Learn By Doing Newsletter

Welcome to another week of this esteemed curated newsletter! This thing has taken off much more than I could have ever imagined it would in a little over 3 months. I am very excited to introduce Linux Academy as the title sponsor for this week. The folks over there are turning out high quality content to help you learn everything from system administration to Kubernetes.

In this weeks volume there is a lot of Terraform related content, with the leading article being a demo of how to provision Azure AKS using Terraform. There is a cool introduction/walk-through from Auth0 on how to implement full stack typescript projects using Next.js. If data visualization is your jam you should also checkout the new Pts.js library.

I am also working on adding a feature that allows you, the incredible subscriber, suggest articles to me. This could be a post that you recently wrote that you think others will enjoy or just a cool article that seems relevant. Until that feature is rolled out feel free to reply to this email and make your suggestion directly to me.

Using Kubernetes - on-prem vs public cloud Kubernetes is portable, extensible, and self-healing. The main differentiators to decide whether to house your Kubernetes cluster on-prem or on a public cloud is business-based. So what are some use-cases for both on-prem and publicly-hosted deployments? What are the basic principles for deploying? How can you use Kubernetes? #sponsored

☁️ Cloud

Provisioning Kubernetes clusters on AKS using HashiCorp TerraformWho doesn't enjoy some Scott Hanselman on a Friday before your work day starts? If you have been working on spinning up a Kubernetes cluster then you might have explored doing so with Terraform and Azure AKS. This is a good overview from Hashicorp Developer Advocate on how to spin up your AKS cluster.

A Comprehensive Guide to Authenticating to AWS on the Command LineOnce you get past the basic AWS CLI authentication and venture into more complicated setups like multiple profiles, accounts, or multi-factor authentication you are probably going to stub your toe. It's not uncommon to get hung up on how to authenticate via the AWS CLI in these scenarios. The folks over at Gruntwork have recognized this problem and put together this in-depth guide on each scenario and the tradeoffs involved.

AWS icon quiz - how well do you know the little icons in the console?Do you know the AWS icons and what service each of them represents? Now you can test yourself thanks to a lonely person on Hacker News. If it makes you feel better, I only managed to get 50% on this.

Using Consumers with Kinesis Enhanced Fan-OutThe AWS Kinesis team announced support for enhanced fan-out. With this feature consumers don't need to poll the stream for data as it is pushed directly to them. Additionally, the throughput (2 MiB/second) is dedicated and consumers don't have to contend with one another.

Going Serverless: From Common LISP and CGI to AWS Lambda and API GatewayI have seen posts about using native binaries in AWS Lambda. In fact, I have actually done something that required that myself. But I have never seen an NESL interpreter implemented in AWS Lambda in order to move a LISP service to serverless.

Netflix Cloud Security: Detecting Credential Compromise in AWSAnother fresh cut from the Netflix tech blog. This time the focus is on detecting compromised AWS credentials by keeping track of "good" IP addresses. This is so that you can accurately detect a potential attack based on an IP address you have not seen before.

🔨 Tools

Infer - Static code analyzer to detect null references and memory leaksThis is an internal tool that Facebook has released that does static analysis on Java, C, and Objective-C languages. It is interesting to see a static code analysis tool for Java that detects null pointers and memory leaks. One of the biggest gotchas I have hit in Android development has been memory leaks, so I'm excited to give this a try on an upcoming project.

lazygit - simple terminal UI for git commandsThe README pretty much sums this one up for us: Are YOU tired of typing every git command directly into the terminal, but you're too stubborn to use Sourcetree because you'll never forgive Atlassian for making Jira? This is the app for you!

GLB: GitHub's open source load balancerGitHub open sourced their Layer 4 load balancer that is used internally on their metal cloud. This load balancer is similar to the Katran project Facebook released as well as the Network Load Balancer in Google Cloud. If low level load balancing is your jam, this post has just about all of the gory details you need.

repo-security-scanner- CLI tool that finds secrets accidentally committed to a git repo Yet another CLI tool to watch your Git logs and see if keys have been committed to your source code. This is another friendly reminder, don't store secrets, keys, or passwords in source control.

HashiCorp Terraform 0.12 Preview: Rich Value TypesHashicorp has been working on Terraform 0.12 for a while now and many are interested to see if some of the pain points, like complex value types, will be addressed. It looks like Terraform is going to add support for these complex value types.

Pts - A library for visualization and creative codingThis is a very interesting javascript library that came out this week. It is meant to help you create visually stunning graphical representations and unleash your creativity. There is a bit of a movement beginning in the webdev space around creating art from code and I think this is certainly a library that is making that a reality.

sclack - The best CLI client for Slack, because everything is terrible!Slack for the CLI is a very real thing and this version looks the most promising. Keep in mind this project is in Alpha and so your mileage is definitely going to vary. Bonus points to the creators for the "Made with [rage emoticon]".

Code && Languages

How to Make an Awesome Blog Using Gatsbyjs and AWSMy latest blog post is out! In this post I walkthrough how I (finally) stood up my own blog at blog.kylegalbraith.com using GatsbyJs, TailwindCSS, Terraform, and AWS. Give it a read if your looking to quickly stand up your own blog, and then start sending me links to your content.

Securing Web Sites Made Them Less AccessibleThis is an interesting counter argument to the idea of HTTPS everywhere. Here the author highlights that requiring HTTPS on every site significantly increases the load time for users that are not on modern day internet connections. I think this is another indicator that as developers we need to be thinking globally and not just locally. I still believe HTTPS is the right answer, but we must also think about how to improve this experience.

How to efficiently store and query time-series dataI am certainly not a database expert, but I found this article quite interesting. Here ForecastCycles is loading large chunks of time series financial data into PostgresSQL and seeing great performance results. This runs contrary to the authors original intent where they thought they were going to need use a different database system like Timescale or InfluxDB.

Writing Loosely-Coupled Analytics Using Interfaces With Kotlin for AndroidThis is a great example in Android of how to decouple components like analytics using event dispatchers in Java. It is a good read on how a small refactor can remove sprawling dependencies across your codebase and centralize things like raising analytics events to a single class.

An Overview of Destructuring Assignments in Node.jsDestructuring assignment to assign variables from objects or arrays is a very interesting feature of ES6. In this post Valeri explains some of the intricacies and error cases of the destructuring assignment.

RESTful API Design — Step By Step GuideA nice refresher on REST API design never hurt anyone. Knowing some of the best practices around RESTful services is important when you are building new services or refactoring existing ones.

Full-Stack TypeScript Apps - Part 1: Developing Backend APIs with Nest.jsThis is a great walkthrough guide to creating a sample application using Nest.js and Angular. I like that this uses TypeScript out of the box and there are decorators that are very familiar to most of us. One thing I think is missing from this is actually deploying the application and using Swagger.

.NET Core Self-Contained and Framework-Dependent Deployments ExplainedSelf-contained deployments have arrived in .NET Core. If you are unsure of what that means for your .NET apps, give this article from Daniel Crabtree a read. Keep in mind there are trade offs here (ahem package size) that should be considered before you make the decision to use this.

How we’re scaling our platform for spikes in customer demand - CoinbaseThe rise in popularity of cryptocurrency over the past 18 months has seen explosive growth at exchanges like Coinbase. In this article you can read about the challenges the engineering team at Coinbase faced in scaling their Ruby application and MongoDB to support the rise in growth they were seeing. Important lessons like data relationship models, distributed monitoring, and query caching layers.

😎 Cool find of the week

A book for the community by the community on how to survive Hacker Summer Camp! This is a useful resource that Collin Montenegro and Alexander Delgado put together for folks to prepare for and make the most out of Hacker Summer Camp. If your not sure what that is, give this ebook a read. It is effectively a collection of security focused conferences like DEF CON, BSidesLV, and BlackHat. If you are going to these types of conferences you should prepare your electronic devices.