Aryan Jain asked You have had co-founded some of the startups, please tell the key takeaways from that journey of yours as a techie and not entrepreneur
Being an entrepreneur has taught me that running a startup is not only about building a product.
Being an engineer has allowed me to be patient. All bugs are solvable. If you don’t know something, learn it. We are all students.
Last but not least – have a strong set of first principles. And stick to them. I keep my first principles in my Notes app. I have even set weekly reminders to read my first principles and reiterate them to myself. This has helped me everywhere – engineering or otherwise. Having and relying on your first principles is the best decision-making mental model you can create for yourself.
Abhishek Mane asked Could you please tell us software development processes you have set. How to improve developer’s productivity?
Planning our work is key for all of us. At any time, we have at least 3 months visibility on what we want to build. That allows us to better structure our teams and our deliverables. We work in 2-week sprints. The product managers on the teams decide the priorities of the work items.
In my experience, a developer’s productivity is impacted by multiple things. It starts with the amount of clarity that the dev has about the task they are coding for. The execution efficiency is directly related to the amount of clarity they have before starting. And this clarity isn’t just about the requirements – it’s also about how they plan to engineer it. All of this helps me draw a rough sketch of the implementation plan, brainstorm with my peers, and crystalise my understanding. Only then do I proceed to writing actual code.
The next phase tackles the productivity concerns while writing code. Here, I love to set aside time just for myself. An engineer can’t get away from meetings, but is important for us to make the most of the non-meeting times we get. It is important to zone right in – whatever lets you do that – and get down to business. The tools you use also have a direct impact on your productivity.
Here’s a great blog on how important managing your time is for increasing your productivity.
It is also important to know your language. When tackling a problem, your focus should be on solving the problem and not figuring out how the language/framework works. It is crucial to spend your weekends or free time mastering the programming language and the framework you use.
A general rule of thumb is that if you do anything 3 times manually, automate it. You’ll save more time than you think.
Thank you everyone for your questions!
and Thank you so much @Jayesh_Sidhwani for taking out the time!
Obviously we’ve over-ran our time, but Jayesh has been kind enough and will answer questions, which you have already sent across at the time of registration during the course of the weekend. So keep a look-out
And sorry, if we’ve not been able to answer some of your questions. There’s only so much we could answer at this stage. But please stay with us and we could have more conversations along the way
@dhanvi asked Are you using EKS or self managed? How are you catching up with Istio? Have you considered Pulumi which IMO is better than terraform+terragrunt
We are using AWS EKS and Istio is in our stack.
With Istio, we have been able to push a lot of HTTP communication-related aspects, such as timeouts, retries, circuit-breakers, etc. to the network. This means our applications don’t need to bother with these aspects at all. Even service discovery happens via Istio today.
We actually use Terraform + Terragrunt. While I’m aware of Pulumi, we haven’t really tried it out yet. Plus, our platform team is well-versed with Terraform & Terragrunt, so that became our natural choice. And so far, we have no complaints!
Vishal Sanghai asked How do you ensure bank grade security
There are plenty of public resources available on the internet. The security expectations are also codified across various certifications that are widely followed in the industry. PCI-DSS for Payments, for example; and ISO-27001 for InfoSec.
We have a dedicated platform team that only focuses on DevSecOps! While abiding by the certification process lets us cover a lot of common ground, the team also focuses on implementing control measures around how we implement data protection – both in transit and at rest – how we handle device authenticity, etc.
We collect a lot of telemetry data from all the infrastructure components we use. All of this data is aggregated at a common place, where we run a bunch of checks and anomaly models.
This is a tough problem statement – but one of the most important ones to us.
Srujan asked How to ensure compliance is embedded in the system and can auditing be automated?
We have an automated DevSecOps pipeline. All our compliance checks, once identified, are codified. Based on the criticality of the check, they are run in all the deployment pipelines or are run periodically.
Auditing too can be automated. We have a zero-trust policy. Our systems won’t trust our founder, until they can prove themselves. We log everything that happens with our systems, from the new infrastructure provisioned, to a new database table created. Any anomaly or an unseen behavior triggers an alarm.
Watch conference videos. Youtube has videos from almost all the top conferences across the world.
I check news.ycombinator.com once every day. While the links shared are good, the interactions in the comments are enlightening. It always teaches me a different perspective of things.
Do more code reviews. Try reviewing things you don’t know. Don’t be afraid to learn about those. Follow your PR guidelines and don’t bother the OP with basic questions but do find opportunities to talk to your peers offline, being mindful of their time
Write blogs or documentation for your internal company projects
My question was how supposed to be how are you catching up with Istio versions?
I am getting little tired of catching up with kubernetes and istio versions. Istio specifically with 3 months release cycle. EKS is anyways behind Kubernetes release cycle.
I wish that we had LTS versions of these software! what about you?
I am rooting for Pulumi as Python (or the other languages supported by Pulumi) is far better than the Hashicorp HCL. Recently Pulumi released 2.0 which has more superpowers! https://www.pulumi.com/blog/pulumi-2-0/
One final question. How are you dealing with all the Kubernetes yaml configuration? Helm?
Also please feel free to drop any feedback here on what could we do better!