Listen to the full pairing session for pull request #549.
The focus is on replacing an existing Fastly implementation with Jerod's Pipedream, which is built on top of the open-source Varnish HTTP Cache. We cover the initial problem, the proposed solution, the implementation details, and the testing process.
The process begins with a pull request that, for the sake of rapid feedback, is set up to automatically deploy to new production. This allows for real-time testing in a production setting without affecting the actual production traffic. The new production - changelog-2025-05-05 - serves as a production replica for testing the new PURGE functionality.
To understand how the PURGE works, we first examine the cache headers of a request. The cache-status header reveals whether a request was a hit, miss, or stale. A stale status indicates that the cached content has expired but is still being served while a fresh version is fetched in the background. The goal of the new system is to explicitly purge the cache, ensuring that users always get the latest content.
A manual purge is performed using a PURGE request with curl. This demonstrates how a single instance can be cleared. However, the real challenge lies in purging all CDN instances globally. This requires a mechanism to discover all the instances and send a purge request to each one.
The existing solution for purging all instances is a bash one-liner that uses dig to perform a DNS lookup, retrieves all the IP addresses of the CDN instances, and then loops through them, sending a curl purge request to each. The task is to replicate this logic in Elixir.
The first step is to perform the DNS lookup in Elixir. A new module is created that uses Erlang's :inet_res module to resolve the IPv6 addresses of the CDN instances. This provides the list of all instances that need to be purged.
Next, a new Pipedream module is created to handle the purging logic. This module is designed to be a drop-in replacement for the existing Fastly module. It will have the same interface, allowing for a seamless transition. The core of this module is a purge function that takes a URL, retrieves the list of CDN instances, and then sends a purge request to each instance.
The implementation of the Pipedream module is done using Test-Driven Development (TDD). This involves writing a failing test first and then writing the code to make the test pass. This ensures that the code is correct and behaves as expected.
The first test is to verify that a purge request is sent to a single CDN instance. This involves mocking the DNS lookup to return a single IP address and then asserting that an HTTP request is made to that address. The test is then extended to handle multiple instances, ensuring that the looping logic is correct.
A key challenge in testing is handling the deconstruction of the URL. The purge/1 function receives a full URL, but the purge request needs to be sent to a specific IP address with the original host as a header. This requires parsing the URL to extract the host and the path.
Once the unit tests are passing, the new purge functionality is deployed to the new production environment for real-world testing. This allows for verification of the entire workflow, from triggering a purge to observing the cache status of subsequent requests.
The testing process involves editing an episode, which triggers a purge, and then using curl to check the cache headers. A miss indicates that the purge was successful. The tests are performed on both the application and the static assets, ensuring that all backends are purged correctly.
With the core functionality in place, the next steps involve refining the implementation and adding more features. This includes:
By following a methodical approach that combines TDD, a staging environment, and careful consideration of the implementation details, it is possible to build a robust and reliable global CDN purge system with Elixir. This not only improves the performance and reliability of the CDN but also provides a solid foundation for future enhancements.
πΏ This entire conversation is available to Make it Work members as full videos served from the CDN, and also a Jellyfin media server: makeitwork.tv/cdn-purge-with-elixir π Scroll to the bottom of the page for CDN & media server info
LINKS
EPISODE CHAPTERS
In the world of web infrastructure, what starts as a simple goal can often lead you down a fascinating rabbit hole of history, philosophy, and clever engineering. This is the story of our journey to build a simple, single-purpose, open-source CDN for changelog.com and the one major hurdle that stood in our way: Varnish, our HTTP caching layer of choice, doesn't support TLS backends.
Enter Nabeel Sulieman, a shipit.show guest, who had previously introduced us to KCert, a simpler alternative to cert-manager. We knew if anyone could help us solve this TLS conundrum, it was him. After a couple of false starts, we finally recorded the final solution. As Nabeel aptly put it: Third time is the charm.
πΏ This entire conversation is available to Make it Work members as full videos served from the CDN, and also a Jellyfin media server: makeitwork.tv/i-love-tls π Scroll to the bottom of the page for CDN & media server info
LINKS
EPISODE CHAPTERS
In this episode, we sit down for a deep-dive conversation with Mischa van den Burg, a former nurse who made the leap into the world of DevOps. We explore the practical realities, technical challenges, and hard-won wisdom gained from building and managing modern infrastructure. This isn't your typical high-level overview; we get into the weeds on everything from homelab setups to the nuances of GitOps tooling.
We start by exploring the journey from nursing to DevOps - the why behind the career change (00:54) - focusing on the transferable skills and the mindset required to succeed in a field defined by continuous learning and complex problem-solving.
What are the most engaging aspects of DevOps (04:49)? We discuss the satisfaction of automating complex workflows and building resilient systems. Conversely, we also tackle the hardest parts of the job (05:48), moving beyond the clichΓ© "it's the people" to discuss the genuine technical and architectural hurdles faced in production environments.
We move past the buzzword and into the practical application of "breaking down silos" (07:36). The conversation details concrete strategies for fostering collaboration between development and operations, emphasising shared ownership, transparent communication, and the cultural shift required to make it work.
We discuss critical lessons learned from the field (13:07), including the importance of simplicity, the dangers of over-engineering, and the necessity of building systems that are as easy to decommission as they are to deploy.
The heart of the conversation tackles an important perspective: Why choose Kubernetes for a homelab? (23:06) We break down the decision-making process, comparing it to alternatives like Nomad and Docker Swarm. The discussion covers the benefits of using a consistent, API-driven environment for both personal projects and professional development. We also touch on the hardest Talos OS issue encountered (36:17), providing a specific, real-world example of troubleshooting in an immutable infrastructure environment. Two of Everything & No in-place upgrades are important pillars of this mindset, and we cover them both (41:14). We then pivot to a practical comparison of GitOps tools, detailing the migration from ArgoCD to Flux (46:50) and the specific technical reasons that motivated the change.
We conclude (50:40) by reflecting on the core principles of DevOps and platform engineering, emphasising the human element and the ultimate goal of delivering value, not just managing technology.
πΏ This entire conversation, as well as the screen sharing part, is available to Make it Work members as full videos served from the CDN, and also a Jellyfin media server:
Scroll to the bottom of those pages π for CDN & media server info
LINKS
EPISODE CHAPTERS
Hugo Santos, founder & CEO of Namespace Labs joins us today to share his passion for fast infrastructure. From sharing childhood stories & dial-up modem phone line wiring experiences, we get to speed testing Hugo's current home internet connection: 25 gigabit FTTP.
We shift focus to Namespace, and talk about how it evolved from software-defined storage to building an application platform that starts Kubernetes clusters in seconds. The underlying infrastructure is fast, custom built and is able to:
A significant portion of the conversation centres on a major service degradation Namespace experienced in October 2024. Hugo shares the full story, including:
Hugo emphasizes taking full responsibility for this incident: "That's on us. We decide which companies we work with..."
The episode concludes with Hugo sharing his philosophy on excellence: "I find that it's usually some kind of unrelenting curiosity that really propels people beyond just being good to being excellent... When we approach how we build our products, it's with that same level of unrelenting curiosity and willingness to break through and change things."
πΏ This entire conversation, including all three YouTube videos, is available for members only as a 1h+ long movie at makeitwork.tv/fast-infrastructure
LINKS
EPISODE CHAPTERS
Today we talk with Matvey Kukuy and Tal Borenstein, co-founders of Keep, a startup focused on helping companies manage and make sense of their alert systems. The discussion comes three years after Matvey's previous appearance - https://shipit.show/36 - where he talked about Grafana Labs' acquisition of his previous startup Amixr (now Grafana OnCall).
Keep tackles a significant challenge in modern tech infrastructure: managing the overwhelming volume of alerts that companies receive from their various monitoring systems. Some enterprises deal with up to 70,000 alerts daily, making it crucial to identify which ones represent actual incidents requiring attention.
We explore real-world examples of major incidents, including the significant CrowdStrike outage in July 2024 that caused widespread system crashes and resulted in an estimated $10 billion in worldwide damages. This incident highlighted how critical it is to quickly identify and respond to serious issues among numerous alerts. Matvey tells us about his most black swan experience.
The episode concludes with a hint that some of Keep's AI features may eventually be released as open source once they're sufficiently polished.
LINKS
EPISODE CHAPTERS
This is a follow-up to Let's build a CDN - Part 1
A new friend joins us. We talk about the high-level, including why Varnish and why we are doing this in the first place. We go through the plan for this session, and then just make it happen. The video in the show notes captures most of this pairing session.
If you enjoyed this podcast and the YouTube video, you can now watch the full movie in 4k on πΊ makeitwork.tv. Offline download is available.
LINKS
EPISODE CHAPTERS
This is the audio version of π¬ Ninjastructure - Move fast & break nothing
Matias Pan, a professional matΓ© drinker & Senior Software Engineer at Dagger, is showing us an approach to Infrastructure as Code built with Pulumi.
We look at Go code, discuss procedural (imperative) vs. declarative, spend some time on state management & introduce the concept of Ninjas in the context of infrastructure: move fast & break nothing.
In the second half, Matias uses diagrams to talk through different ideas of rolling this out into production. Which of the two approaches would you choose?
LINKS
EPISODE CHAPTERS
We have 3 conversations from TalosCon 2024:
1. Vincent Behar & Louis Fradin from Ubisoft tell us how how they are building the next generation of game servers on Kubernetes. Recorded in a coffee shop.
2. We catch up with David Flanagan on the AI stack that he had success with in the context of rawkode.academy. David also tells us the full story behind his office burning down earlier this year. Recorded in the hallway track.
3. As for the last conversation, Gerhard finally gets together with Justin Garrison in person. They talked about TalosCon, some of the reasons behind users migrating off Cloud, and why Kubernetes & Talos hold a special place in their minds. Recorded in the workshop cinema room.
LINKS
EPISODE CHAPTERS
How does Michal Kuratczyk, Staff Software Engineer at RabbitMQ, access Kubernetes workloads securely, from anywhere? Regardless whether it's a Google Kubernetes Engine (GKE) cluster or Kubernetes in Docker (KiND), Tailscale is a simple solution for this particular use case. This also makes it easy to share private services with all devices on a tailnet, including with friends that want to access them on a smartphone.
Watch the demo π¬ Access your Kubernetes pods anywhere
If you want to watch the full, 32 minutes-long video, go to π https://makeitwork.gerhard.io
LINKS
EPISODE CHAPTERS
What does it look like to build a modern CI/CD pipeline from scratch in 2024? While many of you would pick GitHub Actions and be done with it, how do you run it locally? And what do you need to do to get caching to work?
Tom Chauveau joins us to help Alex Sims build a modern CI/CD pipeline from scratch. We start with a Remix app, write the CI/CD pipeline in TypeScript and get it working locally. While we don't finish, this is a great start (according to Alex).
This was recorded in January 2024, just as Dagger was preparing to launch Functions in the v0.10 release. While many things have improved in Dagger since then, the excitement & the joy of approaching CI/CD with this mindset have remained the same.
LINKS
EPISODE CHAPTERS
This started as a conversation between James A Rosen & Gerhard in August 2023. Several months later, it evolved into a few epic pairing sessions captured in these GitHub threads:
The last pairing session eventually lead to π§ Kaizen! Should we build a CDN? This is the follow-up to that. How far did we get in 1 hour?
LINKS
EPISODE CHAPTERS
For our 4th episode, we have four conversations from KubeCon EU 2024.
We talk to Jesse Suen about Argo CD & Kargo, Solomon Hykes shares the next evolution of Dagger, and Justin Cormack dives into Docker & AI. We also catch up with Frederic Branczyk & Thor Hansen on the latest Parca & Polar Signals Cloud updates since our last conversation.
Each conversation has a video version too:
LINKS
1. Jesse Suen
- π¬ Navigating Multi-stage Deployment Pipelines via the GitOps ApproachΒ
2. Solomon Hykes
- Introducing Dagger Functions
- A Keynote heard around the world - KubeCon EU 2024 Recap
- π¬ Local & open-source AI Developer Meetup
3. Justin Cormack
- AI Trends Report 2024: AIβs Growing Role in Software Development
- Building a Video Analysis and Transcription Chatbot with the GenAI Stack
4. Frederic Branczyk & Thor Hansen
- Correlating Tracing with Profiling using eBPF
LET'S MAKE IT BETTER
If you enjoyed this episode, I will appreciate your feedback on Apple Podcasts or Spotify.
If there is something that would have made it better for you, let me know: makeitwork@gerhard.io
Alex Sims, Solutions Architect & Sr. Software Engineer at James and James Fulfilment, talks about their journey to 80ms response SLO with PHP & React.
Alex shares how they optimised API performance, specifically highlighting improvements made by altering interactions with Amazon S3 and Redis. Key points include the transition from synchronous to asynchronous S3 processes, the impact of Amazon's SLO on write speed, and the significant runtime reduction achieved through JIT compilation in PHP 8.Β
We conclude with insights into decision-making in technology architecture, emphasising the balance between choosing cutting-edge technology and the existing skill set of the team.
π¬ View the video part of this episode at 80ms response SLO with PHP & React
π Access the audio & video as a single conversation at makeitwork.gerhard.io
EPISODE CHAPTERS
Today we delve into BuildKit and Dagger, focusing on their significance in the development and deployment of containerized applications, as well as Kubernetes integration.
The conversation highlights the evolving landscape of development tools, where BuildKit and Dagger play pivotal roles in making containerized development and deployment more efficient and user-friendly. Eric and Gerhard discuss the potential for these tools to simplify and enhance automation, reflecting on past projects and future possibilities.
π¬ View the video part of this episode: Deploying and Experimenting with Dagger 0.9 on Kubernetes 1.28
π Access the audio & video as a single conversation at makeitwork.gerhard.io
LINKS
dagger --mod github.com/sipsma/daggerverse/yamlinvaders@8071646e5831d7c93ebcd8cca46444250bf25b8c shell play
EPISODE CHAPTERS
This episode looks into the observability tool Parca & Polar Signals Cloud with Frederic Branczyk and Thor Hansen. We discuss experiences and discoveries using Parca for detailed system-wide performance analysis, which transcends programming languages.
We highlight a significant discovery related to kube-prometheus and the unnecessary CPU usage caused by Prometheus exporter's attempts to access BTRFS stats, leading to a beneficial configuration change for Kubernetes users globally.
We also explore Parca Agent's installation on Kubernetes 1.28 running on Talos 1.5, the process of capturing memory profiles with Parca, and the efficiency of the Parca Agent in terms of memory and CPU usage.
WeΒ touch upon the continuous operation of the Parca Agent, the importance of profiling for debugging and optimization, and the potential of profile-guided optimizations in Go 1.22 for enhancing software efficiency.
π¬ Screensharing videos that go with this episode:
π Access the audio & all videos as a single conversation at makeitwork.gerhard.io
LINKS
EPISODE CHAPTERS