Yann Hamon
Senior Staff Engineer @Contentful
Latest blog posts
- The curious case of the CDN Cache-HISS August 6, 2023
- The execution model of AWS Lambda@edge with Cloudfront's two- and three-tiered architecture July 2, 2021
- Solving the CDN post-purge thundering herd problem: The PurgeGroup pattern June 12, 2021
External publications
Ensuring Kubernetes manifests validity & compliance - a tooling overview
December 18, 2020 - Cloud Native Computing Meetup, Berlin
In an Infrastructure as code / GitOps world, testing that your Kubernetes configuration is correct, secure, and compliant to your company’s requirements & best practices is more important than ever. An increasingly large list of tools is there to help you - linters, validators, testing frameworks, admission controllers… each working in subtly different ways. […]
Open-sourcing kube-secret-syncer: A Kubernetes operator to sync secrets from AWS Secrets Manager
October 20, 2020 - Contentful Blog
We’re releasing the open source code for Kube-secret-syncer, a Kubernetes operator that syncs secrets from AWS Secrets Manager. This operator improves on existing projects by delivering sophisticated access control, templated fields and caching to reduce costs. For those familiar with the struggles that come from synching secrets between the two, we hope this comes as a welcome solution. […]
Creating greater reliability: CoreDNS-nodecache
January 7, 2020 - Contentful Blog
Ongoing issues in the Linux kernel’s UDP connection tracking have caused challenges with DNS, and bugs particularly affect DNS in Kubernetes in its default configuration; we saw elevated rates of DNS failures that seemed to increase with load on our clusters. Other developers have reported these problems in blog posts, such as Racy conntrack and DNS lookup timeouts and a reason for unexplained connection timeouts on Kubernetes/Docker. In these cases, a race condition in the kernel […]
Making S3 more resilient using Lambda@Edge
February 27, 2019 - AWS Summit Berlin (Júlia Biró / Yann Hamon)
Using Lambda@Edge in CloudFront, Contentful created a solution to actively serve requests from multiple S3 backends (circumventing an AWS restriction) to ensure resiliency to regional outages. As the company progressed, it built tooling to adopt Lambda@Edge as a software platform into its stack, which, at the end, allowed it to build high-performant complex logic on it.