Open Policy Agent, Part I — The Introduction

Recently I was looking for a way to implement access control for microservices. I needed a solution that would allow defining complex authorization rules that could be enforced across many services. After searching the web, I discovered a very promising Open Policy Agent project that seems to be the right tool for the job. In this series of three blog posts, I am going to introduce Open Policy Agent to you and highlight how it can help you.

Continue reading “Open Policy Agent, Part I — The Introduction”

Preparing my lab: Flashing the HP P420 Storage Card

Say “Hello” to Buildah, Podman, and Skopeo

Are you still doing all your Linux container management using an insecure, bloated daemon? Well, don’t feel bad. I was too until recently. Now I’m finding myself saying goodbye to my beloved Docker daemon, and saying hello to Buildah, Podman, and Skopeo. In this article, we’ll explore the exciting new world of rootless and daemon-less Linux container tools.

Continue reading “Say “Hello” to Buildah, Podman, and Skopeo”

Achieving the promise of Microservices, one contract at a time

So many organizations are jumping on the Microservices bandwagon. The amount of hype makes the phenomenon nearly impossible to ignore. According to InfoQ, Microservices and their respective frameworks are in the “Late Majority” stage, meaning that even those industries and enterprises which are slow to adopt new tech are using them. That said, many of those same organizations are struggling to attain the promises that have been espoused by companies like Google or Twitter around Microservices.

Continue reading “Achieving the promise of Microservices, one contract at a time”

Configuring Envoy to Auto-Discover Pods on Kubernetes

This blog was originally published on Ales Nosek – The Software Practitioner.

Pods on Kubernetes are ephemeral and can be created and destroyed at any time. In order for Envoy to load balance the traffic across pods, Envoy needs to be able to track the IP addresses of the pods over time. In this blog post, I am going to show you how to leverage Envoy’s Strict DNS discovery in combination with a headless service in Kubernetes to accomplish this.

Continue reading “Configuring Envoy to Auto-Discover Pods on Kubernetes”

Troubleshooting the Performance of Vert.x Applications, Part III — Troubleshooting Event Loop Delays

This article was originally published on Ales Nosek – The Software Practitioner.

In the previous entry to this series, we reviewed several techniques that help you to prevent event loop delays. However, even the best programmer makes mistakes. What should you do when your Vert.x application doesn’t perform as expected? How to find out what part of your code is blocking the event loop threads? In the final part of the series, we are going to focus on troubleshooting event loop delays.

The event loop thread model is vastly different from the thread-per-request model employed by standard JEE or Spring frameworks. From my experience I can report that it takes developers some time to wrap their heads around it and that at the beginning they tend to make the mistake of introducing blocking calls into the event loop’s code path. In the following sections, we will discuss several techniques of how to troubleshoot such situations.

Continue reading “Troubleshooting the Performance of Vert.x Applications, Part III — Troubleshooting Event Loop Delays”

Troubleshooting the Performance of Vert.x Applications, Part II — Preventing Event Loop Delays

This article was originally published on Ales Nosek – The Software Practitioner.

In the previous part of the series, we took a closer look at the event loop model. In this article, we are going to discuss several techniques that help you to prevent event loop delays.

The causes of event loop delays can be divided into two categories. The first category contains event loop delays caused by a handler calling a blocking API. The second category covers delays caused by a handler code taking a great amount of CPU time to complete. Let’s start with the first category and talk about blocking API calls.

Continue reading “Troubleshooting the Performance of Vert.x Applications, Part II — Preventing Event Loop Delays”