• jjjalljs@ttrpg.network
    2·
    2 hours ago

    One of my jobs went to microservices. Not really sure why. They had daily active users in the thousands, maybe. But it meant we spent a lot of time on inter-service communication, plus local development and testing got a lot more complicated.

    But before that, it was a single API written in Go by an intern, so maybe it was an improvement.

  • stupidcasey@lemmy.world
    4·
    3 hours ago

    Director: Blue, I need you to work on a patch for the suspension barrier, it seems to have a memory leak.

    Blue: I could if I wasn’t allocating so much time to holding together a patchy framework, if I drop it now the whole system will break, what we need to do is re-build the entire thing from scratch in a new entirely blue framework, if we did that we wouldn’t have to allocate so many resources to patch work.

    Director: that sounds like it would cost money…

    Blue: it would now but in the future it would save us so much more.

    Director: couldn’t you just work harder for less pay?

    Blue: no I literally couldn’t.

    Director: Green seems to be holding it together well.

    Blue: that is because Green is at the bottom of the stack, he doesn’t have to deal with it he makes it our problem.

    Director: I don’t know, sounds like a skill issue to me, no vacation time until it’s fixed.

    Blue: Like I even get a vacation anyway.

    • mcv@lemmy.zip
      4·
      2 hours ago

      The system I’m working on is shit. The devs all know it, the users all complain about it. It needs to be fixed, and not only do I seem to be the person most driven to fix it, it turns out I’ve been hired explicitly to replace the shittiest part of it. So that’s actually pretty good, right?

      Except my PO doesn’t quite want me to do that yet. First, he needs me to shovel more shit onto it. Shit that’s going to be the first stuff that I’ll replace once I get to replace stuff, and then that stuff will be a lot easier, whereas now it would be a lot harder and too slow to be useable. But new features are more important than making this useable.

      He’s a nice guy, but he doesn’t get technical priorities, and priorities are the primary responsibility for a PO.

  • LyD@lemmy.ca
    5·
    5 hours ago

    The architect is colouring all the balls

    The senior developer is arguing with the architect

    The junior developer is cannonballing somewhere in the middle

  • Dumhuvud@programming.devEnglish
    21·
    5 hours ago

    I’m so confused by the meme. What the hell is a “monolithic bug”? And what does DevOps have to do with software architecture?

    • SleeplessCityLights@programming.dev
      3·
      3 hours ago

      Most DevOps spend our days designing and coding. We are deeper into architecture than anyone else, the dev team does not even consider deployment and uptime. We have to go to each separate teams meetings because our input is needed for many decisions. I had no idea that it was like this when I got into it.

      • themaninblack@lemmy.world
        1·
        2 hours ago

        Devs used to have to consider deployment and uptime! They still should. We as an industry became arbitrarily segmented and irresponsible. I have never gotten used to this tossing shit over the fence.

  • peoplebeproblems@midwest.socialEnglish
    161·
    13 hours ago

    You know, this really has me pondering my projects architecture. We have tiers of services.

    At the top, we have the UI. Then we have a “consumer” an “orchestra” and a “data” tier.

    Data is the tier that exclusively talks to databases. Orchestra talks to the multiple data services. A good chunk of business logic is here. Consumer uses the orchestra and handles UI requests.

    All it essentially does is split the monolith into 3 services at minimum. And since it’s on the cloud, there’s a start up cost where we need to spin up 3 machines instead of whatever you can do with microservices. What benefit do I get?

    • adminofoz@lemmy.cafeEnglish
      4·
      6 hours ago

      Separation of concerns is a major benefit that shouldn’t be overlooked with security implications. Assuming you are properly restricting access to each worker node / “tier”, when one tier inevitably becomes compromised; it doesn’t result in the complete compromise of the entire monolith.

      • themaninblack@lemmy.world
        1·
        1 hour ago

        You have me thinking. My gut tells me this is true.

        For example, if you have a segmented auth service that someone gets root on, it’s possible for someone to act as anyone else, but not get the whole database if unavailable to all users.

        If your load balancer gets compromised, you could cause denial of service or act as a man-in-the-middle for all requests.

        If your database gets got, that’s the worst, but you generally can’t intercept web requests and other front-end facing things.

        But, I’d like to play devil’s advocate here. I feel that most of these segmented architecture strategies may have negative security implications as well.

        First, the overall attack surface increases. There are more redundant mechanisms, more links in the chain, probably more differing types of security/tokens/certificates that can get exploited. It also adds maintenance burden, which I believe reduces security because other priorities may get in the way if things are cumbersome.

        In my examples above, a compromise of the auth service in most cases pretty much means a complete compromise of the what your system allows its highest level users to do. Which is normally a lot.

        Getting a load balancer will allow an attacker to MITM if TLS termination happens there, and basically this can mean the same as in the auth service, plus XSS-type stuff.

        If the service hosting the database is compromised, it’s kinda game over. Including XSS.

        So what have we gained here?

        A monolith hosting all of these has more or less the same consequences if compromised. However, if it’s all together, it becomes everyone’s responsibility and there are more eyes on each aspect of your application. You’re more likely to update things that need updating. Traffic can be analysed a little easier.

        Just wanted to jot down some notes because I have a talk coming up and need to prepare for this question. Please prod my thinking, it would really help me out!

        • adminofoz@lemmy.cafeEnglish
          1·
          25 minutes ago

          By no means am I the microservices guy. Im more of a self hosted person than anything and used to always be a monolith guy and would still prefer that in many situations. But now I would at least “wrap” the monlith with supplemental self hosted microservices.

          But this is the logic as I understand it and the key thing. If a malicious actor compromises one utility they likely made a lot of noise doing it, a lot of that can be mitigated with a proactive WAF. There are a few free solutions here Crowdsec WAF (ModSecurity, i think is another, working from memory could be wrong) has a decent signature detection and shared banned list. If you couple it with proper alerting you should be able to see, watch and isolate attackers in near real time. So even if they get the gateway and you messed up alerting on WAF, you still have your fall back EDR alert for when gatewayUser starts issuing ping commands and performing asset discovery. So should see it days before then (unless 0 day or nation state etc).

          They will still do damage you are absolutely right. But let’s assume a three tiered microservice approach where you have something like pocketdb for Auth, Umami for analytics and postgres for paid api data. Now an issue in pocketbase can absolutely ruin you. But you know what wont ruin you. Metadata storage of their profile picture in postgres. Sure one user gets access to your paid api data but they don’t have your user data and no one else is impacted.

          Additionally look at actual CVEs related to pocketbase and you will find a lot to do with OATH so its simple. Disable OATH for best security. Put a waf in front of your app using something like traefik with crowdsec catch bad actors when they try to abuse your non existent OATH endpoint and ban them instantly.

          Is it perfect no. Any determined actor wull find there way into any system given enough time. But a layered approach like this is best in my opinion.

    • NewDark@lemmings.world
      41·
      9 hours ago

      If you aren’t a gigantic company with so many moving parts it would make your head spin… Probably not much? There is a benefit where you can individually scale your services based on need but that feels like overkill for most.

    • SleeplessCityLights@programming.dev
      1·
      3 hours ago

      When I was a Sysadmin at a MSP, we had client with 2 main sites and multiple satellite sites. At one of the satellite locations there were two servers. The first ran a bunch of VMs and the second was the backup. If you disconnected the backup, the AD stopped working everywhere and half of the NAS storage was not reachable. As a far as anyone knew the second server was set to spin up replacement VMs if the first went down and nothing else. We were a pretty shitty MSP and never spent any time doing proactive work. So when that server dies, that company is going to have the most epic outage that will cost them a fortune.