Engineering
Page 6
How Fastly Supports an Ethical and Open Internet
Open source projects are the foundation of the internet; by sponsoring their important work, we support our vision for unfettered, scalable technical innovation. We’ve supported numerous open source projects since the inception of Fastly, and our founding team has invested time into open source development since our incorporation. Read on to learn about the evolution of our Open Source and Nonprofit Program.
The evolving DDoS landscape
As an edge cloud platform, Fastly is in a unique position to monitor DDoS attack patterns and trends as they evolve. In this post, Jose Nazario, Sr. Director of Security Research, and Ryan Landry, Director of Edge Cloud Operations, take a look back at the history of DDoS, sharing how they’re changing and the trends we’re seeing. Getting a handle on the various shapes and sizes of DDoS will help inform how you address these attacks on your own infrastructure — you may not always be able to predict attacks, but knowing what’s out there and preparing for the worst will help you protect and mitigate.
The QA mindset: designing for reliability
Fastly’s engineering teams are smart and capable — they architect thoughtfully, write elegant code, and work carefully with incredible complexity and scale. So why would they (or anyone) need quality assurance (QA)? In this post, Senior QA Automation Engineer Alice Nodelman examines how the QA mindset works, touching on our approach to QA at Fastly and sharing how you could apply this mindset to your organization.
Building the Fastly WAF
In keeping with our security team’s vision for defending the modern web, we launched our Web Application Firewall (WAF) to help our customers secure their sites and applications while providing reliable online experiences for their users. In this post, two of the engineers who built our WAF will take you on a deep dive into the tech behind it, exploring how we built a performant, highly configurable, and comprehensive solution to secure customers’ infrastructure.
Deliberate practice in information security
Deliberate practice is the act of performing a set of tasks that are just slightly more difficult than what you’re used to, so you can get better at a specific activity and move from a novice to an experienced practitioner. In this post, Security Engineer Sandra Escandor-O’Keefe walks us through the art of deliberate practice, offering tips for novices and mentors alike.
Migrating MySQL Stats to Bigtable with no downtime | Fastly
In an effort to move forward from early architecture that we were quickly outgrowing, we recently migrated our Historical Stats database from self-managed MySQL to Google Cloud Bigtable. Read on to learn how we did it (without any downtime).
New York Media on surviving DDoS and building a better web
At Altitude 2016, New York Media’s CTO discussed surviving a massive DDoS and the steps they took to mitigate, gave us a peek inside their stack, and described how New York Media is building a better web, working towards creating a symbiotic relationship between readers, publishers, and advertisers to ensure great experiences for everyone.
The New York Times on Prepping for the 2016 Election
At Altitude NYC, *The New York Times* CTO Nick Rockwell gave us a peek inside *The New York Times*’ stack and culture (and how he’s redefined risk from both a corporate and engineering standpoint), and described how they prepare for major events — such as the 2016 presidential election.
CDN vs Caching: What is the Difference?
CDN and caching can get confused for one another. Learn the differences between CDN and caching to help decide what you should use for optimal web performance.
Altitude NYC 2017 in review: videos and slides
Altitude NYC brought together Fastly engineers and industry leaders like The New York Times and Nordstromrack.com | Hautelook to discuss complex problems in security, cloud infrastructure, DevOps, and more. Check out our recap and watch the session videos to learn about the vision behind Fastly, take a look under the hood of a DDoS attack, see what went down on election night at the NYT, and more.
Originless & Cloud-Based Services with Fastly + Terraform
In a previous post, HashiCorp’s Seth Vargo introduced the Terraform infrastructure-as-code tool for building, changing, and versioning infrastructure. In this post, we’ll cover two cases using Terraform with Fastly: first we’ll create and manage an originless service and then we’ll create and manage a Google Compute Engine instance with a Fastly service in front of it.
Chrome's Alex Russell on service workers, PWAs, and mobile | Fastly
At Altitude 2016, Software Engineer Alex Russell discussed the latest projects the “performance obsessed” Google Chrome team had underway. In this recap, we’ll take a look at how you can provide reliable offline experiences, how to best reach your users, and avoid the dreaded “Uncanny Valley.”
Scaling Fastly Network: Balancing Requests | Fastly
Our previous post detailed how Fastly started down the slippery slope of network software. By implementing a distributed routing system on commodity switches, we were able to maintain complete control over how we forward packets at a fraction of the cost imposed by conventional networking wisdom.
The 5 emotional stages of a DDoS attack
It’s emotionally damaging to be the victim of a DDoS, to say the least. The technological consequences of an unmitigated DDoS attack can cripple businesses, but the emotional impacts are often ignored. CEO Artur Bergman discusses the five emotional stages of a DDoS attack (and how to mitigate).
Solving VCL auth & feature flags at the edge | Fastly
In “How to solve anything” parts 1 and 2, we outlined how to use Varnish Configuration Language (VCL) to address some of your more challenging problems. In this post, we’ll discuss how Andrew Betts of the Financial Times uses advanced VCL to securely cache and serve authenticated and authorized content, and set up feature flags.
A step towards better Web API authentication
The Fastly API is an integral part of our CDN — using our APIs, customers are able to instantly reflect configuration changes, purge content, and perform anything that is available on the Fastly control panel from within their application. In this post, Toru discusses our new API authentication method, API tokens.
A/B testing at the edge
A/B testing is valuable, aggravating, and everyone has an opinion on the best way to do it. At Fastly, we provide a set of tools to help enable experiments you can integrate into your own analytics.
VCL problem-solving: SOA routing & non-ASCII support | Fastly
In “How to solve anything, part 1,” we discussed Andrew Betts’ clever tips for using Fastly’s Custom Varnish Configuration Language (VCL) to collect data at the edge. In this post, we’ll look at how Nikkei uses VCL to deal with a service-oriented architecture as well as write synthetic responses with non-ASCII characters.
The elements of scaling
Camille Fournier, former CTO of Rent the Runway and self-described senior thinker and raconteur, spoke at Altitude 2016 on her experience in leadership, sharing how she overcame the communication barrier that comes with growth to scale successful, happy teams.
Automating Fastly with Terraform
HashiCorp’s Director of Technical Advocacy discusses Terraform, their tool for building, changing, and versioning infrastructure safely and efficiently, and how they use it to codify Fastly configurations.
