The Pragmatic Engineer

Brought to You By:
• Statsig — ⁠ The unified platform for flags, analytics, experiments, and more.
• Sonar – The makers of SonarQube, the industry standard for automated code review
• WorkOS – Everything you need to make your app enterprise ready.
—
Amazon S3 is one of the largest distributed systems ever built, storing and serving data for a significant portion of the internet. Behind its simple interfaces hides an enormous amount of engineering work, careful tradeoffs, and long-term thinking.
In this episode, I sit down with Mai-Lan Tomsen Bukovec, VP of Data and Analytics at AWS, who has been running Amazon S3 for more than a decade. Mai-Lan shares how S3 operates at extreme scale, what it takes to design for durability and availability across millions of servers, and why building for failure is a core principle.
We also go deep into how AWS approaches correctness using formal methods, how storage tiers and limits shape system design, and why simplicity remains one of the hardest and most important goals at S3’s scale.
—
Timestamps
(00:00) Intro
(01:03) S3’s scale 
(03:58) How S3 started 
(07:25) Parquet, Iceberg, and S3 tables
(09:46) S3 for developers 
(13:37) Why AWS keeps S3 prices low 
(17:10) AWS pricing tiers
(19:38) Availability and durability 
(26:21) The cost of S3's consistency
(31:22) Automated reasoning and proof of correctness 
(35:14) Durability at AWS scale
(39:58) Correlated failure and crash consistency 
(43:22) Failure allowances 
(46:04) Two opposing principles in S3 design
(49:09) S3’s evolution 
(52:21) S3 Vectors 
(1:01:16) The 50 TB limit on AWS
(1:07:54) The simplicity principle
(1:10:10) Types of engineers working on S3
(1:14:15) Closing recommendations 
—
The Pragmatic Engineer deepdives relevant for this episode:
• Inside Amazon’s engineering culture
• How AWS deals with a major outage
• A Day in the Life of a Senior Manager at Amazon
• What is a Principal Engineer at Amazon? – with Steve Huynh
• Working at Amazon as a software engineer – with Dave Anderson
Amazon papers recommended by Mai-Lan:
• Using lightweight formal methods to validate a key-value storage node in Amazon S3
• Formally verified cloud-scale authorization
• Analyzing metastable failures
• Amazon’s engineering tenets
—
Production and marketing by ⁠⁠⁠⁠⁠⁠⁠⁠https://penname.co/⁠⁠⁠⁠⁠⁠⁠⁠. For inquiries about sponsoring the podcast, email [email protected].


Get full access to The Pragmatic Engineer at newsletter.pragmaticengineer.com/subscribe

Brought to You By:
•⁠ Statsig ⁠ — ⁠ The unified platform for flags, analytics, experiments, and more.
•⁠ Linear ⁠ — ⁠ The system for modern product development.
—
How have servers and the cloud evolved in the last 30 years, and what might be next? Bryan Cantrill was a distinguished engineer at Sun Microsystems during both the Dotcom Boom and the Dotcom Bust. Today, he is the co-founder and CTO of Oxide Computer, where he works on modern server infrastructure.
In this episode of The Pragmatic Engineer, Bryan joins me to break down how modern computing infrastructure evolved. We discuss why the Dotcom Bust produced deeper innovation than the Boom, how constraints shape better systems, and what the rise of the cloud changed and did not change about building reliable infrastructure.
Our conversation covers early web infrastructure at Sun, the emergence of AWS, Kubernetes and cloud neutrality, and the tradeoffs between renting cloud space and building your own. We also touch on the complexity of server-side software updates, experimenting with AI, the limits of large language models, and how engineering organizations scale without losing their values.
If you want a systems-level perspective on computing that connects past cycles to today’s engineering decisions, this episode offers a rare long-range view.
—
Timestamps
(00:00) Intro
(01:26) Computer science in the 1990s
(03:01) Sun and Cisco’s web dominance
(05:41) The Dotcom Boom
(10:26) From Boom to Bust 
(15:32) The innovations of the Bust
(17:50) The open source shift
(22:00) Oracle moves into Sun’s orbit
(24:54) AWS dominance (2010–2014)
(28:15) How Kubernetes and cloud neutrality
(30:58) Custom infrastructure 
(36:10) Renting the cloud vs. buying hardware
(45:28) Designing a computer from first principles 
(50:02) Why everyone is paid the same salary at Oxide
(54:14) Oxide’s software stack 
(58:33) The evolution of software updates
(1:02:55) How Oxide uses AI 
(1:06:05) The limitations of LLMs
(1:11:44) AI use and experimentation at Oxide 
(1:17:45) Oxide’s diverse teams
(1:22:44) Remote work at Oxide
(1:24:11) Scaling company values
(1:27:36) AI’s impact on the future of engineering 
(1:31:04) Bryan’s advice for junior engineers
(1:34:01) Book recommendations
—
The Pragmatic Engineer deepdives relevant for this episode:
• Startups on hard mode: Oxide. Part 1: Hardware
• Startups on hard mode: Oxide, Part 2: Software & Culture
• Three cloud providers, three outages: three different responses
• Inside Uber’s move to the Cloud
• Inside Agoda’s private Cloud
—
Production and marketing by ⁠⁠⁠⁠⁠⁠⁠⁠https://penname.co/⁠⁠⁠⁠⁠⁠⁠⁠. For inquiries about sponsoring the podcast, email [email protected].


Get full access to The Pragmatic Engineer at newsletter.pragmaticengineer.com/subscribe

Brought to You By:
•⁠ Statsig ⁠ — ⁠ The unified platform for flags, analytics, experiments, and more.
•⁠ Linear ⁠ — ⁠ The system for modern product development.
—
Michelle Lim joined Warp as engineer number one and is now building her own startup, Flint. She brings a strong product-first mindset shaped by her time at Facebook, Slack, Robinhood, and Warp. Michelle shares why she chose Warp over safer offers, how she evaluates early-stage opportunities, and what she believes distinguishes great founding engineers.
Together, we cover how product-first engineers create value, why negotiating equity at early-stage startups requires a different approach, and why asking founders for references is a smart move. Michelle also shares lessons from building consumer and infrastructure products, how she thinks about tech stack choices, and how engineers can increase their impact by taking on work outside their job descriptions.
If you want to understand what founders look for in early engineers or how to grow into a founding-engineer role, this episode is full of practical advice backed by real examples
—
Timestamps
(00:00) Intro
(01:32) How Michelle got into software engineering 
(03:30) Michelle’s internships 
(06:19) Learnings from Slack 
(08:48) Product learnings at Robinhood
(12:47) Joining Warp as engineer #1
(22:01) Negotiating equity
(26:04) Asking founders for references
(27:36) The top reference questions to ask
(32:53) The evolution of Warp’s tech stack 
(35:38) Product-first engineering vs. code-first
(38:27) Hiring product-first engineers 
(41:49) Different types of founding engineers 
(44:42) How Flint uses AI tools 
(45:31) Avoiding getting burned in founder exits
(49:26) Hiring top talent
(50:15) An overview of Flint
(56:08) Advice for aspiring founding engineers
(1:01:05) Rapid fire round
—
The Pragmatic Engineer deepdives relevant for this episode:
• Thriving as a founding engineer: lessons from the trenches
• From software engineer to AI engineer
• AI Engineering in the real world
• The AI Engineering stack
—
Production and marketing by ⁠⁠⁠⁠⁠⁠⁠⁠https://penname.co/⁠⁠⁠⁠⁠⁠⁠⁠. For inquiries about sponsoring the podcast, email [email protected].


Get full access to The Pragmatic Engineer at newsletter.pragmaticengineer.com/subscribe

Brought to You By:
•⁠ Statsig ⁠ — ⁠ The unified platform for flags, analytics, experiments, and more. Statsig are helping make the first-ever Pragmatic Summit a reality. Join me and 400 other top engineers and leaders on 11 February, in San Francisco for a special one-day event. Reserve your spot here.
•⁠ Linear ⁠ — ⁠ The system for modern product development. Engineering teams today move much faster, thanks to AI. Because of this, coordination increasingly becomes a problem. This is where Linear helps fast-moving teams stay focused. Check out Linear.
—
As software engineers, what should we know about writing secure code?
Johannes Dahse is the VP of Code Security at Sonar and a security expert with 20 years of industry experience. In today’s episode of The Pragmatic Engineer, he joins me to talk about what security teams actually do, what developers should own, and where real-world risk enters modern codebases.
We cover dependency risk, software composition analysis, CVEs, dynamic testing, and how everyday development practices affect security outcomes. Johannes also explains where AI meaningfully helps, where it introduces new failure modes, and why understanding the code you write and ship remains the most reliable defense.
If you build and ship software, this episode is a practical guide to thinking about code security under real-world engineering constraints.
—
Timestamps
(00:00) Intro
(02:31) What is penetration testing?
(06:23) Who owns code security: devs or security teams?
(14:42) What is code security? 
(17:10) Code security basics for devs
(21:35) Advanced security challenges
(24:36) SCA testing 
(25:26) The CVE Program 
(29:39) The State of Code Security report 
(32:02) Code quality vs security
(35:20) Dev machines as a security vulnerability
(37:29) Common security tools
(42:50) Dynamic security tools
(45:01) AI security reviews: what are the limits?
(47:51) AI-generated code risks
(49:21) More code: more vulnerabilities
(51:44) AI’s impact on code security
(58:32) Common misconceptions of the security industry
(1:03:05) When is security “good enough?”
(1:05:40) Johannes’s favorite programming language
—
The Pragmatic Engineer deepdives relevant for this episode:
• What is Security Engineering?
•⁠ Mishandled security vulnerability in Next.js
•⁠ Okta Schooled on Its Security Practices
—
Production and marketing by ⁠⁠⁠⁠⁠⁠⁠⁠https://penname.co/⁠⁠⁠⁠⁠⁠⁠⁠. For inquiries about sponsoring the podcast, email [email protected].


Get full access to The Pragmatic Engineer at newsletter.pragmaticengineer.com/subscribe

Brought to You By:
•⁠ Statsig ⁠ — ⁠ The unified platform for flags, analytics, experiments, and more. AI-accelerated development isn’t just about shipping faster: it’s about measuring whether, what you ship, actually delivers value. This is where modern experimentation with Statsig comes in. Check it out.
•⁠ Linear ⁠ — ⁠ The system for modern product development. I had a jaw-dropping experience when I dropped in for the weekly “Quality Wednesdays” meeting at Linear. Every week, every dev fixes at least one quality isse, large or small. Even if it’s one pixel misalignment, like this one. I’ve yet to see a team obsess this much about quality. Read more about how Linear does Quality Wednesdays – it’s fascinating!
—
Martin Fowler is one of the most influential people within software architecture, and the broader tech industry. He is the Chief Scientist at Thoughtworks and the author of Refactoring and Patterns of Enterprise Application Architecture, and several other books. He has spent decades shaping how engineers think about design, architecture, and process, and regularly publishes on his blog, MartinFowler.com.
In this episode, we discuss how AI is changing software development: the shift from deterministic to non-deterministic coding; where generative models help with legacy code; and the narrow but useful cases for vibe coding. Martin explains why LLM output must be tested rigorously, why refactoring is more important than ever, and how combining AI tools with deterministic techniques may be what engineering teams need.
We also revisit the origins of the Agile Manifesto and talk about why, despite rapid changes in tooling and workflows, the skills that make a great engineer remain largely unchanged.
—
Timestamps
(00:00) Intro
(01:50) How Martin got into software engineering 
(07:48) Joining Thoughtworks 
(10:07) The Thoughtworks Technology Radar
(16:45) From Assembly to high-level languages
(25:08) Non-determinism 
(33:38) Vibe coding
(39:22) StackOverflow vs. coding with AI
(43:25) Importance of testing with LLMs 
(50:45) LLMs for enterprise software
(56:38) Why Martin wrote Refactoring 
(1:02:15) Why refactoring is so relevant today
(1:06:10) Using LLMs with deterministic tools
(1:07:36) Patterns of Enterprise Application Architecture
(1:18:26) The Agile Manifesto 
(1:28:35) How Martin learns about AI 
(1:34:58) Advice for junior engineers 
(1:37:44) The state of the tech industry today
(1:42:40) Rapid fire round
—
The Pragmatic Engineer deepdives relevant for this episode:
• Vibe coding as a software engineer
• The AI Engineering stack
• AI Engineering in the real world
• What changed in 50 years of computing
—
Production and marketing by ⁠⁠⁠⁠⁠⁠⁠⁠https://penname.co/⁠⁠⁠⁠⁠⁠⁠⁠. For inquiries about sponsoring the podcast, email [email protected].


Get full access to The Pragmatic Engineer at newsletter.pragmaticengineer.com/subscribe