveling up your company's security with this actionable checklist. Sqreen sponsor Building Domain Driven Microservices — If you've been in the industry a while you'll see the same ideas come around again and again, and DDD is one of those. This is, nonetheless, a good high level overview. Chandra Ramalingam How to Test and Play with Web APIs the Easy Way with Postman Colby Fayock Scaling Linux Services: Before Accepting Connections Theo Julienne 💭 Opinions and Stories The Evolution of HEY: Basecamp's New Email Service — I've not been convinced by HEY for my personal use, but Basecamp has clearly made a splash here and it's a neat story. Jonas Downey (Basecamp) These are Exciting Days for ARM Processors — ARM or ARM-based processors are getting all over the place now, whether in phones, the Raspberry Pi, and, next, the Mac. Stephen Smith Why AnyList Won't Be Supporting 'Sign In with Apple' — Privacy is good, but Apple's 'sign in' platform can cause a lot of confusion with end users. Jeff Hunter The BBC iPlayer Team's Journey with End to End Tests — A brief look at how iPlayer Web achieved a stable end to end testing platform using BrowserStack. Dineshraj Goomany Cloudflare's Approach to Making the WAF 40% Faster — Web Application Firewalls are a key part of protecting modern webapps against security threats nowadays and Cloudflare runs one at mega scale. This post covers a few of the things they've done to improve performance. Miguel de Moura (Cloudflare) How Did Vim Become So Popular — Short walk through Vim's origins and why is Vim so popular today Pragmatic Pineapple Gopherspace in the Year 2020 — I know this makes me a huge nerd, but anything to do with 'old' Internet protocols is my bag, and did you know there are still Gopher systems out there? Think the Web, but more lightweight and hierarchical. (And modern versions of cURL even support it.) Cheapskate A Look At The Die of the 8086 Processor — It might be 42 years old, but even so, its complexity and manufacturing process is mind boggling. Ken Shirriff 🛠 Code and Tools Ward: A Simple and Minimalistic Server Dashboard B-Software unavatar: A Way to Quickly Get User Avatars — Given a username or email address, it'll query multiple social providers to return an avatar. It's built using Node.js and is open source if you want to run your own version. Kiko Beats HTTPie: A Command-line HTTP Client for the API Era — JSON and sessions support, syntax highlighting, wget-like downloads, plugins, and more. HTTP Prompt is built on top of this and takes things a step further if you want flag completion or OpenAPI/Swagger spec integration support, say. Jakub Roztocil Webinar: Observability and Reliability in Deep Systems Lightstep sponsor GitHubDefreshed: A User Script to Bring Back the Old GitHub Repo Layout — If you happen to dislike the new GitHub repository page layout, this Greasemonkey/Tampermonkey script brings back the old layout. Kir_Antipov Bach: A Testing Framework for Bash Scripts — The idea is that behavior is verified without actually running the commands specified in the scripts. Bach Testing Framework Red Hat Mandrel Makes Java Native — Mandrel is a new GraalVM-based Java distribution that compiles Java apps directly to native code. InfoQ Heliocron: Run Programs in Relation to Daylight — We've linked this before but it's had some updates. It's capable of delaying execution of other programs for time periods relative to 'solar events' like sunrise and sunset. Michael Freeborn Guietta: A Novel Library for Building Simple Python GUIs — The approach taken here is really neat. You basically lay out labels, fields, and buttons using a plain text approach. Alfio Puglisi

Curated by Cooperpress. Change your email address or Stop getting this newsletter. © Cooper Press Ltd · Fairfield Enterprise Centre, Louth, LN11 0LS, United Kingdom