Why microservices fail

Gianna has joined Avidoo Inc., a productivity platform, as a senior software engineer. In a kick-off meeting with the rest of her team, she brings up the subject of microservices and whether the team has adopted them in any way. She immediately gets a strong reaction.
“We have tried adopting microservices, but they don’t work”, Byron offers.
“It became a terrible mess!”, Kary adds.
Gianna blinked her eyes three times expecting some kind of elaboration, but none followed.
After an uncomfortable silence, Gianna asks: “So what happened?”
“At first it was great. Every time we were asked to create something new we had the opportunity to add a service and use whatever languages and frameworks we wanted to experiment with. We exposed REST APIs on systems it needed to collaborate with or worked on their databases directly. But after a while, things started to break more and more often and development slowed to a crawl.”
Gianna sighs. It sounds to her like her team had been building a distributed monolith, while what they had meant to build were microservices.
Read more →

Docker containers vulnerability scan with Clair

When you work with containers (Docker) you are not only packaging your application but also part of the OS. Therefore it is crucial to know what kind of libraries might be vulnerable in you container. One way to find this information is to use and look at the Docker Hub or Quay.io security scan. The problem whit these scans is that they are only showing you the information but are not part of your CI/CD that actually blocks your container when it contains vulnerabilities.
Read more →

Only trigger a release when the build changed

Back in the early days, when we used XAML builds in TFS (wow that seems like ages ago!), we had the possibility to NOT execute a build when nothing changed in the source code repository. This checkbox “Build even if nothing has changed” does not exist anymore in VSTS.

For me this is not a real problem, when you build your source code, it is also a validation if your underlying system is OK. It is more a problem when you automatically trigger a release pipeline after a nightly build. Why should you release a new version of your application, when it is not a new version but exactly the same version. Of course, we can discuss that it should not be a problem, that you should always be able to release, but still. It is unneccessary and sometimes even not wanted.
Read more →

Eight Characteristics of Successful Software Projects

We do a lot of software projects at Xebia Software Development. We work most of the time at our client’s location, in their teams. Together we improve the quality of their software, their process, and engineering culture. As such, we’ve seen a lot of projects play out. Most of these efforts succeeded but some failed. Recently we did a retrospective to learn from these experiences. The result is this opinionated list of characteristics of successful software projects.
Read more →

Cheating and building secure iOS games

You probably have one of the million games where you earn achievements and unlock specials on your iPad or iPhone. If you develop games, you've probably wondered about people cheating your games? In this blog we're going to show you how to try cheating out yourself and how to build secure iOS games.Read more →

De-mystifying Jest Snapshot Test Mocks

So, let’s say you have a nice React Native setup with the Jest testing library. You want to snapshot-test all your components of course! But you’re getting seemingly unrelated errors when you tried to mock a third party module in your snapshots and you’re lost in all that API documentation. Let’s dig into an example and get a clear picture of what’s happening under the hood.

Read more

Monitoring a Kubernetes Environment

This post is part 3 in a 4-part series about Container Monitoring. Post 1 dives into some of the new challenges containers and microservices create and the information you should focus on. Post 2 describes how you can monitor your Mesos cluster. This article describes the challenges of monitoring Kubernetes, how it works and what this means for your monitoring strategy.
 
What is Kubernetes?
Kubernetes is a powerful orchestration system, developed by Google, for managing containerized applications in a (private) cloud environment. Kubernetes is able to automate the deployment, management and scaling of containerized applications and services. Kubernetes provides the infrastructure to build a truly container-centric development and operations environment.

Share This