DevOps170 articles

Three years after Log4Shell caused a significant security issue, we still struggle with insecure dependencies and injection problems. In this podcast, we’ll discuss how developers can secure their code. I talked with three authors who posted a security and code …

I’m continuing my journey on getting more familiar with HTTP APIs by reading related RFCs.

DRY is an important principle in software development. In this article, you learn how to apply it to Apache APISIX configuration.

A simple implementation of the Idempotency-Key header specification on Apache APISIX via a plugin.

Practical alternatives to writing a custom plugin, offering solutions you can quickly implement in your projects.

Learn how you could create cloud-native Java apps that are portable, scalable, and reliable with the 12 factor app methodology.

Let’s compare three different ways to do OpenTelemtry Tracing: Java agent v1, Java agent v2, and Micrometer Tracing.

According to the Datadog “State of DevSecOps” report, a staggering 90% of Java services are susceptible to one or more critical or high-severity vulnerabilities

Lots of service providers offer a free tier of their service. The idea is to let you kick their service’s tires freely. If you need to go above the free tier at any point, you’ll likely stay on the service and pay.

In this post, we implement rate limiting with Apache APISIX. We set the rate limit on a route and moved it to individual consumers. Then we moved it to consumer groups, so all consumers in a group share the same “pool”.