Igeometry Podcast

It seems like these incidents are very common and not sure why ElasticSearch in particular. Let us discuss      https://www.zdnet.com/article/leaky-server-exposes-users-of-dating-site-network/ --- Support this podcast: https://anchor.fm/hnasr/support

Some of you asked me how to deal with stress at my work and my content creation here on YouTube I share my thoughts with you Intro 0:00 Stress from Work 2:40 Feeling down with no clear reason 7:13 Feeling anxious overwhelmed with stuff to learn 14:55 Pandemic 21:14 --- Support this podcast: https://anchor.fm/hnasr/support

Unimog is a layer 4 load balancer built for Cloudflare scale. Cloudflare has written a great blog about it so let us discuss this technology. Video: https://youtu.be/Q0irm6xzNNk Resources https://blog.cloudflare.com/unimog-cloudflares-edge-load-balancer/ 0:00 Intro 3:33 Layer 4 vs Layer 7 Load Balancers 7:00 Anycast 13:45 Packet Forwarding 23:30 XDP and Network stack 26:45 Maintaining established connection 31:00 Edge Computing 32:00 UDP Routing 33:00 Unimog Summary 34:00 Open Source Software 36:00 K8 Rant 40:00 Conclusion Cards 6:30 L4 vs L7 proxying https://www.youtube.com/watch?v=aKMLgFVxZYk 12:30 vip https://www.youtube.com/watch?v=85XY7H2JPbs 13:30 tcp handshake https://www.youtube.com/watch?v=bW_BILl7n0Y&t=5s --- Support this podcast: https://anchor.fm/hnasr/support

Jake Miller a security researcher discovered a serious flaw in proxies that allow h2c clear text upgrade and bypass proxy rules. Let us discuss Thanks to @Textras for sending this article! https://twitter.com/thebumblesec/status/1303305853525725184?s=21 https://labs.bishopfox.com/tech-blog/h2c-smuggling-request-smuggling-via-http/2-cleartext-h2c?hs_amp=true --- Support this podcast: https://anchor.fm/hnasr/support

Apache Kafka is an interesting software, every design decision the team makes perfect sense. I decided to dive deep into the discussion of the consumer group concept which is underrated and talk more about it. 0:00 Intro 1:24 Messaging Systems Explained 3:30 Partitioning 4:30 Pub/Sub vs Queue 6:55 Consumer Group 10:00 Parallelism in Consumer Group 10:30 Partition awareness in Consumer Group 11:30 Achieving Pub/Sub with Consumer Group 14:00 Head of Line blocking in Kafka --- Support this podcast: https://anchor.fm/hnasr/support

Someone asked me a question and I felt its interesting to make a video about, is there a limit to the maximum number of TCP connections a Client can make to the server? If there is what is it? and how does that make sense in all the configurations? 0:00 Intro 1:00 Is there a Max Connection Limit? 4:30 64K Connection Limit Explained 7:20 Max Connections on Reverse Proxies and Max Connections 14:30 How does Router get around Max Connections? 7:00 3 million whatsapp https://www.youtube.com/watch?v=vQ5o4wPvUXg 10:25 envoy https://www.youtube.com/watch?v=40gKzHQWgP0& 12:50 google https://www.youtube.com/watch?v=CUiBVTcgvBU 14:00 Active Active https://www.youtube.com/watch?v=d-Bfi5qywFo --- Support this podcast: https://anchor.fm/hnasr/support

Doordash the food delivery service has built an asynchronous task processing backend with Celery and RabbitMQ. They are having lots of outages and problems. Let us discuss how they solved their problem by moving to Apache Kafka. Very well written article. Resource https://doordash.engineering/2020/09/03/eliminating-task-processing-outages-with-kafka/ https://www.rabbitmq.com/connections.html#high-connection-churn   --- Support this podcast: https://anchor.fm/hnasr/support

Application-Layer Protocol Negotiation (ALPN) is a Transport Layer Security (TLS) extension that allows the application layer to negotiate which protocol should be performed over a secure connection in a manner that avoids additional round trips and which is independent of the application-layer protocols. It is needed by secure HTTP/2 connections, which improves the compression of web pages and reduces their latency compared to HTTP/1.x. The ALPN and HTTP/2 standards emerged from development work done by Google on the now withdrawn SPDY protocol. https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation 1:30 TCP Handshake 1:40 TLS --- Support this podcast: https://anchor.fm/hnasr/support

In this video I explain when to use TCP vs UDP as a communication protocol on your backend app. I go through the advantages and disadvantages of UDP I also discuss the protocol within the context of Chatting System, Multiplayer game, and building a browser and a web server   0:00 Intro 2:00 UDP 3:00 TCP 6:00 UDP vs TCP for Building a Chatting System  9:20 UDP vs TCP for Building a Multiplayer game  15:30 UDP vs TCP for Building a Browser and WebServer 19:11 Summary --- Support this podcast: https://anchor.fm/hnasr/support

HTTP/2 is a protocol that allows multiplexing which can be very beneficial however HTTP/2 is not always cheap and might not be a good choice for your backend. * Intro 0:00 * What is HTTP/2 ? 1:30 * HTTP/2 Pros 5:10 * HTTP/2 Advantages on Browsers 5:30 * HTTP/2 Advantages on Reverse Proxy Connection Pooling 9:20 * HTTP/2 Problem 11:00 Google Talk https://www.youtube.com/watch?v=xxN4FfwaANk --- Support this podcast: https://anchor.fm/hnasr/support

Envoy is an open-source L7 proxy and communication bus Originally built at Lyft to move their architecture away from a monolith. In this video, I want to go through the following * What is Envoy? 0:00 * Current & Desired Architecture 0:48 * Envoy Architeture 3:00 * DownStream/Upstream 7:30 * Clusters 9:19 * Listeners 10:50 * Network Filters 11:50 * Connection Pools 13:45 * Threading Model 18:34 * Example 21:25 * Show the 4 apps 24:30 * Install Envoy Brew 26:00 *  https://www.getenvoy.io/install/envoy/macos/ * Envoy as a Layer 7 Proxy 27:30 * Proxy to all 4 backend NodeJS services 28:00 * Split load to multiple backends (app1/app2) 40:00 * Block certain requests (/admin) 45:30 * Envoy as a Layer 4 Proxy (tcp router) 47:50 * Create DNS record 54:00 * Enable HTTPS on Envoy (lets encrypt) 55:30 * Enable HTTP/2 on Envoy 1:03:00 * Disable 1.1/1.0 Enable TLS 1.2 and TLS 1.3 ONLY on Envoy 1:04:30 * SSL Labs test 1:06:40 * Summary 1:07:24 Config https://github.com/hnasr/javascript_playground/tree/master/

Envoy Proxy is an L3/L4 Proxy that is designed to be service mesh, In this video, I discuss my initial thoughts about the product, design choices, and much more. The actual full video on Envoy will be coming soon stay tuned. --- Support this podcast: https://anchor.fm/hnasr/support

In this video, I explain Postgres Vacuum while I walk my dog. --- Support this podcast: https://anchor.fm/hnasr/support

Cloudflare is doing fantastic job to the web community security and backend engineering. This latest fix is awesome it is the ability to auto-tune window size buffer when it comes to uploading HTTP/2 traffic. Article https://blog.cloudflare.com/delivering-http-2-upload-speed-improvements/ 4:15 slow tcp start https://www.youtube.com/watch?v=rgPcxg8gjho&t=1s 5:40 HTTP crash course https://www.youtube.com/watch?v=0OrmKCB0UrQ&t=4s 6:20 TCP crash course https://www.youtube.com/watch?v=qqRYkcta6IE 12:20 Bandwidth bideo https://www.youtube.com/watch?v=6Tf80mbhyAQ --- Support this podcast: https://anchor.fm/hnasr/support

SameSite Cookie Lax is interesting and we are finding new exceptions everyday. Let us discuss this one where lax cookies will be sent on POST request as long as the cookies are fresh (2 minutes) Resources https://www.chromestatus.com/feature/5088147346030592 --- Support this podcast: https://anchor.fm/hnasr/support

This code was introduced for a user experience ending up taking 50% of the traffic on DNS Root server.   Sorry I was touching my hair a lot just took a shower lol. With regards to this article I want to ask you guys a question, Chrome put this feature in order to improve the user experience but it ended up having a huge cost. Did you ever make a choice between performance and user experience? which one usually wins for you? would love to know your opinion   Resources   https://arstechnica.com/gadgets/2020/08/a-chrome-feature-is-creating-enormous-load-on-global-root-dns-servers/ https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies#dnsinterceptionchecksenabled https://news.ycombinator.com/item?id=24231857 https://blog.apnic.net/2020/08/21/chromiums-impact-on-root-dns-traffic/ --- Support this podcast: https://anchor.fm/hnasr/support

Windows 95 was a great operating system, wrote so many apps on top of it and played so many games too. Join me as I discuss this https://www.theverge.com/21398999/windows-95-anniversary-release-date-history --- Support this podcast: https://anchor.fm/hnasr/support

GraphQL was born to solve a major limitation in REST API, but the cost of GraphQL and barrier to entry is high. Vulcain addresses REST limitations by introducing HTTP/2 push.  Is a simpler alternative? let us discuss   Learn about Vulcain here https://github.com/dunglas/vulcain --- Support this podcast: https://anchor.fm/hnasr/support

Chrome is enabling Raw TCP and UDP from the Browser, this is big news! let us discuss the implication, security and benefit for us backend engineers. resources https://www.theregister.com/2020/08/22/chromium_devs_raw_sockets/ raw tcp spec https://github.com/WICG/raw-sockets --- Support this podcast: https://anchor.fm/hnasr/support

In this video, I discuss the different concurrency control at database transactions, specifically the pessimistic vs optimistic concurrency control. and the pros and cons of each.    0:00 Intro 3:00 concurrency Control 5:30 Pessimistic concurrency Control 9:20 Optimistic concurrency Control  Resources  https://en.wikipedia.org/wiki/Optimistic_concurrency_control https://www.baeldung.com/java-jpa-transaction-locks https://docs.oracle.com/javaee/7/api/javax/persistence/OptimisticLockException.html https://en.wikipedia.org/wiki/Time-of-check_to_time-of-use https://www.2ndquadrant.com/en/blog/postgresql-anti-patterns-read-modify-write-cycles/ --- Support this podcast: https://anchor.fm/hnasr/support