In this article, I will discuss building a sentiment analysis tool using AWS serverless capabilities and NLTK. I will be using AWS lambda to run sentiment analysis using the NLTK-vader library and AWS API Gateway to enable this functionality as an API. This architecture eliminates the need for any server management while providing on-demand scalability and cost-efficiency. Before we dive in, ensure that you have the following:

In this article, I will discuss building a sentiment analysis tool using AWS serverless capabilities and NLTK. I will be using AWS lambda to run sentiment analysis using the NLTK-vader library and AWS API Gateway to enable this functionality as an API. This architecture eliminates the need for any server management while providing on-demand scalability and cost-efficiency. Before we dive in, ensure that you have the following:

It is common for microservice systems to run more than one instance of each service. This is needed to enforce resiliency. It is therefore important to distribute the load between those instances. The component that does this is the load balancer. Spring provides a Spring Cloud Load Balancer library. In this article, you will learn how to use it to implement client-side load balancing in a Spring Boot project. Client and Server Side Load Balancing We talk about client-side load balancing when one microservice calls another service deployed with multiple instances and distributes the load on those instances without relying on external servers to do the job. Conversely, in the server-side mode, the balancing feature is delegated to a separate server, that dispatches the incoming requests. In this article, we will discuss an example based on the client-side scenario.

It is common for microservice systems to run more than one instance of each service. This is needed to enforce resiliency. It is therefore important to distribute the load between those instances. The component that does this is the load balancer. Spring provides a Spring Cloud Load Balancer library. In this article, you will learn how to use it to implement client-side load balancing in a Spring Boot project. Client and Server Side Load Balancing We talk about client-side load balancing when one microservice calls another service deployed with multiple instances and distributes the load on those instances without relying on external servers to do the job. Conversely, in the server-side mode, the balancing feature is delegated to a separate server, that dispatches the incoming requests. In this article, we will discuss an example based on the client-side scenario.

Disclaimer: All the views and opinions expressed in the blog belong solely to the author and not necessarily to the author's employer or any other group or individual. This article is not a promotion for any cloud/data management platform. All the images and code snippets are publicly available on the Azure/Databricks website. What Is Databricks? Databricks is a powerful platform that helps people work with large amounts of data easily. It allows companies to store, process, and analyze their data in one place.

After a successful 3rd beta in August 2024, the PostgreSQL development group released the GA version on September 26th. Recently, I blogged about some of the key logical replication features that you'll see in PostgreSQL 17.  In this blog, I'll describe a couple of new performance features that you'll find in Postgres 17 as well as another important logical replication feature that I didn't cover in my earlier blog of this series.  PostgreSQL has grown remarkably over the years, and with each major release, it has become a more robust, reliable, and responsive database for both mission-critical and non-mission-critical enterprise applications. The global and vibrant PostgreSQL community is contributing to PostgreSQL's success, diligently ensuring that all changes are carefully scrutinized and reviewed before they are added to the project source code. It is also very encouraging to see big technology names like Microsoft, Google, Apple, and others investing in Postgres by developing in-house expertise and giving back to the open-source community.

After a successful 3rd beta in August 2024, the PostgreSQL development group released the GA version on September 26th. Recently, I blogged about some of the key logical replication features that you'll see in PostgreSQL 17.  In this blog, I'll describe a couple of new performance features that you'll find in Postgres 17 as well as another important logical replication feature that I didn't cover in my earlier blog of this series.  PostgreSQL has grown remarkably over the years, and with each major release, it has become a more robust, reliable, and responsive database for both mission-critical and non-mission-critical enterprise applications. The global and vibrant PostgreSQL community is contributing to PostgreSQL's success, diligently ensuring that all changes are carefully scrutinized and reviewed before they are added to the project source code. It is also very encouraging to see big technology names like Microsoft, Google, Apple, and others investing in Postgres by developing in-house expertise and giving back to the open-source community.

When we talk about security in cloud-native applications, broken access control remains one of the most dangerous vulnerabilities. The OWASP Top 10 lists it as the most prevalent security risk today, and for good reason: the impact of mismanaged permissions can lead to catastrophic outcomes like data breaches or ransomware attacks. For CISOs, addressing broken access control isn't just a technical challenge—it’s a strategic priority that touches nearly every aspect of an organization’s security posture. As part of my job as the VP of Developer Relations in Permit.io, I consulted with dozens of CISOs and security engineers leaders, from small garage startup founders to Fortune 100 enterprise security staff. This article will try to provide the most comprehensive perspective I gathered from these chats, guiding you in considering broken access control challenges in cloud-native applications.

In environments with AWS Cloud workloads, a proactive approach to vulnerability management involves shifting from traditional patching to regularly deploying updated Secure Golden Images. This approach is well-suited to a modern Continuous Integration and Continuous Delivery (CI/CD) environment, where the goal is rapid, automated deployment — and doing this with AMIs (Amazon Machine Images) ensures that every instance benefits from consistent security updates. Creating the Golden Image The first step to securing your EC2 environment is building a Secure Golden Image (SGI) —a pre-configured AMI that serves as the baseline for deploying secure EC2 instances. An SGI should include:

Creating entities asynchronously in distributed systems presents challenges and benefits, especially for large enterprises seeking scalability, fault tolerance, and efficient user experiences. Asynchronous (async) pipelines for entity creation decouple services, handle failures gracefully, and minimize latency. These qualities enable enterprises to maintain flexible, high-performing systems as they scale. Let's explore the benefits, challenges, and solutions to build an effective pipeline in depth. Benefits of Asynchronous Pipelines in Entity Creation Graceful Failure Handling In complex distributed systems, certain tasks in the entity creation process are non-critical. Async pipelines allow failure isolation, meaning failures in non-critical tasks won’t disrupt the entire process. These tasks can either be retried or ignored, allowing the pipeline to continue smoothly.

As organizations adopt microservices and containerized architectures, they often realize that they need to rethink their approach to basic operational tasks like security or observability. It makes sense: in a world where developers – rather than operations teams – are keeping applications up and running, and where systems are highly distributed, ephemeral, and interconnected, how can you take the same approach you have in the past? From a technology perspective, there has been a clear shift to open source standards, especially in the realm of observability. Protocols like OpenTelemetry and Prometheus, and agents like Fluent Bit, are now the norm – according to the 2023 CNCF survey, Prometheus usage increased to 57% adoption in production workloads, with OpenTelemetry and Fluent both at 32% adoption in production.  But open source tools alone can’t help organizations transform their observability practices. As I’ve had the opportunity to work with organizations who have solved the challenge of observability at scale, I’ve seen a few common trends in how these companies operate their observability practices. Let's dig in.

AI-powered code completion tools like GitHub Copilot, co-developed by GitHub and OpenAI, likely need no introduction. Developers are rapidly embracing this evolving technology to aid them in their work. Copilot and other Large Language Model (LLM) based coding assistants suggest lines of code and entire functions, saving a lot of time looking up specific formulations or helping scaffold common structures in the code. It is also great for helping a team write documentation. However, is Copilot secure? As beneficial as it may be, it also comes with significant security and privacy concerns that individual developers and organizations must be aware of. As Frank Herbert put it in "God Emperor of Dune" (the 4th book in the Dune saga):

This article will show you how to use GenAI from your browser to create and run a microservice in about a minute. Here is what you'll learn:  Provide a prompt to a cloud-based microservice appliance, and you get a system with a running database, a web app, and an API. Collaborate with stakeholders using the web app. Iterate instantly, to get the requirements right. Download the created project, and customize it in your IDE to build out the system using Python and Rules — 40x more concise than code.   All of this is open source.  No runtime or license fees. Microservices Creation: Get the Requirements Right We've all seen many projects fail due to difficulties in getting the requirements right. Let's explore that.

With all this buzz around technology, there is a discussion around containers versus virtual machines (VMs). Containers and VMs are both virtualization technologies that package computing environments housing various IT components and isolate them from the underlying system. However, these tools have separate strengths and weaknesses, making them suitable for different applications.  By distinguishing between containers and VMs, you can deploy applications faster, streamline troubleshooting processes, allocate resources more efficiently, and maintain system security.

With all this buzz around technology, there is a discussion around containers versus virtual machines (VMs). Containers and VMs are both virtualization technologies that package computing environments housing various IT components and isolate them from the underlying system. However, these tools have separate strengths and weaknesses, making them suitable for different applications.  By distinguishing between containers and VMs, you can deploy applications faster, streamline troubleshooting processes, allocate resources more efficiently, and maintain system security.

Disclaimer: All the views and opinions expressed in the blog belong solely to the author and not necessarily to the author's employer or any other group or individual. This article is not a promotion for any cloud/data management platform. All the images and code snippets are publicly available on the Azure/Databricks website. What Is Unity Catalog in Databricks? Databricks Unity Catalog is a data cataloging tool that helps manage and organize data across an organization in a simple, secure way. It allows companies to keep track of all their data, making it easier to find, share, and control who can access it. Unity Catalog works across different cloud storage systems and lets teams manage permissions, governance, and data access from one place, ensuring data is used safely and efficiently. 

In this interview with Julian Fischer, CEO of the cloud computing and automation company anynines GmbH, we explore the evolving landscape of cloud-native technologies with a strong focus on the roles of Kubernetes and Cloud Foundry in modern enterprise environments. About the Interviewee The interviewee, Julian Fischer, has extensive experience in Cloud Foundry and Kubernetes ops. Julian leads anynines in helping organizations operate applications at scale. Under his guidance, they're also pioneering advancements in managing data services across many Kubernetes clusters via the open-source Klutch project.

In this interview with Julian Fischer, CEO of the cloud computing and automation company anynines GmbH, we explore the evolving landscape of cloud-native technologies with a strong focus on the roles of Kubernetes and Cloud Foundry in modern enterprise environments. About the Interviewee The interviewee, Julian Fischer, has extensive experience in Cloud Foundry and Kubernetes ops. Julian leads anynines in helping organizations operate applications at scale. Under his guidance, they're also pioneering advancements in managing data services across many Kubernetes clusters via the open-source Klutch project.

In our industry, few pairings have been as exciting and game-changing as the union of artificial intelligence (AI) and machine learning (ML) with cloud-native environments. It's a union designed for innovation, scalability, and yes, even cost efficiency. So put on your favorite Kubernetes hat and let's dive into this dynamic world where data science meets the cloud!  Before we explore the synergy between AI/ML and cloud-native technologies, let’s set a few definitions. 

In our industry, few pairings have been as exciting and game-changing as the union of artificial intelligence (AI) and machine learning (ML) with cloud-native environments. It's a union designed for innovation, scalability, and yes, even cost efficiency. So put on your favorite Kubernetes hat and let's dive into this dynamic world where data science meets the cloud!  Before we explore the synergy between AI/ML and cloud-native technologies, let’s set a few definitions. 

Let's talk about routing in Next.js. Today, we will talk about the one of most powerful things: middleware. Middleware in Next.js offers a powerful and flexible way both to intercept requests from the server and control request flow (redirects, URL rewriting) and globally enhance features like authentication, headers, and cookie persistence. Creating Middleware Let's create a Middleware Next.js application. First of all, we'll create a new file for middleware like middleware.js or middleware.ts, in the src folder. Middleware in Next.js then needs to allow you fine control over where it will be active (ie custom matcher configuration, or using isXXX functions)

Oracle CloudWorld 2024 showcased a range of innovations and strategic shifts that will significantly impact the work of developers, engineers, and architects across industries. From AI integrations to multi-cloud strategies, Oracle is positioning itself as a key enabler of digital transformation. Here are the most important takeaways for technical professionals: 1. AI Integration Across the Stack Artificial intelligence was undoubtedly the star of CloudWorld 2024, with Oracle emphasizing its integration throughout its product suite. For developers and engineers, this means having access to powerful AI capabilities without building them from scratch.

As a database administrator or data engineer working with Amazon Redshift, it's crucial to manage resources effectively to handle different workloads. Amazon Redshift's Workload Management (WLM) feature lets you define how queries are prioritized and how resources like CPU and memory are allocated. This guide will walk you through setting up WLM step by step, making it easy for newbies to get started. What Is Workload Management (WLM)? WLM allows Amazon Redshift to handle multiple concurrent queries by allocating resources to query queues. You can create custom queues, allocate memory, and set concurrency limits for specific workloads, ensuring that critical queries run efficiently even under heavy loads.

In this article, I will guide you through the process of creating a serverless GraphQL API using TypeScript, AWS Lambda, and Apollo Server.  Serverless Computing Serverless computing is a cloud-computing execution model where cloud providers automatically manage the infrastructure for running applications. In this model, developers write code, and the cloud provider takes care of running, scaling, and maintaining the servers, meaning developers don't need to worry about server management, infrastructure provisioning, or scaling. The term "serverless" doesn't mean that there are no servers involved, but rather that the server management tasks are abstracted away from developers. AWS Lambda is a serverless compute service provided by Amazon Web Services (AWS) that allows you to run code without provisioning or managing servers

In this article, I will guide you through the process of creating a serverless GraphQL API using TypeScript, AWS Lambda, and Apollo Server.  Serverless Computing Serverless computing is a cloud-computing execution model where cloud providers automatically manage the infrastructure for running applications. In this model, developers write code, and the cloud provider takes care of running, scaling, and maintaining the servers, meaning developers don't need to worry about server management, infrastructure provisioning, or scaling. The term "serverless" doesn't mean that there are no servers involved, but rather that the server management tasks are abstracted away from developers. AWS Lambda is a serverless compute service provided by Amazon Web Services (AWS) that allows you to run code without provisioning or managing servers

In the fast-evolving world of software engineering, one of the most transformative innovations is the combination of Continuous Integration (CI) and Continuous Deployment (CD) pipelines with cloud hosting. This powerful integration has revolutionized the way developers deploy, test, and update software, allowing for faster delivery, improved scalability, and enhanced collaboration. By utilizing cloud hosting platforms, software engineering teams can now automate processes that once took weeks, turning them into streamlined workflows. Let’s explore how CI/CD pipelines in the cloud are accelerating software delivery, with insights backed by research and industry trends. The Power of CI/CD in Software Engineering Continuous Integration and Continuous Deployment (CI/CD) are critical for modern software development, driving automation from code integration to deployment. In traditional settings, deployment often required manual effort, introducing the risk of human error, delays, and inconsistencies. CI/CD pipelines automate these processes, enabling developers to integrate code changes more frequently and deploy updates to production environments seamlessly.

In the fast-evolving world of software engineering, one of the most transformative innovations is the combination of Continuous Integration (CI) and Continuous Deployment (CD) pipelines with cloud hosting. This powerful integration has revolutionized the way developers deploy, test, and update software, allowing for faster delivery, improved scalability, and enhanced collaboration. By utilizing cloud hosting platforms, software engineering teams can now automate processes that once took weeks, turning them into streamlined workflows. Let’s explore how CI/CD pipelines in the cloud are accelerating software delivery, with insights backed by research and industry trends. The Power of CI/CD in Software Engineering Continuous Integration and Continuous Deployment (CI/CD) are critical for modern software development, driving automation from code integration to deployment. In traditional settings, deployment often required manual effort, introducing the risk of human error, delays, and inconsistencies. CI/CD pipelines automate these processes, enabling developers to integrate code changes more frequently and deploy updates to production environments seamlessly.

If you grew up in the US, chances are you have a memory of going to summer camp. Even if you didn't attend one yourself, the camp experience of going away from home, learning all sorts of arts and crafts, meeting new best friends, and going on memorable adventures is baked into pop culture and media. Every August, the largest hacker summer camp on earth takes place in the heat of Las Vegas. This year marked the thirty-second iteration of DEF CON. DEF CON can be hard to explain without experiencing it. Yes, there are speaking tracks, official workshops, and multiple capture-the-flags (CTFs), but there is so much more. No other conference contains so many sub-conferences and community-led events. Even attendees who have been going for years say they still don't think they have experienced everything on offer.  

In the world of infrastructure management, two fundamental approaches govern how resources are deployed and maintained: mutable and immutable infrastructure. These approaches influence how updates are made, how infrastructure evolves, and how consistency is ensured across different environments. Mutable infrastructure refers to systems that can be changed or updated after they’ve been initially deployed. This means that configuration changes, software updates, or patches can be applied directly to existing infrastructure resources without replacing them entirely.  For instance, a server can be updated by installing new software, tweaking its settings, or increasing its resources. While the server itself stays the same, its configuration evolves over time.

In the world of infrastructure management, two fundamental approaches govern how resources are deployed and maintained: mutable and immutable infrastructure. These approaches influence how updates are made, how infrastructure evolves, and how consistency is ensured across different environments. Mutable infrastructure refers to systems that can be changed or updated after they’ve been initially deployed. This means that configuration changes, software updates, or patches can be applied directly to existing infrastructure resources without replacing them entirely.  For instance, a server can be updated by installing new software, tweaking its settings, or increasing its resources. While the server itself stays the same, its configuration evolves over time.

As a solutions architect with over two decades of experience in relational database systems, I recently started exploring MariaDB's new Vector Edition to see if it could address some of the AI data challenges we're facing. A quick look seemed pretty convincing, especially with how it could bring AI magic right into a regular database setup. However, I wanted to test it with a simple use case to see how it performs in practice.  In this article, I will share my hands-on experience and observations about MariaDB's vector capabilities by running a simple use case. Specifically, I will be loading sample customer reviews into MariaDB and performing fast similarity searches to find related reviews.

As a solutions architect with over two decades of experience in relational database systems, I recently started exploring MariaDB's new Vector Edition to see if it could address some of the AI data challenges we're facing. A quick look seemed pretty convincing, especially with how it could bring AI magic right into a regular database setup. However, I wanted to test it with a simple use case to see how it performs in practice.  In this article, I will share my hands-on experience and observations about MariaDB's vector capabilities by running a simple use case. Specifically, I will be loading sample customer reviews into MariaDB and performing fast similarity searches to find related reviews.

AWS Fargate's Seekable OCI (SOCI) introduces significant performance enhancement for containerized applications by enabling lazy loading of Docker container images. This reduces startup time for Fargate tasks, particularly for large container images, and makes it ideal for applications that need rapid scaling. AWS Fargate is a serverless compute engine that offers many different capabilities:

AWS Fargate's Seekable OCI (SOCI) introduces significant performance enhancement for containerized applications by enabling lazy loading of Docker container images. This reduces startup time for Fargate tasks, particularly for large container images, and makes it ideal for applications that need rapid scaling. AWS Fargate is a serverless compute engine that offers many different capabilities:

Microservices architecture promotes the development of applications, as suites of small, independent, loosely coupled services. Because of its numerous advantages (e.g., scalability, reliability, faster development cycles, easier maintenance of individual services, etc., detailed in this article), it has gained significant traction in the software industry lately and organizations are building their applications following microservices architecture. However, it comes with a few pitfalls as well. Recently while working on a use case at work, I observed the other side of microservices architecture, i.e., microservices proliferation. This article is an attempt to detail the pitfalls associated with the excessive creation of microservices (microservices proliferation), offering insights on their causes, implications, and potential strategies for mitigation.

Security is a top priority of every company. It’s not surprising: source code, the most critical asset of any organization, should be under reliable protection — especially in view of constantly rising threats. Ransomware, infrastructure outages, vulnerabilities, and other threats can strike your GitHub repository at any time. Organizations, especially those that operate in the most regulated industries, can face a few main challenges regarding their GitHub data protection. The first one, we have already mentioned — it’s the value of the data stored in the repositories. The second one is their ability to forecast any event of failure and take proactive measures to make sure that their data is available and recoverable in any event of failure.

The Dapr 1.14 release last month included many new capabilities and was feature-packed. This included the addition of a new Jobs API and Scheduler control plane service for managing jobs. Over the years, the Dapr project was often requested to include a Jobs API. The Scheduler service enables this and is designed to address the performance and scalability improvements on Actor reminders and the Workflow API. In this post, I am going to deep dive into the details of how the Scheduler service was designed and its implementation to give you some background. Prior to v1.14 if you wanted to schedule a job, you could use the Cron binding component to implement recurring jobs on a regular defined schedule; for example, automating database backups, sending out recurring email notifications, running routine maintenance tasks, data processing, and ETL, running system updates and batch processing. However, the binding approach lacked in the areas of durability and scalability, and more importantly, could not be combined with other Dapr APIs. For example, another frequent request is to be able to have delayed messages for pub/sub, and there will undoubtedly be other delayed job scenarios that will emerge.

In today's volatile economic landscape, enterprises are scrutinizing their cloud bills more than ever. Platform teams are at the forefront of this challenge, tasked with finding innovative ways to optimize usage and drive down costs. To gain insights into this evolving field, we spoke with Kapil Thangavelu, co-founder and CTO of Stacklet and the creator and lead maintainer of Cloud Custodian. Let's dive into his perspectives on the latest trends in cloud cost optimization. The Changing Landscape of Cloud Costs Q: What's different about the cloud cost outlook today compared to recent years, from your point of view?

The time for rapid technology development and cloud computing is perhaps the most sensitive time when security issues are of great importance. It is here that security will have to be injected into a process right from the beginning — be it software development or cloud infrastructure deployment. Two concepts that are very influential in doing so are CSPM and DevSecOps.  Don't worry if these terms seem complicated — all they really mean is the inclusion of security within how companies build and manage their cloud environments and software pipelines.  

What Is Jenkins, and Why Does It Matter? In the world of software development, speed and efficiency are everything. That's where Jenkins, a popular open-source automation server, steps in. Jenkins plays a key role in streamlining workflows by automating the building, testing, and deployment of code — tasks that would otherwise take up countless developer hours. But why does Jenkins matter in the larger context of DevOps and CI/CD (Continuous Integration/Continuous Deployment)? Well, if you're part of a development team, you're likely familiar with these terms. DevOps aims to break down barriers between development and operations teams, enabling faster, more reliable software releases. CI/CD pipelines, in turn, automate the process of integrating new code and delivering updates to users, minimizing downtime and reducing errors.