Mostly Software

  • Monday

    • Private work.
    • Watched 5 more re:invent innovation talks (each an hour, 3x speed, so about 100min total – like watching a movie).
      • Amazon Inspector to scan stuff like lambdas ($0.30/mo/lambda), EC2 ($1.25/mo/instance), and ECR ($0.09/mo/image) for security vulnerabilities.
      • Talk from their new CISO. CBS -> MS -> Apple -> Capital One -> AWS.
      • Manufacturing. Remember Teamcenter from Siemens. PLM = product lifecycle management.
      • Storage optimization (lowlevel).
      • Gen AI among some aws partner companies.
      • AWS appfabric for saas interoperability.
      • Remember nitro (hypervisor) to abstract a lot of compute mgmt.
      • Firecracker is the lightweight virtualizer that backs lambda. Snapstart is the java-specific accelerator for java lambda functions.
      • Karpenter is aws’ cluster autoscaler for k8s (open source).
      • SOCI (seekable OCI) speeds up container launch by pulling and running the launch file(s) first while the rest of the image downloads.
    • 49ers now +300 favorites in superbowl futures. Loved reading everything today. Even all the generic NFL bases hating on the eagles. Getting exposed, no more ekes. Security guard up for permanent ban. Deebo backing up the trash talk. Redemption from last NFC championship. Hit on swift. Just a regular season game though, let’s get ready for playoffs.
    • It’s been 660 days (record) since >1″ snowfall in central park.
    • Thanksgiving. Good hs murder mystery ala scream, but with a pilgrim instead of ghostface (lol).
    • AWS SAM.
      • Remember it’s declarative. Define your end state.
      • It will create new resources if they don’t exist, and reuse existing resources if they’ve already been created (by SAM, by you manually, or otherwise).
      • In that sense, it abstracts the imperative actions. No changes to the template are necessary for new vs existing.
      • This also makes SAM deployments … reentrant.
      • CDK is more complicated and more capable than SAM, which is geared only to (simple) serverless apps. CDK can control all AWS resources. And you can write your stack in python/javascript (rather than yaml), so you can have all of the object-oriented benefit: dependencies, static analysis, dynamic behavior, etc. They both just compile to cloudformation templates anyway.
    • HP trivia.
    • Supercontest.
      • App is not a SPA (yet), and dynamically generates HTML app-side (EC2). I’ll leave that there. But js/css should be moved to s3, with a corresponding cicd pipeline. Created a ticket for that next.
      • Looked up some sam.yaml templates for Events section (trigger from sqs, eventbridge, etc). And some configuration parameters like timeout – all controllable from src with SAM.
      • Rather than generating an access key for an IAM user and copying that locally for aws CLIs, you can use IAM Identity Center in your IDE, like vscode.
      • Played with the vscode aws toolkit a decent amount.
      • In the vscode aws extension, there are a few roles. Builder ID gets you stuff like codecatalyst. But the bigger one, AWS Explorer (to see resources and such), is authed with IAM creds. I have one for supercontest (admin) and one for amplify-dev.
      • Installed sam on the macbook.
      • For the new sam lambdas:
        • Enabled xray tracing.
        • Did not enable cloudwatch application insights (costs extra).
        • Enabled logging in json format. This doesn’t directly cost extra, but it does make the logs a little larger, which costs a little extra.

  • Sunday

    • Private work.
    • Right now there are 32 regions and 102 AZs in AWS.
    • Js promise pools, optional chaining, array shifts, curried functions.
    • Set up Alexa to announce order-tracking updates from uber eats.
    • Watched 3 of the innovation talks from re:invent last week. Each 1hr, on 3x.
      • Covered California is on AWS.
      • Some ipv6 updates.
      • Remember cloudwatch has anomaly detection.
      • Remember cloudwatch has an AI query generator – type your search in natural language and it will translate to the syntax for querying logs/metrics/traces/etc.
    • Mealprep. Niners eagles (well deserved, philly finally exposed). Cleaning. Equinox. Aquarium maintenance. Etc.
    • Remember mutation != reassignment. Basic, but easy to practically forget.
    • Supercontest.
      • ESPN scorestrip was returning EMPTY statuses for a game, which was causing errors to get flagged in the container logs.
      • Example: gameId=401547572&nfl_s_left7=Atlanta%2013%20%20%20NY%20Jets%208%20()
      • Those last parentheses are supposed to contain a status, like (07:18%20IN%203RD).
      • So KeyError: '' in game.status_id = espn_abbv_status_id_map[score["status"]] when empty.

  • Saturday

    • Private work.
    • Started the mystery-escape-room-puzzle-riddle-advent-calendar last night!
    • AWS refreshers.
      • CLIs/SDKs.
        • AWS CLI. The main one. Interact with resources from the command line. Generic.
        • Boto3. The python SDK, allowing much of the same interactions as the generic AWS CLI, but from python.
        • SAM CLI. For serverless app management.
        • The Amplify CLI, and a few others like this.
      • IaC.
        • CloudFormation was the basis. Generic templates for provisioning most aws resources.
          • Comes with a studio so you can graphically create/connect/move components in the full architecture.
        • SAM extends cloudformation with common templates for serverless stacks.
        • CDK is the SDK so that you can define these resources in high-level programming languages, rather than templates.
          • Ultimately CDK and SAM both compile down to cloudformation templates.
      • CloudFormation detail.
        • Played with it a little bit.
        • You CAN import a stack from existing resources. But you still have to provide a template, which is a skeleton list of all the resources. It does not auto-infer everything (which it should, since stuff like billing/cost mgmt clearly has all this info).
        • You have to go to third party tools for “just provide my aws account and automatically discover all resources and configs” – CloudFormer by Anthropic, Terraformer by Gruntwork, few more.
      • CDK detail.
      • SAM detail.
        • Simple example with (api gateway -> lambda -> dynamo) is 23 lines in SAM. >200 lines in the synthesized cloudformation template.
        • You can init, build, test, deploy.
        • SAM enables local testing by, for example, starting a container with the specified runtime/config and executing your lambda in it.
        • You can also use SAM to test remotely (all the actual cloud resources).
        • You can setup CI/CD pipelines. Not sure if this integrates with externals like gitlab, bamboo, whatever.
        • Installed the SAM CLI into wsl2. Created a hello-world app with a single py lambda. Built and deployed.
        • It’s a lambda function and an api gateway (primary resources). There are some secondaries (roles, permissions, etc).
        • It deploys the full sam config to an s3 bucket, then converts the config to a cloudformation template, then cloudformation deploys the cloud resources.
        • Interacted with the api gateway endpoint. Invoked the cloud lambda. Invoked the lambda locally. You can also host the API locally.
      • Other.
    • Tried the leetcode weekly contest for the first time. 4 questions worth 3 -> 4 -> 5 -> 6, totaling 18 points. Difficulties are easy -> med -> med -> hard. Lots of cheaters.
    • Supercontest.
      • Iteration on RDS RI cancellation.
      • I may just deploy the existing html/css/js to s3 first (with cdk). Then I can upgrade to a full react app, hosted by amplify, later.
      • Added codecatalyst to my aws builder profile. Basically provides templates for source, CI, CD. Application templates, at least for infra and workflows. Created a supercontest project in codecatalyst. Checked the offerings in the vscode extension.

  • Friday

    • Private work.
    • re:Invent.
      • Watched Ruba Borno’s keynote. Just lots of small partner segments.
      • Watched Werner Vogels keynote. Just some commentary, no announcements. Themes: cost as a first-class citizen in design. Designing for the cloud. And you don’t know what you don’t now – just getting metrics/sensors/observability in front of people/apps will yield improvements inherently.
      • New: There’s a myApplications interface in console home, similar to my idea for App Catalog – you can associate all aws resources with different apps, add tags/attributes/groups/metadata, and then it splits a bunch of stuff by app (analytics, costs, etc). Doesn’t do stuff like support tiering or codeowners, but a good start.
    • Further reason to not invest in the reddit IPO: https://news.ycombinator.com/item?id=38423167. Wish I could short a private name.
    • Changed trays.
    • Icloud photo sync finished. I have ~4GB on device and ~46GB in cloud.
    • Mealprepped. Fried chicken thighs, but with maseca! Brine. Dry rub (baking powder, pepper, paprika, cumin). Egg wash. Corn flour. Fry in peanut oil on high, ~3min each side, internal ~180.
    • Unbelievably shitty service from AWS support continues: https://support.console.aws.amazon.com/support/home?region=us-west-1#/case/?displayId=14398223121&language=en
    • Updated macbook to sonoma 14.1.2 (from 14.1.1, just a security patch but requires restart).
    • Maintenance increases are insane in my building: (emailed super and asked for the itemization)
      • 2021: 3.50%
      • 2022: 4.89%
      • 2023: 4.50%
      • 2024: 5.93%
    • Supercontest.
      • Pinpoint confirmed that it will be up to 5d to resolve the tollfree registration issue.
      • The second RI was not cancelled (and bill credited) at the cycle turnover (monthly, dec1). AWS support has been TERRIBLE these last two issues. Filed another ticket since you can’t reopen a case after 14 days: https://support.console.aws.amazon.com/support/home#/case/?displayId=14398223121&language=en
      • Turned on Resource Explorer for my aws account. Basically just adds indexes in all regions so aws can query for your various resources more efficiently.
      • Couldn’t get an sqla layer, built from my x86 ubuntu wsl2, to work either.
      • Just gonna go full CDK/SAM for dev/test/deploy of these lambdas.
      • This ticket is becoming more SERVERLESS than cache. The SQS part was easy. Getting the full infra up for lambda, cdk, sam, eventbridge, etc – that was the large majority.

  • Thursday

    • Private work.
    • re:Invent.
      • Watched Swami’s keynote.
        • New: Bedrock support for a few new models. Claude 2.1. Llama 2 70B.
        • Titan text embeddings – converting text to numbers so you can train more efficiently on it.
        • New: multimodal embeddings. Text, image, etc.
        • New: Titan image generation. And they contain invisible watermarks for unique identification!
        • Guest: Nyung Ho, vp ai from intuit. UI, UX, assistants, chat, infra, the expected.
        • Vector databases for bedrock: opensearch, redis, pinecone.
        • New: auroro, mongo, dynamo, documentdb vector support.
        • New: Sagemaker Hyperpod. Train models faster.
        • Guest: Aravind Srinivas, cofounder/ceo perplexity.
        • New: Neptune analytics.
        • New: Zero-ETL integration between opensearch and s3.
        • Guest: Rob Francis, cto booking.com.
        • Q can generate SQL for redshift from natural language. And it can create integrations with AWS glue (ETL).
        • Guest: Shannon Kalisky, pm on quicksight.
      • Lambda docs.
      • Went through the lambda dependencies rigmarole.
        • You can dynamically install at runtime. Easy, but slows down runtime, obviously (adding costs, hurting perf).
        • You’re supposed to be able to add a requirements.txt to your lambda proj root, and it will autodetect and install. I’ve never seen this work.
        • So you have the two main options remaining.
        • The first is to zip up a hydrated environment and deploy that. Good if you have local testing + CICD set up. It can be folder install or venv. But it’s fast, because all the installed files / deps are already available at init and can be imported by your actual lambda function. But then you can’t use the online editor, etc.
        • Best to go with layers. Same as above. Create a new layer, upload your zip (of the venv’s site-packages folder, with your deps installed, and name the venv “python” so the path is at python/lib/python3.x/site-packages), and then simply add it as a layer in your actual lambda function.
        • Also be wary about macbook vs desktop. The lambda can only run in one architecture, x86 or arm. If you’re building the layer on a DIFF arch than the lambda runtime, it won’t work (psycopg, specifically).
      • Other.
    • Probably the hardest spelling bee I’ve seen today?
    • The village for work. Walked past Charlemagne doing an interview in wsp.
    • Instacart hadn’t replied yet, so I submitted the disputes through citi. Wasn’t great over there either. Their interface is finicky – went unavailable multiple times while submitting the 7 disputes. Overall chase and ubereats are significantly better. It’s not close.
    • Final day of sinquefield. Fabi wins. Hans wins tournament of peace with 8/9.
    • Icloud photos are STILL syncing.
    • Supercontest.
      • Pinpoint replied (after 2 days) and said they needed (1) company name (2) tollfree phone number. Provided both.
      • Lots of work on connecting the new lambdas to various AWS resources.
      • Lambda must be in same vpc as rds (and only choose same AZ to avoid cross-AZ charges). Then “connect lambda” on rds side (technically this is just adding the security group, which is the outbound rule lambda->rds over the postgres port).
      • Created a test lambda to query RDS. Associated it with my VPC, and only us-west-1a AZ (same as RDS).
      • Bunch in the prod app due to the final caching deployment sunday night.
        • Harner and I loaded next to each other and he saw my picks on his account. Trying to submit other picks errored with “incorrect CSRF token” exceptions.
        • Good. The view was being cached for the matchups page! That page is specific to user. I’ll unique-ify it by user later during the react change.
        • Removed the view cache for matchups. Checked all other views in the cache, they’re good (not unique by user).

  • Wednesday

    • Private work.
    • Cuban still gonna run ops, but selling majority stake in mavs for 3.5B, bought in 2000 for 285M. Slightly >10% return per year.
      • Sold to Adelson family, casino/gambling empire.
    • Kramnik and Hikaru: https://www.chess.com/blog/CHESScom/regarding-recent-accusations
    • Convector units serviced in apt.
    • AWS is about 1/8th (~80B in 2022) of amazon’s revenue (~470B in 2022). Ecommerce is larger revenue. But AWS is ~75% (~19B in 2022) of total amazon operating profit (~25B of 2022).
    • Claude is anthropic’s AI assistant.
    • Uploaded photos/videos to icloud to get ~50GB back on device.
    • Spotify 2023 wrapped.
    • Promise.race() to take a list of promises and return whenever the first promise returns, forwarding along the resolve/reject.
    • Side button still defaults to siri for ios. Can disable, but can’t customize to something like powerdown (as it used to).
    • Played with bedrock a little bit.
      • Connect your own private knowledge bases to help the FM train. Adds relevance/context to your genai app.
      • Chat, perform actions, answer questions, search, generate images, summarize notes – APIs for everything.
    • re:Invent.
      • >50k in vegas, >300k online.
      • 12th annual.
      • Watched Selipsky’s keynote.
        • New: S3 Express One Zone. Up to 10x faster than S3 Standard.
        • New: Graviton 4. At least 30% faster than 3.
        • Remember nitro’s virtualization is extremely efficient. Abstracts a lot so your available compute is fully allocated to your app.
        • Guest: Jensen Huang, ceo/founder nvidia. Basically the new grace hoppers (cpu + gpu) are available to huge infra on aws.
        • New: Trainium 2. New chip for ML.
        • Guest: Dario Amodei, ceo/cofounder anthropic.
        • Titan models are FMs from amazon.
        • New: Bedrock Guardrails. Plug in your custom policies for responsible AI.
        • Guest: Lidia Fonseca, cto pfizer.
        • CodeWhisperer. Autocompletion, explain code, translate, etc. Basically copilot, but less generally-capable, and more tuned to aws.
        • New: Amazon Q. AI assistant. Custom trained on all aws services and great for helping design. Respects data privacy, IAM, etc. Will integrate into the IDE soon, making it a nice merge with codewhisperer. The specific feature is called Code Transformation. Example datapoint: internal amazon team successfully upgraded 1000 applications from java 8 to 17 in 2 days.
        • Guest: Matt Wood, tech vp aws. Deepdive into Q.
        • Guest: Stephan Durach, svp bmw.
        • New: Zero-ETL integrations from redshift to (1) aurora postgres (2) rds mysql (3) dynamo (4) opensearch.
        • Ended with Kuiper – not sure why in aws keynote, probably cool factor of space. They’re going to not just offer public broadband – they’ll offer private enterprise networks as well.
    • Elon and Sorkin discussing twitter, antisemitism, openai, more: https://www.nytimes.com/live/2023/11/29/business/dealbook-summit-news.
      • Got spicy at times.
      • Larry Page stopped talking to Elon after Elon brought Ilya to OpenAI.
      • Still waiting for a reason to be published re Sam’s ousting. But sounds like Elon believes Ilya had good reason (unknown to us).
    • NBA fouls.
      • Did this before, worth doing again. The lower both numbers, the better (luckier, favorable treatment from refs, etc). Teams do NOT natively commit a substantial difference in fouling – it’s nonzero but not as large as the gaps below.
      • 2022-2023 season, GS 29th in fouls (2nd most whistles blown against them) and GS 28th in opponent fouls (3rd least whistles blown against the opponent). For comparison (since they played last night): Kings 12th and 3rd.
      • 2023-2024 season, GS 28th in fouls (3rd most whistles blown against them) and GS 14th in opponent fouls (avg number of whistles blown against the opponent). For comparison (since they played last night): Kings 24th and 8th.
    • Supercontest.
      • Checked the cache for a view key – yep, the value is just the rendered HTML (css and js still served from flask/gunicorn).
      • Looks like the cache is max ~10MB (when everything is not expired) redis-cli info memory.
      • Elasticache serverless pricing.
        • Storage: $0.139 / GB-hour, and I have .01GB = $1/mo.
        • Requests: $0.0038 / million ECPUs, where an ECPU is basically 1KB of data read or written, and say I have 10 reads/writes every minute, each 100KB -> 1000 ECPUs/min -> $0.16.
        • That would all be well and dandy, but the MINIMUM meter for a cache is 1GB. So my 10M cache doesn’t get the cost savings. With the minimum, storage becomes $100/mo. And requests are trivial after that.
        • So no – probably not worth the price yet.
      • Spreads.
        • Should probably go back through and replace all “line” with “spread” – more common. Handicap is also used.
        • This site shows (static) lines across multiple books: https://www.wagertalk.com/odds?sport=L1&type=1&date=2023-11-26&cb=0.6602684239755252
        • The second number after spreads is (I believe) the moneyline for that spread. Usually around -110 for both teams to cover. Very close to 50/50, as spreads are designed to achieve. The lower the number, the more likely.
      • SQS.
        • Spent most of the day migrating the score fetch/commit to sqs/lambda/eventbridge.
        • Punted the upgrade of picks to the same event/queue, once the pick interface is in react: https://gitlab.com/bmahlstedt/supercontest/-/issues/232.
        • Created the FIFO queue, supercontest-scores.
        • Created the 2 new lambdas, the fetcher (reads from api, writes to queue) and the committer (reads from queue, writes to db).
        • In this process, plugged a few things in:
          • Auth: Lambda <-> SQS
          • Auth: Lambda <-> RDS
          • Trigger: EventBridge <-> Lambda
          • Trigger: SQS <-> Lambda
        • Boto3 in the lambda function to write to sqs, simple.
        • Remember you have to pass MessageGroupID with FIFO queues. It’s for logical separation, guaranteeing only-once within single msg groups.
        • Sent the same msg a few times from lambda test. SQS properly deduplicated (there was only one message in the queue). But there’s a piece of metadata on the msg called receive_count which ticks up for every duplication.
        • Remember that a HUGE benefit of queues is the abstraction of producers and consumers. If you have one trigger and one response, one writer and one reader – a queue loses much of its value. Just directly plug the 2 services.
        • It’s still nice to atomize the various pieces, and queues make you think about the producer/consumer split still.
      • Submitted picks.

  • Tuesday

    • Private work.
    • Reddit looking to IPO as early as next quarter. No live deals on EZ. Don’t think I’d want to anyway – they lost a lot with the API monetization / apollo / etc.
    • Got christmas tree! Only $250 for a 7′ in manhattan.
    • Updated butcherbox items, changed bill date.
    • Amazon buying iRobot (roombas) for 1.7B.
    • Lots of mealprep, coffee, hibiscus brew, liver, powders, oat milk, more.
    • Remember for general AWS support (even if you don’t have a support plan, which technically means you can’t get support) – create a general case, then “contact us” (instead of “solve now”), then chat with representative. It will file under General Question – Account.
      • The cheapest is the dev support plan, which starts at $29/mo.
    • Got Eddie’s registry gift.
    • Submitted the instacart fraud form. If they don’t resolve by thursday, I’ll dispute with citi.
    • Drycleaned the goat off my peacoat.
    • Chatgpt and copilot both throttled quite a bit. Inaccessible for large-ish periods of time.
    • Garden maintenance.
    • AWS re:Invent.
      • Can watch live on https://reinvent.awsevents.com, or stream after on their youtube channel aws events https://www.youtube.com/playlist?list=PL2yQDdvlhXf-5R7VtNr9P4nosA7DiDtM1.
      • Actual looks like they’ll post everything: separate playlists for keynotes, innovation talks, and breakout sessions.
      • Watched Desantis’ monday night.
        • Grover is the system behind aurora. All db logs get written to grover.
        • Nitro is the hypervisor behind aurora serverless? Caspian is related.
        • New: limitless db. In aurora. Single endpoint, it will handle all the sharding behind the scenes.
        • New: serverless elasticache! Uses all the backend infra that aurora does.
        • ML-powered query resource prediction in redshift.
        • 6x better error correction in quantum computing chips.
    • Updated docker desktop 4.25.2.
    • Updated ios 16.6.1 -> 17.1.1.
      • Facetime voicemails (video!)
      • NameDrop.
      • Next imessage interface, better layout for text vs all attachments (gifs, photos, whatever).
    • AWS cost optimization.
      • Played with Cost Optimization Hub and Computer Optimizer.
      • Shows if you’re underprovisioned, overprovisioned, or rightsized. Covers compute, storage, mem, everything. Mostly EC2, ECS, lambda, and EBS.
      • Makes suggestions for reservations to reduce costs. Shows utilization of RIs, etc.
    • Supercontest.
      • I didn’t really migrate to AWS until Oct 22, basically for the 2022-2023 season. And then it was only EC2 and some light peripherals. And then the full atomization/migration started in July 23 (to present).
      • Created aws support case for the pinpoint bullshit: https://support.console.aws.amazon.com/support/home?region=us-east-1#/case/?displayId=170118848901975&language=en.
        • General servicedesk forwarded it onto the pinpoint team with urgency.
      • Vegas.
      • Updated banner.
      • Quick note on elasticache: I chose this over dynamodb for perf. Redis is just faster. Don’t need querying capability or peripheral features.