Load Balancing

• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• GLB: GitHub's open source load balancer
• What Is Load Balancing?
• Understanding Nginx HTTP Proxying, Load Balancing, Buffering, and Caching
• Introduction to modern network load balancing and proxying
• Load Balancing TLS Connections: Tradeoffs
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying
• Introduction to modern network load balancing and proxying

Advanced Data Structures

• Latency Numbers

Webservers

• Apache vs Nginx: Practical Considerations
• The C10K problem
• How WebSocket server handles multiple incoming connection requests?
• Inside NGINX: How We Designed for Performance & Scale
• Tuning NGINX for Performance

Web Caching

• Web Cache - Everything you need to know
• Cache Docs
• Web Cache - Everything you need to know

Protocols

• HTTP
• Capturing HTTP Packets
• HTTPS in the real world
• How does HTTPS actually work?
• Designing Headers for HTTP Compression
• HTTP headers for the responsible developer
• Evolution of HTTP
• The First Few Milliseconds of an HTTPS Connection
• The HTTP part 1 - Let's start small
• How HTTPS works ...in a comic!
• How HTTPS Works in Layman's Terms - TLS 1.2 and 1.3
• HTTP Caching
• HTTP Security Headers - A Complete Guide
• Journey to HTTP/2
• The Evolution of HTTP – HTTP/2 Deep Dive
• Comparing HTTP/3 vs. HTTP/2 Performance
• When TCP sockets refuse to die
• QUIC
• HTTP/3 Deep Dive
• HTTP/3 explained
• How does SSL/TLS work?
• Messing With Telnet
• What is TLS (Transport Layer Security)?
• Even faster connection establishment with QUIC 0-RTT resumption
• A Detailed Look at RFC 8446 (a.k.a. TLS 1.3)
• Discussion: UDP in web
• Let's code a TCP/IP stack
• How TCP Sockets Work
• How Does TCP Work?
• Once Again on TCP vs UDP
• Nagle's algorithm
• 40 millisecond bug
• What every developer should know about TCP
• What I learned attempting the TCP Reset attack
• DNS in One Picture
• The Web Developer's Guide to DNS
• The uncertainty of measuring the DNS
• DNS Encryption Explained
• A cartoon intro to DNS over HTTPS
• How DNS Works
• Beyond DNS over HTTPS: Trustless DNS Privacy
• What Is BGP? | BGP Routing Explained
• THE TWO-NAPKIN PROTOCOL
• Playing battleships over BGP
• WebSockets for fun and profit
• The WebSocket Protocol: RFC 6455
• How WebSockets Work
• WebSockets - A Conceptual Deep Dive
• How HTML5 Web Sockets Interact With Proxy Servers
• How Do Websockets Work?
• What are Long-Polling, Websockets, Server-Sent Events (SSE) and Comet?
• Building realtime apps with Go and WebSockets: client-side considerations
• Websockets 101
• WebRTC for the Curious
• Employing QUIC Protocol to Optimize Uber’s App Performance
• TCP Performance problems caused by interaction between Nagle’s Algorithm and Delayed ACK
• HTTP and Websockets: Understanding the capabilities of today’s web communication technologies
• Journey to HTTP/2
• HTTP3
• QUIC
• HTTP/3: the past, the present, and the future

NAT

• NAT Slipstreaming

Random

• The future of the open internet
• How Wi-Fi Works
• How Does the Internet Work?
• The Law of Leaky Abstractions
• How to crawl a quarter billion webpages in 40 hours
• Setting up your server for IPv6 (nginx)
• The world in which IPv6 was a good design
• The Non-complexity of /etc/nsswitch.conf
• What is Envoy
• High Performance Browser Networking
• HAProxy
• Kerberos: The Network Authentication Protocol
• curl HTTP cheat sheet
• cURL security anti-patterns
• Staying out of TTL hell
• Stateful vs Stateless Authentication
• How to win at CORS
• Network Protocols – Programmer's Compendium
• The perils of the “real” client IP

Networking Books :books:

• Understanding IP Addressing: Everything You Ever Wanted To Know
• Kurose and Ross - Top Down Networking

Advanced Concepts

• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Essential Image Optimization
• Why does Google prepend while(1); to their JSON responses?
• this in JS
• What is a Promise?
• Lazy, composable, and modular JavaScript
• The Dao of Immutability
• Composing Software
• What is the Difference Between Class and Prototypal Inheritance?
• What is a Closure?
• Circular dependencies in JavaScript
• Hoisting in Javascript
• Async-Await
• Await and Async Explained with Diagrams and Examples
• JavaScript engine fundamentals: Shapes and Inline Caches
• Javascript : The Curious Case of Null >= 0
• How to Fix the ES6 `class` keyword
• Elements of JavaScript Style
• Headless Chromium
• Douglas Crockford: Really. JavaScript.
• Defensive JavaScript
• What is `this`? The Inner Workings of JavaScript Objects
• Responsible JavaScript
• JavaScript Event Loop And Call Stack Explained
• Looking into assembly code of coercion
• A cartoon intro to WebAssembly
• What makes WebAssembly fast?
• The Lost Art of the Makefile
• Streams—The definitive guide
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Rich JavaScript Applications – the Seven Frameworks
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript
• Javascript : The Curious Case of Null >= 0
• Javascript : The Curious Case of Null >= 0
• Hoisting in Javascript

Pilot Run

• Objects in javascript
• Two Pillars of Javascript
• Philip Roberts: What the heck is the event loop anyway?
• Types in Javascript
• Arrow function vs function declaration / expressions: Are they equivalent / exchangeable?
• How are the Event Loop, Callback Queue, and Javascript’s single thread connected?

React, Redux

• React Implementation Notes
• Scheduling in React
• React Internals

JS Books

• Javascript: The Good Parts
• Mostly Adequate Guide to Functional Programming
• Javascript: The Good Parts

v8

• v8 Resource
• Concurrent marking in V8
• V8 / Chrome Architecture Reading List - For Vulnerability Researchers
• Understanding V8’s Bytecode

Git Internals

• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• Loading and ptrace'ing a process on Linux
• File Types in Linux
• Killing processes that don't want to die
• Threads and fork(): think twice before mixing them
• Linux Insides
• chmod Tutorial
• Orphan vs Zombie vs Daemon Processes
• inetd Vs xinetd in linux
• rm -rf remains
• What happens when you start a process on Linux?
• How does the system shutdown of a linux kernel work internally?
• The Definitive Guide to Linux System Calls
• grep your way to freedom
• Linux file descriptors
• UNIX Syscalls
• How statically linked programs run on Linux
• Understanding glibc malloc
• Systemd as tragedy
• Rethinking PID 1
• What is Overcommit? And why is it bad?
• Your terminal is not a terminal: An Introduction to Streams
• How fast are Unix domain sockets?
• The 101 of ELF files on Linux: Understanding and Analysis
• Linux namespaces
• Why should text files end with a newline?
• What has to happen with Unix virtual memory when you have no swap space
• htop explained
• The Linux Scheduler: a Decade of Wasted Cores
• Linux Log Files that are Located under /var/log Directory
• Basic Linux Privilege Escalation
• “zero copy networking” vs “kernel bypass”?
• Understanding cgroups
• The brokenness of the sendfile() system call
• Understanding Daemons
• Myths Programmers Believe about CPU Caches
• Systemd is not Magic Security Dust
• Pushing the Limits of Kernel Networking
• eBPF
• Process resource limits under the hood
• Queueing in the Linux Network Stack
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• The real power of Linux executables
• inetd Vs xinetd in linux
• x86 Assembly Guide
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux
• inetd Vs xinetd in linux

SSH

• Endlessh: an SSH Tarpit
• A visual guide to SSH tunnels
• A Visual Guide to SSH Tunnels

Linux Security

• Dirty Cow
• Explaining Dirty COW local root exploit - CVE-2016-5195
• Linux Firewall Tutorial: IPTables Tables, Chains, Rules Fundamentals
• Security Tips for Linux Servers
• Three kinds of memory leaks
• Running Untrusted Programs in Linux
• Writing a simple rootkit for linux
• Do sudo and .profile/.bashrc enable trivial privilege escalation?
• How to break out of a chroot() jail

Bash

• Creating a bash completion script
• Explain Shell
• Writing a Unix Shell
• Bash Pitfalls
• Illustrated Redirection Tutorial
• Minimal safe Bash script template

BPF

• BPF: Tracing and More
• Cloudflare architecture and how BPF eats the world

Systems

• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 1 - Prefetching data
• (A few) Ops Lessons We All Learn The Hard Way
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Uber: Why Uber Engineering Switched from Postgres to MySQL
• Dropbox: How we migrated Dropbox from Nginx to Envoy
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Billions of Messages a Day - Yelp's Real-time Data Pipeline
• The WhatsApp Architecture Facebook Bought For $19 Billion
• Airbnb: Avoiding Double Payments in a Distributed Payments System
• How We Developed DingTalk: Implementing the Message System Architecture
• Intelligent DNS based load balancing at Dropbox
• Redis Explained
• How Discord Stores Trillions Of Messages
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 3 - Cache-first rendering
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 4 - Code size and execution optimizations
• Cloudflare: How Cloudflare’s Architecture Can Scale to Stop the Largest Attacks
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 3 - Cache-first rendering
• Part 4 - Code size and execution optimizations
• Part 3 - Cache-first rendering
• Part 2 - Pushing data directly to the client rather than waiting for the client to request the data
• Part 4 - Code size and execution optimizations

Netflix

• Building fast.com
• Edge Authentication and Token-Agnostic Identity Propagation
• Building fast.com
• Mastering Chaos - A Netflix Guide to Microservices
• How we scaled nginx and saved the world 54 years every day
• Building fast.com
• AWS re:Invent 2017: How Netflix Tunes Amazon EC2 Instances for Performance (CMP325)
• AWS re:Invent 2015: A Day in the Life of a Netflix Engineer (DVO203)
• Edge Authentication and Token-Agnostic Identity Propagation
• Building fast.com
• Edge Authentication and Token-Agnostic Identity Propagation
• Building fast.com
• Building fast.com
• Edge Authentication and Token-Agnostic Identity Propagation
• Building fast.com
• Edge Authentication and Token-Agnostic Identity Propagation
• Building fast.com
• Edge Authentication and Token-Agnostic Identity Propagation
• Building fast.com
• Edge Authentication and Token-Agnostic Identity Propagation
• Building fast.com
• Edge Authentication and Token-Agnostic Identity Propagation
• Building fast.com
• Edge Authentication and Token-Agnostic Identity Propagation
• Building fast.com
• Building fast.com
• Edge Authentication and Token-Agnostic Identity Propagation
• Building fast.com
• Edge Authentication and Token-Agnostic Identity Propagation
• Building fast.com
• Edge Authentication and Token-Agnostic Identity Propagation
• Building fast.com
• Building fast.com
• Edge Authentication and Token-Agnostic Identity Propagation
• Building fast.com
• Building fast.com
• Edge Authentication and Token-Agnostic Identity Propagation
• Building fast.com
• Building fast.com
• Building fast.com
• Building fast.com
• Building fast.com
• Building fast.com
• Building fast.com

Guides

• Metcalfe's law
• A Brief History of High Availability
• What is Kappa Architecture?
• Principles of chaos engineering
• Microservices — architecture nihilism in minimalism's clothes
• Failing over without falling over
• Timeouts, retries, and backoff with jitter
• Why are services slow sometimes?
• If at first you don't get an answer...
• Understanding Connections & Pools
• The Big Little Guide to Message Queues
• MonolithFirst
• Exponential Backoff And Jitter
• What we talk about when we talk about System Design
• Real Time Presence Platform System Design
• The Big Little Guide to Message Queues
• The Big Little Guide to Message Queues

Scalability

• Jeremy Edberg - Scalable Cloud Architectures | Tech Talk
• CS75 (Summer 2012) Lecture 9 Scalability Harvard Web Development
• A Word on Scalability
• Scalability for Dummies
• Scalable System Design Patterns
• The Tail at Scale
• Automating chaos experiments in production
• Eventually Consistent - Revisited

Event driven Architecture

• Build Services on a Backbone of Events

AWS

• Everything You Need To Know About Networking On AWS
• Deep Dive on Amazon ECS Cluster Auto Scaling
• Designing scalable API on AWS spot instances
• Workload isolation using shuffle-sharding
• The Hitchhiker's Guide to AWS ECS and Docker
• AWS IAM Policies in a Nutshell
• What You Need to Know About IOPS
• Why was a query to my Amazon RDS MySQL DB instance blocked when there is no other active session?
• Things you wish you didn't need to know about S3

Cloudflare

• A deep-dive into Cloudflare’s autonomous edge DDoS protection

More

• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Understanding the Top 5 Redis Performance Metrics
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified
• Telltale: Netflix Application Monitoring Simplified

Prometheus

• When to use the Pushgateway
• Common pitfalls when using the Pushgateway
• On the naming of things
• Prometheus Recording Rules
• Prometheus Counters and how to deal with them
• PromQL Queries for Exploring Your Metrics
• How to learn PromQL with Prometheus Playground

Go Pilot run

• Go by example
• Golang channels tutorial
• Resources for new Go programmers
• Darker Corners of Go
• Know Your Nil

Concepts

• Go Concurrency from the Ground Up
• How Goroutines Work
• Concurrency is not Parallelism
• Concurrency in golang and a mini Load-balancer
• Channels in Go
• Go Concurrency Patterns
• Concurrent programming, with examples
• Slow down your code with goroutines
• How to Gracefully Close Channels
• Go channels on steroids
• Channel Axioms
• Go Concurrency Patterns: Pipelines and cancellation
• Using contexts to avoid leaking goroutines
• Advanced Go Concurrency Patterns
• sync.RWMutex
• Profiling Go
• Profiling and optimizing Go web applications
• pprof
• go tool trace
• pprof++: A Go Profiler with Hardware Performance Monitoring
• Why is a Goroutine’s stack infinite ?
• Go’s Extended Concurrency: Semaphores (Part 1)

Go Internals

• Scheduler Tracing In Go
• Analysis of the Go runtime scheduler
• Everything about Go: internals, concurrency, compiler, or packages available in the Go community.
• How does the go build command work?
• Introducing the Go Race Detector
• String interning in Go
• Interning strings in Go
• Arrays, slices (and strings): The mechanics of 'append'
• Detecting Race Conditions With Go
• The Go scheduler
• Go's work-stealing scheduler
• Golang’s Real-time GC in Theory and Practice
• runtime: Large maps cause significant GC pauses
• How We Saved 70K Cores Across 30 Mission-Critical Services (Large-Scale, Semi-Automated Go GC Tuning @Uber)
• A Guide to the Go Garbage Collector
• Avoiding high GC overhead with large heaps
• Go compiler internals
• Go & Assembly
• Dissecting Go Binaries
• The Go Memory Model
• Go memory ballast: How I learnt to stop worrying and love the heap
• Memory Leaking Scenarios
• Memory Order Guarantees in Go
• GO MEMORY MANAGEMENT
• Contiguous stacks in Go
• Memory Optimizations for Go Systems
• Golang escape analysis
• Are large slices more expensive than smaller ones?
• There is no pass-by-reference in Go
• Allocation efficiency in high-performance Go services
• Go’s hidden #pragmas
• A few bytes here, a few there, pretty soon you’re talking real memory
• An attempt at visualizing the Go GC

Networking with Go

• Network Programming with Go
• A Million WebSockets and Go
• TCP/IP Networking in Go
• An Implementation and Analysis of a Kernel Network Stack in Go with the CSP Style
• Gotchas in the Go Network Packages Defaults

More

• Interfaces in Go
• Go Data Structures: Interfaces
• Applied Go
• Golang Has Generics
• Go-tcha: When nil != nil
• SOLID Go Design
• Simple techniques to optimise Go programs
• How we optimized our DNS server using go tools
• Optimizing M3: How Uber Halved Our Metrics Ingestion Latency by (Briefly) Forking the Go Compiler
• Writing a very fast cache service with millions of entries in Go
• Go, without package scoped variables
• How to generate a random string of a fixed length in Go?
• Building efficient statsd library in Go
• Gopher Puzzlers
• Visually Understanding Worker Pool
• The Case For A Go Worker Pool
• Life of an HTTP request in a Go server
• Send data from file without loading into memory
• Data Race Patterns in Go
• Optimizing Large File Transfers in Linux with Go - An Exploration of TCP and Syscall
• Pardon the Interruption: Loop Preemption in Go 1.14
• Mastering WebSockets With Go
• proposal: arena: new package providing memory arenas
• A whirlwind tour of Go’s runtime environment variables
• A Tale of Two `rand`s

Books

• RoR Tutorial
• Predicting Test Failures
• XSS and Rails
• RailsConf 2014 - All the Little Things by Sandi Metz

Logging

• S3 Log4j Appender
• Spark Streaming Logging Configuration

Tor Papers

• Memory Management Overview
• Tricks of the Trade: Tuning JVM Memory for Large-scale Services
• Managing Spark Partitions with Coalesce and Repartition
• The hidden cost of Spark withColumn

Security Papers

• CQRS
• Password storage in source control
• Difference b/w Integration and Unit Tests
• The language of choice
• Hacker's guide to Neural Networks
• Return to the Source
• Design Patterns
• Software Testing Anti-patterns
• Detecting the use of "curl | bash" server side
• Constructors Considered Mildly Confusing
• Clojure - the perfect language to expand your brain?
• International Journal of Proof-of-Concept or Get The Fuck Out
• Making a virtual machine in Google Sheets
• How Did Software Get So Reliable Without Proof?
• The Danger of “Simplicity”
• See Python, See Python Go, Go Python Go
• Programmer's critique of missing structure of operating systems
• Enabling Machine Learning with Apache Flink - Sherin Thomas
• High-Throughput, Thread-Safe, LRU Caching
• Sorting 1 million 8-decimal-digit numbers with 1 MB of RAM
• Mathematical attack on RSA
• In defence of swap: common misconceptions
• The Twelve-Factor App
• Epigrams on Programming
• Choose Boring Technology
• PHP The Wrong Way
• Laws of UX
• How to stop procrastinating by using the Fogg Behavior Model
• Andrei Pangin - Everything you wanted to know about Stack Traces and Heap Dumps
• The Life of a Data Byte
• How To Design A Good API and Why it Matters
• The 13 immutable reads on choosing what to work on
• The Duct Tape Programmer
• Parsing Algorithms
• The Mind behind Linux
• Semantic Versioning 2.0.0
• Intentionally leaking AWS keys
• Dream Deploys: Atomic, Zero-Downtime Deployments
• Modern Software Over-Engineering Mistakes
• Intro to Threads and Processes in Python
• Unreliability At Scale
• Extreme HTTP Performance Tuning: 1.2M API req/s on a 4 vCPU EC2 Instance
• Reverse Proxy, HTTP Keep-Alive Timeout, and sporadic HTTP 502s
• A Solution to HTTP 502 Errors with AWS ALB
• DevOps, SRE, and Platform Engineering
• Gunicorn vs Python GIL
• Gunicorn Worker Types: How to choose the right one
• A brief description of the architecture of Gunicorn
• DESIGN PATTERNS
• The History of Pets vs Cattle and How to Use the Analogy Properly
• Scalable WebSocket Architecture
• Unified Streaming And Batch Pipelines At LinkedIn
• Millions of active WebSockets with Node.js
• Anything can be a message queue if you use it wrongly enough
• Gossip Protocol Explained
• See this page fetch itself, byte by byte, over TLS
• The Clean Architecture
• Memory Allocation
• Six Ways to Crash Elasticsearch
• Building a high performance JSON parser
• Upsert in SQL
• Ask HN: “Write your own” or “Build your own” software projects
• Andrei Pangin - Everything you wanted to know about Stack Traces and Heap Dumps
• The Hitchhiker’s Guide to Compression
• Enabling Machine Learning with Apache Flink - Sherin Thomas
• Andrei Pangin - Everything you wanted to know about Stack Traces and Heap Dumps
• “Don’t Mock What You Don’t Own” in 5 Minutes
• Andrei Pangin - Everything you wanted to know about Stack Traces and Heap Dumps
• All you need to know about the Google File System
• JVM Profiler: An Open Source Tool for Tracing Distributed JVM Applications at Scale

• The Forgotten History of OOP
• Branch predictor: How many "if"s are too many? Including x86 and M1 benchmarks!
• A byte’s not 8 bits.
• A better zip bomb
• Race Condition vs. Data Race
• The Absolute Minimum Every Software Developer Absolutely, Positively Must Know About Unicode and Character Sets (No Excuses!)
• Epigrams in programming
• Why stack grows down
• Queryparser, an Open Source Tool for Parsing and Analyzing SQL
• Essays on programming I think about a lot
• lzop vs compress vs gzip vs bzip2 vs lzma vs lzma2/xz benchmark, reloaded
• The Differences Between Interpreter and Compiler Explained

Algorithms

• Understanding Dijkstra's Algorithm
• Linked lists are still hard
• Understanding Dijkstra's Algorithm
• How to think in graphs
• Ask HN: What's your favorite elegant/beautiful algorithm?
• Complexity of Python Operations
• Heap Algorithm
• Algorithms Behind Modern Storage Systems
• The Knuth-Morris-Pratt Algorithm in my own words
• Why is processing a sorted array faster than processing an unsorted array?
• Introduction to Algorithms
• 10 Optimizations on Linear Search

Data Structures

• Data Structures & Algorithms I Actually Used Working at Tech Companies

Advanced Data Structures

• What are Bloom filters?
• When Bloom filters don't bloom
• Redis new data structure: the HyperLogLog
• Big Data Counting: How To Count A Billion Distinct Objects Using Only 1.5KB Of Memory
• HyperLogLog in Presto: A significantly faster way to handle cardinality estimation
• Count Sketch

MySQL

• Why UUID7 is better than UUID4 as clustered index in RDBMS
• SQL vs NoSQL
• One Giant Leap For SQL: MySQL 8.0 Released
• Building Robust Systems with ACID and Constraints
• Database Internals
• Things I Wished More Developers Knew About Databases
• Maximizing MongoDB Performance on AWS
• Read Consistency with Database Replicas
• Inconsistent thoughts on database consistency
• UUIDs are Popular, but Bad for Performance
• Mysql 8.0: UUID support
• Practical Problems with Auto-Increment
• Why UUID7 is better than UUID4 as clustered index in RDBMS
• Why UUID7 is better than UUID4 as clustered index in RDBMS
• Why UUID7 is better than UUID4 as clustered index in RDBMS
• MongoDB is to NoSQL like MySQL to SQL — in the most harmful way
• Why UUID7 is better than UUID4 as clustered index in RDBMS
• Why UUID7 is better than UUID4 as clustered index in RDBMS
• Why UUID7 is better than UUID4 as clustered index in RDBMS
• Why UUID7 is better than UUID4 as clustered index in RDBMS
• Why UUID7 is better than UUID4 as clustered index in RDBMS
• Why UUID7 is better than UUID4 as clustered index in RDBMS
• Why UUID7 is better than UUID4 as clustered index in RDBMS
• Why UUID7 is better than UUID4 as clustered index in RDBMS
• Why UUID7 is better than UUID4 as clustered index in RDBMS
• Why UUID7 is better than UUID4 as clustered index in RDBMS
• Why UUID7 is better than UUID4 as clustered index in RDBMS

PostgreSQL

• Secure PostgreSQL
• How Postgres Makes Transactions Atomic
• PostgreSQL LISTEN/NOTIFY
• Zero downtime Postgres upgrades
• Postgres TOAST: The Greatest Thing Since Sliced Bread?
• Herding elephants: Lessons learned from sharding Postgres at Notion
• PostgreSQL reconsiders its process-based model
• How to Manage Connections Efficiently in Postgres, or Any Database
• Optimizing Database Design: PostgreSQL Data Type Selection Best Practices and More
• Zero downtime Postgres migration, done right
• An Overview of Distributed PostgreSQL Architectures
• Geographically distributed Postgres for multi-tenant applications

Sharding

• Understanding Database Sharding
• An Unorthodox Approach To Database Design : The Coming Of The Shard
• Spanner's High Availability Writes

ClickHouse

• Logging at Zerodha
• A Call to Arms: Revisiting Database Design
• ACIDRain: Concurrency-Related Attacks on Database-Backed Web Applications
• Spanner: Google’s Globally Distributed Database
• HTTP Analytics for 6M requests per second using ClickHouse

Docker

• 3 simple tricks for smaller Docker images
• Docker Internals
• Understanding Docker Internals
• Docker security
• Reverse Engineering a Docker Image
• docker pause

More

• Introduction to Container Security
• Linux Containers in 500 lines
• Container security best practices: Comprehensive guide
• Three bugs in the Go MySQL Driver

Kubernetes :construction:

• Kubernetes from the ground up: the scheduler
• Awesome Kubernetes
• There and Back Again: The Unexpected Journey of a Request
• Life of a Packet in Kubernetes — Part 1

Networking Books :books:

• Pro Git
• Making Commit in past
• A Successul Git Branching Model
• Git Aliases of the Gods!
• High-level Problems with Git and How to Fix Them
• Rebase with history -- implementation ideas
• How bad can it git? Characterizing secret leakage in public GitHub repositories
• git add --patch and --interactive
• Git Hooks
• Commits are snapshots, not diffs
• The Thing About Git
• What’s Wrong With Git? - Git Merge 2017

Git Internals

• Git's database internals I: packed object store
• Git Internals - Git References
• Git Internals - Packfiles
• Git gc
• Git Compression of Blobs and Packfiles
• Git Submodules: Adding, Using, Removing, Updating
• The Git Parable
• Some of git internals
• Understanding git for real by exploring the .git directory
• Understanding git for real by exploring the .git directory
• Understanding git for real by exploring the .git directory

BPF

• Operating Systems Lecture Notes
• Kernel development
• Computer architecture for network engineers
• How Does an Intel Processor Boot?
• implement your own Linux kernel

Books

• Rute User's Tutorial and Exposition
• The OS Classics

Books

• Lightweight HTTP Server
• Understanding C by learning assembly
• GNU Make: A Program for Directing Recompilation
• ncurses Programming HOWTO
• Make your own build system
• Let's Build a Compiler, by Jack Crenshaw
• Back to Basics
• Tearing apart printf()

Books

• Visualizing Your Ruby Heap
• Guide to Ruby

Books

• Fighting spam with Haskell
• Happy Learn Haskell Tutorial
• Some Notes About How I Write Haskell
• Open-source Haskell books

JS Books

• Rust Docs
• A Gentle Introduction To Rust
• Learning systems programming with Rust
• Learn Rust With Entirely Too Many Linked Lists
• Fearless Concurrency with Rust
• RustGo: Calling rust from go with near-zero overhead
• Writing an OS in Rust

ClickHouse

• Research problems: Ten ways to discover Tor bridges
• Selected Papers in Anonymity
• Onion Router
• Anti-Censorship & Transparency - Roger Dingledine
• How does Tor work?
• How Tor Works

Tor Papers

• Tor Bridge Discovery
• A Model of Onion Routing with Provable Anonymity
• Locating Hidden Servers
• Tor Bridge Discovery

Tor Papers

• What is Functional Programming ?
• What is a Functional Composition
• What is Pure function?
• Functional Programming
• Scala Italy 2019 - John A De Goes - A Tour of Functional Design
• Practical Functional Programming
• A Glossary of Functional Programming
• Parse, don’t validate

Tor Papers

• Securing API with OAuth 2.0
• An Introduction to OAuth 2

Tor Papers

• Interactive Exercise
• Regex For Noobs

Tor Papers

• Distributed Systems for fun and profit
• Introduction to Distributed System Design
• Raft: Understandable Distributed Consensus
• In Search of an Understandable Consensus Algorithm
• HTTP is obsolete. It's time for the Distributed Web
• Rack Model
• If you need a global lock in your distributed system, then you're already in trouble
• Is Redlock Safe? Reply to Redlock Analysis
• Towards Robust Distributed Systems
• CAP Theorem
• How to beat the CAP theorem
• CAP Theorem: Revisited
• FLP and CAP aren't the same thing
• An Illustrated Proof of the CAP Theorem
• Designing Distributed Systems: Patterns and Paradigms for Scalable, Reliable Services
• Distributed systems theory for the distributed systems engineer
• Fallacies of distributed computing
• Consensus Protocols: Two-Phase Commit
• Consensus Protocols: Three-phase Commit
• Consensus Protocols: Paxos
• Notes on Paxos
• Keeping CALM: When Distributed Consistency Is Easy
• Thinking about Availability in Large Service Infrastructures
• Questioning the Lambda Architecture
• Avoiding fallback in distributed systems
• Consistency Models
• Please stop calling databases CP or AP
• The network is reliable
• Managing Critical State: Distributed Consensus for Reliability
• Is Raft more modular than MultiPaxos?
• Paxos, Raft, EPaxos: How Has Distributed Consensus Technology Evolved?
• Hinted Handoff
• Gossip Protocol - Broadcast Algorithm Distributed Systems
• Consistent Hashing Explained
• The Design Patterns for Distributed Systems Handbook
• You Can’t Sacrifice Partition Tolerance
• Brewer’s Conjecture and the Feasibility of Consistent, Available, Partition-Tolerant Web Services

Tor Papers

• "Apache Kafka and the Next 700 Stream Processing Systems" by Jay Kreps
• Kafka and Zookeeper with Docker
• A Guide To The Kafka Protocol
• The Unofficial Kafka Rebalance How-To
• High Performance Kafka Producers
• \_\_consumer_offsets topic in kafka
• Vertically scaling Kafka consumers
• Apache Kafka Rebalance Protocol, or the magic behind your streams applications
• Apache Kafka Supports 200K Partitions Per Cluster
• Disaster Recovery for Multi-Region Kafka at Uber
• A Practical Introduction to Kafka Storage Internals
• KIP-500: Replace ZooKeeper with a Self-Managed Metadata Quorum
• Understanding Kafka with Factorio
• The Log: What every software engineer should know about real-time data's unifying abstraction
• Kora - Serverless Kafka
• Squeezing the firehose: getting the most from Kafka compression
• It’s Okay To Store Data In Apache Kafka

Cloudflare

• The Fantasy of Opting Out
• The Hitchhiker's Guide to Online Anonymity
• You should turn off autofill in your password manager
• Cutting Google out of your life

Attacks

• SQL Injection
• SQL Attack Constraint Based
• What is a DDoS Attack?
• Server Side Request Forgery (SSRF)?
• All you need to know about SYN floods
• "kernel: Possible SYN flooding on port X. Sending cookies" is logged
• SSL Strip for Newbies
• Cold Boot Attack
• Heartbleed Bug
• Shellshock
• Mirai Botnet
• POODLE
• Format string attack
• Off-by-one error
• EFAIL
• HTTP Desync Attacks: Request Smuggling Reborn
• The SSL FREAK vulnerability explained
• Abusing HTTP hop-by-hop request headers
• Memcrashed - Major amplification attacks from UDP port 11211
• Analyzing the Attacks on my Website
• How does a TCP reset attack work
• Cracking the lens: targeting HTTP's hidden attack-surface
• Web Cache Entanglement: Novel Pathways to Poisoning
• Reading Data via CSS Injection
• Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing
• SAD DNS Explained
• Hidden OAuth attack vectors
• HTTP request smuggling
• DNS Reconnaissance – DNSRecon

Tools

• GDB: The GNU Project Debugger
• gdb Debugging Full Example (Tutorial): ncurses
• GDB Cheatsheet
• CppCon 2015: Greg Law "Give me 15 minutes & I'll change your view of GDB"

Guides

• Beware of strncpy() and strncat()
• Sometimes HTTP > HTTPS
• Lessons learned and misconceptions regarding encryption and cryptology
• GOT and PLT for pwning
• A Look at The Draft for JWT Best Current Practices
• Advanced web security topics
• Don't publicly expose .git
• The State Of Software Security In 2019
• The definitive super list for "Google Hacking"
• Now you C me, now you don't: An introduction to the hidden attack surface of interpreted languages
• Simple Bugs With Complex Exploits
• What “hacking” competitions/challenges exist?
• Buffer Overflow

Crypto

• So, You Want To Learn To Break Ciphers
• Implementing AES
• A Stick Figure Guide to the Advanced Encryption Standard (AES)
• An Intensive Introduction to Cryptography
• First SHA1 Collision
• Myths about /dev/urandom
• Bcrypt Step by Step
• Bcrypt
• Why shouldn't we roll our own?
• How to securely hash passwords?
• How To Safely Store A Password
• So you want to roll your own crypto?
• Alice & Bob : A History of The World’s Most Famous Cryptographic Couple

Security Papers

• Untraceable electronic mail, return addresses, and digital pseudonyms
• Understanding the Mirai Botnet
• Exposing Private Information by Timing Web Applications
• Security, Authentication, and Public Key Systems
• A Future-Adaptable Password Scheme
• Too Much Crypto

Games and CTF's

• Crypto Challenges

Security Papers

• Ruby vs Python
• Weapon of Mass Destruction
• Leaving Clojure for Ruby
• Why Rust and not Go
• Why Go and Rust are Competitors
• A Response to Hello World
• Kafka vs. Pulsar vs. RabbitMQ: Performance, Architecture, and Features Compared

Security Papers

• If Programming languages were harry potter characters

• The Dharma of Vi
• Git Koans

Software Development

• Coders at Work
• The Pragmatic Programmer
• Hackers: Heroes of the Computer Revolution
• The Mythical Man-Month
• The Joy of Software Development

Random

• A handbook for making programming languages
• Ask HN: What language-agnostic programming books should I read ?
• The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win
• An Illustrated Book of Bad Arguments
• An illustrated introduction to computational thinking
• What is the single most influential book every programmer should read? [closed
• A Reading List For the Self-Taught Computer Scientist

Random

• Operating System Engineering
• CS 140: Operating Systems
• Awesome Courses

Random

• How Professional Hackers Understand Protected Code while Performing Attack Tasks
• Papers We Love
• Communicating Sequential Processes
• Reflections on Trusting Trust
• Hints on programming language design
• The Fault Tolerance of Botnets
• Paradigm Shift in Software Development
• Cloak of Visibility
• The Impact of Thread-Per-Core Architecture on Application Tail Latency
• Zanzibar: Google’s Consistent, Global Authorization System