This document contains notes from a presentation or workshop on July 11, 2013 in London. It discusses various topics related to software development including parallelism, modular design, horizontal scaling, agile development, and security. Parallelism is achieved by splitting tasks like processing 1 million records across multiple nodes. Modular design involves decomposing problems and solutions into independent, interchangeable modules.
5. FRAMEWORKS
•The building blocks of an application - a set of common
software functions that take the work out writing all code
from scratch.
5
Thursday, July 11, 13
24. •Nodes: Servers
•Environments: Groups of nodes (Dev/QA/Prod)
•Recipes: Describes the desired state of a node
•Cookbooks: Group of Recipes
•Roles: Group of Cookbooks (Web)
•Attribute: information about the current state of a node
23
Thursday, July 11, 13
27. •Nodes: Servers
•Environments: Groups of
nodes (Dev/QA/Prod)
•Manifests: Describes the
desired state of a node
•Catalog: Group of Manifests
•Facts: information about the
current state of a node
26
Thursday, July 11, 13
30. •Nodes: Minions
•Environments: Groups of nodes (Dev/QA/Prod)
•States: Describes the desired state of a node
•Grains: information about the current state of a node
29
Thursday, July 11, 13
46. Our hero, the developer, submits code for review.
The code is reviewed in Gerrit by other developers, who
approve the change.
Jenkins runs automated tests against the code change.
Jenkins pushes the code to GitHub so others can build on the
change.
41
Thursday, July 11, 13
48. A database, in the most general
sense, is an organized collection of
data.
Database Defined
http://glenn-packer.net
43
Thursday, July 11, 13
49. ACID
•Atomicity: refers to a database’s ability to either fully process or fully roll back a
transaction
•Consistency: database should ensure that all data written therein follows all rules
and constraints specified in the database
•Isolation: transactions must be processed securely and independently, without
interfering with each other
•Durability: the database must ensure that all committed transactions are saved
permanently and cannot be accidentally erased, even in a database crash
44
Thursday, July 11, 13
50. •A relational database is essentially a group of tables
or, to use the technical name, entities.
•Each table is made up of rows (tuples) and columns
(attributes).
relational
databases
45
Thursday, July 11, 13
51. Some companies needed something more to accommodate their growing data
rdbms may not be
the best fit
46
Thursday, July 11, 13
54. NoSQL is difficult to define but most NoSQL databases will
share common characteristics
1. Non-relational
2. Distributed
3. Open-source
4. Horizontally Scalable
5. Schema-less
NoSQL
49
Thursday, July 11, 13
55. An “aggregate” is a
collection of related
objects that we wish
to treat as a unit
orders
customers
order lines
credit cards
ID: 1001
line items:
customer: Ann
0321293533
0321601912
0131495054
2
1
1
$48 $48
$39
$51
$39
$51
payment details:
Card: Amex
CC #: 12345
expires: 04/2001
aggregate
50
Thursday, July 11, 13
56. There are several different
types of data stores that are
considered to be NoSQL
•Key/Value Databases
•Document Databases
•Column-Family Stores
•Graph Databases
51
Thursday, July 11, 13
57. Key/Value Database
•Primarily constructed of aggregates that have a Key or ID that’s
used to access the data
•The database cannot see structure within the aggregate
52
Thursday, July 11, 13
58. Key/Value Database
•Good Use Cases:
• Storing Session
Information
• User Profiles &
Preferences
• Shopping Cart Data
• Bad Use Cases:
• Data Relationships
•Multi-operation
Transactions
•Query by Data
53
Thursday, July 11, 13
59. •Like a Key-Value database, document databases primarily store
and access data using aggregates
•In contrast to the Key-Value database, document data bases can
see structure within the aggregate.
•You are able to retrieve the whole aggregate or specific parts of it
document Database
54
Thursday, July 11, 13
60. document Databases
•Good Use Cases:
• Event Logging
• Blogging Platforms
• Real-time Analytics
• Bad Use Cases:
• Complex Transactions
•Queries against Varying
Aggregate Structures
55
Thursday, July 11, 13
61. • Can be looked at as a two-level aggregate
structure
• The first key is often described as a row ID
picking up the aggregate of interest
• The second level values of the aggregates are
referred to as columns
• You are able to access a row as a whole or
operations will allow you to pick out a
particular column to get specific data
COLUMN FAMILY
56
Thursday, July 11, 13
62. COLUMN-FAMILY
datastores
•Good Use Cases:
• Event Logging
• Blogging Platforms
• Counters (page visits)
• Expiring Usage
• Bad Use Cases:
• ACID transactions
required
• Early prototype
applications
57
Thursday, July 11, 13
63. •Unique compared to most NOSQL types because it was not
developed with the intention of scaling horizontally into a cluster
•Data is stored as “nodes” that are connected by edges
•Edges are directional in nature and must be specified
•Queries need a starting point and them will traverse the edges to
gather the data requested
graph database
58
Thursday, July 11, 13
65. graph databases
•Good Use Cases:
• Connected Data
• Location-based services
•Recommendation
engines
• Bad Use Cases:
• Ability to update
specific aggregates
60
Thursday, July 11, 13
69. 64
POLYGLOT PATTERN:
write to sql and NOSQL
NEW
TWEET
INSERT
LPUSHX
LTRIM
MySQL
TWEETS
FOLLOWS
FOLLOWERS
Redis: Timeline
FOLLOWER 1
FOLLOWER 2
FOLLOWER 3
Avoid
expensive
MySQL joins
Thursday, July 11, 13
70. 65
POLYGLOT PATTERN:
REPLICATE FROM
MYsql to NOSQL
QUERY
SERVICE
UPDATE
SERVICE
REDIS
MYSQL
DATABASE
SYSTEM
OF
RECORD
MATERIALIZED
VIEW
READER WRITER
replicate and
denormalize
query() update()
Thursday, July 11, 13
101. ONE PERSON BUILDS A CAR
Modular - what
Example: Assembly Line
81
Thursday, July 11, 13
102. CHASSIS ENGINE BODY INTERIOR
Decoupled
Self-contained units
Data Communication
Modular - what
Example: Assembly Line
82
Thursday, July 11, 13
103. Modular - what
Modules within Modules
CHASSIS ENGINE BODY INTERIOR
83
Nested Modularity
Thursday, July 11, 13
104. CHASSIS ENGINE BODY INTERIOR
Modular - what
84
Modules within Modules
Nested Modularity
Thursday, July 11, 13
105. CHASSIS ENGINE BODY INTERIOR
Modular - what
SEATS FLOOR
DASHBOARD
GAS
AND
BRAKE
PEDALS
84
Modules within Modules
Nested Modularity
Thursday, July 11, 13
106. Small units are more maintainable
Allows us to tolerate some partitions (but not all)
Allows us to be parallel!
CHASSIS ENGINE BODY INTERIOR
modular - Why
85
Thursday, July 11, 13
146. 101
5678 9101112
13141516
ADD MORE SERVERS
BASED ON
MESSAGE QUEUE
1234
MESSAGE QUEUE
Horizontal - HOW
DECREASE SERVERS
BASED ON
MESSAGE QUEUE
Thursday, July 11, 13
149. Agile - WHAT
the power of moving
quickly and easily;
nimbleness
104
Thursday, July 11, 13
150. Features In Progress Blocked Tabled Testing Complete
Feature A
Feature B
Feature C
105
Agile - why Monday
Thursday, July 11, 13
151. Agile - why
Features In Progress Blocked Tabled Testing Complete
Feature A
Feature B
Feature C
106
Tuesday
Thursday, July 11, 13
152. Agile - why
Features In Progress Blocked Tabled Testing Complete
Feature A
Feature B
Feature C
Feature E
Feature D
106
Tuesday
Thursday, July 11, 13
153. Features In Progress Blocked Tabled Testing Complete
Feature AFeature BFeature C
Feature E
Feature G
Agile - why
107
Wednesday
Thursday, July 11, 13
154. Features In Progress Blocked Tabled Testing Complete
Feature AFeature BFeature C
Feature E
Feature D
Feature F
Feature G
Agile - why
107
Wednesday
Thursday, July 11, 13
155. Features In Progress Blocked Tabled Testing Complete
Feature A
Feature B
Feature C
Feature E
Feature D
Feature F
Feature G
Agile - why
108
Friday
Thursday, July 11, 13
156. Features In Progress Blocked Tabled Testing Complete
Feature A
Feature B
Feature C
Feature E
Feature D
Feature F
Feature G
Feature H
Feature I
Agile - why
108
Friday
Thursday, July 11, 13
157. Features In Progress Blocked Tabled Testing Complete
Feature A
Feature B
Feature C
Feature EFeature D
Feature F
Feature G
Feature H
Feature I
Agile - why
109
Friday - WK 2
Thursday, July 11, 13
158. Agile - why
57%
14%
29%
Failed Successful Challenged
49%
42%
9%
Waterfall Agile
Source: The CHAOS Manifesto, The Standish Group, 2012
110
Thursday, July 11, 13
159. • CI/CD when
appropriate
• Quality is in the
eye of the
beholder
• Release fast,
release slow
Agile - How
Features In Progress Blocked Tabled Testing Complete
111
Thursday, July 11, 13
160. IMAGE: blogs.bu.edu
Agile - How
• Increase quality
by reusing code
from partners
and libraries
112
Thursday, July 11, 13
161. Agile - How
113
Lint Testing
Test Driven Development
Functional Testing
Black Box
Integration Testing
Unit Testing
Behavior Driven Development
White Box
Smoke Testing
Acceptance Testing
Thursday, July 11, 13
162. ENSURES QUALITY
Agile - How
113
Lint Testing
Test Driven Development
Functional Testing
Black Box
Integration Testing
Unit Testing
Behavior Driven Development
White Box
Smoke Testing
Acceptance Testing
Thursday, July 11, 13
163. ENSURES CONFIDENCE
Agile - How
114
Lint Testing
Test Driven Development
Functional Testing
Black Box
Integration Testing
Unit Testing
Behavior Driven Development
White Box
Smoke Testing
Acceptance Testing
Thursday, July 11, 13
167. 117
SECURITY - HOW
•Security at every layer
PRESENTATION
APPLICATION
STORAGE
INTERFACE
SECURITY
ACROSS ALL LAYERS
Thursday, July 11, 13
168. 118
SECURITY - HOW
•Use industry standards
•SSL
•Encryption
•At rest
•In-transit
Thursday, July 11, 13
169. 119
SECURITY - HOW
•Authentication
•User authentication
•Manage yourself
•Offload to 3rd party
•Host-based Authentication
•Security Groups
•Firewalls
•Configuration
Management Systems
Thursday, July 11, 13
170. 120
SECURITY - HOW
•Hybrid Cloud
•Store different
types of data in the
right place
•Sensitive data in on-
premise cloud
•Non-sensitive on
public cloud
Thursday, July 11, 13
171. 121
SECURITY - WHY
•Trustworthiness as an organization
•Cloud security is too important
to leave up to the end-user alone
•Ownership gaps that leads to
process and governance issues
•Compliance
•Logging and auditing
•Regulatory requirements
Thursday, July 11, 13
175. Requirements
•List stars
•List roles’ images
•CRUD
•Tag searching
•Who liked what
•Social media
•Image resizing
•Added by tag
•Hot tagged images
125
Thursday, July 11, 13
176. application decisions
API TIER
UT UR RS
WORKER
TIER
LB
AUTH
MQ DB
OBJECT
STORAGE
CDN
SOCIAL
MEDIA
126
INTERNET
•Load Balancer
•Infrastructure
•Authentication
•Message Queue
•Database
•Content Delivery
•Social Media
Thursday, July 11, 13
177. application decisions
API TIER
UT UR RS
WORKER
TIER
AUTH
MQ DB
OBJECT
STORAGE
CDN
SOCIAL
MEDIA
126
INTERNET
•Load Balancer
•Infrastructure
•Authentication
•Message Queue
•Database
•Content Delivery
•Social Media
Thursday, July 11, 13
178. application decisions
API TIER
UT UR RS
WORKER
TIER
AUTH
MQ DB
OBJECT
STORAGE
CDN
SOCIAL
MEDIA
126
INTERNET
•Load Balancer
•Infrastructure
•Authentication
•Message Queue
•Database
•Content Delivery
•Social Media
Thursday, July 11, 13
179. application decisions
API TIER
UT UR RS
WORKER
TIER
MQ DB
OBJECT
STORAGE
CDN
SOCIAL
MEDIA
126
INTERNET
•Load Balancer
•Infrastructure
•Authentication
•Message Queue
•Database
•Content Delivery
•Social Media
Thursday, July 11, 13
180. application decisions
API TIER
UT UR RS
WORKER
TIER
DB
OBJECT
STORAGE
CDN
SOCIAL
MEDIA
126
INTERNET
•Load Balancer
•Infrastructure
•Authentication
•Message Queue
•Database
•Content Delivery
•Social Media
Thursday, July 11, 13
181. application decisions
API TIER
UT UR RS
WORKER
TIER
OBJECT
STORAGE
CDN
SOCIAL
MEDIA
126
INTERNET
•Load Balancer
•Infrastructure
•Authentication
•Message Queue
•Database
•Content Delivery
•Social Media
Thursday, July 11, 13
182. application decisions
API TIER
UT UR RS
WORKER
TIER
CDN
SOCIAL
MEDIA
126
INTERNET
•Load Balancer
•Infrastructure
•Authentication
•Message Queue
•Database
•Content Delivery
•Social Media
Thursday, July 11, 13
183. application decisions
API TIER
UT UR RS
WORKER
TIER
CDN
126
INTERNET
•Load Balancer
•Infrastructure
•Authentication
•Message Queue
•Database
•Content Delivery
•Social Media
Thursday, July 11, 13
184. application decisions
API TIER
UT UR RS
WORKER
TIER
126
INTERNET
•Load Balancer
•Infrastructure
•Authentication
•Message Queue
•Database
•Content Delivery
•Social Media
Thursday, July 11, 13
188. •API Tier
PARALLEL
API TIER
UT UR RS
INTERNET
WORKER
TIER
API TIER
•Works in tandem
•Doesn’t wait for workers
127
Thursday, July 11, 13
189. •API Tier
PARALLEL
API TIER
UT UR RS
INTERNET
•Update Tags, Update Relations,
Resize Workers operate in
tandem
WORKER
TIER UT UR RS
•Works in tandem
•Doesn’t wait for workers
127
Thursday, July 11, 13
190. •API Tier
PARALLEL
API TIER
UT UR RS
INTERNET
•Update Tags, Update Relations,
Resize Workers operate in
tandem
•Non-blocking actions
WORKER
TIER UT UR RS
API TIER
•Works in tandem
•Doesn’t wait for workers
127
Thursday, July 11, 13
192. •Separate tiers by functionality
MODULAR
API TIER
UT UR RS
WORKER
TIER
API TIER
UT UR RS
INTERNET
128
Thursday, July 11, 13
193. •Separate tiers by functionality
MODULAR
API TIER
UT UR RS
•Use MQ to decouple API from
worker
WORKER
TIER
INTERNET
128
Thursday, July 11, 13
194. •Separate tiers by functionality
MODULAR
API TIER
UT UR RS
•Use MQ to decouple API from
worker
•Separate workers to simplify
units of work
WORKER
TIER UT UR RS
INTERNET
128
Thursday, July 11, 13
196. •Restful API for shared nothing
scale
Horizontal
API TIER
UT UR RS
WORKER
TIER
API TIER
INTERNET
129
Thursday, July 11, 13
197. •Restful API for shared nothing
scale
Horizontal
API TIER
UT UR RS
•Workers share no state, simply
work on input
WORKER
TIER
INTERNET
129
Thursday, July 11, 13
198. •Restful API for shared nothing
scale
Horizontal
API TIER
UT UR RS
•Workers share no state, simply
work on input
•Scale data across nodes (even
DCs)
WORKER
TIER UT UR RS
API TIER
INTERNET
129
Thursday, July 11, 13
200. •Don’t re-invent ability or hosting
AGILE
API TIER
UT UR RS
WORKER
TIER
INTERNET
130
Thursday, July 11, 13
201. •Don’t re-invent ability or hosting
AGILE
API TIER
UT UR RS
•Split processes that are
individually testable
WORKER
TIER
API TIER
UT UR RS
INTERNET
130
Thursday, July 11, 13
202. •Don’t re-invent ability or hosting
AGILE
API TIER
UT UR RS
•Split processes that are
individually testable
•CI/CD is achievable by
component
WORKER
TIER
INTERNET
130
Thursday, July 11, 13
203. •Don’t re-invent ability or hosting
AGILE
API TIER
UT UR RS
•Split processes that are
individually testable
•CI/CD is achievable by
component
WORKER
TIER
INTERNET
130
Thursday, July 11, 13
204. •Don’t re-invent ability or hosting
AGILE
API TIER
UT UR RS
•Split processes that are
individually testable
•CI/CD is achievable by
component
WORKER
TIER
INTERNET
130
Thursday, July 11, 13
205. •Don’t re-invent ability or hosting
AGILE
API TIER
UT UR RS
•Split processes that are
individually testable
•CI/CD is achievable by
component
WORKER
TIER
INTERNET
130
Thursday, July 11, 13
206. •Don’t re-invent ability or hosting
AGILE
API TIER
UT UR RS
•Split processes that are
individually testable
•CI/CD is achievable by
component
WORKER
TIER
INTERNET
130
Thursday, July 11, 13
207. •Don’t re-invent ability or hosting
AGILE
API TIER
UT UR RS
•Split processes that are
individually testable
•CI/CD is achievable by
component
WORKER
TIER
API TIER
INTERNET
130
Thursday, July 11, 13
209. •Use HTTPs for secure data
transmission
SECURE
API TIER
UT UR RS
WORKER
TIER
API TIER
INTERNET
131
Thursday, July 11, 13
210. •Use HTTPs for secure data
transmission
SECURE
API TIER
UT UR RS
•No host logins; managed by
Chef
WORKER
TIER
API TIER
UT UR RS
INTERNET
131
Thursday, July 11, 13
211. •Use HTTPs for secure data
transmission
SECURE
API TIER
UT UR RS
•No host logins; managed by
Chef
•StormPath for user
authentication
WORKER
TIER
INTERNET
131
Thursday, July 11, 13