BC SOFTWARE
Saved by @Alex1Powell

If you missed @clare_liguori's Continuous Delivery session this week (like I did) then good news, it's available on-demand now 🎊

https://t.co/78b8sI2hHs

And here's my play-by-play for the session

🧵...

 This is a typical CD pipeline in AWS.

This is far more complex than the most complex CD pipeline I have ever had! Just cos it's complex, doesn't mean it's over-engineered though. Given the blast radius, I'm glad they do releases carefully and safely.
If you look closely, beyond all the alpha, beta, gamma environments, it's one-box in a region first then the rest of the region, I assume starting with the least risky regions first.
For anyone thinking about going multi-region (after the recent Kinesis outage), this is one of the complexities you need to consider. To do multi-region right and deploy safely (minimize blast radius), this is one of the complexities you have to factor in.
This "deploy small at first then more broadly" principle applies to #serverless apps too, though you can't "deploy to one box". You can do it with canary deployments instead, CodeDeploy supports this practice for Lambda (using weighted aliases) out-of-the-box.
However, weighted-alias has no session-affinity and it's not possible to propagate the canary decision along the call chain (e.g. when an API function invokes another function via SNS/EventBridge, etc.)...

More details in this post:
https://t.co/l0f44tunJD
This problem applies to API Gateway's canary support too, which has no session affinity, so a user making 2 requests (for a paginated endpoint) can yo-yo between the canary and current production channels.
For simple use cases, this might be fine, but hardly ideal for minimizing blast radius, or if you want to do some A/B tests on new features.

Personally, I love what you can do with @LaunchDarkly such a slick control panel and super easy to use ❤️
But for Lambda functions, it gets a bit trickier because you need so many persistent connections... so, your best bet is to use a proxy (run it in Fargate) as I described in this post: https://t.co/O0W62mU2AN

It can get expensive though, because you're hitting DynamoDB a lot!
Anyway, I digress...

"One box used to mean one VM, but over time it has also come to mean one container or a small percentage of Lambda function invocations"

ha, so they use weighted-alias for microservices that run on Lambda too, starting at 10% at first
And instead of rolling out the other 90% all at once (which is still risky), they use rolling deployment, which, CodeDeploy supports also.
Do this "one-box => rolling deploy pattern to the rest" pattern in one region first, then rinse and repeat for the other regions.

And within each region, apply the same pattern to AZs too.
To crawl back some speed (otherwise, every deployment would take weeks...) they deploy the regions in waves.

First few waves deploy to one region and one AZ at a time, later waves (after you build some confidence) deploy to multiple regions in parallel
mm.. this is interesting!

Deployments are staggered, so multiple deployments can be in motion and at different stages at once.

How does this affect rollback I wonder 🤔 e.g. if v1 deployment craps out at wave 5 and triggers rollback, what of wave 1 which is deploying v5?
I had to build custom mechanisms to stop parallel deployments in the past, because of the complication to rollbacks. Interesting to see AWS had gone the other way. But I get why they do it, to get some speed back.
Summary for this section of the talk. Automatic rollback next, really interested to see how that works with respect to these staggered deployment waves.
"At Amazon, we don't want to have to sit and stare at the dashboard every time we do a deployment, we want to deployments to be hands-off"

Have thresholds on a bunch of metrics (regional, zonal aggregates as well as per-box) to trigger automatic rollbacks.
And they also use monitoring canaries (which, as an AWS customer, we have CloudWatch Synthetics for that) so they can look at system health more holistically to trigger rollback.
"The impact from a deployment doesn't always show up during a deployment"

haha, been there... once had a slow memory leak that showed up 2 weeks after a deployment 🤦‍♂️
The pipeline continues to monitor the metrics during bake time for a deployment. And it'll hold the deployment during the bake time, and not let the deployment move onto the next stage under after the bake time. Otherwise, you can be seeing the impact of another deployment.
Finally, here it is:

1. auto-rollback only in regions/zones that tripped the threshold
2. eng has to decide whether to roll back the whole thing or retry

e.g. something else could have happened in the offending region, which is why thresholds were crossed
If they decide to rollback, then everything gets rolled back.

Or, they can roll forward and push out a v3 deployment instead, which fixes whatever problem that got picked up in that failed region.
In the scenario where you have v2 and v3 deployments happening at the same time (at different stages), if v2 hit a snag and has to rollback the whole thing. I wonder if they'd rollback any v3 changes that's been applied to the regions in earlier waves too. 🤔
That seems the only sensible thing to do.

Anyway, Claire moves onto how to design your changes so they can be rolled back automatically.

As much as possible, make backward-compatible changes 💯
Otherwise, you're forced to make a phased deployment where each phase contains backward-compatible changes.

This mirrors a lot of database migrations when you move from one database to another one and you can't do it with downtime.
Seriously though, if you need to make breaking changes, first see if you can do it with a small downtime. It'll save you so much complexity and extra work.

It's not an option at AWS scale of course, but you're not AWS.
Before they even get to the production deployment, there's a bunch of pre-production test environments.

And they basically practice the one-box deployment in the gamma (production-like) environment.
The one-box deployment in Gamma gives them a bit of backward-compatibility test, that it's ok for there to be two versions running side-by-side. So the monitoring canaries would help pick up incompatibilities there.
Some teams go even further with backward-compatibility test by adding another zeta stage to make sure new frontend works with current production backend.
That was great. So nice to see what AWS is doing to ensure deployments are safe and fast (well, as fast as can be without putting customers at risk)

If you wanna catch the session yourself, here's the on-demand video: https://t.co/78b8sI2hHs

More from Software

Nirbhay Vashisht
Nirbhay Vashisht
@nirbhayvashisht
How to join a developer community?
or
How to find mentors/developer friends?

A detailed thread 🧵👇

For context I have been a part of various developer communities for ~3 Years. I have found that learning with people is the best and most effective way to learn.

So here are the ways you can join a developer community:

💻 If you are a student

Many companies have their campus ambassadors/ Hack clubs / Developer club program that you can join or lead in your campus.

Some of my favorites:

⚡️Student Ambassador program @Microsoft (I am a part of this for 2 years now)
SOFTWARE
Jared Naude @ rC3 \U0001f680
Jared Naude @ rC3 🚀...
@JaredNaude
Infrastructure review #rc3


There were only 18 heralds for all the talks. It was really hard to pull off, this conference also started a news show. #rc3


Next is the heaven team. 1487 total angels volunteered of which 710 arrived. 76 weeks worth of work hours were done by the angels. They prepared a few goodies for the RC3 world. Badges were given to show angels. Tried to keep traditions from the conference on RC3 world. #rc3


Huge thanks to all the angels who volunteered. This conference would not be possible with the help of everyone. #rc3


Next team is the signal angels, this is the first time that people had to do remote Q&A. The procedure was quite different to the in person event. There were 157 shifts filled by 61 angels. There were 5 unfilled shifts. #rc3
SOFTWARE
Advertisement
Charity Majors
Charity Majors
@mipsytipsy
Developer productivity, y'all. It is a three TRILLION dollar opportunity, per the stripe report.

Eng managers and directors, we have got to stop asking for "more headcount" and start treating this like the systems problem that it is. https://t.co/XJ0CkFdgiO


If you are getting barely more than 50% productivity out of your very expensive engineers, I can pretty much guarantee you cannot hire your way out of this resourcing issue. 😐

(the stripe report is here:

Say you've got a strategic initiative that 3 engineers to build and support it. Well, they're going to be swimming in the same muddy pipeline as everyone else at ~50%, so you're actually gotta source, hire and train 6, er make that 7 (gonna need another manager too now)...

...which actually understates the problem, because each person you add also adds friction and overhead to the system. Communication, coordination all get harder and processes get more complex and elaborate, etc.

So we could hire 7 people, or we could patch up our sociotechnical system to lose say only 25% productivity to tech debt, instead of 42%? 🤔

By my calculations, that would reclaim 3 engineers worth of capacity given a team of just 17-18 people.
SOFTWARE
Scott Piper
Scott Piper
@0xdabbad00
As the year wrap's up, let's run through some of the worst public security mistakes and delays in fixes by AWS in 2020. A thread.

First, that time when an AWS employee posted confidential AWS customer information including including AWS access keys for those customer accounts to


Discovery by @SpenGietz that you can disable CloudTrail without triggering GuardDuty by using cloudtrail:PutEventSelectors to filter all events.


Amazon launched their bug bounty, but specifically excluded AWS, which has no bug bounty.


Repeated, over and over again examples of AWS having no change control over their Managed IAM policies, including the mistaken release of CheesepuffsServiceRolePolicy, AWSServiceRoleForThorInternalDevPolicy, AWSCodeArtifactReadOnlyAccess.json, AmazonCirrusGammaRoleForInstaller.
SOFTWARE
Jessica G. Young
Jessica G. Young
@JessGeraldYoung
@JuliaLMarcus @Iplaywithgerms This paper gives documentation on software (with causal reasoning, assumptions reviewed in appendix) for a parametric approach to estimating either "total effects" or "controlled direct effects" with competing events and time-varying

@Iplaywithgerms Total effects capture paths by which treatment affects competing event (e.g. protective total effect of lifesaving treatment on dementia may be wholly/partially due to effect on survival). Controlled direct effects do not capture these paths

@Iplaywithgerms More detailed reasoning on the difference and tradeoffs between total and controlled direct effects and causal reasoning in the point treatment context provided here along with description of some estimators and

@Iplaywithgerms If you are familiar with more robust approaches like IPW or even better TMLE for time-varying treatment, these are trivially adapted to go after the controlled direct effect by simply treating competing events like loss to follow-up (censoring). e.g.

@Iplaywithgerms Examples of IPW estimation of the total effect of a time-varying treatment described in Appendix D of this paper:
https://t.co/RNhcgTBMkb
And here
https://t.co/rMWmwFBWwV
Others in reference lists of above papers.
SOFTWARE

You May Also Like

Alex Oluwatobi
Alex Oluwatobi
@alexlobaloba
According to psychologists, there are four types of intelligence:

- Intelligence Quotient (IQ)
- Emotional Quotient (EQ)
- Social Quotient (SQ)
- Adversity Quotient (AQ)

1. IQ is the measure of one's ability to comprehend, solve maths; memorize things & recall subject matters.

2. EQ is the measure of your ability to maintain peace with others; keep to time; be responsible; be honest; respect boundaries; be humble, genuine, and considerate.

3. SQ is the measure of one's ability to build a network of friends & maintain it over a long period of time.

4. AQ is the measure of your ability to go through a rough patch in life and come out without losing your mind. It is a new paradigm and can be used to determine who will give up in face of troubles and may abandon their families.

Now to the very interesting & analytical part👇

People that have higher EQ & SQ tend to go further in life than those with high IQ but low EQ &SQ.

Most schools capitalize on improving IQ level while EQ & SQ are played down.

A man of high IQ can end up being employed by a man of high EQ & SQ even though he has an average IQ.

Your EQ represents your character; your SQ represents your charisma. Give in to habits that will improve these three Qs but more especially your EQ and SQ.

EQ and SQ make one manage better than the other.

Try not only to have a higher IQ but also to have higher EQ and SQ.
ALL
Pulp Librarian
Pulp Librarian
@PulpLibrarian
Due to the pandemic you may not have visited your local library in a while. So come with me on a virtual library tour, courtesy of stock photography, to see what we do for a living...


Libraries are of course information resource centres, but in many ways they are so much more. To get the best out of them you need to really know your way around the stacks.


The enquiries desk is normally your first stop in a library, and this is where you will meet The Angry Librarian! Why is she angry? Because you keep asking her stupid questions!


"Are you open?"
"Do you have a toilet?"
"That chair's wobbly!"
"Why isn't it available in audiobook?"
"Someone else is on the computer and that's not fair!"

On and on it goes...


And that's why in the library we insist on silence. It's the only way to stop us swearing at all the idiotic things you ask us. And we've looked up a lot of old swear words: beardsplitter, bescumber, rantallion, smellfungus etc. We're such muckspouts...
ALL
Advertisement
Henry George \u0646
Henry George ن
@intothefuture45
Thread: *Post-Liberal reading list*
1/ Religion and the Rise of Capitalism - R.H. Tawney
Unto This Last - John Ruskin
Liberty, Equality, Fraternity - James Fitzjames Stephen
The Great Transformation - Karl Polanyi
The Quest for Community - Robert Nisbet

2/ Family and Civilisation - Carle C. Zimmerman
Science, Politics and Gnosticism - Eric Voegelin
Liberty Before Liberalism - Quentin Skinner
The Great Debate - Yuval Levin
Lincoln and the Politics of Christian Love - Grant Havers
Where We Are - Roger Scruton

3/ The Humane Vision of Wendell Berry - Various
The Unsettling of America - Wendell Berry
Moral Matters - Mark Dooley
Red Tory - Phillip Blond
Blue Labour - Eds. Ian Geary and Adrian Pabst
Together for the Common Good - Eds. Nicholas Sagovsky & Peter McGrail

4/ The Politics of Virtue - John Milbank & Adrian Pabst
Localism in a Mass Age - Eds. Mark T. Mitchell & Jason Peters
The Antimodern Condition - Peter King
The Principle of Duty - David Selbourne
Nostalgia - Anthony Esolen
A Common Human Ground - Claes G. Ryn

5/ The Politics of Gratitude - Mark T. Mitchell
A Time to Build - Yuval Levin
Remaking One Nation - Nick Timothy
Despised - Paul Embery
Defending Identity - Natan Sharansky
Between Kin and Cosmopolis - Nigel Biggar
The Virtue of Nationalism - Yoram Hazony
CULTURE
:Billy-Don :I-AM
:Billy-Don :I-AM
@ValiantThor12
1) 💜 THE EVENT 2020 - THE 1221 MULTIDIMENSIONAL STARGATE 💜
PLEIADIAN LIGHT FORCES TRANSMISSIONS - 12182020
CHANNELED BY MICHAEL LOVE
A SPECIAL MESSAGE TO THE STARSEEDS OF NEW EARTH, FOR IMMEDIATE PLANETARY BROADCAST…
PRELUDE:
THE FOLLOWING INFORMATION IS DERIVED FROM DIRECT,

2) DECODED ETHERIC TRANSMISSIONS FROM BENEVOLENT LIGHT FORCES DOCKED IN EARTH’S SOLAR SYSTEM AND SOME OF THE DATA COMES DIRECTLY FROM CERTAIN INSIDE EARTH ALLIANCE MEMBERS KNOWN AS THE WHITE HATS, AND THE GREAT WHITE BROTHERHOOD STRATEGICALLY PLACED IN KEY POSITIONS OF POWER BY

3) THE GALACTICS ON THE SURFACE OF PLANET EARTH!
THE DATA HEREIN IS RECEIVED AND TRANSMITTED FROM THE 5D LEVEL! THIS MESSAGE IS INTENDED ONLY FOR THE STARSEEDS OF EARTH!
GREAT ONES,
WE HAVE SPOKEN OF THE EVENT 2020 THIS ENTIRE EARTH YEAR AS ALL PLEIADIAN AND EARTH ALLIANCE INTEL

4) SHOWS INDEED THAT A MAJOR COSMIC EVENT IS GOING TO OCCUR IN ONLY 3 EARTH DAYS FROM NOW!
ON DECEMBER 21, 2020, A MAGNIFICENT CELESTIAL STARGATE WILL OPEN IN THE HEAVENS WHICH MARKS THE DAWN OF THE NEW GOLDEN AGE OF AQUARIUS AND THE 1ST DAY OF THE SATYUGA OF CENTRAL SUNLIGHT!

5) IN THE MORNING HOURS OF THE WINTER SOLSTICE, THE LONG-AWAITED NEW ERA OF LIGHT WILL FINALLY DAWN AND THE NEW 5D EARTH WILL BE BORN!
THE COSMIC GATES WILL BE FULLY OPENED ON 12/21/20 ALLOWING POWERFUL STREAMS OF COSMIC LIGHT TO ENTER EARTH'S ATMOSPHERE, UPGRADING ALL SENTIENT
ECONOMY
Lakshminarayan G
Lakshminarayan G
@narayanagl
The Chanting of following names of Bhagwan Vishnu, immensely helps us in overcoming the obstacles in our daily life.
These names are from Sri Vishnu Sahasranama!
|. "Om Vashatkaaraaya Namaha" : For Success in Business.
||. "Om Aksharaaya Namaha" : For Success in Studies.


|||. "Om Bhuthabhavanaya Namaha" : For Good Health.
|V. "Om Paramaathmane Namaha" : For Self Confidence.

Src: VAK magazine from Chilkur Balaji Temple, Hyderabad - Sri @csranga
#SanatanaDharma #SanatanaSanskriti #Sattology

One needs to chant the following slokas 28 times to get rid of certain problems in life.
Om Hrushikesaya Namah - For Overcoming Bad habits
Om Vashatkaaraya Namah - For Success in Business, Interviews, visa interviews, building relationships


Om Srimate Namah - For Handsome appearance & wealth
Om Aksharaya Namah - For Education & better financial strength
Om Paramatmane Namah - For self employed people, for promotions and success in games.
Om Putatmane Namah - To remove mental stress & for mental peace


Om Sarmane Namah - For Job Satisfaction
Om Bhutadaye Namah -To amend soured friendship or any personal relationship
Om Dhatre Namah - For issueless couple
Om vidhatre Namah - Pregnant Ladies to Chant for healthy babies.
Chant the following 108 times :
ALL