Buy @ Amazon

Search This Blog

August 26, 2019

What is so wrong with TDD?

This question was posted recently in Quora. I read other’s answers first and felt an itch to share my thoughts on it. Thereafter, I published it as a post in Hackernoon which caught a zillion eye-balls and heck a lot of readers time. 

This post is a re-production of that after a good couple of years now, for I think this is still relevant.

I hate TDD (aka Test Driven Development) and think there are a lot of things wrong with it. Only some of them off my mind are below.
copyright: codonomics

August 4, 2019

Top 10 FacePalm Things I Witnessed In The Enterprise World

  1. When a developer proposes with beaming pride to trim error stack-trace to a few lines, to reduce logging footprint. 😭😭😭😭😭
  2. When a Tech Lead does not show technical inclination to learn things. 😭
  3. When a Tech Lead takes boasts of attempting to fix memory leak in enterprise java application by uploading code/memory-dump to third-party site thus breaching corporate security policy. 😭
  4. When a Manager/Management is callous about blatant breach in security practices and does not take mitigation/containment plans. 😭😭😭
  5. When a Program Manager has no clue about the Product Roadmap and doesn't care about the big-picture. 😭
  6. When a Program Manager has no clue about the Program Roadmap and doesn't care about the big-picture. 😭
  7. When a Product/Program Manager attempts to steal the credits of the technical work done by developer(s). 😭
  8. When Project teams crave for individual credits over working together with other stakeholders to achieve the  big organisational vision. 😭😭
  9. When the Management is focused in vendetta politics instead of working towards the program milestones. 😭😭😭😭😭
  10. When developers partake in management politics of cannibalism for quick wins instead of long term team harmony and learning together. 😭😭
Got even nastier things to share? Don't hesitate to dump your thoughts over comments and maybe feel a little lighter. Cheers!

July 2, 2019

Securing Microservices in the Cloud

Securing Micro-services is a tall order objective. Like any other thing in the realm of software development, there are a lot of tings to be taken into consideration on the approach to be taken in securing micro-services. There is no panacea for all threats. And assuming even if one exists, attempting to secure every service with highest levels using a single mechanism is simply over-doing the task that dampens other non-functional requirements (performance and scale).

So what are some of the things to take into account for security? The answer to that would be to ask yourself the following questions:
  • Who are the direct consumers to that service? Or is your service external-facing exposed to the internet or just an internal service?
    • API Gateway Pattern is a very popular pattern for securing edge-services by handling authentication and service discovery. Each external request is signed, which provides additional layer of authentication. 
    • For internal services, isn't the firewall and OS layer security good enough? In the case of containerized applications, aren't your minimalist base-images of container good enough to cut fat and have just enough processes/programs enabled to keep things secure apart from your network firewall? The alpine editions of the linux operating systems for instance wouldn't even have CURL program removing the possibility to remotely curl a service from terminal.
    • It is important to keep in mind that with microservices architecture, there are often more attack paths than in a monolithic architecture. Play the devil's advocate.
  • What data does the service expose? Open or Closed.
    • How sensitive or confidential is your data? What do you get to loose if this data leaks? 
    • Do you really want to secure your service that for instance say is serving weather data of a location, catalog of your products, traffic data of a location, etc? 
  • What is the tolerance to data staleness? Or how fresh or real-time you want the data to be?
    • How real-time a data you are look for?
    • At what rate the change of data happens?
    • What is the volume of these requests?
  • How frequently is your service accessed and at what volume? 
    • Put other-way what is the performance requirement for your service in terms of latency (the time it takes to process a request), throughput (the number of requests handled per second)?
  • What kind of attack are you preparing your defenses for? Eavesdropping, Man-in-the-middle (MITM), SQL-Injection, Cross-Site Request Forgery (CSRF), Denial-of-Service (DoS) etc.
    • The medicine depends on the illness. What security measures are to be taken depends on what threats we are attempting to thwart.
All the above questions together has its effect on what and how you secure your service. You should identify any risk boundaries first. Then you can create security boundaries that match. Each boundary can then be secured by whatever method is best. Some might only need to be restricted by what addresses are allowed through (firewall), others might need additional token or certificate based security.

Classifying systems and data is so damn boring but then it is very vital thing to do, to get your overall systems right. 


References

June 28, 2019

Understanding Open Conversation By Example


An example of recent conversation I have had with my team member(s):
* TM : Team Member

When I was having open conversation with one of the team members (let's call him TM1), this time around in the presence of other team members for transparency's sake, another (let's call him TM2) quickly pitches in to interject:
TM2: Hey Karthik, why have such serious conversations and be hard on him? Just chill out guys.
Me (Turning to him): You are making judgement so quickly. Hmm..Have you been listening to this conversation from the beginning?
TM2: No
Me: Do yo have the context of the subject we are talking about?
TM2: No
Me: Then on what basis are you advising?
TM2: Because he is my friend.
Me: Neither he is my enemy nor you. You should park your friendship outside of this room. This room is about business, about delivery and not who is what to who. Do we understand each other?
TM2: Hmm..I'm not sure.
Me: Phew!, now allow me to finish my conversation with him without your intervention. And let's discuss post this, may be when you go out for a smoke. Deal?
TM2: Ok.

One of the challenges of #consulting and #leadership is that you got to lead by example all throughout. You make mistakes for sure but don't compromise on your value system of openness and integrity. If it means having difficult and hard conversations, you do it.

You don't attempt to win quickly (by demanding respect). You play the long term game (to earn the respect that you deserve).

Now your turn: Have you ever had a hard conversation? How have you handled it? Want to share your story, so I can pick something out of it? Pen your thoughts now..


May 15, 2019

What is -O- option in wget?

The Quick Answer


  • -O flag is the short notation for the flag --output-document in wget command-line utility.
  • The hypen - after the flag denotes STDOUT.

Thus, wget -O- www.codonomics.com or wget -O - www.codonomics.com prints the result returned  from that URL in your terminal output or STDOUT.

Learn By Example


  • wget -O www.codonomics.com writes the output to index.html file
  • wget -O custom.txt www.codonomics.com writes the output to your custom.txt file as mentioned
  • wget -O - www.codonomics.com writes output to your terminal's STDOUT 

References


April 5, 2019

What does a woman want from a man most?


The Story


King Harshavardhan was defeated in the battle.

He was handcuffed and taken to the winner king.At that time the winner king was in a happy mood.

The king kept a proposal for Harshavardhan and said, “ If you can answer me a question correctly I will return your kingdom or else leave aside the kingdom, you shall have to remain a prisoner for the rest of your life in my country.”

“The question is, ' what does a woman want from her man?' You will get a month of time to give the answer.”

Harshavardhan accepted the King's proposal.

April 3, 2019

Essential ProTips For Great Life

  1. For a new boost of energy just have a cold shower.
  2. 90% of foods can be eaten raw. Eating raw food can prolong your life.
  3. Always take the stairs, especially if your office is on the first, second, third up to fifth floor. Sixth floor you’ll be sweating hard. There’s no exercise more rigorous and engaging like climbing stairs.
  4. Help out other people who need help and earn their credit for future reciprocity.
  5. Learn something every single day.
  6. Don’t study just to pass exams. Study to improve yourself.
  7. Learn public speaking. Knowing how to speak in public is like getting a key to get into people’s minds.
  8. Use social media to connect with social friends who can be turned into customers rather than for amusement.
  9. Unlearn all the junk you have in your brain and replace it with new knowledge that can take you to the next level.
  10. You are an average of 5 people you are with. So, find 5 people who have more knowledge than you and become the average of them.
  11. Seek ways to improve yourself daily intellectually, professionally, physically, mentally and spiritually.
  12. Avoid smoking, drugs, alcohol and porn. All these substances and habits have the same properties that will only impair your brain, clog your memory and destroy your mind.
  13. Don’t forget to give credit where credit is due, and praise where it deserves.
  14. Replace your entertainment time with education.
  15. Drink at least eight glasses of water each day.
  16. Spend at least an hour daily doing physical exercise and meditation to improve your body, spirit and mind.
  17. Become time-conscious and strictly optimize your time towards your goal.
  18. Become money-conscious and do not be ashamed to charge a fee for every service rendered if the beneficiary can afford it.
  19. Don’t shout at people. When people raise their voice, lower your own. This is the most effective way to win a verbal exchange.
  20. Never engage in physical fights. You might end up in jail. Besides, there are many ways to win a battle.
  21. When walking in the streets walk faster than everybody else without inconveniencing anyone. This improves your thinking capacity and judgment. Besides, you become a difficult target for muggers and thieves.

March 14, 2019

Spring Boot Alternatives On Java Platform

Bored of Spring Boot?
Afraid of Spring Boot?
Looking out for Spring Boot alternatives, just for fun?

Some of the popular alternatives to it are listed below, for you to explore it yourself:

  • Eclipse Vert.x : is a toolkit for building reactive applications on JVM.
  • Jodd : is a set of micro-frameworks and developer-friendly tools and utilities. Use it to get your MVP out of the door quickly.
  • Ninja Web Framework : is a full-stack cloud-ready web-framework for Java.
  • Fluent Http : is the simplest fastest full fledged web server we could come up with. 
  • Jboss ThornTail : is optimized for micro-service architectures on Java platform. It wraps the web-apps on Wildfly app servers.

March 9, 2019

If I could live my life again


I am an avid reader. I read a lot and read on diverse topics. There are topics like religion, philosophy, Hinduism, life-hacks, habits, etc. that make you think about what you just read.

Today, I stumbled upon this quote by a famous Argentinian poet by name Jorge Luis Borges, while I was reading Quora and felt I should etch it in my blog repository for my quick reference.

Thanks to Hector Quintanilla for having shared this on Quora. This maded my day. If you are on Quora, I'd recommend following him for his works there.

March 7, 2019

Update docker containers when its image is updated


Imagine you have your Microservices A-E managed by Teams 1-3 like shown below:

Now when you have each of your services containerized with docker and you use docker-compose to deploy the entire set of services as one logical unit as your application. One of the core-points of a microservice is loosely-coupled services that are independently deploy-able.

March 4, 2019

What is @SpringCloudApplication?


With the release of Spring Boot 2.0, comes bundled @SpringCloudApplication annotation to make the development of Micro-services application a tad bit easier on the developer.

@SpringCloudApplication does a couple of things more than @SpringBootApplication. Both are wrapper annotations. But what do they each wrap exactly?

@SpringBootApplication = @Configuration + @EnableAutoConfiguration + @ComponentScan

@SpringCloudApplication = @SpringBootApplication + @EnableDiscoverClient + @EnableCircuitBreaker

March 3, 2019

Do you follow your heart or your mind?



Do you follow your heart or mind, especially when they disagree? For some following the heart is being divine and following the mind is being evil. And there  are some for whom following the heart is being idiotic and following the mind is being smart.

February 27, 2019

Recipe of Solution to Docker Permission Denied Problem

Problem
When i tried to run Docker container via maven command, I got an error  something like below:

Solution
The error message tells us that the user executing the process don't have privileges to access the Docker Engine daemon. The fix to this is to add the user to the `docker` group.
What is the recipe for that fix? Run the command below in the terminal of the machine executing the docker command.
sudo usermod -a -G docker $USER
Subsequent to it, don't forget to log-out and login or simply reboot, for the changes to take effect. 

February 23, 2019

Online Tools for Cloud Architecture Diagram



This comes particularly handy when you would want to draw, say for instance, cloud architecture diagrams in AWS or Azure, using the updated vendor icons representing its varied services.
  • Cacoo : USD 5 / month
  • Creately : USD 5 / month. FREE for 5 public diagrams.
  • Cloudcraft : FREE for single user with unlimited private diagrams. Some of their Pro Customers include companies like Amazon, Atlassian, Cloudera, etc.
  • Lucid Chart : FREE for single user. Used by many companies like TATA, Wipro, Infosys, etc.
  • Hava.io : USD 49 / month
  • Draw.io : FREE and my favorite!

February 21, 2019

How do I identify bad apples (companies)?


Friend: Every company claims to have the best culture and work-life balance over others in the market, luring candidates to join them. Do you have any protips to identifying a company that respects people, and understand that they have emotions and personal life beyond office?

Me: Not a foolproof one, but you can easily filter most of them with one simple trick.

Friend: That sure is exciting. I can't wait to hear. What is it?

February 18, 2019

My 12 Rules Of Life


  1. TAKE OWNERSHIP.
    Life is brutal to say the least. Unimaginably bad things can happen to you. It may or may not be your fault. Take ownership, learn your lessons from the event and move on.
  2. NEVER EVER GIVE UP.
    Be persistent like a wolf. Persist until you get what you want.
  3. GET RID OF FEAR.
    Overcome it by doing what you fear repetitiously until you are sure it can no longer come back to haunt you.

February 12, 2019

Jumping Jacks and Sleeping Santas

The Legend


Jumping Jacks (JJ) : Individuals who hop from one company to another, not staying long enough in one company. How long is long enough? Unfortunately, that is very subjective and not to be questioned.

Sleeping Santas (SS) : Individuals who stay in a company long enough and show no intentions of leaving it any time sooner. How long is long enough? Unfortunately, that is very subjective but has been questioned in private.


Every Coin Has Two Sides

The objective of this post is not to take sides on which personality type is good. There are a ton of rants and prejudiced views on this subject. The goal of this post is to encourage you to take the blinders off your eyes and motivate you to explore and learn about the candidates you come across during hiring in your company.
Let us go through 10 common traits and see how each is perceived in positive and/or negative way for both of these personalities. Needless to say, the objective of this post is help see you both sides of a coin in the hopes that it stops you from being judgemental.

February 4, 2019

LoadBalancer support with Minikube for Kubernetes


Kubernetes (aka K8s) is an open source system (from Google) for managing containerized applications across multiple hosts; providing basic mechanisms for deployment, maintenance, and scaling of applications.

Minikube is a tool that makes it easy to run Kubernetes locally on your laptop/desktop. Minikube runs a single-node K8s cluster inside a VM on your laptop for users looking to try out K8s or develop with it day-to-day.

January 29, 2019

Spring Tool Suite desktop entry to launch as app from Ubuntu favourites



For any app to be launched from favourites in Ubuntu, it needs to have a ".desktop" file that can be pinned to the Ubuntu's dash as favourite. This helps in quickly launching the application at the click of a button from Ubuntu's dash in desktop.

Spring Tool Suite IDE (aka STS) for ubuntu comes as a zip file that needs to be extracted to a custom location. Inside this extracted directory you'll find a linux/ubuntu executable file by the name that goes something like SpringToolSuite4.

January 28, 2019

Install Minikube on Ubuntu 18.10


Note: I prefer  KVM over VirtualBox, because it is faster and made my life easier in working flawlessly without any integration/permission issues with Minikube.

Note: For VirtualBox, instead of the snippet shown in the picture above I used snippet as in post - Install VirtualBox 6.0 on Ubuntu 18.10.

This is a quick reference picture. Want to copy-paste them making your life easier? Check out this snippet in github-gist.

Looking for alternative to Minikube? Try Microk8s - it's easier to install and much faster in execution.

Install VirtualBox 6.0 on Ubuntu 18.10


You can copy-paste the code-snippets s to be run in your terminal from the github-gist.

January 20, 2019

Conda environments not showing up in Jupyter Notebook

This post is based on my experience of fixing this issue in Ubuntu OS. You may have to make some tweaks depending on your OS to see if this process fixes the issue.


I wasted a couple of hours in fixing this. If you think this has saved your time, don't forget to share it in your circles to help save other's time. Cheers!

References


January 18, 2019

Concatenate Datasets in Python


Often in data-science or machine learning hackathons, you may want to concatenate the rows of the train and test datasets for easy data exploration and  wrangling. And when you want to do that, this pro-tip comes handy.

Check the Pandas Documentation for more on this API.

January 10, 2019

Choosing Subset of Columns from a Pandas Dataframe


It is so common a situation in data-science to select a subset of columns from a data-set. In Python the usual approach is to select a set of columns using List Comprehension or using pandas df.drop() method.

I typically employ using the List Comprehension method of choosing a subset of columns. The drawback of this approach is that it is verbose over its drop() counterpart. However, there is a distinct advantage with this approach which is that this approach guarantees idempotency.

Being a huge fanboy of idempotency coming from a mathematical background and  a hatred for verbosity and duplication, I came end-up using the utility methods shown in this blog post. Clearly, this utility function gives the advantage of brevity and idempotency. 

Yay, I win! 

January 1, 2019

Service Orchestration And Service Choreography


Service Orchestration


When you think Service Orchestration, visualize the picture above. You will have an Orchestrator who controls the individual components in the live performance. An Orchestrator typically is present in the live performance to control the individuals' performance.