This essay covers what makes COS worth considering: root filesystem immutability, automatic updates, and how to use it with regional managed instances for scaling. I’ll also cover startup scripts and practical considerations for engineering teams. A Brief Overview of Container-Optimized OS Container-Optimized OS is a lightweight, secure operating system image designed by Google specifically for running containers on GCP. Based on the open-source Chromium OS project, COS is tailored to offer a minimal footprint, reducing potential attack surfaces and simplifying maintenance. It comes pre-installed with essential tools like Docker and containerd, enabling teams to deploy containers out of the box without additional setup. ...

Life Happens Almost two full years have passed since the point when I had “the energy” to write content. And, as most podcasts fail after just a few episodes, I’ve been unable to keep up with the writing. It was a genuine surprise to see how much effort goes into even the simplest of articles. This, in turn, generated a significant inspirational backlog for potential content shortly. Looking back on those two years, I’m happy with the outcome, and I don’t feel much regret for not writing. As the internet doesn’t forget, this might serve mostly as a reminder to myself when I look back on this point a few years down the road. Just writing my own timeline took some time, as each week was packed with more work than I wanted it to be! Work-life balance?! ...

Building a Health-Data Platform I have had the opportunity to work on several complex and challenging projects. One such project was a health-data platform designed as a modular monolith with a plethora of complex requirements to fulfill. As a health-data platform, ensuring the security and compliance of our users’ sensitive information was paramount. To that end, we made it a priority to align with both HIPAA and SOC-2 standards. Compliance and Security Measures for a Health-Data Platform SOC-2 Compliance For SOC-2 compliance, we implemented various strict controls to guarantee the safety of our user’s data. This included implementing multi-factor authentication, such as FIDO tokens, for added security. We also conducted regular security assessments and backups to ensure that any data would be protected in the event of a security breach. Additionally, we employed SOC-2-compliant cloud providers to host and store sensitive data. A Governance, Risk management, and Compliance (GRC) program was established and reviewed regularly to maintain SOC-2 compliance. ...

From Theory to Practice It is recommended that readers familiarize themselves with the principles outlined in the article Modular Monoliths - Simplified before delving into the practical example provided in this follow-up piece. This article will explore a specific implementation of a modular monolith architecture, utilizing a clear separation of handlers, services, and repository layers. The accompanying GitHub Repository serves as a reference and starting point, providing a boilerplate structure that can be easily adapted to suit the specific needs of your project. ...

How to Achieve More with Less Complexity What is a Modular Monolith Architecture? Modular Monoliths present a unique approach to software architecture, balancing the robustness of monolithic systems with the scalability of microservices. As a result, it allows for increased scalability and maintainability while avoiding the complexity and overhead commonly associated with microservices. In this essay, we will explore the advantages of utilizing a modular monolith architecture in Go and provide guidance on implementing it in your projects. ...