Clever Engineering Blog — Always a Student

Always a Student is one of Clever's culture tenets: we love to learn, and this blog is where we share what we learn on topics that matter to engineering, from small but critical technical details to how we organize our engineering teams. This blog is cross-published on Medium.

Clever SSO Reliability — July 2018 Update

By Ben Adida on

Over the last few months, we’ve been readying Clever SSO for our biggest year ever. We want students across the country logging in quickly and reliably to all of their learning applications. A couple of months ago, we described our initial stress testing approach. In this post, we want to tell you more about this […]

Securing New Products at Clever

By Alex Smolen on

Clever Goals is a new product that tracks students’ educational software usage. It creates progress data, a new type of data for Clever. This sensitive data needs to be protected from unauthorized access, and users should feel in control over how it’s used. How does the Clever security team make sure that new products like […]

Clever Reliability — May 2018 Update

By Ben Adida on

Two months ago, we experienced the worst outage in the history of Clever SSO. We wrote up a postmortem soon afterwards. We mentioned at the time that this postmortem was the beginning of our process to reevaluate everything we do to make sure we can be worthy of the trust you place in us. We […]

Wag: A Go Web API Generator

By Kyle VIgen on

This story begins someplace familiar to many startups: our monolithic API had become unwieldy, and we wanted to transition towards a microservice architecture. And, like other young, scrappy startups, we couldn’t afford to freeze development while we re-architected the entire system. So, instead, each time we wrote a feature we carved off the related chunk […]

Postmortem on Last Week’s Outages

By Ben Adida on

On Tuesday, Wednesday, and Thursday, March 6th-8th, 2018, Clever logins failed for all customers: 1h on Tuesday, 1h15 on Wednesday, and almost 5h on Thursday. This was Clever’s single worst outage ever in length, repeatedness, and impact. This postmortem is the first of many public steps we’ll be taking to ensure Clever is a service […]

saml2-js and CVE-2017-11429

By Alex Smolen on

Over the past month, Clever worked with CERT to address a vulnerability in our open-source SAML2 library. Clever maintains an open source library implementing the SAML protocol in Node.js known as saml2-js. We use this library internally in our SAML service provider functionality for schools using Clever SSO and the Clever Portal. It is used […]

Swappiness and Amazon ECS

By Alex Smolen on

At Clever, one of our tenets is “Always a Student”, and in that spirit of learning we wanted to share the changes we made to fix memory allocation issues in AWS Elastic Container Service related to swappiness. Swappiness is a Linux Kernel setting that specifies how likely it is for a page in memory to be […]

Mo Repos, Mo Problems? How We Make Changes Across Many Git Repositories

By Nathan Leiby on

tl;dr: Try out microplane! It’s a CLI tool to make changes across many repos. The Problem At Clever, we’ve embraced microservices. They promote modularity, which leads to simpler code bases and lets our engineers move quickly and independently. They are easier to deploy, which helps us build towards incremental, frequent deploys and continuous delivery. In […]

Defining Clever’s Engineering Culture

By Caroline Modic on

At Clever, we chose early on to deliberately define the key principles we wanted our culture to reflect. These tenets are a part of day-to-day vocabulary, and we think they make us a stronger team. About a year ago, we asked ourselves: how do these tenets apply to our engineering team? Are there aspects of […]