Jekyll2017-04-09T11:53:12+00:00http://www.whitesquaresoft.com/Whitesquare SoftwareThoughts of a passionate nerdSteve MactaggartWelcome to the new site2017-04-09T03:49:57+00:002017-04-09T03:49:57+00:00http://www.whitesquaresoft.com/2017/04/09/welcome-to-jekyll<p>I registered this domain many years ago as a place to keep my thoughts and document my learnings as I moved into the IT industry. The site had been running on a WordPress install for most of its life.</p>
<p>Last week, the hosting provider running my blog had a <code class="highlighter-rouge">catastrophic failure</code> that resulted in me losing all of the content from my server. Now you’d think that this would be ok, because I have backups of everything right? Well yes and no, yes I had backups of the critical things, but it seems that the MySQL database running the WordPress install was not being backed up.</p>
<p>I have some backups from a year ago, but instead of recovering the WordPress install, I have decided to move to a simpler blogging platform, that lets me run the site as a fully static solution, and one that works better with my modern understanding of development tools.</p>
<p>This is the first post on the site, using <a href="Jekyll">https://jekyllrb.com/</a> and <a href="Minimal Mistakes">https://mmistakes.github.io/</a> theme.</p>
<p>I’ll be working to back-port all of the posts from the old blog here over the next few months, there is over 400 posts dating back to 2005. It’ll be a good walk down memory lane and the pain I need to pay for not having a fully recoverable site up and running.</p>Steve MactaggartWelcome to the re-imagined blog for Steve Mactaggart. After failure caused the loss of the old site, when handed lemons, lemonade is the answer.The Four values of a devops transformation2017-03-12T00:00:00+00:002017-03-12T00:00:00+00:00http://www.whitesquaresoft.com/cevo/2017/03/12/four-values-of-devops<p class="notice--success">This post was originally posted on the <a href="http://www.cevo.com.au/blog/index.html">Cevo Australia website</a></p>
<p>A successful devops transformation sees a change in organisational culture. These changes often come in the way of adoption of specific tools or practices.</p>
<p>However, to change culture, you need something more fundamental than just the introduction of new tools, or pushing everyone into Scrum teams.</p>
<p>Just like the agile transformations of the past, there was a difference between ‘Doing Agile’, and ‘Being Agile’. ‘We do standups’ - therefore we are Agile. Are we ‘Doing devops’ or are we ‘Being devops’?</p>
<p>Agile cultures have evolved to a deeper understanding that it’s not about the team structure, or even the ceremonies, but it is about the values that they hold.</p>
<p>So if we are to be successful with a devops transformation, what are the values we should be aiming to foster, and why are these important in the first place?</p>
<p>We propose that there are 4 key values to a devops culture:</p>
<ul>
<li><strong>Work lean</strong></li>
<li><strong>Embrace failure</strong></li>
<li><strong>Automate everything</strong></li>
<li><strong>Demand diversity</strong></li>
</ul>
<p>In a classic operating model for any change to occur multiple teams, if not departments, need to come together to make things happen. As organisations grow an even larger number of teams are required, until you reach a point where everyone is very busy, but little value is actually being delivered.</p>
<p>No one aimed to build a process that didn’t work, these processes were evolved as a way to encode observed good practice. Their objective was to ensure quality through process. But blindly following a process misses the why. Too often organisations forget why they put these process in place, and start ‘cargo culting’ their delivery approach.</p>
<p>Are we going to fall into the same trap? Are we going to define a set of best practices and approaches, label things and create a cargo cult following of our own?</p>
<p>How do we learn from the failures of the past, especially when learning from failure is one of the key values?</p>
<p>We do this through understanding why these values are good for us, and we create a culture where things are regularly and vigorously challenged. While we are constantly striving to deliver value we need stay focused on ‘Why we are doing it.’</p>
<p>We can start by looking at the four key values and see how they have support for ‘why’ at the heart of each of them.</p>
<h2 id="work-lean">Work lean</h2>
<p>There are many great resources on the internet that talk to the values of a Lean approach, so we won’t recreate them here.</p>
<p>Devops embraces the values of a lean approach as they are focused on doing enough to deliver value, no more, no less.</p>
<p><strong>“Why work lean”</strong> - At its heart, a Lean approach aims to increase value through the reduction of waste. One of the strongest ways to reduce waste is to challenge why we do that activity in the first place.</p>
<p>Forming small cross-functional teams with a lean approach is often one of the first steps on a devops adoption path. These teams are empowered to deliver change in the way they see provides value to their customers, while still being accountable to they meets the goals of the broader organisation.</p>
<p>Ensuring these teams are supported to make changes to reduce waste within the team, and provided a context where they have everything they need to succeed will allow them to challenge the current blockers to delivering value.</p>
<h2 id="embrace-failure">Embrace failure</h2>
<p>Nothing is perfect, and failure is always just around the corner. The only way to guarantee that nothing can fail is to do nothing at all.</p>
<p>While there are some industries that need to take a risk-averse position due to the nature of their work or the impact to society if they fail, most do not. In fact the reverse is true.</p>
<p>In a world where competition is increasing and the needs of customers are only becoming more demanding, the rate of change required to succeed far out-strips the current risk management processes. In this context Failure is inevitable.</p>
<p><strong>“Why embrace failure”</strong> - Core to a devops culture is one where we recognize that things will fail. What we need to recognise is it is not the failure by which we will be measured but by how quickly and effectively we respond to the failure</p>
<p>By creating an environment that acknowledges failures will occur, we can prepare ourselves to not only reduce the impact, but more importantly manage the splash zone of the failure.</p>
<p>We aim to fail before the customer sees it. We peer-review our changes, are constantly integrating and testing our systems, and deliver change through automation to increase our confidence.</p>
<p>If things do slip through and our failures become more public, we work in a small, focused team that has the knowledge, skills and access to resolve the issue. We empower, support and challenge them to ask ‘why did this happen?’ in the first place. What could have we done to catch this issue earlier? What are we going to do to make sure this failure does not happen again?</p>
<h2 id="automate-everything">Automate everything</h2>
<p>Automation is often seen as the goal, by having things automated we reduce the demands on the people and so we can do more things. But seeing automation as the goal is an anti-pattern. It should be seen as the journey.</p>
<p>Anyone who has done any complex automation activity will agree that sometimes the automation makes the system more complex and more fragile. In those cases the reason is that we have just automated a broken approach.</p>
<p><strong>“Why automate everything”</strong> - When we look to automate things we first need to know why we do it, this gives us an opportunity to challenge if this is a valuable step, or just a workaround for another broken process.</p>
<p>When we set an ambitious goal to automate all the things, what we are actually saying is that we want to understand all the repetitive tasks that get done. When done with the right intentions, this forces us to review the current steps and ensure they are aligned to delivering value.</p>
<p>More often than not, an attempt to introduce strong automation only flushes out the dysfunction in the current process. A true commitment to automation is a true commitment to facing this dysfunction and a willingness to change it.</p>
<h2 id="demand-diversity">Demand diversity</h2>
<p>Diversity is more than just a balanced blend of genders in the team. True diversity should encourage a mix of people with a whole range of different backgrounds, be those race, occupation, gender or religion, to name just a few.</p>
<p>For us to truly create teams that able to respond to changing business needs, that can own a solution from end-to-end and strive to deliver the best they can for their customer, they need differing points of view.</p>
<p><strong>“Why diversity”</strong> - The right balance of conflict is important to ensure the team is consistently reviewing the current approach and looking for opportunities to reduce waste and deliver more value.</p>
<p>By definition devops is the bringing together of Developers and Operations staff, that alone is more diversity than some teams have had for decades.</p>
<p>Ensuring there is a voice for all aspects of the system involved during the planning, delivery and support of new features will only increase the chance that the right solution will be developed in the right timeframe for the right customers.</p>
<h2 id="driving-a-culture-change">Driving a culture change</h2>
<p>You can see from these four values that there is a depth to each, but combined together they form a strong force for change.</p>
<p>Change that is focused on delivering value to customers by ensuring we build the right thing, can support it and willing to learn from the bumps from along the road.</p>
<p>Change that is delivered with as little delay as possible, in small chunks that let us reduce the impact of failure while enabling us to get feedback from customers rapidly to ensure we build the right thing.</p>
<p>Change that is constantly automating away the common activities, while also identifying ways to improve the process as a whole.</p>Steve MactaggartJust like the agile transformations of the past, there is a difference between ‘Doing Agile’, and ‘Being Agile’. ‘We do standups’ - therefore we are Agile. With the increase in adoption of devops practices, are we 'Doing devops' or are we 'Being devops'? In this post we look into the four values that support a successful devops transformation.You’re doing it wrong if…2017-01-18T00:00:00+00:002017-01-18T00:00:00+00:00http://www.whitesquaresoft.com/cevo/2017/01/18/youre-doing-it-wrong-if<p class="notice--success">This post was originally posted on the <a href="http://www.cevo.com.au/blog/index.html">Cevo Australia website</a></p>
<p>I’ve been around for a while, worked through different teams, across different industries and companies.<br />
Over time I have learnt a lot of lessons, some the easy way, most the hard way.</p>
<p>While the failures have all been different, their learnings have regularly overlapped and now form a set of practices that guide me on a daily basis. I’ve tried lots of different ways to collect these patterns, and for a long time I was focused on passing on what the best practices were. But they never seemed to fit.</p>
<p>Then I realised, <strong>I was doing it wrong</strong>.</p>
<p>Instead of trying to describe what you should do, I should really just have been listing what not to do.</p>
<p>Like <a href="https://en.wikipedia.org/wiki/Sherlock_Holmes">Sherlock Holmes</a> said</p>
<blockquote>
<p><em>“When you have eliminated the impossible, whatever remains, however improbable, must be the truth”.</em></p>
</blockquote>
<p>But in this case it’s more like</p>
<blockquote>
<p>“When you have eliminated <strong>what’s wrong</strong>, whatever remains, however improbable, <strong>must be right</strong>”.</p>
</blockquote>
<p>It’s can be really liberating to take this approach, by defining what not to do you <em>don’t have to be right</em>, you <strong>only have to not be wrong</strong>. It might sound counter intuitive, but I think you’ll find that it’s much easier to exclude the things that have caused pain than it is to try and encode how to do it write.</p>
<p>By not saying what to do, you can guide your teams away from bad habits, while still enabling them space to own their own destiny and foster innovation.</p>
<p>So here is my list, these are some of the core rules that I use to help differentiate between what we should and shouldn’t be doing.</p>
<h2 id="youre-doing-it-wrong-if">You’re doing it wrong if…</h2>
<ol>
<li>the first time you are doing it is in production</li>
<li>your code is not in version control</li>
<li>there are no tests for the code you just wrote</li>
<li>there is no documentation that explains what you’re doing and why</li>
<li>you are not concerned about how the change will get to production</li>
<li>you are logging onto a server to make a manual change</li>
<li>you think security and privacy are features that can be prioritised</li>
<li>you need to give someone your password</li>
<li>you feel the need to <code class="highlighter-rouge">git push -f</code></li>
<li><strong>you are not having fun!</strong></li>
</ol>
<h2 id="tweet-your-list">Tweet your list</h2>
<p>Would these work for you? Have you got your own rules to live by?</p>
<p><a href="https://twitter.com/#YDIWI">Tweet us your items</a>, use the hashtag <strong>#YDIWI</strong> to join the discussion.</p>Steve MactaggartWe are all looking to learn from our failures and make things better, but sometimes it better to communicate what is right by eliminating what is wrong. "When you have eliminated what's wrong, whatever remains, however improbable, must be right".Enterprise AWS adoption2016-11-24T00:00:00+00:002016-11-24T00:00:00+00:00http://www.whitesquaresoft.com/cevo/2016/11/24/Enterprise-AWS<p class="notice--success">This post was originally posted on the <a href="http://www.cevo.com.au/blog/index.html">Cevo Australia website</a></p>
<p>As more enterprise scale businesses migrate their workloads to AWS, the size and complexity of the solutions they are trying to manage is growing. Businesses will face a set of new challenges, many that their current organisational structure, staffing, skills, processes and practices will not be set up to handle.</p>
<p>Over time, these organisations have responded to their environments by creating structure focused on satisfying the inherent constraints and requirements of running their own infrastructure.</p>
<p>Within traditional environments, the lifecycle for infrastructure is measured in years. There is a constant need to manage risk across all aspects of designing, provisioning, building and running systems. This management requires teams of people who need to be trained, organised and motivated to keep those systems running, often 24hrs a day, against increasing demand from customers both internal and external.</p>
<p>With the broader acceptance of cloud computing, many large organisations are now evaluating a move towards cloud providers, but one of their biggest challenges remains redesigning their current structure, approach and mindset.</p>
<p>For many organisations considering cloud solutions (especially AWS) the initial focus is to:</p>
<ul>
<li>reduce the expense and complexity of running a data centre</li>
<li>minimise the need to purchase and manage hardware through its lifecycle and</li>
<li>reduce the headcount required to install and maintain these systems.</li>
</ul>
<p>For savvy organisations, a cloud can be considerably more. The challenge is to take full advantage of these newly flexible infrastructure and service arrangements. Movement towards cloud sytems needs to go further than simple lift-and-shift of physical components to cloud replacements-in-kind, and look not only to the IT systems currently in use, but a full review of the fundamental approach in place to develop and manage these systems.</p>
<p>There are many aspects to cloud computing, and many words have already been written about how to unlock infrastructure for development or application teams to deliver value faster or easier.</p>
<p>In many enterprises, significant investment is made in specialist teams with sophisticated skills to ensure a consistent approach to managing infrastructure that cuts across many different departments. Teams are formed to manage complex networking requirements, ensure security risks are minimised and combined with teams focused on server and storage.</p>
<p>Successful delivery of a transition from large scale, on premise infrastructure to a cloud computing approach, requires a fundamental review and refactor of the way in which both these teams and their infrastructure are constructed, delivered, guided and retired.</p>
<p>The primary constraints of running your own datacenter are rooted in the physical world: the amount of storage you have, the number of CPUs available, power and cooling … all are key factors in providing infrastructure to deliver business value. In the cloud, though, you have significantly greater agility of infrastructure, and while there still are constraints the primary ones no longer reflect the need to manage a fleet of fixed capacity.</p>
<p>If the primary constraint of limited resources was the environment in which the organisation formed its teams, best practices, processes and culture, it goes without saying that when this constraint is elevated the teams, practices, process and culture all need to be reviewed.</p>
<p>Without reviewing their existing organsational structure, current processes and definitions of best practice, organisations who choose to transition to cloud based infrastructure will not be able to fully capitalise on all of the benefits.</p>
<p>For all organisations at the enterprise scale, the size and impact of this review will be challenging for even the most driven executive. The course change of the magnitude a move to cloud computing can have on IT departments needs to be well managed, to ensure the best possible outcome is achieved.</p>
<p>There have been many examples of adoption of cloud computing, most of which follow a similar approach.</p>
<ul>
<li>Create a dedicated team that is focused on adopting a cloud-first approach,</li>
<li>Empower them to own the entire solution, from concept to execution,</li>
<li>Focus them on delivering a small number of production grade services,</li>
<li>Support them when they fail (they will),</li>
<li>Ensure that they test their assumptions, and communicate what they learn,</li>
<li>Provide them sufficient resourcing, training and support,</li>
<li>Ask them to challenge the current processes, assumptions and practices.</li>
</ul>
<p>If you can successfully create an environment in which your current team structures, processes and approaches can be questioned and challenged in an open, honest and measured approach, you will be half way to identifying the path forward to cloud computing success.</p>
<p>By listening to the feedback from your teams, questioning what they find and assessing how you can adopt this feedback into your existing understanding, you will be better armed to structure your teams, approaches, skills and capabilities to manage the changing risks of a cloud migration.</p>
<p>If you are considering this path, and looking for an experienced partner to help you through the journey, please don’t hesitate to <a href="https://cevo.com.au/contact.html">contact us!</a>.</p>Steve MactaggartAs more enterprise scale businesses migrate their workloads to AWS, the size and complexity of the solutions they are trying to manage is growing. Businesses will face a set of new challenges, many that their current organisational structure, staffing, skills, processes and practices will not be set up to handle.Census 2.02016-08-12T00:00:00+00:002016-08-12T00:00:00+00:00http://www.whitesquaresoft.com/cevo/2016/08/12/Census-2.0<p class="notice--success">This post was originally posted on the <a href="http://www.cevo.com.au/blog/index.html">Cevo Australia website</a></p>
<p>In light of the <a href="https://twitter.com/hashtag/CensusFAIL">#CensusFail</a> the ABS delivered to us on Tuesday night, I thought I’d put a blog post where my mouth is and suggest an architecture I feel would have delivered had Cevo been involved in the creation of this years’ Census application.</p>
<p>Having not already completed the Census, I’m not 100% sure of what the official requirements are, but I will take a crack at designing a solution from a guesstimate of what they would need.</p>
<p><strong>Requirements:</strong></p>
<ul>
<li>Ability to validate the ‘unique code’ sent to each household.</li>
<li>Ensure that the same unique code cannot submit the form multiple times</li>
<li>Provide multiple pages of forms with:
<ul>
<li>many translations</li>
<li>explanatory text</li>
<li>options for conditional field selection controlling validation rules on following actions.</li>
</ul>
</li>
<li>Confirmation of successful submission</li>
<li>Ability to segregate the submission of different parts of the form to different datastores</li>
</ul>
<p><strong>And most importantly</strong></p>
<ul>
<li><strong>Handle over 5 million users accessing the service within a 1-hour window of time.</strong></li>
</ul>
<p><em>Disclaimer: I’m sure the actual requirements are more comprehensive and have some gotchas in this, but the thought exercise was completed on a Friday night, watching the footy with a beer in my hand..</em></p>
<p>I jokingly suggested during the week that a form on top of a google spreadsheet would have been a solid solution, and there are aspects of this that actually do make sense.</p>
<h2 id="design-considerations">Design considerations</h2>
<h3 id="deliver-as-much-content-as-possible-from-a-cdn">Deliver as much content as possible from a CDN</h3>
<p>One of the biggest issues (if not the biggest) with the existing Census setup was the inability to cope with the demand requirements of 5 million or more households having dinner and then all firing up their browsers within 45 minutes of each other.</p>
<p>To reduce the burden on the central control points, ensure the application is delivered to customers from multiple edge locations. Even if one of these points gets swamped, the overall network will be able to respond to the vast majority of service requests. In addition, most CDNs provide a level of DDoS-resilience out of the box, with Web Application Firewall (WAF) capability also coming as a standard optional extra.</p>
<h3 id="limit-the-number-of-stateful-requests">Limit the number of stateful requests</h3>
<p>In any large scale system, state is your enemy. It means that you have to both persist and read that state from somewhere to keep all the parts in sync (or worse, force each client to talk to a single server). Your state persistence component is now a single point of failure, which can be addressed by sprinkling in High Availability and other levels of complexity.</p>
<p>In this solution, the need for state can be simplified into 2 key events. An initial event that validates the unique code is truly unique and valid, and the final submission of all the Census results.</p>
<h3 id="select-a-solution-that-provides-horizontal-scaleability">Select a solution that provides horizontal scaleability</h3>
<p>Even with offloading content to a CDN, and reducing the state, 5 million requests to any solution within a 15 minute window will be tough unless you have architected to support it. Doing some simple maths, that’s (5,000,000/(15*60)) which is a little over 5,500 requests/second. For many large websites, that’s not even a tickle, but for an unprepared site it spells meltdown.</p>
<p>Ensuring that the key processing units in the system are able to be run in parallel, and the technology chosen to deliver this processing can quickly and easily be turned on (And off) to add (and then remove) parallel streams as needed allows us to respond transparently to the level of demand without incurring unnecessary “spare” capacity cost.</p>
<h3 id="create-a-write-only-data-store-to-isolate-risk-of-data-breach">Create a write-only data store to isolate risk of data breach</h3>
<p>The primary purpose of this system was to collect the data, it doesn’t need to do anything complex with it, doesn’t need to put it into any transactional system, it only needs to validate the content is complete, and format of any key items is correct and record it. It does need to be stored securely, so adding encryption to data at rest is standard.</p>
<p>Processing to move this data into a transactional system, create reports or analytics, can be done offline, in longer term slower processing approaches.</p>
<h3 id="make-change-to-the-system-easy-and-consistent">Make change to the system easy and consistent</h3>
<p>It’s also important to know that you won’t get it right and, when playing at this scale, it’s important that if things do go wrong you can easily and confidently fix the running system.</p>
<p>I’ve seen lots of comments this week about how companies like Facebook and Twitter can handle billions of users, not just a few million like on Census night. But remember they have had years to perfect their systems, and the only way they handle this scale was through the ability to evolve.</p>
<p>The Census was a big bang event, and in spite of the attempts to load-test beforehand, real-world load often looks different from generated load. Presumably a large number of assumptions had to be made, and often assumptions are only proven incorrect in production.</p>
<p>Being able to make changes to running systems in the heat of the battle, with confidence that the changes you are making are not making things worse should be a key component in any application design.</p>
<h2 id="solution-design">Solution design</h2>
<p>At this scale, you need a service provider who can provide internet scale services, has been battle tested and has a proven track record of handling massive scale applications.</p>
<p>Over the past few year AWS have demonstrated multiple times that they fit this bill and, with the introduction of a series of new services that increase flexibilty and reduce management overhead, present as an ideal platform on which to build a Census 2.0 application.</p>
<h3 id="overview">Overview</h3>
<p>By using a “serverless” architecture, the application sits on a platform that is built for scale, and requires the application developers to bear in mind the management and impact of state.</p>
<p><img src="/assets/images/census-sa.png" alt="Census 2.0 architecture" class="align-center" /></p>
<h3 id="front-end">Front End</h3>
<p>Let’s start by developing the Census form in a manner that sees the bulk of the logic and content delivered to the browser as a set of static HTML, CSS and JavaScript. There are a number of JavaScript based UI toolkits, so I’ll leave it to you to pick your favourite.</p>
<p>Requirements for the front end are that all the static content (javascript, images, and content) can be delivered from a CDN to the browser without any need to run any server-side (website-end) processes. This removes the need for high-end webservers just to deliver the basic pages to the browser.</p>
<h3 id="static-content-delivery-and-cdn">Static Content Delivery and CDN</h3>
<p>To deliver this content to customers, use the CDN combination of <a href="http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/MigrateS3ToCloudFront.html">S3 and CloudFront</a> to provide multiple Edge Locations in both Melbourne and Sydney.</p>
<h3 id="security">Security</h3>
<p>Importantly, both API Gateway and S3 support the use of SSL/TLS certificates to ensure security around the delivery of the application to the customers, as well as the delivery of content to the submission backend.</p>
<p>Because Census data is the canonical example of Sensitive PII, all data must be strongly encrypted in transit (via HTTPS) and while at rest.</p>
<h3 id="validation-of-unique-census-code">Validation of Unique Census Code</h3>
<p>By using the built in security features of the AWS platform, the architecture could be positioned with the following constraints:</p>
<ul>
<li>S3 bucket that stores the application content independent from the Census storage bucket.</li>
<li>Lambda function that checks unique code can only <a href="http://docs.aws.amazon.com/directoryservice/latest/admin-guide/role_ddb_read_only.html">read from the DynamoDB</a>.</li>
<li>Lambda function that accepts the form submission can update the DynamoDB, and only write to the S3 bucket, ensuring no permission to list or read from the bucket.</li>
<li>All traffic delivered to and from client is encrypted with SSL/TLS.</li>
</ul>
<p>I assume the list of unique codes already existed (after all, the ABS sent out letters to each address with an unique code pre-assigned), so let’s pre-populate a high bandwidth, low latency data store (DynamoDB) to enable quick lookup and validation.</p>
<p>When a form is successfully submitted, a flag could be recorded against the DynamoDB record to lock this key from re-use; this has no relationship to the Census data itself, and so meets requirements of separation of data.</p>
<h3 id="form-submission-and-validation">Form Submission and Validation</h3>
<p>With the majority of heavy lifting being done on the client side through the use of JavaScript based UI frameworks, the requirements on form submission can be greatly simplified.</p>
<p>By using API Gateway backed onto an AWS Lambda function, the complexity of the system under control is greatly simplified. One key feature of the Lambda platform is its ability to scale-out automatically and transparently to execute Lambda functions in parallel if required..</p>
<p>This function would not need to access any data store for processing as the client side JavaScript application would be able to submit the entire packet in one post.</p>
<p>It would only need to validate a relatively small data packet for completeness and data validity, on failure return sufficient error messages for the client side application to give feedback to the user.</p>
<p>If the submitted data was valid, it need not access any database, but simply upload this JSON element to an S3 bucket configured for write only access. The Lambda function only keeps the data in-memory long enough to validate it, before writing to the encrypted S3 storage. Amazon’s KMS (Key Management Service) permits us to provide strong controls over who can access the encrypted data once it’s stored.</p>
<h2 id="conclusion">Conclusion</h2>
<p>I don’t want to comment on the current solution, its vendors or the approach taken by the ABS, but will conclude by saying that with:</p>
<ul>
<li>the recent emergence of Serverless application architectures;</li>
<li>the continued maturity of automated delivery solutions and;</li>
<li>the commoditisation of infrastructure as a service being achieved by Cloud Computing suppliers</li>
</ul>
<p>the possible options to deliver solutions have drastically increased.</p>
<p>Don’t write off a lot of this new technology and the approaches behind them, while the tools and frameworks in this space might only be young, their potential applications have only begun to be explored.</p>
<h2 id="caveats">Caveats</h2>
<p>Yes, there are real-world requirements that this simple overview doesn’t cover; in-progress saving of forms, clients that cannot (or will not) use Javascript, and probably more. This is a thought exercise rather than a full-fledged system design – however, if you’d <em>like</em> a full-fledged system design, or assistance with implementing your own, please <a href="https://cevo.com.au/contact.html">contact us!</a>.</p>
<p>Also; we know most of what’s wrong with this back-of-the-envelope design. Would you like to help improve it? For real clients? Check out our <a href="https://cevo.com.au/careers.html">careers page</a></p>Steve MactaggartIn light of the #CensusFail the ABS delivered to us on Tuesday night, I thought I'd put a blog post where my mouth is and suggest an architecture I feel would have delivered had Cevo been involved in the creation of this years' Census application.Does DevOps drive agility, or does agility result in DevOps?2015-01-22T02:00:00+00:002015-01-22T02:00:00+00:00http://www.whitesquaresoft.com/2015/01/22/does-devops-drive-agility<p>This is a really good question, and while there are some that say you can be successful achieving a DevOps culture without agile, I’d like to see it. </p>
<p>I agree with this article in that what we currently believe is DevOps is an outcome of agile evolution, and teams evolve a DevOps culture as a reaction to a need.</p>
<p>This development is much the say as initial agile implementations, best practices merged and became what we know now as scrum or kanban.</p>
<p>I expect that DevOps culture will coalesce into a delivery extension of common agile frameworks, and hence there can be no DevOps with no agile.</p>
<p><em>Your thoughts on this article?</em>
<a href="http://devops.com/features/devops-drive-agility-agility-result-devops/">http://devops.com/features/devops-drive-agility-agility-result-devops/</a></p>Steve MactaggartThis is a really good question, and while there are some that say you can be successful achieving a DevOps culture without agile, I’d like to see it. What is DevOps?2015-01-02T02:00:00+00:002015-01-02T02:00:00+00:00http://www.whitesquaresoft.com/2015/01/02/What-is-DevOps<p>I had a chance recently to be part of an AWS lunch and learn session here in Melbourne.</p>
<p>Before the session we recorded some short summaries from all the presenters on how they define DevOps.</p>
<!-- Courtesy of embedresponsively.com //-->
<div class="responsive-video-container">
<iframe src="https://www.youtube.com/embed/YHxcNu5fHcc" frameborder="0" allowfullscreen=""></iframe>
</div>
<p>The full session should be posted to YouTube at some stage, so will link to it once its available.</p>
<p><strong>Do you agree with our definition of DevOps?</strong> Love to hear your thoughts as comments below or on twitter..</p>
<p class="notice--success"><strong>Update</strong> - The full session is now available on YouTube.</p>
<!-- Courtesy of embedresponsively.com //-->
<div class="responsive-video-container">
<iframe src="https://www.youtube.com/embed/4UyQY5I6wUQ" frameborder="0" allowfullscreen=""></iframe>
</div>Steve MactaggartI joined the team from Base2Services, Emergency Management Victoria and Service Stream to discuss what we think defines devops.JMX timeseries data2013-04-14T02:00:00+00:002013-04-14T02:00:00+00:00http://www.whitesquaresoft.com/2013/04/14/JMX-timeseries-data<p>When looking at monitoring Java applications it seems that JMX is still one of the best standard ways to get information from your application and application servers.</p>
<p>All containers, and most frameworks publish MBeans into the JMX context, but the tools for processing and retrieving them still seem to be limited.</p>
<p>The quickest and easiest solution is to fire up VisualVM, install the MBeans plugin and connect to your container. You’ll end up with access to a heap of values, most of which won’t help you with your problem, but there may be some pieces of gold in there that are key to helping you identify issues or performance problems.</p>
<p>Not matter what container you run, you’ll get access to the key Memory and Threading beans. These are probably a great place to start when looking at a system in abnormal state. But how do you know what is normal and what is not. The best way is to regularly check on some key metrics and over time you will learn what is normal and what is abnormal.</p>
<p>So how do you do this? You could just fire up VisualVM every now and then and read the values, hopefully you’ll remember what looks normal or not. Or you can setup something that extracts the JMX values periodically and stores them.</p>
<p>If you’ve been following me on <a href="http://twitter.com/stevemac">Twitter</a> then you’ll know I have been recently using <a href="http://librato.com">Librato</a>, and that it is a really simple and directed tool that produces so much power by how flexible it is.</p>
<p><a href="http://librato.com">Librato</a> is a simple website that enables you to push in timestamped JSON objects, and then graph them on a timeseries graph. This may sound simple, but one of the most complex parts of Metrics analysis is managing the volume of information and drawing relationships between metrics. The <a href="http://librato.com">Librato</a> platform allows you to easily build ‘Instruments’ that combine multiple different metrics against the same time frame. This simple tool enables a multitude of analysis to be done.</p>
<p>So we now have the raw data in the JMX beans, and a place to store it in <a href="http://librato.com">Librato</a>, but the missing piece is how to get the data from one into the other.</p>
<p>Of course the Librato guys have build a <a href="https://github.com/librato/librato-metrics-taps">connector to extract specific JMX metrics</a> and import them into the Librato platform. The code is available on GitHub and pretty self explantory.</p>
<p>Just configure your Librato email and token, and supply the connection credentials for the JMX datasource and you are almost there.</p>
<div class="wp_syntax"><table><tbody><tr><td class="line_numbers"><pre>1
2
3
4
5
6
7
8
9
</pre></td><td class="code"><pre class="bash" style="font-family:monospace;">librato-metrics-tap-jmxbeans\
<span style="color: #660033;">--publish</span> \
<span style="color: #660033;">--email</span> <span style="color: #ff0000;">"<span style="color: #007800;">$EMAIL</span>"</span> \
<span style="color: #660033;">--token</span> <span style="color: #ff0000;">"<span style="color: #007800;">$TOKEN</span>"</span> \
<span style="color: #660033;">--source</span> <span style="color: #ff0000;">"<span style="color: #007800;">$SOURCE</span>"</span> \
<span style="color: #660033;">--jmx-host</span> <span style="color: #ff0000;">"<span style="color: #007800;">$JMX_HOST</span>"</span> \
<span style="color: #660033;">--jmx-port</span> <span style="color: #007800;">$JMX_PORT</span> \
<span style="color: #660033;">--data-file-full</span> tomcat-jmx.yaml \
<span style="color: #660033;">-i</span> <span style="color: #000000;">30</span></pre></td></tr></tbody></table></div>
<p>The only decision left is to identify what to extract, as a simple example here is the configuration to pull out the key Thread and Memory statistics as well as the Tomcat specific beans for extracting the Active Sessions from a ‘ROOT’ context.</p>
<div class="wp_syntax"><table><tbody><tr><td class="line_numbers"><pre>1
2
3
4
5
6
7
8
</pre></td><td class="code"><pre class="yaml" style="font-family:monospace;"><span style="color: cyan;">---</span><span style="color: #007F45;">
java.lang:type=Threading</span>:<span style="color: #007F45;">
ThreadCount</span>:<span style="color: #007F45;">
PeakThreadCount</span>:<span style="color: #007F45;">
java.lang:type=Memory</span>:<span style="color: #007F45;">
HeapMemoryUsage</span>:<span style="color: #007F45;">
Catalina:type=Manager,context=/,host=localhost</span><span style="font-weight: bold; color: brown;">:
</span> activeSessions:</pre></td></tr></tbody></table></div>
<p><b>Note:</b> At the time of writing this the Librato library to process that yaml file needs to be patched, the ‘context=/’ causes issues trying to post them to the Librato API, but worry not, there is a <a href="https://github.com/librato/librato-metrics-taps/pull/2">patch available</a> that fixes your problems.. Hopefully soon the <a href="https://github.com/librato/librato-metrics-taps/pull/2">Pull Request</a> will get patched and it will be even easier to use.</p>
<p>I also ran into an issue with the library, in that it did not support JMX Authentication, but that was an easy fix and there is now <a href="https://github.com/librato/librato-metrics-taps/pull/3">another Pull Request</a> to add support for a <strong>–jmx-username</strong> and <strong>–jmx-password</strong> attribute to enable connection to authenticated JMX endpoints.</p>
<p>Monitoring now made easy, enabling you to quickly extract key JMX metrics, pump them into Librato and perform analysis.</p>
<p><img src="http://snapshots.librato.com/instruments/lds4jlva-1258.png" alt="Sample Librato graphic" /></p>
<p><b>Key Links</b></p>
<ul>
<li><a href="http://librato.com">Librato</a></li>
<li><a href="https://github.com/librato/librato-metrics-taps">librato-metrics-taps (GitHub)</a></li>
<li><a href="https://github.com/librato/librato-metrics-taps/pull/2">librato-metrics-taps (Pull Request #2)</a></li>
<li><a href="https://github.com/librato/librato-metrics-taps/pull/3">librato-metrics-taps (Pull Request #3)</a></li>
</ul>Steve MactaggartWhen looking at monitoring Java applications it seems that JMX is still one of the best standard ways to get information from your application and application servers. All containers, and most frameworks publish MBeans into the JMX context, but the tools for processing and retrieving them still seem to be limited. The quickest and easiest solution is to fire up VisualVM, install the MBeans plugin and connect to your container. You’ll end up with access to a heap of values, most of which won’t help you with your problem, but there may be some pieces of gold in there that are key to helping you identify issues or performance problems. Not matter what container you run, you’ll get access to the key Memory and Threading beans. These are probably a great place to start when looking at a system in abnormal state. But how do you know what is normal and what is not. The best way is to regularly check on some key metrics and over time you will learn what is normal and what is abnormal. So how do you do this? You could just fire up VisualVM every now and then and read the values, hopefully you’ll remember what looks normal or not. Or you can setup something that extracts the JMX values periodically and stores them. If you’ve been following me on Twitter then you’ll know I have been recently using Librato, and that it is a really simple and directed tool that produces so much power by how flexible it is. Librato is a simple website that enables you to push in timestamped JSON objects, and then graph them on a timeseries graph. This may sound simple, but one of the most complex parts of Metrics analysis is managing the volume of information and drawing relationships between metrics. The Librato platform allows you to easily build ‘Instruments’ that combine multiple different metrics against the same time frame. This simple tool enables a multitude of analysis to be done. So we now have the raw data in the JMX beans, and a place to store it in Librato, but the missing piece is how to get the data from one into the other. Of course the Librato guys have build a connector to extract specific JMX metrics and import them into the Librato platform. The code is available on GitHub and pretty self explantory. Just configure your Librato email and token, and supply the connection credentials for the JMX datasource and you are almost there.Starting a new project can be daunting2013-03-29T02:00:00+00:002013-03-29T02:00:00+00:00http://www.whitesquaresoft.com/2013/03/29/Starting-a-new-project-can-be-daunting<p>I’ve been working on some new utility projects over the last few weeks, and starting from scratch can be a daunting task.</p>
<p>You start out with heaps of ideas and the initial enthusiasm clouds the reality of the task at hand. But as time progresses and features start to appear you begin to realise how big even the simplest things can be.</p>
<p>Its often at this time in the project that they get thrown into the ‘later’ pile never to be resumed again.</p>
<p>Its the daunting scope of your initial ideas that may be your enemy over and over again. But don’t be stopped. Most probably you have something working, or nearly there and with a little focus and some effort you can probably ship it.</p>
<p>But you need to prioritise. Focus on the minimum viable product. Get your ideas listed somewhere, a wiki, whiteboard, bug tracker, Google doc.. Just get the important things down. Now cut the list to only the essential features. If there is a way to get it in the hands of its target users without the feature put it off.</p>
<p>Hopefully you’ll now find 2-3 things that must be done and a heap you would like to do. Focus on the first couple and get it into the hands of some users.</p>
<p>Just ship it..</p>
<p>Remember that just like Rome all the great products you use today were not built in a day. They most probably started off as a small fraction of what they were and have been shaped by feedback from users and other products.</p>
<p>While we now have access to great libraries and platforms to work with, they only do so much. You need to use the right ones in the right ways.</p>
<p>Shipping a new product can be daunting thinking about all of the work to come, but remember what you have achieved so far and focus on completing the minimal remaining features to get your product into the hands of your users.</p>Steve MactaggartI’ve been working on some new utility projects over the last few weeks, and starting from scratch can be a daunting task. You start out with heaps of ideas and the initial enthusiasm clouds the reality of the task at hand. But as time progresses and features start to appear you begin to realise how big even the simplest things can be. Its often at this time in the project that they get thrown into the ‘later’ pile never to be resumed again. Its the daunting scope of your initial ideas that may be your enemy over and over again. But don’t be stopped. Most probably you have something working, or nearly there and with a little focus and some effort you can probably ship it. But you need to prioritise. Focus on the minimum viable product. Get your ideas listed somewhere, a wiki, whiteboard, bug tracker, Google doc.. Just get the important things down. Now cut the list to only the essential features. If there is a way to get it in the hands of its target users without the feature put it off. Hopefully you’ll now find 2-3 things that must be done and a heap you would like to do. Focus on the first couple and get it into the hands of some users. Just ship it.. Remember that just like Rome all the great products you use today were not built in a day. They most probably started off as a small fraction of what they were and have been shaped by feedback from users and other products. While we now have access to great libraries and platforms to work with, they only do so much. You need to use the right ones in the right ways. Shipping a new product can be daunting thinking about all of the work to come, but remember what you have achieved so far and focus on completing the minimal remaining features to get your product into the hands of your users.Arduino based build light system2013-03-11T02:00:00+00:002013-03-11T02:00:00+00:00http://www.whitesquaresoft.com/2013/03/11/Arduino-based-build-light-system<p>I’ve been looking at an Arduino for a few years now, but never really had the drive to pick one up, or the project to use it on. But after the recent move from Jenkins to Bamboo, our office build lights needed some rework and I got to thinking this might be the perfect system for an Arduino.</p>
<p>I ordered the Arduino starter kit, Ethernet Shield and strip of 25 WS2801 LED’s from AdaFruit, and surprisingly only about 6 days later my order arrived in Australia.</p>
<h2>Phase 1</h2>
<p>Most of the complex logic is handled by the WS2801 lights themselves, each one is individually addressable, and so the only real complex part was how to do the build server integration.</p>
<p>After looking into the features of the Ethernet shield, I took the approach of coding a simple web-server into the Arduino that can respond to a basic set of URL requests, changing the state of the lights based on the pattern of the URL.</p>
<p>The initial build consisted of 6-led lights all configured as one set that could either be on or on a rotating pattern with the led’s Green for success or Red for failure.</p>
<p>These were easily addressable by the simple http server, hitting the url
</p>
<pre class="url">http://192.168.1.177/success/complete</pre>
<p> would turn on the lights to the success state.</p>
<p><img alt="" src="https://lh6.googleusercontent.com/-xMh7WcG2Bvg/UJpLy-tIKkI/AAAAAAAAGCQ/_BbvTtzaN5s/w336-h252-k/IMG_20121107_224654.jpg" class="alignnone" width="336" height="252" /></p>
<p>While
</p>
<pre class="url">http://192.168.1.177/failed/complete</pre>
<p> would show the full red option.</p>
<p><img alt="" src="https://lh5.googleusercontent.com/-RklGHSfO2eU/UJpMIYMF2II/AAAAAAAAGCc/kb6jFBfYKGU/w336-h252-k/IMG_20121107_224703.jpg" class="alignnone" width="336" height="252" /></p>
<pre class="url">http://192.168.1.177/success/building</pre>
<p> and
</p>
<pre class="url">http://192.168.1.177/failed/building</pre>
<p> would give the other 2 potential options for build status.</p>
<p>A quick and easy modification to our existing build watch script enabled a quick integration to our build system.</p>
<h2>Phase 2</h2>
<p>Our build process is a little more complex than a single light (or set of lights) can indicate. We have 3 distinct build stages, and it would be good if the lights could watch each stage and indicate the progress through the workflow, and the current success of each stage.</p>
<p>The upgraded Arduino webserver code has now broken the LED’s down into 3 sets, TOP (S1), MIDDLE (S2) and BOTTOM (S3).</p>
<p>These sets each have the same status options of <b>‘/success/complete/’</b> and <b>‘/failed/building’</b> etc, but are prefixed by the Section the command applies to.</p>
<p>The webserver does very crude pattern matching, so its even possible to control multiple stages at once like.</p>
<pre class="url">http://192.168.1.177/S1S2S3/success/complete</pre>
<p> or
</p>
<pre class="url">http://192.168.1.177/S1S3/failed/building</pre>
<p><iframe width="560" height="315" src="http://www.youtube.com/embed/XlSou-u4MRM" frameborder="0" allowfullscreen=""></iframe></p>
<h1>How to build your own</h1>
<p>I purchased all of my components from <a href="http://adafruit.com/">Adafruit.com</a>.<br />
You’ll need:</p>
<ol>
<li><a href="https://www.adafruit.com/products/50">Arduino base kit</a></li>
<li><a href="https://www.adafruit.com/products/201">Ethernet shield</a></li>
<li><a href="https://www.adafruit.com/products/738">WS2801 LED Strip</a></li>
<li>Some wire or cabling, also available but I had some spare cat5</li>
</ol>
<p>Once you have all the parts, connect the GND and 5+V pins of the WS2801 to the corrosponding pins on the Arduino, and the Data and Clock pins to the 2 and 6 pin (or whatever you want and change the Sketch)</p>
<p>The Arduino Sketch files are available <a href="https://github.com/stevemac007">on my GitHub account</a>. The phase 1 configuration is available in the <strong><a href="https://github.com/stevemac007/arduino-buildlight">master</a></strong> branch, while the phase 2 (3 section) configuration is available in the <strong><a href="https://github.com/stevemac007/arduino-buildlight/tree/3seg">3seg</a></strong> branch.</p>
<p>You’ll also need the Adafruit_WS2801 library and the base Ethernet library.</p>
<p>Then it should be as simple as firing up the Arduino IDE, loading in the sketch and uploading to your device.</p>
<p><strong>Note:</strong> You might need to change the IP address, MAC address or Data pins, these are all identified at the top to the Arduino Sketch file.</p>Steve MactaggartI’ve been looking at an Arduino for a few years now, but never really had the drive to pick one up, or the project to use it on. But after the recent move from Jenkins to Bamboo, our office build lights needed some rework and I got to thinking this might be the perfect system for an Arduino. I ordered the Arduino starter kit, Ethernet Shield and strip of 25 WS2801 LED’s from AdaFruit, and surprisingly only about 6 days later my order arrived in Australia. Phase 1 Most of the complex logic is handled by the WS2801 lights themselves, each one is individually addressable, and so the only real complex part was how to do the build server integration. After looking into the features of the Ethernet shield, I took the approach of coding a simple web-server into the Arduino that can respond to a basic set of URL requests, changing the state of the lights based on the pattern of the URL. The initial build consisted of 6-led lights all configured as one set that could either be on or on a rotating pattern with the led’s Green for success or Red for failure. These were easily addressable by the simple http server, hitting the url http://192.168.1.177/success/complete would turn on the lights to the success state. While http://192.168.1.177/failed/complete would show the full red option. http://192.168.1.177/success/building and http://192.168.1.177/failed/building would give the other 2 potential options for build status. A quick and easy modification to our existing build watch script enabled a quick integration to our build system. Phase 2 Our build process is a little more complex than a single light (or set of lights) can indicate. We have 3 distinct build stages, and it would be good if the lights could watch each stage and indicate the progress through the workflow, and the current success of each stage. The upgraded Arduino webserver code has now broken the LED’s down into 3 sets, TOP (S1), MIDDLE (S2) and BOTTOM (S3). These sets each have the same status options of ‘/success/complete/’ and ‘/failed/building’ etc, but are prefixed by the Section the command applies to. The webserver does very crude pattern matching, so its even possible to control multiple stages at once like. http://192.168.1.177/S1S2S3/success/complete or http://192.168.1.177/S1S3/failed/building How to build your own I purchased all of my components from Adafruit.com. You’ll need: Arduino base kit Ethernet shield WS2801 LED Strip Some wire or cabling, also available but I had some spare cat5 Once you have all the parts, connect the GND and 5+V pins of the WS2801 to the corrosponding pins on the Arduino, and the Data and Clock pins to the 2 and 6 pin (or whatever you want and change the Sketch) The Arduino Sketch files are available on my GitHub account. The phase 1 configuration is available in the master branch, while the phase 2 (3 section) configuration is available in the 3seg branch. You’ll also need the Adafruit_WS2801 library and the base Ethernet library. Then it should be as simple as firing up the Arduino IDE, loading in the sketch and uploading to your device. Note: You might need to change the IP address, MAC address or Data pins, these are all identified at the top to the Arduino Sketch file.