Problem

I like Postico for connecting to PostgreSQL databases. But now I found myself with a database that ran only via a UNIX domain socket. psql connects fine to the socket located at /path/to/postgres/socket/.s.PGSQL.5432 but Postico couldn’t….and for good reason. It’s a Mac sandboxed-app, which means I can trust that Postico won’t leak any information stored within it and explicitly can’t access things on my computer (like microphone and camera) that I don’t want it to. Unfortunately, this means I can’t directly connect to databases via UNIX sockets. However, there is a solution via SSH tunnelling.

Can’t connect to a socket path via Postico because of sandbox limitations. Boohoo.

After some digging, I…


Having adopted a microservice architecture philosophy a while ago for our core products, we have definitely benefited from constructing modular pieces of our solution in languages and frameworks best suited for a specific business/product function. Simultaneously, this has also enabled us to draw on specific expertise of teammates in particular functional areas, thereby allowing them to focus and solve difficult problems within the boundaries of that functional service, unburdened with the baggage of a “principal” architecture or programming language. Very liberating.

( Image reference: https://martinfowler.com/articles/microservices.html )

While this is a well-known benefit of microservices, I now found myself wrestling with a slew of small microservice…


The principles of Continuous Integration (CI) & Continuous Delivery (CD) are cornerstones of our code delivery process at Door2Door. Over time, and after much trial-and-play, our various teams have normed on CI/CD solutions that work best for their specific purposes. For example, a CI/CD setup for packaging an iPhone app tends to have different steps than the process for building and deploying a Go binary.

During a recent investigation of Jenkins, we encountered a few inconveniences with the released Jenkins docker container image, and decided to add a few goodies and handy bits on top of their release candidates.

Jenkins Dashboard after quick start setup

The…


Quite often, services and applications running on EC2 instances or Elastic Beanstalk deployments have to connect to other AWS services. This is certainly the case in Door2Door’s service-separated architecture, where a client request triggers different communications between our architectural pieces/services — event streams, asynchronous work processing, synchronous request-responses, etc.

A specific example is our Demand Responsive Transport (DRT) server running on EC2, which connects to:

  • AWS Kinesis Streams
  • AWS SQS queues
  • AWS APIGateway endpoints protected by IAM authentication

EC2 instances run the service as an IAM profile (‘drt’) who needs privileges to connect to these other AWS services listed above.

User ‘drt’ with far too many privileges

Amit Uttam

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store