Lessons learned in 2017

by Jannik Arndt


Conway’s Law

“organizations which design systems … are constrained to produce designs which are copies of the communication structures of these organizations.”

So true.


Dev-Ops is awesome

But also a lot of work that’s hard to anticipate.


Clearly defined interfaces clearly need to be tested

We didn’t test ours, and it took other dev forever to track down a bug in our system.


Deal with the bugs you have, not the ones you might encounter

Your software will never handle all possibilities. Invest the time into good monitoring, rather than anticipating every possibility.


How to set up a robust environment

  1. Set up a dev, test and production stage.
  2. Set up continuous deployment into all stages.
  3. Set up a monitoring system.
  4. Start coding.


Your system doesn’t need every bit of new technology

And it probably doesn’t have “Big Data”.



As Martin Fowler writes:

you shouldn’t start a new project with microservices, even if you’re sure your application will be big enough to make it worthwhile


I recently created a wonderful bug.

This is a basic example how to implement oAuth2 using Akka HTTP and Scala. It provides three endpoints. From the clients point of view:

  • / — publicly accessible, returns “Welcome!”,
  • /auth — provide your username and password, receive an access_token in return,
  • /api — secured by oAuth, send the access_token in a header to gain access.

From the server’s point of view:

  • / — publicly accessible, do nothing,
  • /auth — receive basic auth credentials, verify they’re in the list of known credentials, create an access_token, return it,
  • /api — receive authorization header, check if access_token is in list of valid tokens.

Since oAuth tokens are short lived, the server also has to invalidate expired tokens.

Getting a Akka HTTP-based backend up and running on Heroku for free can be done in less then 30 minutes — if you know the tricks.