cache-strategy-from-http-to-db

Series: blog

found some more articles on caching: reducing the network load for HTTP by caching without ever shipping deprecated data The Cache Headers Could Probably be More Aggressive article points out, why for many general use cases, the Cache-Control header with public, max-age=0, must-revalidate are a reasonable choice: after the initial transmission, a 304 in HTTP is much smaller than a 200 response still it ensures, that the client is always served the latest content But if the asset is immutable anyway (think of a JavaScript library of a certain version), then max-age=0 → max-age=31560000 (1 year) and must-revalidate → immutable is more reasonable and saves HTTP requests which would return 304 anyway.
Read More…

cloud native software engineering

Series: blog

The Cloud Native Software Engineering paper provides a good 101 overview over the current state of the art. Also quite a bit history and is covering important topics alike automation & IaC observability dynamic scaling the fine balance between cost, availability and performance edge computing … A good 9 pages read and nice references.

thread modelling 101 (DE)

Series: [blog security]

I really like the Threat Modeling 101 – Wie fange ich eigentlich an? blogpost from Kevin Peters at CodeCentric for a nice, still high level overview: following the OWASP thread modeling four question framework: What are we working on? What can go wrong? What are we going to do about it? Did we do a good job? OWASP Threat Dragon as modelling tool including data flow, data transforming processes and external services with the different focus asset orientated - what do we even want to protect?
Read More…

Cloudland 2023

Series: [blog k8s]

Cloudland this year was quite some time ago, but better late then never: Michael Friedrich spoke about Observability for Efficient DevSecOps Pipelines. While there is (obviously) some GitLab promotion, some issues to me seem common with other pipelines: slow pipelines unnecessary blocking/sequentiality missing cache for common transferred static data container registry, blobs, external artefacts observability principles need to be applied to CI/CD pipelines, too. telemetry! Don’t try to do everything in one step.
Read More…

IGER - Intergalaktische Erfahrungsreise 2023

Series: [blog k8s]

The IGER is running 🎉 quite some art 😊 inspiring “how to data fusion” discussion at the hackcenter presented Schlanke OCI Container (GER) (recording) and a lightning-talk about Marp WOC 💛 forging!! also: visiting this heritage site update: the Hands-Free Coding in 2023 talk was very good.

Conflict-free Replicated Data Type

Series: blog

Conflict-free Replicated Data Type (CRDT) - a data structure for distributed data storage systems and multi-user applications with consistency (not necessary respecting global constrains). Might be useful for distributed and (partial) offline workloads

voronoi diagrams

Series: blog

voronoi diagrams and sweep line algorithms can be quite useful for some graph problems

wireguard

Series: blog

WireGuard talk and Noise Protocoll Framework

GPN21

Series: [k8s security blog]

recordings from GPN21 are online. (Already enjoyed From 0 to Kubernetes, Modern Observability .. LGTM Stack, buffer overflow, Seitenkanalanalyse der SHAKE-Funktion in CRYSTALS-Dilithium, mit Mathematik API übernehmen - more to follow 😀 ) O-Auth intro