https://milad.dev/Recent content on milad.devHugo -- gohugo.ioen-usWed, 19 Oct 2022 12:00:00 -0400https://milad.dev/about/Fri, 15 Dec 2023 12:22:30 -0500https://milad.dev/about/Bio I am a software engineer who strives for simplicity! I enjoy building lasting and impactful things! I am passionate about building highly available, scalable, and autonomous systems. I am experienced in: Distributed Systems Cloud Computing Automation Observability Manifesto My greatest qualities as an engineer are: How I treat other people How I work and collobarate as part of a team We don’t need a title to be leaders. Everyone should be a leader.https://milad.dev/gists/code-review/Wed, 19 Oct 2022 12:00:00 -0400https://milad.dev/gists/code-review/TL;DR Seek to understand the context of the change (what, why, and how). Seek to understand the author’s perspective. Check out the branch and test the changes locally on your own. Consider using the Conventional Commenting style to better convey your intent. Try to be thorough in your reviews to reduce the number of iterations. Ensure the author is clear on what is required from them to do. Communicate which ideas you feel strongly about and which you don’t.https://milad.dev/gists/what-is-nix/Tue, 14 Dec 2021 22:00:00 -0400https://milad.dev/gists/what-is-nix/TL;DR Nix is a purely functional package manager. It treats packages like values in purely functional programming languages. Packages are built by functions that do not have side-effects, and they never change after they have been built. Concepts Everything on your computer implicitly depends on a whole bunch of other things on your computer. Your computer is trusted to have acceptable versions of acceptable libraries in acceptable places. Nix removes these assumptions and makes the whole graph explicit.https://milad.dev/posts/security-for-devs/Tue, 11 Aug 2020 16:00:00 -0400https://milad.dev/posts/security-for-devs/Recently during an interview, I was asked a question about how much I know about security. At first, I paused for a few seconds because honestly, I didn’t know how to answer the question. Eventually, I answered as a developer I am making sure I am doing this, doing that, and following these best practices! After my interview, I was telling myself that I should know about the security best practices for developers and engineers.https://milad.dev/gists/rules-engine/Tue, 11 Aug 2020 02:00:00 -0400https://milad.dev/gists/rules-engine/TL;DR A Rule is a set of conditions triggering a set of actions (if <conditions> then <action>). A domain expert models the domain knowledge (buisness rules) by defining the set of all the rules. Rules are usually defined using a domain-specific lanaguage also known as DSL. Using these sets of rules, we can build an expert system that can make decisions on behalf of domain experts. A rules engine is in the core of an expert system.https://milad.dev/posts/ad-platform/Tue, 14 Jul 2020 16:00:00 -0400https://milad.dev/posts/ad-platform/Ad placement is a multi-objective optimization (MOO) problem. There are many factors needed to be taken into account and be optimized: Relevancy Advertiser Value User Value User Experiencce Retention Fairness Basket Size and more … The Marketing Funnel ___________________________ \ Awareness / \-----------------------/ \ Consideration / \-------------------/ \ Conversion / \ Loyalty / \ Advocacy / \___________/ Glossary Term Description Marketing The set of activities to attract people to products or services.https://milad.dev/gists/stream-processing/Thu, 26 Mar 2020 22:00:00 -0400https://milad.dev/gists/stream-processing/TL;DR Stream Processing is a big data paradigm. In Batch Processing, We need to have all data stored ahead of time. We process data in batches. We aggregate the results across all batches at the end. Batch processing tries to process all the data at once. In Stream Processing, Data come as a never-ending continuous stream of events. Stream processing naturally fits with time series data. Data are processed in real-time and we can respond to the events faster.https://milad.dev/gists/oauth-oidc/Thu, 26 Mar 2020 20:00:00 -0400https://milad.dev/gists/oauth-oidc/TL;DR OAuth 2.0 OAuth 2.0 is used for authorization. Terminology: Roles: Client: the application that wants to access the data. Confidential Clients: the clients with the ability to maintain the confidentiality of the client_secret. Public Clients: the clients that cannot maintain the confidentiality of the client_secret. Resource Owner: the user who owns the data. Resource Server: the system that authorizes access to the data. Authorization Server: the system which has the data that the client wants to access.https://milad.dev/gists/multi-tenancy-in-microservices/Mon, 23 Mar 2020 12:00:00 -0400https://milad.dev/gists/multi-tenancy-in-microservices/TL;DR Microservices architecture encompasses a few services to thousands of services that communicate with each other through APIs. Microservices should NOT introduce any breaking changes to their APIs. Every change in one microservice should be tested against other microservices that rely on it. There are two approaches for integration testing in a microservices architecture: Replica Environments (Parallel Testing) Creating a copy of the production environment for handling test traffic (integration or staging environment).https://milad.dev/gists/sed-by-examples/Sun, 22 Mar 2020 20:00:00 -0400https://milad.dev/gists/sed-by-examples/sed is a stream editor command available on Unix-compatible systems. sed is quite a powerful tool, but the learning curve is also high comparing to other similar tools such as grep or awk. Almost every time I want to do something with sed, I need to look it up and search for some examples. So, I decided to compile a concise tutorial for sed that covers the most common use-cases.https://milad.dev/gists/awk-by-examples/Sun, 22 Mar 2020 16:00:00 -0400https://milad.dev/gists/awk-by-examples/awk is a domain-specific language and command for text processing available on Unix-compatible systems. gawk is the GNU AWK and all Linux distributions come with it. This is a brief tutorial for awk covering the most common use-cases. awk reads input line by line from a file, pipe, or stdin and executes a program on each line. An input line has a number of fields separated by white space or by regular expression FS.https://milad.dev/gists/performance-testing/Sun, 22 Mar 2020 04:00:00 -0400https://milad.dev/gists/performance-testing/TL;DR The well-known types of performance testing are the following: Load Testing Load testing is the simplest form of performance testing. It is conducted to understand the behavior of a system under a specific load. The goal of load testing is to identify performance bottlenecks in the application. Stress Testing Stress testing is carried out to understand the behavior of a system in an overload situation. The goal of stress testing is to see if the system will perform satisfactorily when the load goes well above the maximum.https://milad.dev/gists/scrum-vs-kanban/Wed, 11 Mar 2020 16:00:00 -0400https://milad.dev/gists/scrum-vs-kanban/Comparison Matrix Scrum Kanban KPI Team velocity Cycle-time Goal Building highly reliable and predictable teams. Building flexible and resilient teams. Suitable For Consistent and predictable workloads.Mid-term and long-term Deliverables. Multiple teams at scale. Unpredictable and arbitrary workloads. Short-term and high-priority deliverables. Small and independent teams. Cadence 2-Weeks Sprints3 to 5-Sprints Milestones 1-Week Beats Roles Product Owner (PO)Scrum Master (SM)Development Team N/A Ceremonies PlanningDaily ScrumsReviewDemoRetroScrum of Scrums Daily Stand-ups Board Calendar-like board showing all days in sprint.https://milad.dev/posts/telepresence-with-konfig/Wed, 04 Mar 2020 16:00:00 -0400https://milad.dev/posts/telepresence-with-konfig/The Problem As a developer when you are working on a Kubernetes application on your local machine, if you want to test or debug something, you have the following options: A full environment running using docker-compose. A full environment running in a local Kubernetes cluster (Minikube or Docker-for-Desktop) Pushing instrumented code, building, testing, and deploying to a dev Kubernetes cluster through CI/CD pipeline. The problem with the first two options is the environment you get is not close by any means to your actual final environment (staging and production).https://milad.dev/posts/dynamic-config-secret/Wed, 04 Mar 2020 15:00:00 -0400https://milad.dev/posts/dynamic-config-secret/TL;DR Dynamic configuration management and secret injection refer to updating an application with new configurations and secrets in a non-disruptive way. Kubernetes ConfigMaps and Secrets mounted as files into containers will be updated with new values automatically. konfig makes dynamic configuration management and secret injection very easy to implement and use for Go applications. The Problem Dynamic configuration management and secret injection refer to a situation that your application can update its configurations and secrets without needing a restart.https://milad.dev/projects/konfig/Wed, 04 Mar 2020 14:00:00 -0400https://milad.dev/projects/konfig/konfig is a minimal and unopinionated configuration management library for Go applications. It is based on The 12-Factor App. I created this library as a response to repeating myself across almost every single service and application. It is a very minimal and lightweight library for reading configuration values either from command-line arguments, environment variables, or files. It uses reflection to automatically convert the input values to the desired types defined in Go.https://milad.dev/gists/what-is-rust/Sun, 01 Mar 2020 20:00:00 -0400https://milad.dev/gists/what-is-rust/TL;DR The Rust compiler is built on top of LLVM. Rust is a statically-typed language. Rust has optional types for handling null and the compiler requires the None case to be handled. Rust requires top-level items like function arguments and constants to have explicit types while allowing type inference inside of function bodies. Rust’s strong type system and memory safety are all enforced at compile time! Rust does not need to have a garbage collector!https://milad.dev/reads/Sun, 01 Mar 2020 14:00:00 -0400https://milad.dev/reads/ Coding conventional: comments Goodbye, Clean Code Source Code Management Setting Up Git Identities The History of Git: The Road to Domination in Software Version Control Why Google Stores Billions of Lines of Code in a Single Repository Bring your monorepo down to size with sparse-checkout Go https://abhinavg.net/posts/understanding-token-pos Kubernetes A Simple Kubernetes Admission Webhook AI/ML Machine learning has a backdoor problem Misc Using the iPad Pro as my development machine Google Recruiters Say Using the ‘X-Y-Z Formula’ on Your Resume Will Improve Your Odds of Getting Hired at Googlehttps://milad.dev/gists/relational-nosql/Sat, 29 Feb 2020 22:00:00 -0400https://milad.dev/gists/relational-nosql/TL;DR Distributed transactions are one of the hardest problems in computer science. NoSQL was a response to scalability limitation and a very high cost of traditional RDBMS. CAP theorem says in case of network partitions, among consistency (correctness) and availability, one has to be comprised in favor of the other. The first generation of NoSQL DBMS chose availability and they were eventually consistent. In theory, they will reconcile conflicts in a finite time after a network partitioning by probabilistically voting on what the data is supposed to be.https://milad.dev/gists/microservices-lessons/Mon, 24 Feb 2020 14:00:00 -0400https://milad.dev/gists/microservices-lessons/TL;DR Know Why With microservices, you will inevitably ship your org chart! Think about why you are doing it at an organizational level. Don’t focus on computer science! Focus on velocity. Optimize for velocity (not engineering velocity and not systems throughput). By assigning project teams to microservices, you reduce person-to-person communication and increase velocity. Serverless Still Runs on Servers The idea of single-purpose services is a failure mode to do it blindly.https://milad.dev/gists/cue/Sat, 22 Feb 2020 22:00:00 -0400https://milad.dev/gists/cue/TL;DR Three different approaches to dynamic configuration: Templating Examples: Helm, gomplate, etc. Text templating very quickly becomes fragile, hard-to-understand, and hard-to-maintain. Template writers lack the tools to build abstractions around the data. Layering Examples: kustomize Data layering breaks down when configurations grow in complexity and scale. Template writers lack abstraction and type validation. For large scale projects, inheritance creates deep layers of abstractions. Semantics are locked into an opaque tool and not exposed as language features.https://milad.dev/books/leaders-eat-last/Sat, 28 Dec 2019 16:00:00 -0400https://milad.dev/books/leaders-eat-last/ Recaphttps://milad.dev/gists/arch-without-end/Wed, 02 Oct 2019 22:00:00 -0400https://milad.dev/gists/arch-without-end/TL;DR In every organization of any size, the steady state is always a superposition of many different wavefronts of changes. Some of those changes are technological and some of them are market-driven The changes are originating at different places and sweeping through the organization at different speeds. Stop chasing the end state! Let’s focus on continuous adaptation instead of the grand vision. Embrace Plurality Avoid single system of record (SSoR). Federate extents from multiple different systems (multiple systems of record).https://milad.dev/quotes/Wed, 02 Oct 2019 22:00:00 -0400https://milad.dev/quotes/Be Kind! Everyone you meet is fighting a hard battle! -? Everything should be made as simple as possible, but no simpler. -Albert Einstein That’s been one of my mantras - focus and simplicity. Simple can be harder than complex: You have to work hard to get your thinking clean to make it simple. But it’s worth it in the end because once you get there, you can move mountains.https://milad.dev/posts/observability-overview/Sun, 08 Sep 2019 21:00:00 -0400https://milad.dev/posts/observability-overview/TL;DR Observability is the ability to understand what is going on in the inner workings of a system just by observing it from the outside. Your software should explain itself and what is doing! Pillars of observability are logs, metrics, traces, and events. Logs are structured logging or non-structured textual data. Used for auditing and debugging purposes. Very expensive at scale. Cannot be used for real-time computational purposes. Hard to track across different and distributed processes.https://milad.dev/posts/compilers-in-go/Mon, 02 Sep 2019 20:00:00 -0400https://milad.dev/posts/compilers-in-go/Theory What is a Language? Every Language is defined by specifying four sets: Alphabet The most primitive building block of a language is its alphabet. An alphabet is a finite set of symbols. The alphabet for English consists of letters A to Z (both capital and small) as well as punctuation marks. The alphabet for a programming language includes characters A to Z, a to z, and other characters such as -, +, *, /, ‘, “, etc.https://milad.dev/gists/charity-majors-on-observability/Mon, 12 Aug 2019 21:00:00 -0400https://milad.dev/gists/charity-majors-on-observability/TL;DR Observability refers to three different things: logs, metrics, and traces. The problem with logs is that you have to know what to search for before you know what the problem is! The problem with metrics is they are aggregated by time and you cannot break them down by high-cardinality dimensions (like user id for example). Logs, metrics, traces, and events they each prematurely optimize one thing and comprise another thing based on a premise upfront.https://milad.dev/gists/docker-components/Fri, 09 Aug 2019 22:00:00 -0400https://milad.dev/gists/docker-components/TL;DR The Open Container Initiative (OCI) is launched in June 2015 by Docker, CoreOS, and other leaders in the container industry. The OCI currently contains two specifications: runtime-spec and image-spec RunC RunC is the runtime for running containers according to the OCI specification (implements OCI runtime-spec). Runc leverages technologies available in Linux Kernel (cgroups and namespaces) to create and run containers. containerd containerd is a daemon and it manages the complete lifecycle of a container on the host operating system.https://milad.dev/gists/safe-system-programming/Thu, 08 Aug 2019 18:00:00 -0400https://milad.dev/gists/safe-system-programming/TL;DR The majority (70%) of CVE and vulnerabilities fixed at Microsft are caused by memory corruption bugs in C/C++ code. There are many tools for preventing, detecting, and fixing memory bugs. Developers tend to miss these tools because they are not the first-class citizen of the programming language and their learning curve are high. Developers should worry more about features and less about tooling and security. A memory-safe programming language removes the burden from developers and puts it on language designers.https://milad.dev/gists/how-to-do-ssh/Thu, 08 Aug 2019 16:00:00 -0400https://milad.dev/gists/how-to-do-ssh/TL;DR A study shows there is a cybersecurity attack every 39 seconds. In a typical SSH protocol: the server trusts the client if the client’s public key is listed as authorized, and the client trusts the server’s public key on first use (TOFU). The trust on first use (TOFU) approach delegates the trust to the clients and leave them vulnerable to man-in-the-middle attacks. One solution to fix this is using SSH certificates and SSH certificate authorities (CA).https://milad.dev/gists/gitops/Sun, 14 Jul 2019 15:00:00 -0400https://milad.dev/gists/gitops/TL;DR GitOps is an operation model for cloud-native applications running on Kubernetes (created by Weaveworks). To the most part, it is infrastructure-as-code with continuous integration and continuous delivery. The idea is having Git as the source of truth for all operations. A single Git repository describes the entire desired state of the system. Operational changes are made through pull requests. Changes can be peer-reviewed, versioned, released, rolled back, audited, etc. Diff tools detect any divergence and sync tools enable convergence.https://milad.dev/books/sre/Sun, 14 Jul 2019 00:58:00 -0400https://milad.dev/books/sre/Recap Site reliability engineering is Google’s approach to service management. If you think of DevOps more of as a culture, as a mindset, or as a set of guidelines, SRE is a framework that implements DevOps. This book is more like a collection of essays with a single common vision. SRE teams consist of people with software engineering skills and operation knowledge. Google places a 50% cap on all operation (ops) work aggregated for all SREs, and the remaining 50% should be spent on development work for the purpose of automation.https://milad.dev/books/five-dysfunctions/Sun, 30 Jun 2019 00:58:35 -0400https://milad.dev/books/five-dysfunctions/Recap This book starts with a story about an imaginary tech company that is going through a hard time after an initial success. The board decides to bring a new CEO onboard. She starts to make changes and building a team until she manages to turn the company around. The author defines five dysfunctions that prevent teams from achieving collective result and success. These dysfunctions are not independent of each other.https://milad.dev/books/accelerate/Sun, 30 Jun 2019 00:58:18 -0400https://milad.dev/books/accelerate/Recap This book defines software delivery performance and how to measure it. Software delivery performance can be measured by the four following metrics: Lead time Deployment frequency Mean time to restore (MTTR) Change fail percentage These four measures of software delivery performance are classifiers for three groups: High performers Medium performers Low performers Finally, the following 24 capabilities are suggested to drive improvement to software delivery performance. Continuous Delivery User version control for all production artifacts.https://milad.dev/gists/service-mesh/Mon, 10 Jun 2019 14:00:00 -0400https://milad.dev/gists/service-mesh/TL;DR Microservices are about communicating through APIs! A service mesh defines the communication interface between microservices. In an orchestrated environment (Kubernetes), containers talk to each other on top of overlay networking. Service mesh is a central source of truth for controlling the information flow between microservices. Mesh enables both the scalability benefits of microservices as well as centralized advantages of monoliths. Service meshes come with built-in observability (logging, metrics, and tracing) for microservices communications.https://milad.dev/gists/knative/Sat, 08 Jun 2019 15:00:00 -0400https://milad.dev/gists/knative/TL;DR Knative is a cloud-native serverless framework for Kubernetes environments. It is created and open-sourced by Google with contributions from other companies (Pivotal, IBM, Lyft, etc.). Unlike current serverless frameworks (AWS Lambda, Azure Functions, …), Knative eliminates cloud vendor lock-in. Knative usese Kubernetes for container orchestration and Istio service mesh for routing, load balancing, etc. Knative has three components: Build, Serving, and Eventing. Build: builds containers from source code on Kubernetes (on-cluster container builds).https://milad.dev/posts/github-tools/Sun, 02 Jun 2019 11:13:06 -0400https://milad.dev/posts/github-tools/I have been using and evaluating dozens of GitHub Marketplace Apps for a few months now for a real-world microservices application built in Go. So, I decided to share what I liked and what I didn’t like about these integrations. The nice thing about using GitHub Marketplace is that your integrations and billing are all consolidated in one place. As an organization or a billing manager, it is much easier to manage all these different services from a single hub.https://milad.dev/posts/grpc-in-microservices/Sat, 01 Jun 2019 16:38:33 -0400https://milad.dev/posts/grpc-in-microservices/I have been working with a microservices application using gRPC as the main service-to-service communication mechanism for almost a year. So, I decided to write a blog post and share my experience on how to do gRPC right in a microservices world! So, let’s get started! TL;DR DRY! Have a package for your common messages. Choose unique names for your gRPC packages. Choose singular names for your gRPC packages. Distinguish your gRPC package names with a prefix or suffix.https://milad.dev/gists/gvisor-container-runtime/Sun, 19 May 2019 15:14:56 -0400https://milad.dev/gists/gvisor-container-runtime/TL;DR A container is a package format and a content addressable bundle of content addressable layers! namespaces and cgroups are two key features of Linux kernel enabling containerization. Containers running on a host share a single Linux kernel! (a singler scheduler, a single memory manager, and so on) The Linux kernel has so many known and unknown bugs! Sandboxes are a way of getting an extra layer of isolation for containers.https://milad.dev/posts/graphql-overview/Tue, 30 Apr 2019 23:01:17 -0400https://milad.dev/posts/graphql-overview/TL;DR GraphQL is an API integration layer in distributed software (microservices) world. GraphQL is both a query language and a runtime for executing the queries. GraphQL solves underfetching and overfetching problems. GraphQL is strongly typed. Caching, profiling, and rate limiting are challenging with GraphQL! Schema stitching is a technique for decentralizing a GraphQL schema in microservices world. Schema stitching can be done by convention or configuration. GraphQL schemas can be completely decentralized by choreography.https://milad.dev/projects/cherry/Sat, 27 Apr 2019 04:44:44 -0400https://milad.dev/projects/cherry/Cherry is a single opinionated tool for all of your DevOps processes (build, test, release, deploy, etc.). Instead of keeping hard-to-understand and hard-to-maintain shell scripts in every repository, you can use Cherry! GitHub Repohttps://milad.dev/gists/software-dep-problem/Sat, 27 Apr 2019 03:11:51 -0400https://milad.dev/gists/software-dep-problem/Takeaways: Reusing software through external dependencies has become widespread so quickly. The risks associated with software dependencies are not yet fully studied and considered. Follow the latest and best practices available for managing software dependencies. READ MOREhttps://milad.dev/posts/hello-world/Sun, 07 Apr 2019 21:58:44 -0400https://milad.dev/posts/hello-world/This is my first post as I am getting to know Hugo and setting up my personal tech blog.