Ask Sendai

Hello all, Leigh Estes, aka RiotSchmick, here. I’m a software engineer at Riot Games working on the Riot Developer Experience team. Our responsibilities include providing the edge infrastructure that supports both internal and external developers. I previously wrote a series on the infrastructure that supports our public API product. I’m excited to revisit this series to tell you more about a new part of our infrastructure – the feature we call transforms.

Anca Zaharia and Jason Maude focus on the successes and pitfalls Starling Bank encountered in building Open Banking. They cover topics such as the OAuth security flow, the permissions-controlled API, obtaining permissions for third party actions, and verifying payees between banks. Source: infoq.com

There is no one way to secure your API that fits all situations. But, you can learn the schemes, study how the biggest social networks are dealing with it and find out the industry standard; then apply it to your project in the way you see fit. At the end of this article, you’ll have a clear understanding of the different schemes. I won’t go in depth on these here but I’ll do a deep dive on OAuth, the most widely used authorization framework, another time.

At QCon SF, Suudhan Rangarajan presented ‘Netflix Play API: Why We Built an Evolutionary Architecture’. Key takeaways from the talk included: services that have a single identity/responsibility are easier to maintain and upgrade; engineers should spend time identifying core decisions that need to be made when building a service, and determine whether these are ‘Type 1’ or ‘Type 2’ decisions which require thorough deliberation or rapid experimentation, respectively; and designing an ‘evolutionary architecture’, using tools like fitness functions, provides many benefits.

I’ve been working with Kubernetes since filing my first commit in October 2016. I’ve had the chance to collaborate with the community on Kops, Kubicorn, and Kubeadm, but there’s one gap that has been nagging me for years: how to to create the right abstraction for bringing up a Kubernetes cluster and managing it once it’s online. As it turned out, I wasn’t alone. So begins the story of Cluster API.