This post explains the technical choices we made while refactoring our search feature from a component within a monolithic Django project into a microservice. It explores our efforts to break dependence on a shared database, use central authentication and plan for redundancy, among other things.
Why a microservice?
If the hype hasn’t already deafened you, a “microservice” is basically a narrowly-focused web service. In theory, this narrowness should make them easier to understand than more complex projects. When they split a software product like Safari across well-defined boundaries, they are supposed to allow teams to change pieces of the product independently.
At Safari we want to go fast, and in our experience speed tends to decrease as teams and codebases grow. So, like a lot of engineering teams, we’re trying out microservices to see if they help us go faster.
If you want to learn more about microservices, check out Sam Newman’s book Building Microservices or, if you favor video, The Principles of Microservices by the same author.
Read more »
In his recently released book, “Disrupting Digital Business: Create an Authentic Experience in the Peer-to-Peer Economy” (Harvard Business Review Press, May 2015), author R Ray Wang makes it clear that we are no longer in an economy of products and services. The digital transformation demands that we focus our attention on experiences and outcomes. Organizations must pivot with and ahead of social, organizational, and technological shifts or risk being left behind.
He makes the case that the the most successful companies moving forward are the ones that embrace a new way of thinking around these major trends:
- Consumerization of technology and the C-suite
- Data’s influence in driving decisions
- Digital marketing transformation
- The future of work
- The matrix commerce
We asked Wang a few questions a few questions about his book:
What are the main characteristics of the digital transformation that’s taking place, and how is it affecting organizations?
The biggest shift is the urgency that’s required to make the change in business models, not technologies. The business models have to align with the organization’s brand promise. We see successful digital transformation when we humanize digital. Successful companies take a Board-driven, management-led, and employees-engaged approach. Culture beats tech in digital transformation. Read more »
by Trisha Gee
Trisha Gee is the author of the new video series called “Building Java 8 Web Applications with Microservices” from Addison-Wesley Professional.
If you’re a Java developer you’ll have heard about lambda expressions making their way into Java SE 8. You might not be aware, however, that there’s much more to Java 8 than a new arrow operator. In this article we’re going to look at how lambda expressions and other new features in Java 8 will make your life as a developer easier.
The shift in mindset that lambda expressions encourages is the idea of passing behaviour around, not just objects. For example, you can give a method a piece of code to execute:
userService = new Service<>("ws://localhost:8081/tweets/",
message -> getTwitterHandleFrom(message));
The Service class contains all the boilerplate needed to instantiate a new web sockets service. It’s a very simple service that connects to a server endpoint (“ws://localhost:8081/tweets/”) that provides data to consume, and starts its own server endpoint (“/users/”, 8083) where it publishes data. The final parameter is our lambda, which tells our micro-sized service what the business logic is – consume Twitter messages, extract the Twitter username and publish it.
Before lambdas, you might have had copy-and-paste coding as you copy all the service boilerplate code and replace the business logic section for each new service. Or you might have an abstract service class that you override for each individual service. With lambdas, you can be much clearer about separating the infrastructure-level
Service code and its business logic. Read more »
I’m a modern learner. And whether you know it or not, you’re probably one, too. A modern learner is anyone working in an industry or organization that requires any or all of the following:
- Continuous advancement of existing skills
- Rapid learning of a diverse array of new skills
- Frequent application of, and experimentation with, those new skills and knowledge
- Constant honing of critical thinking, leadership, and collaborative skills to tackle increasingly complex challenges and opportunities
- Disruptive innovation that gives your business a competitive edge
… all which must be accomplished in tandem with getting the job done and contending with the barrage of information, pings, and requests that beg for one’s attention throughout each day.
Here’s a great infographic depicting the modern learner. While the possibilities for professional and personal growth are exhilarating, it’s clear to see they are also overwhelming. And a little bit mind blowing. And more than a little distracting.
So what is a modern learner to do? Read more »
by Richard Feldman
Perhaps most importantly: now that we have a strong ecosystem that can support a single state atom, has local component state gone from a best practice to an alluring trap? Read more »
By Daniel Arbuckle
Daniel Arbuckle is a computer scientist and software engineer who has worked with, studied, and built a career around Python starting with version 1.5. He is the author of multiple books and videos on Python for Packt Publishing.
Python’s first steps toward an implementation of coroutines came in December 2001 with the release of Python 2.2. At that time, generators were added to the language and Python 2.5 made it easier to use generators as coroutines by changing the
yield statement into an expression which also made it easier to send information into a generator as the result of a
Now, Python 3.3 made it even easier to use generators as coroutines thanks to a new
yield from syntax.
As of Python 3.4, the
asyncio framework is part of the standard library and generator-based coroutines were part of the toolkit. Asynchronous execution in a single thread is great for I/O scheduling and lightweight threading. Now,
asyncio gives us all of that in one convenient package.
All of which brings us to the recent release of Python 3.5, which includes an explicit coroutine type, distinct from generators, new asynchronous
async for, and
async with statements, and an
await expression that takes the place of
yield from for coroutines.
Why does Python need explicit coroutines and new syntax if generator-based coroutines had become strong enough for inclusion in the standard library? The short answer is that generators are primarily for iteration, so using them for something else (no matter how well it works conceptually) introduces ambiguities. For example, if you hand a generator to Python’s
for loop, it’s not going to treat it as a coroutine but instead as an iterable. Read more »
By Neil Ford
Neil Ford writes about all aspects of information security for IT Governance Ltd, the international provider of best-practice information security solutions.
According to IBM/Ponemon Institute’s 2015 Cost of Data Breach Study: Global Analysis, the average global cost of a data breach is now US$3.79 million. Although high-profile cybersecurity incidents affecting large organizations like Ashley Madison and the OPM – to use two recent examples – garner great media interest, it’s important not to overlook the fact that small and medium-sized companies also face critical cybersecurity risks every day. Cyber attacks are global, automated, and indiscriminate, targeting every organization that owns or uses electronic information.
Put simply: if you’re connected to the Internet, you’re vulnerable.
Small businesses are mistaken if they think they’re too insignificant to attack. Even if you don’t store financial information such as customer payment details, the data you do hold – such as username and login credentials, employee payroll details, proprietary data, or client information – is valuable to someone. For example, even though your website may not be obviously valuable in itself, the information it holds could be used as a means of attacking a larger organization in the supply chain.
Perhaps most alarmingly, it’s statistically likely that you’ve already been successfully attacked but don’t know it. The majority of intrusions aren’t detected for months – more often when patterns are noticed in stolen data usage that link back to the breached organization. The 2015 Trustwave Global Security Report found that 81% of data breach victims did not detect the incident themselves, and Mandiant/FireEye’s M-Trends 2015 report found that the median number of days that threat groups were present on a victim’s network before detection was 205. For reference, it takes criminal hackers an average of seven days to exploit a vulnerability according to NopSec’s 2015 State of Vulnerability Risk Management report.
So, what should you do? Read more »
By Sari Greene
Sari Greene is an information security practitioner and entrepreneur. She is the author of Security Program and Policies: Principles and Practices, 2nd Edition and The CISSP Complete Video Course.
What keeps me up at night isn’t the threat actors or the cybercriminals, the newly identified exploit, or even the prospect of every “thing” having an IP address. My worry is the frightening lack of qualified cybersecurity leadership. We need professionals with critical thinking skills and risk-based reasoning. Women and men who can educate, motivate, mentor, and inspire. Dedicated, committed, and passionate individuals who recognize that cybersecurity is about protecting our companies, our communities, and our countries from those who seek to do us harm as well as the mundane accidental or inadvertent consequence of every day actions.
How Big is the Problem?
A Rand Corporation study estimates there are around 1,000 top-level cybersecurity experts globally vs. a need for 10,000 to 30,000.
More than 209,000 cybersecurity jobs in the U.S.A. are unfilled and postings are up 74-percent over the past five years, according to a Peninsula Press analysis of numbers from the Bureau of Labor Statistics. The demand for information security professionals is expected to grow by 53 percent through 2018.
2015 PwC US State of Cybercrime Survey asked whether organizations have the expertise to address cyber-risks associated with implementation of new technologies and only 26-percent said they have capable personnel on staff.
This Is Not About IT
The cybersecurity leadership shortage isn’t just sheer numbers nor is it a technology issue. The challenge is to fill cybersecurity positions with people who can align cybersecurity and organizational objectives and more importantly, who can effectively communicate those objectives to a diverse population. In addition to information systems professionals, we should be encouraging people of all ages with experience in law, finance, compliance, audit, engineering, education, law enforcement, and the military to join the ranks of cybersecurity professionals. Once we’ve attracted the talent, we need to expediently transition professionals from other disciplines into the realm of cybersecurity. And we need to know they’re ready to take on the task. Read more »
One of the strongest features of Safari is the array and range of publishing partners who provide valuable content to our library. A partner that strongly exemplifies this breadth and depth is The Perseus Books Group which is composed of a series of imprints including Basic Books, Da Capo Press, Weinstein Books, Running Press, Seal Press,and Nation Books.
As the first installment of a new regular feature here at the Safari blog, we’d like to shine a spotlight on Perseus and their spectrum of content.
Written by noted futurist James Canton, this book is designed to challenge the way you think and inspire you to become more predictive about future trends and changes that might affect your business, career, or life. Topics include reinventing education, climate engineering, and the future of work and jobs. Read more »