Engineering
Notes from the team building and running production systems at Kodama & Co.
-
Postmortems That Change Behavior: Running Blameless Reviews That Stick
Most postmortem programs produce documents, not change. The mechanics we use to keep action items alive, measure repeat incidents, and make blameless mean something.
-
From Spreadsheets to Structured Data: Enterprise Form Pipelines with FormOK
How a procurement workflow built on emailed spreadsheets became a validated, auditable data pipeline - and the design principles behind FormOK that made it work.
-
Secrets Management Across Hundreds of Deployments
Secret sprawl is the default state of any growing platform. How we inventoried, centralized, and rotated credentials across our own products and client estates.
-
Rate Limiting Strategies for Multi-Tenant SaaS Platforms
Rate limiting in B2B is a fairness system, not a bouncer. Token buckets, per-tenant isolation, honest 429s, and limits your sales team can sell.
-
Schema Design in a NoSQL World: What We Learned Building KDB
Schemaless does not mean design-less. Access-pattern-first modeling, lazy migrations, and the discipline that keeps document stores from becoming data swamps.
-
Audit Logging That Auditors Actually Accept: SOC 2 in Practice
Application logs are not audit logs. What we learned designing audit trails that satisfied SOC 2 auditors on the first pass - schema, immutability, and evidence.
-
The Hidden Cost of Microservices: A Consulting Retrospective
A client came to us with 43 microservices and 7 engineers. A year later they run 9 services and ship faster. What the migration taught us about architecture debt.
-
API Versioning Without Breaking Enterprise Clients
Enterprise integrations live for a decade. Here is the versioning and deprecation policy we converged on for KID and FormOK, and the change taxonomy behind it.
-
Capacity Planning Before Black Friday: A Load Testing Playbook
How we prepare client platforms for peak season - building a load model from real traffic, testing to failure, and rehearsing the degradation ladder.
-
Why We Chose Boring Technology for a 99.99% SLA
Four nines leaves you 52 minutes of downtime a year. Here is why we spend that budget on PostgreSQL, nginx, and plain services instead of novelty.
-
Zero-Downtime Database Migrations at Scale: Patterns That Survived Production
The expand-contract playbook we use for schema changes on busy PostgreSQL clusters, and the migration mistakes that taught us each rule.
-
Designing Authentication for Enterprise SSO: Lessons from Building KID
What shipping SAML and OIDC to enterprise customers taught us about identity providers, certificate rotation, and why the spec is only half the work.
-
How We Cut Incident MTTR by 60% Without Hiring More On-Call Engineers
A look at Kodama's incident lifecycle, the runbook platform we built in-house, and why removing pager noise mattered more than adding dashboards.
-
Introducing the Kodama Engineering Blog
Why we are opening up our engineering notebook, and what you can expect to read here.