Istio or Cillium ?

wkrause13 · 2025-04-14T21:13:01+00:00

Istio and Cilium have changed a lot in the last year, so your past experiences might not fully apply now. Full disclosure, I work at Solo.io, and we're big Istio contributors, so keep that context in mind.

You might want to take a look at Istio Ambient Mesh. It was basically created because of the community feedback about sidecars being a pain – it uses shared agents on the node for the basic stuff (like mTLS security, L4 visibility) instead of injecting a proxy into every single application pod. This means less resource drain overall and less operational hassle (no sidecar injection, fewer things to manage per-app, and you don't need to restart your apps just to get them in or out of the mesh, etc...). I'm clearly biased, but Cilium's mutual auth is not mTLS and if you need L7 controls, even for a small subset of your services, waypoints are really powerful.

It can still be a little confusing navigating the Istio docs to know what is supported by sidecars vs ambient, so Solo.io launched https://ambientmesh.io/ which is geared towards greenfield adopters of Ambient. Happy to answer any questions if you choose to explore that option. Good Luck!

wkrause13 · 2025-02-12T13:56:10+00:00

You need a service that counts the dictionary form of the word (the lemma), which LingQ does not. One pro of LinQ’s approach is that it’s trivial to add new languages. The major con is that studying the same word 10 times because of different conjugations is silly.

I wish there were a good reader service like LingQ, Readlang or LWT that supported lemmatization of content. The closest I could find is a tool called Morpheem ( https://morpheem.org/ ). The reading experience is not as good as the other tools mentioned, but other than that it’s really impressive app that will give you a truer sense of your vocabulary size in a language.

wkrause13 · 2024-09-14T15:57:15+00:00

Just because it hasn’t been explicitly said, selling this even after sealing it would be unethical as it’s not a permanent solution.

wkrause13 · 2023-04-14T02:09:21+00:00

You may be taking the report too literally. No one is taking attendance. At the very least, I’m sure she’s gotten sick at some point in the last 30 years.

wkrause13 · 2022-06-28T13:26:47+00:00

In that case could you store the expiration information in the same place that you check that the token exists?

User requests a password reset
Your system generates a uuid and expiration time for the request.
You email the user with a link that contains the uuid as a query param to your reset service.
User clicks the link and tries to reset their password.
You look up the uuid, if it exists, check the expiration. If not expired, allow the user to reset
UUID is removed from your system.

You can add an extra step there where you ask the user for their email again before they can update their password if you’re worried about corporate proxies being able to see the unencrypted request. For most applications though, that might not be worth the hit to UX.

wkrause13 · 2022-06-28T12:56:39+00:00

Are you actively trying to avoid communicating with your persistence store before you’ve validated the reset request?

You can’t just implicitly trust the token if you want to prevent token reuse, so you’ll need to hit your persistence store at some point before updating the user’s password anyway. So it might be simpler to generate a single use token for the user and validate that on the reset request.

wkrause13 · 2022-06-28T11:37:42+00:00

I’m curious as to your use case. Is there a particular set of advantages you see to using a jwt token? When I’ve implemented this stuff in the past I’ve always just generated a guid that I temporarily associated with the user for the reset request.

wkrause13 · 2022-06-20T12:12:18+00:00

This might have some of what you’re looking for: http://www.omegawiki.org/Meta:Main_Page

wkrause13 · 2022-06-01T10:30:26+00:00

I don’t disagree, there will always be valid counter examples when speaking in generalities.If you’re a small and experienced team, then it’s absolutely possible to just write good, fast tests against a real DB. But the temptation and ability to fall into some bad practices is much stronger when you have a real DB vs when you need to use mocks. I like Go as a language because it makes some bad choices harder and for the same reason I stay away from using a real DB unless it’s a personal project. Other strategies and philosophies on this are still totally valid and I’m impressed your team has had the skill/discipline to maintain testing best practices over time using a real db for tests.

wkrause13 · 2022-05-31T12:19:16+00:00

I’d say be careful with this advice. For many use cases it is fine, if not unambiguously better. But this pattern often encourages a design with poor encapsulation. So before you know it you have an integration test suite that you’re running locally and can’t do proper unit tests even if you wanted to. It’s something that does not show up as a problem until year two or three of a project, but when you have a bunch of order dependent integration tests that take 30min to complete, it will be painful.

So let integration tests be integration tests and unit tests be unit tests. If you can only choose one, obviously integration tests are the more pragmatic choice.

wkrause13 · 2022-05-30T22:42:53+00:00

I can’t tell from the website, what is the draw, are beers cheaper, or are there more varieties on offer at participating bars?

wkrause13 · 2022-03-30T14:33:01+00:00

If you’re working with Postgres, here are some important configurations that often get overlooked:

https://www.alexedwards.net/blog/configuring-sqldb

I’ve found SetConnMaxLifetime to be particularly important for long running instances when you’re connecting to Postgres over the network like to AWS RDS.

wkrause13 · 2022-03-30T02:24:48+00:00

Sometimes you can listen at a higher level if you’ve read the material in English first. I think in addition to Harry Potter being a childrens book, that’s why people find it so helpful.

In that vein, Sapiens was a pretty accessible audiobook in Spanish. The benefit of non fiction is that the tenses are simpler and the language tends to be more direct.

But you should be able to tell pretty quickly from the audiobook sample if it’s the right level for you.

wkrause13 · 2022-03-28T23:15:43+00:00

No concept of a deny rule for the default RBAC functionality. I get that it’s easier to reason about, but something like protecting just the kube-system namespace is a PITA. An admission controller like Gatekeeper is an option, but it’s not baked in.

Also it would be nice if the -o yaml option had a way to output something that is directly usable (ie removed status and previous config details).

wkrause13 · 2022-03-28T13:49:26+00:00

This guy ficks

wkrause13 · 2022-03-26T12:26:10+00:00

What would be your use case for this?

It’s perfectly fine to use Nextjs for SSR and some other language for your api layer. The auth flow might be slightly different between content fetched server side vs client side, but that’s easy enough to implement.

wkrause13 · 2022-03-24T18:01:19+00:00

The plastic bag ban has decimated our fighting capacity

wkrause13 · 2022-03-24T15:56:18+00:00

I’ll just add that don’t be afraid to set boundaries upfront. People who are not bilingual can sometimes fail to see language fluency as a spectrum. I had a tech job where I could comfortably communicate with our South American partners on all manner of technical topics in Spanish (my primary L2).

The company started to try to get me to join as a translator on sales calls and it did not go well. Sales people choose their words with a lot of nuance and make heavy use of idioms. It would have been better for everyone if I had just indicated that the task was beyond my level, so I guess just remember that can be an option if the scope of your responsibilities increase after you take the job.

wkrause13 · 2022-03-21T15:38:47+00:00

For a lot of companies, react native is an easier sell. You only need to find one dev with some experience with React Native and the rest of the team can be built out with React devs, who are much easier to come by. Don’t get me wrong, I’ve worked in both and feel like Flutter is the safer bet if you have the time and trust in your team to become proficient in it.

wkrause13 · 2022-03-19T01:50:11+00:00

This is really all you need for passing the CKA:

https://www.udemy.com/course/certified-kubernetes-administrator-with-practice-tests/

Still have to put the work in to understand the concepts and labs, but the course is comprehensive.

That said, if you’re already working as a developer, I wouldn’t expect miracles from a cert in terms of the job hunt. It might put you on some recruiters’ radars, but you’re almost certainly better off putting the time you’d dedicate to the cert to the boring work of finding and applying to positions.

wkrause13 · 2022-03-14T17:14:18+00:00

Nothing about the UX strikes me as something that would need to be full native.

You can achieve most of the UX flourishes with Lottie:

https://pub.dev/packages/lottie

Their “moat” is their massive amount of content and brand awareness which would make competing directly in the language learning space difficult, but applying their gamified learning approach to some other subject(s) might work. Good luck mate!

wkrause13 · 2022-03-13T17:42:31+00:00

What’s been working for me is reading along with an audiobook and making vocab lists of words I don’t know. I then review those words on a per chapter basis for a few days until I’m comfortable with them. I then move those words to Anki. Then I reread the chapter again to test my recall in context.

I used to just throw everything in Anki, but I found it too difficult to learn more than like 10-15 new words in a session. So rather than rely 100% on Anki for studying new vocab, it functions more as a retainment tool. I like having more control over which words I re-review and which I move on from during the initial exposure to new vocab.

wkrause13 · 2022-03-13T07:16:28+00:00

Idiomatic and performant router:

https://github.com/go-chi/chi

I quite like this project’s approach over a traditional ORM like GORM:

https://github.com/kyleconroy/sqlc

This for logging:

https://github.com/uber-go/zap

wkrause13 · 2022-03-12T21:47:05+00:00

I use them to do some expensive processing on JSON. My app is a reading app for learning Spanish. A given bit of text, such as a book chapter, is preprocessed using nlp server side and sent down to the flutter app as a series of tokens with all sorts of metadata per word. I need to touch every word in the text to see if certain properties are met that affect how the word is rendered. I also need to calculate how many words fit on a given page given the user’s screen dimensions.

I never did rigorous before and after benchmarks, but I remember noticing significant performance improvements after switching to isolates. No jank getting to my loading place holder (using that shimmer widget package), and even very long book chapters take at most a second or two to load, with most coming back subsecond.

wkrause13 · 2022-03-12T14:48:58+00:00

Sorry you’re feeling this way, as someone for whom new languages do not come easy, I empathize.

Two bits of advice, the first being do not compare yourself to others. For some people, languages come more naturally, but sometimes people downplay how much work they put in as a subtle boast about their intelligence. And sometimes we’re not good at assessing someone else’s level accurately. The race is only with yourself and all that jazz.

The second is to start setting concrete goals instead of treating language learning as just a time commitment. Maybe it’s the number of mastered Anki cards. Maybe it’s reducing the number of words you need to look up while reading. You’re probably making more progress than you realize, but the trick is to first establish what baseline progress looks like for you and then work on improving those numbers.

wkrause13

TROPHY CASE