* go mod init & go.mod
* go mod tidy
* go mod vendor
Underlying concepts: overlay network, IPIP, NAT, NIC, interrupt & softirq (Linux handling packets).
Useful tools: tcpdump, hping3, bcc, cadvisor, perf record.
Lesson Learned: know the full path inside the network and diagnose each hop.
Read this link, you'll get an overview of the cryptography.
* Three Algorithms: Secret Key Cryptography v/s Public Key Cryptography v/s Hash Functions.
* Key Length matters
* Trust Models: PGP, Kerberos, Certificates.
* Some more algorithms: DH Key Exchange, DES, PGP, IPSec, SSL & TLS, ECC, AES, etc.
* Some basic math: XOR, modulo, Entropy.
1. MarkSthFun is a monolithic app, hosting in a single repo. It'll be deployed as a web app, a worker app, a blog app, etc.
2. Sys dependencies are explicitly specified in ansible/dockerfile. App dependencies are specified in pyproject.toml.
3. Use .env widely. Terraform and ansible shares the same .env file. Docker-compose reads envvars from env_files. Flask reads envvars by `load_dotenv(find_dotenv())`. In production, /var/www/shire/shared/.env contains all envvars app needs.
4. Backing services are merely some envvars for each service.
5. Deploy code in a capistrano-style convention directory.
6. No containers, just processes.
7. Applications are bound to $PORT.
8. Terraform/Ansible provision and setup servers quickly by server roles. A new server will be quickly added to the server pool.
9. Graceful shutdown (gunicorn)
10. Dev env: local docker-compose. Staging env: heroku. Prod env: digitalocean.
11. For troubleshooting, just tail -f.
12. Admin process: poetry run flask shell.