Structured logging in Java for distributed systems

Where do applications log end up anyway?

Applications typically write to standard output. Logs can either be handled by the app’s supervising process or be passed to the next supervision layer to be processed. For example Kubernetes collects logs written to stdout and stderr by containers and stores them in node-specific log files (usually /var/log/containers based on name). From there, they can be accessed by tools like kubectl logs.

Kubernetes cert-manager for LetsEncrypt certificates

Digital Certificates raison d’être and usage

Certificates are exchanged as part of the TLS handshake. This allows the client to ensure the entity it is trying to establish a connection with is authentically the genuine server.

Note: see other posts under this tag for a few words on TLS handshakes and mentions of the attacks it protects against.

A certificate contains: the issuer details, its expiration date, the entity’s public key for asymmetric encryption and a signature (encrypted server’s public key).

The fast alternative to TCP+TLS

What is QUIC?

The Quick UDP Internet Connection (QUIC) protocol is an encrypted connection protocol operating on the Layer 4 - Transport Layer of the OSI model.

Developed at Google around 2012, it has only been adopted as a standard by IETF in 2021.

The current and widely used solution of HTTPS using TLS is built is on top of the TCP protocol. The TCP handshake and the TLS handshake need to be completed to establish a path to communicate between a server and a client. As a result, multiple rounds trips to initiate a connection and negotiate the encryption parameters are required - two at the very least, depending on the TLS version used.