Leveraging eBPF in the Kubernetes Networking Model

eBPF is a relatively new extension of the Linux kernel that can run sandboxed programs in a privileged context. It is used to safely and efficiently extend the capabilities of the kernel at runtime without requiring changes to kernel source code or the loading of kernel modules. Because of eBPFs tight integration with the networking stack at the kernel level, it is seeing adoption in networking applications. This includes Kubernetes networking through eBPF implementations of the Kubnernetes networking stack like Cilium....

August 21, 2023 · 4 min · Kevin Sookocheff

Trust your users — they’re usually right

I was recently introduced to a simple article on system design: Users are almost always right. In it, a simple rule is stated: When the users keep doing it wrong, the users are right and your system is wrong. This rule reminded me of the concept of desire paths: unplanned trails created by human or animal traffic that usually represent the shortest or easiest route between two places. Desire paths in an urban setting often run counter to what a planner might suggest, leading to a natural conflict between the pedestrian and the planner....

May 29, 2023 · 3 min · Kevin Sookocheff

Generating Large Test Files

I was recently testing file upload performance, and needed several large files of different sizes to test with. To make the math easier, it was helpful if I had files with round numbered sizes like 10MB, 20MB, or 100MB. After searching around for files of the right size, it turns out the easiest solution is to generate one yourself using the Linux command line. Depending on your needs, you can use two different methods of generating files using some simple commands....

May 24, 2023 · 2 min · Kevin Sookocheff

Generating JSON Web Token Assertions

A JWT (JSON Web Token) is a type of security token that is used to securely transmit information between parties. It is a compact and self-contained way of representing claims to be transferred between two parties. Many API providers require you to generate a cryptographically signed JWT assertion that includes the authorization you are requesting from the server. If the server accepts the assertions you are claiming in the JWT, it will respond with an access token granting access to the API....

May 11, 2023 · 8 min · Kevin Sookocheff

Tackling Technology Strategy with Portfolio Management

Application Portfolio Management (APM) draws inspiration from financial portfolio management, which has been around since at least the 1970s. By looking at all applications and services in the organization and analyzing their costs and benefits, you can determine the most effective way to manage them as part of a larger overall strategy. This allows the architect or engineering leader to take a more strategic approach to managing their application portfolio backed by data....

April 27, 2023 · 6 min · Kevin Sookocheff

Making Sense of Kubernetes Metrics

Shortly after deploying a new Kubernetes cluster, one of the first things you will likely want to do is collect some metrics and data about how it operates. There are two projects that are typically used for this, and since they are named similarly it can be confusing to know which one you should use and why. This post hopes to clear up any confusion between the Kubernetes Metrics Server and kube-state-metrics....

March 24, 2023 · 6 min · Kevin Sookocheff

Project Management for Software Engineers

At some point in your career you will be asked to manage a project. This can be intimidating, it can be scary, but it doesn’t have to be. We can leverage some time-honoured techniques, and adapt them to the unique approach required for software projects to deliver on time, on budget, and with success. This article is a collection of techniques I’ve learned for managing projects over time, that attempts to combine agile best practices with project management best practices....

March 8, 2023 · 16 min · Kevin Sookocheff

Increased virtualization performance with the AWS Nitro System

Amazon’s Elastic Compute Cloud (EC2). EC2 is a web service that provides resizable, on-demand computing capacity — literally, servers in Amazon’s data centers — that you use to build and host your software. It’s important to understand that EC2 is a virtual computing environment. In a virtual environment, there is one physical server with all of the necessary hardware — CPU, memory, hard disk, network controller and more. This single physical server can host multiple operating systems and applications through a hypervisor that runs directly on top of the physical machine....

December 21, 2022 · 3 min · Kevin Sookocheff

Using Neovim as a Java IDE

I first learned Vim in university and, since then, it has been a welcome companion for the majority of my software engineering career. Working with Python and Go programs felt natural with Vim and I was always felt productive. Yet Java was always a different beast. Whenever an opportunity to work with Java came up, I would inevitably try Vim for a while, but fall back to IntelliJ and the IdeaVim plugin to take advantage of the rich language features a full-featured IDE can give you....

December 14, 2022 · 20 min · Kevin Sookocheff

Distributed System Models in the Real World

Practical distributed applications are deployed into varied environments and execute on a variety of different machines linked together over a variety of communication infrastructure. The physical machines themselves can differ in the number and speed of processors, the availability of random access and stable storage, and more. The communication infrastructure can differ in the available levels of latency, throughput, and reliability. Because of these differences, it is more practical to look at distributed algorithms from a higher-level perspective so that they are applicable to a wide range of environments....

September 20, 2022 · 28 min · Kevin Sookocheff