Another recap of a week’s worth of links, news, and discussions around technical leadership and technology; as usual, follow me of Linkedin if you want to receive a notification when I share a new link.
What I have been reading this week
This week my morning commute has been dedicated to reading Terraform Up and Running. As it is the case of many books of rapidly evolving technologies, the content is now quite a bit outdated as the book was released in 2017, but still I can certainly recommend it. It might be worth checking whether a second edition is in the making before buying it, though.
It’s also worth noting that most (if not the majority) of the book is derived from a series of blog posts on Medium. So if you are not bothered by Medium annoying paywall, and don’t care for a physical copy of the book, you can read them all for free here:
- Why we use Terraform and not Chef, Puppet, Ansible, SaltStack, or CloudFormation
- An introduction to Terraform
- How to manage Terraform state
- How to create reusable infrastructure with Terraform modules
- Terraform tips & tricks: loops, if-statements, and pitfalls
- How to use Terraform as a team
As I said, I found the book excellent. Its main contribution to Terraform practitioners is the blueprint it offers to use Terraform in a team.
- Layered repository structure: organize repositories in three layers (Environment/Component/Modules) to avoid dealing with big (and potentially risky) state files.
- Versioned Modules: always reference modules by Git ref (including tag or commit id) to avoid fragile dependencies on base modules
Topics I talked about this week
Another interesting (in)security story, this time coming from France. Do you know how we are often suspicious of government-developed software? Well, France tried to prove us wrong developing Tchap, a super secure messaging to replace Whatsapp and Signal. And it took 75 minutes to a hacker to hack into it.
Looking into our own security, how annoying are hidden folders created by operating systems (I’m looking at you, _.DSstore)? It turns out they can be a source of sensitive information, so it’s a good practice to automatically check you are not pushing them to public repositories.
Still talking about Apple, MacOS Malware Encyclopedia is a reminder that Macs are not immune from virus and malware anymore.
I’m quite interested in learning paths, and defining courses and skills for different developer roles. This project on Github tries to give a visual roadmap to help developers discover tools and skills to improve their careers.
Another case study illustrating how cost effective can be using serverless tools: How we serve 25M API calls from 10 scalable global endpoints for $150 a month
Four more links to close:
- Kubernetes External Secrets — GoDaddy Engineering Blog
- Python at Netflix – Netflix TechBlog
- Can you expose your services with an API gateway in Kubernetes?
Have a great week!