What has been your journey in tech so far?

Initially, I had zero intention of becoming a software developer. I was a history and media studies major who happened to code as a hobby, making birthday cards for my friends in Flash with emo music and ActionScript and making websites on Tripod.

It was in a media studies lab my third year where I learned about web standards and the web standards movement and that there was a better way to build websites than just hacking some tables together. Later that year, I got a part-time job as a web developer and sysadmin for our student center and picked…

Introduction

At Skyscanner, we take the career aspirations of our teams seriously, which is why we have spent a ton of time building our two distinct engineering paths; individual contributor (IC) or manager. Advancing your career as an IC is seen as a linear progression; going from Senior Software Engineer to the next level of Principal Engineer, for example, is a promotion within Skyscanner. It’s a brand new role as you take on more ambiguous technical problems and have a wider impact within the business. …

Skyscanner’s systems are anything but small-scale. With millions of travellers using our site and app every month, we handle dizzying volumes of requests across a microservice architecture that, itself, is pretty huge. All-in, there are several hundred microservices and microsites (webapps that support a specific portion of the site), supported by hundreds more lambdas and internal libraries. Each is in its own GitHub repository, which has some upsides in terms of separation of concerns, but clearly has some costs: when the same change needs to be made to all of these repositories, how can it be done? …

Introduction

Skyscanner’s Continuous Integration and Delivery (CI/CD) pipeline is built to support tens of thousands of deployments per day. The frequency of production deployments cannot come at the expense of security. In fact, security processes need to be integrated within the CI/CD pipeline. That’s why we added continuous security validation at each step of the pipeline, from development to production, to help ensure our applications stay secure.

This post describes how we improved the query performance for our OpenTSDB cluster and enabled queries that previously were impossible by reducing the resolution of historic data.

Skyscanner’s focus is to drive every decision in Skyscanner by complete, timely and accurate data. As part of this, we’re operating a large metrics and logging platform that enables all engineers in Skyscanner to monitor their service 24 hours a day. We provide application logs and any metrics that our engineers would like to record; for instance, business and operational metrics for their services. We store and serve the data that powers Grafana…

Introduction

Skyscanner’s products are powered by hundreds of services hosted on AWS. In order to deploy changes and new services to production with zero clicks, we have an automated pipeline that´s responsible for building, testing and deploying new code, and provisioning and configuring new infrastructure. Developers perform these changes by writing CloudFormation templates that model their service’s Infrastructure as Code (IaC).

CloudFormation is an AWS service that essentially allows developers to programmatically provision AWS resources. CloudFormation templates could have security issues similar to regular source code, such as hardcoded secrets, overly permissive permissions, and many more.

Our goal at the Security…

Cristiano Balducci is one of our squad leaders. A problem-solver at heart, Cristiano shares valuable insights on how you can identify issues and achieve your goals as a team. Read this short blog to discover his top tips on how to achieve some of the most impressive sprint goals. If you want to find out about how we troubleshooting our process and what we have learnt doing this click ​here​.

How do we choose impactful sprint goals?

Here at Skyscanner we are arranged into squads and tribes; I’m a squad lead, and my squad — like many of the other engineering squads at the company — uses…

Two years ago in Skyscanner we made the decision to start moving our workloads to Kubernetes. Today, even though this transition is far from complete, our infrastructure is using >2000 nodes spread across 30 different clusters to power a fleet of >160 services.

As part of the transition to Kubernetes, the Security team had to come up with a way to detect malicious activity in Skyscanner’s Kubernetes clusters. Due to the sheer size of the target we want to monitor, the solution we chose needed to be able to scale as much as our most demanding services, without hindering their…