Microservices – Are retries enough?

I have been asked to look at moving our current architecture to microservices. I am aware of the warning to always assume a request could fail.

So I am aware we should always be prepared to retry the request. However, when designing this, I am also assuming that the retry can fail.

So with that in mind we have been looking at a pattern where either all the processing in committed or it always rollback. This is achieved via message Outbox (and Inbox) Outbox pattern. The services stored the functional changes in their database, then within the same transaction stores the event messages in their database in an Outbox. A separate dispatcher service then dispatches the messages from the Outbox and sends it to a messaging system. It is detailed in this series of articles Life Beyond Distributed Transactions: An Apostate’s Implementation

To me this is the safest option because if the dispatcher fails to send the message, it is available for a retry.

However one of my colleagues thinks that although we need to retry, the solution will be resilient enough that the message will always be successfully sent to the messaging system. E.g. the issue that causes the need for the retry will always be transient, and will be cleared by in time for one of our retries to succeed.

I’m looking for a opinions on whether I’m being over cautious and retries should be enough. Therefore I do not need the dispatcher or the outbox pattern.

I guess the main problem is not that a service I am calling cannot be reached, but the server my service is running on shuts down.

Are AWS security groups enough to segment network and reduce PCI scope?

I was reading this paper

https://d1.awsstatic.com/whitepapers/pci-dss-scoping-on-aws.pdf

It shows this image

enter image description here

Am I correct in saying that – as long as instances have proper security groups that restrict connectivity, it will remove them from PCI scope?

On an additional note – is it just me that finds it awfully difficult to get best practice for PCI within cloud environments – seems a bit all over the place.

How many private proxies are enough?

I know the answer should always be “as many as you can afford” haha…I get it.

I already have 5 dedicated proxies (I use for Instagram) and I just bought 10 more shared for a total of 15.  I’m still in the noob stage and just experimenting with all the features so I can learn them.  Do you think 15 is sufficient?  Can I be kinda/sorta aggressive with Google on 15?  Is 15 pretty good for posting?

How aggressive can I be with google url scraping with 15?

I’m just trying to get a ballpark guesstimate on how many proxies will allow me to do….______?

thanks for all your help!!

Is this palindrome program enough clean?

I made an WPF Application, called Palindrome Checker, it basically checks your input if the word/sentence a palindrome is.

Could you provide me myb better clean code if mine isn’t that good ?

public class Check     {          /// <summary>         /// Method for checking if the word/text is a palindrome.         /// </summary>         public static bool IsPalindrome(string text)         {             int min = 0;             int max = text.Length - 1;              while (true)             {                 if (min > max)                 {                     return true;                 }                  char a = text[min];                 char b = text[max];                  if (a != b)                 {                     return false;                 }                  min++;                 max--;             }         }     } 
public partial class MainWindow : Window     {         public MainWindow()         {             InitializeComponent();              lblInput.Foreground = Brushes.ForestGreen;             lblResult.Foreground = Brushes.ForestGreen;             lblTitel.Foreground = Brushes.ForestGreen;          }          /// <summary>         /// User input and checking the input if the word a palindrome is.         /// </summary>         private void InputText_TextChanged(object sender, TextChangedEventArgs e)         {              string text = InputText.Text;              bool isPalindrome = Check.IsPalindrome(text);              OutputText.Text = text + (isPalindrome ? " is a palindrome" : " is NOT a palindrome");              if(InputText.Text == string.Empty)                 OutputText.Clear();         }     } ``` 

When do you have enough automatic testing to be confident in your continuous integration pipeline?

Continuous integration with testing is useful for making sure that you have “shippable” code checked in all the time.

However, it is really difficult to keep up a comprehensive suite of tests and often, it feels like the build is going to be buggy anyways.

How much tests should you have to feel confident in your CI pipeline testing? Do you use some sort of metric to decide when there is enough tests?

Is DENY ALL enough for an edge router?

If linux is being used as the edge router/firewall/dmz/gateway, is denying all incoming traffic enough? That is, assuming nothing like sshd is open to the public eth port.

Are there other measures that need to be taken?

I’m trying to find the difference between a normal router like Unifi, Linksys etc, and an ubuntu box with 2 Eths. Is there some sort of magic I’m missing?

I mean, there’s the obvious IPS and DDOS protection. But for the basic security, deny all, actually deny’s all, right? heh.

Is chern classes of holomorphic vector bundles enough to generate Hodge cycles

Let $ X$ ba a smooth projective variety of dimension $ n$ . Hodge Conjecture states that every Hodge cycle in $ Hdg^k(X,\mathbb{Q})$ comes from a Chern class of codimension $ k$ in $ CH^k(X,\mathbb{Q})$ . Now the $ k$ -th Chern class of holomorphic vector bundles generates a subgroup $ CH^k_{vec}(X,\mathbb{Q})$ . Is it possible that every Hodge cycle in $ Hdg^k(X,\mathbb{Q})$ comes from $ CH^k_{vec}(X,\mathbb{Q})$ ? Is there any counterexamples or results?

Is Windows RPC (port 135) secure enough for domain-wide access

I have a network of approximately 150 computers that I’d like to regularly monitor. My proposed way of doing so involves running remote commands like reg query \<ip> or systeminfo /S <ip>. I currently cannot do this, as the majority of the computers have the RPC service blocked in their firewall. What I cannot find clear info on is, is safe to allow a domain-level exception for RPC (port 135) for my whole network?

My main fear is that, if someone were to get into our private network, would this grant them an easier traversal than if this exception weren’t in place?