This is a no-fuss summarization of what I’ve learned from running my own startup and failing hard at it. The good, the bad, and the brutally honest. It’s a series of short essays where I dissect every mistake, every win, and every “what the hell was I thinking?” moment. If you’re thinking about a side project, already knee-deep in one, or just enjoy watching someone learn expensive lessons so you don’t have to - then this series of essays is for you. ...
This essay covers what makes COS worth considering: root filesystem immutability, automatic updates, and how to use it with regional managed instances for scaling. I’ll also cover startup scripts and practical considerations for engineering teams. A Brief Overview of Container-Optimized OS Container-Optimized OS is a lightweight, secure operating system image designed by Google specifically for running containers on GCP. Based on the open-source Chromium OS project, COS is tailored to offer a minimal footprint, reducing potential attack surfaces and simplifying maintenance. It comes pre-installed with essential tools like Docker and containerd, enabling teams to deploy containers out of the box without additional setup. ...
Building a Health-Data Platform I have had the opportunity to work on several complex and challenging projects. One such project was a health-data platform designed as a modular monolith with a plethora of complex requirements to fulfill. As a health-data platform, ensuring the security and compliance of our users’ sensitive information was paramount. To that end, we made it a priority to align with both HIPAA and SOC-2 standards. Compliance and Security Measures for a Health-Data Platform SOC-2 Compliance For SOC-2 compliance, we implemented various strict controls to guarantee the safety of our user’s data. This included implementing multi-factor authentication, such as FIDO tokens, for added security. We also conducted regular security assessments and backups to ensure that any data would be protected in the event of a security breach. Additionally, we employed SOC-2-compliant cloud providers to host and store sensitive data. A Governance, Risk management, and Compliance (GRC) program was established and reviewed regularly to maintain SOC-2 compliance. ...
From Theory to Practice It is recommended that readers familiarize themselves with the principles outlined in the article Modular Monoliths - Simplified before delving into the practical example provided in this follow-up piece. This article will explore a specific implementation of a modular monolith architecture, utilizing a clear separation of handlers, services, and repository layers. The accompanying GitHub Repository serves as a reference and starting point, providing a boilerplate structure that can be easily adapted to suit the specific needs of your project. ...
How to Achieve More with Less Complexity What is a Modular Monolith Architecture? Modular Monoliths present a unique approach to software architecture, balancing the robustness of monolithic systems with the scalability of microservices. As a result, it allows for increased scalability and maintainability while avoiding the complexity and overhead commonly associated with microservices. In this essay, we will explore the advantages of utilizing a modular monolith architecture in Go and provide guidance on implementing it in your projects. ...