Self Cert SSL certificate for Apache2 on Ubuntu 8.04LTS
Generate a self cert certificate:
https://help.ubuntu.com/8.04/serverguide/C/certificates-and-security.html
Create a new virtual host (you can only have one SSL virtual host / IP)
sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl
Edit ssl sothat it looks like this:
NameVirtualHost *:443
ServerName webangle-www1.everyangle.co.uk
ServerAdmin webmaster@localhost
DocumentRoot /var/www/
SSLEngine on
SSLOptions +StrictRequire
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
Finally, if you want to force redirect of all traffic to a certain folder via SSL (e.g, /phpmyadmin), add the following to /etc/apache2/sites-available/default
#Redirect traffic to /phpmyadmin through https
RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^/phpmyadmin(.*)$ https://%{SERVER_NAME}/phpmyadmin$1 [L,R]
Enable it:
sudo a2ensite ssl sudo /etc/init.d/apache2 reload
Automount remote filesystem over SSH
Previously I posted on how I backup my server’s data to rsync.net’s remote storage.
A convienient way to access that remote storage is to configure rsync over sshfs:
sudo aptitude install sshfs mkdir /mnt/sshfs mkdir /mnt/sshfs/rsync.net sshfs **username**@ch-s011.rsync.net: /mnt/rsync.net
First, unmount
fusermount -u /mnt/rsync.net
Then, install autofs, and edit the config file
sudo aptitude install autofs sudo vi /etc/auto.master
Add the following line
/mnt/sshfs /etc/auto.sshfs --timeout=30,--ghost
Then,
sudo vi /etc/auto.sshfs
Add
rsync.net -fstype=fuse,rw,nodev,nonempty,noatime,allow_other,max_read=65536 :sshfs\#**username**@ch-s011.rsync.net\:
And finally restart autofs
sudo /etc/init.d/autofs restart
Now, when you cd /mnt/sshfs/rsync.net, after a short delay you will automatically be connected to the remote filesystem over SSH. After 30 seconds of inactivity, the connection will be closed.
Backup Ubuntu 8.04LTS to rsync.net using backup-manager (at linode.com)
I’m setting up a new linode360 VPS, based of the Ubuntu 8.04LTS image.
For backups, I want to do weekly backups and daily incrementals of the data files, and sync these off to an external backup location.
Broadly, there are two parts to the backup, creating the backed up files, and then copying them offsite.
Creating the backups
I’m using backup-manager 0.7.6-debian1, which handles backing up sets of files and MySQL databases to tar.gz files.
sudo aptitude install backup-manager sudo /usr/sbin/backup-manager --version
The comments in the config file make editing it quite straight forward.
sudo vi /etc/backup-manager.conf
One minor points:
- Separate multiple backup methods with a space, eg:
export BM_ARCHIVE_METHOD="tarball-incremental mysql"
To test:
sudo /usr/sbin/backup-manager --verbose
The output folder you specified (/var/archives) should now contain some .tar.gz versions of your data. Hurrah!
Getting the files offsite
Originally I intended to use Amazon’s S3 as a backup store, following Michael Zehrer’s instructions on how to rsync with S3. However, I couldn’t get this to work reliably; so I opted instead for rsync.net which offers standard scp, ftp, WebDav and sshfs access to their geographic backup locations.
Backup-manager can rsync over ssh, which is a quick and efficient way to sync changes over to the remote host..
The first step is get your rsync.net account setup; and set up your ssh so you can access without typing in a password
Then, set the BM_UPLOAD_METHOD to rsync, and configure both the scp and the rsync settings in /etc/backup-manager.conf (pay attention not to prefix remote folders with / ).
Test with:
sudo /usr/sbin/backup-manager --verbose
Once its all working, set up a cron job to call backup-manager daily.
crontab -e
I run backup-manager once per day in the wee hours, and log output to /root/crontab/daily_backup-manager.logs
0 3 * * * /usr/sbin/backup-manager -v > /root/cronlogs/daily_backup-manager.log
Viola!
Farside re-enactment group
The evolution of the giraffe.
In case you were wondering. More sidesplitting stuff at http://www.flickr.com/groups/farside/pool/
The Correlation between Schedule Pressure & Low Quality
Research suggests that
- 40% of all software errors are caused by pressure on developers to complete quicker (Glass 2004)
- Under extreme schedule pressure, code defects increase by 400% (Jones 2004)
- Projects which aim to have the lowest number of defects also have the shortest schedules (Jones 2000)
This makes sense is you consider that good engineering practises are the first to leave the building under pressure to finish, and most teams will revert to quick & dirty hacks to get things implemented, without complete testing etc.
My personal opinion is that the only way to shorted development cycles is to reduce the feature set. Its pleasing for me to see that the research seems to back this up.
When deciding which features will be dropped; I think its worth revisiting the business requirements that are driving a particular set of features. In many cases a simpler “design” could suffice; for example a fancy calendar widget could be replaced with a simple textbox; a little used settings screen could be retired in favour of manually changing config files; or overly complex but little used workflows could be put on the back burner.
I maintain that a lot of “features” can be dropped, without actually impairing the business functionality of the system.
Just remember, what every you do DON’T consider dropping testing or QA in an effort to meet your deadline; unless you want to guarantee that you will continue to miss all future deadlines until the project gets cancelled!
ASP.NET MVC Beta – Setting properties on ViewControls
In ASP.NET MVC Beta, it isn’t possible to set properties on partials when calling them with Html.RenderPartial.
Rusty Zarse blogged about a useful ViewData helper class, which allows you to set properties by passing values to the partial through the ViewData.
I’ve extended this slightly to enable the following syntax:
1 2 3 4 5 6 7 8 | <% Html.RenderPartial("YUIDataTable", ViewDataDictionaryBuilder.Create( new { DataTableId = "QuoteDataTable", ConfigNamespace = "QuoteDataTableConfig", HideFilter = true }));%> |
Which sets properties on a ViewUserControl like this:
1 2 3 4 5 6 7 8 9 10 11 | public partial class YUIDataTable : ViewUserControl { public string ConfigNamespace { get; set; } public string DataTableId { get; set; } public bool HideFilter { get; set; } protected void Page_Load(object sender, EventArgs e) { ViewDataDictionaryBuilder.SetPropertiesToViewDataValues(this); } } |
Here is the full helper code.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 | using System; namespace MvcHelpers { /// /// With thanks to http://www.vitaminzproductions.com/technology-blog/index.php/2008/11/12/setting-properties-using-aspnet-mvc/ /// public static class ViewDataDictionaryBuilder { public static System.Web.Mvc.ViewDataDictionary Create(object data, ModelType model) where ModelType : class { return (System.Web.Mvc.ViewDataDictionary)CreateInternal(new System.Web.Mvc.ViewDataDictionary(model), data); } public static System.Web.Mvc.ViewDataDictionary Create(object data, object model) { return CreateInternal(new System.Web.Mvc.ViewDataDictionary(model), data); } public static System.Web.Mvc.ViewDataDictionary Create(object data) { return CreateInternal(new System.Web.Mvc.ViewDataDictionary(), data); } private static System.Web.Mvc.ViewDataDictionary CreateInternal(System.Web.Mvc.ViewDataDictionary dictionary, object data) { AddPropertiesToViewData(dictionary, data); return dictionary; } private static void AddPropertiesToViewData(System.Web.Mvc.ViewDataDictionary dictionary, object data) { if (data == null) return; System.Reflection.PropertyInfo[] properties = data.GetType().GetProperties(); foreach (var property in properties) { dictionary.Add(property.Name, property.GetValue(data, null)); } } public static void SetPropertiesToViewDataValues(System.Web.Mvc.ViewUserControl viewUserControl) { foreach (var property in viewUserControl.GetType().GetProperties()) { if (viewUserControl.ViewData[property.Name] != null) property.SetValue(viewUserControl, Convert.ChangeType(viewUserControl.ViewData[property.Name], property.PropertyType), null); } } } } |
Hope that’s useful to you!
Announcing the TDD TestHelpers opensource project
Whenever I start working on a project; I invariably find myself writing a collection of TDD test helper methods. I quick survey of other TDDers reveals the same; and thus the birth of my latest opensource project, TestHelpers (http://code.google.com/p/testhelpers/).
The aim of the project is to centralise all those little test helper methods you end up creating into a useful assembly you can use to jumpstart your next project. Things like:
- Comparers
- Generic object comparers
- DataSet comparers
- Test Data generators
- Builder pattern
- Automocking containers
For example, I’ve just added an “AssertValues” functor; which helps you check whether the values of who object instances are the same.
One area I keep using asserts like this is in integration tests; where I want to check that the objects I’m persisting to the database via my ORM actually end up in the database in a non-mangled form. In this case, I new up entityA, persist it, reload it into entityB and then need to check that all the values in entityB are the same as those in entityA.
A standard Assert.AreEqual will fail, because entityA and entityB are different instances. But, my helper method AssertValues.AreEqual will pass, because it checks the (serialized) string values of entityA and entityB.
Here is another, simpler example to illustrate the concept.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | [TestFixture] public class StandardObjectsTests { public class StringContainer { public string String1 { get; set; } public string String2 { get; set; } } [Test] public void ObjectsWithSameValue_ShouldBeEqual() { var stringContainer1 = new StringContainer {String1 = "Test String1", String2 = "Test String 2"}; var stringContainer2 = new StringContainer {String1 = "Test String1", String2 = "Test String 2"}; Assert.AreNotEqual(stringContainer1, stringContainer2); AssertValues.AreEqual(stringContainer1, stringContainer2); } } |
I’m sure you have a bunch of similar helper methods lying about your projects.
How about contributing them to the TestHelper project?
DDD7 – Nov 21, Microsoft campus, Reading UK
Wow. DDD, the community conference for UK MS developers, hosted by Microsoft, but completly driven by the community continues to go from strength to strength. This year, the 400 places were filled within 4 hours of this annoucement that registration was open via twitter.
I really enjoyed Mike Hadlow’s talk on IOC injection; with specific reference to his opensource eCommerce application, SutekiShop. Clearly an expert on the subject on ASP.NET MVC, Onion architecture, Repositories & Services, and binding it all together with IOC; he is also a gifted presenter. If you’re looking for a reference implementation of an ASP.NET MVC application (or indeed just a loosely coupled, TDD driven web application); I’d strongly advise you to check out Mike’s SVN repo.
Toby Henderson gave an interesting demo of how you can run .NET apps under Linux (Ubuntu) using Mono. Worth bearing in mind when considering your hosting & deployment options.
Sebastien Lambla gave a highly entertaining (if opinionated) presentation of a series of WFP tips and tricks. My favourite tip (which isn’t really WPF related)
Tired of always checking if your event delegates are null before calling them? Just declare them with a standard empty delegate. Then they are never null!
1 | event MyEvent = delegate {}; |
Recommended book: WPF Unleashed by Adam Nathan
As always it was a great event – remember, if you want to be at DDD8 (2009); sign up early!
See www.developerday.co.uk for slides & videos from all sessions
Complexity Smells
I propose that one of the principal things that gets projects into trouble is too much complexity. My theory is that there are a number of “complexity smells” that if identified and addressed early on can radically improve a projects chances of success.
To explore this theory, I recently ran a workshop where we brainstormed complexity smells and possible preventative actions.
We selected and ranked to product the following list:
(1) Over engineered code/applications – 46% of votes
Do you really need all those features? Should you really be introducing this code abstraction or design pattern; or are you just speculating that it will be required in the future? Will a simpler solution work for now?
Prevention strategies
a) Do you really need that functionality / code. No really.
b) Refactor mercilessly (at all levels, functionality, architecture, classes, methods, algorithms)
c) Ensure your team has good coding standards
(2) Lack of TDD & Acceptance test automation – 26% of votes
Is your unit test coverage above 80%? Can you click one button and have all your acceptance tests run automatically? Have you considered that any change made after version 1 is released (aka, in 90% of the lifecycle of the application!) is the equivalent of someone opening a novel they have never read, changing what happens to a couple of characters, and then without re-reading the novel; hoping it all still makes sense.
Prevention strategies
(a) Set up automation in sprint 0
(b) Project manager or tech lead needs to drive automation
(c) Ensure the team has testing experience (or at least a resource to guide & educate them)
(d) Initially test automation just seems to slow down progress; be ready to explain how automated tests are the gift that keeps on giving
(3) Poor time / priority management – 20% of votes
Does your project have a clearly prioritised backlog? When new features are introduced, is it easy to see which features should be moved down the priority list. How frequent are your feedback loops – between deciding on a requirement, designing a feature and getting feedback on whether that implemented feature fulfils the requirements?
Prevention strategies
(a) Break your project up into 3 month releases
(b) Appoint a strong product backlog owner.
(4) Ownership – 5% of votes
Who owns the projects feature set? Who owns the code past release 1? Is there someone who can made decisions quickly and decisively?
Prevention strategies
(a) Customer should decide what is produced, and what acceptance tests validate that it works.
(b) Place emphasis on collaboration, knowledge sharing and transparent communication
(c) Ensure rapid feedback cycles built in
(d) Keep same team on project through who product lifecycle
Some other complexity smells identified
- External dependencies – consider building “anti-corruption layers” between your application & 3rd parties. Prefer talking to humans rather than documents (re: 3rd party APIs)
- Poor communication – collocation of team; prefer face to face rather than email conversations; keep teams < 10 ppl
- Standards – too many or too few; standards = guidelines rather than rules
If your project is exhibiting some of these smells; perhaps its time to have a complexity retrospective with your team and nip them in the bud before they spiral out of control and kill your project.
ALT.NET; London; 13 Sept 2008
Intro
Debate over what ALT.NET is; should it have a set of guiding principles like the Agile manifesto?
Continuous integration & deployment
There seemed to be 3 major areas where people encountered difficulties doing continuous integration & deployment.
- Configuration files
- DB schema migrations
- Data migrations.
- Make sure that your config files are small. and contain only that config data that changes often (DB connection strings, file paths etc). Put all your “static” config data into separate files (DI injection config etc).
- Consider templated config files; where specific values are injected during deploy process.
- Keep all config in simple text files in source control.
- Migration techniques borrowed from Ruby on Rails – generate change scripts by hand or using tools like SQL Compare; and then apply them using a versioning tool like dbdeploy.
- Take backup before data migration.
- Ensure app fails quickly if is a problem; cause if data has changed since deployment then cannot rollback.
- Consider apps upgrading themselves and running smoke tests upon startup – and refusing to run if there is a problem – this technique is used by established opensource projects – Wordpress, Drupal, Joomla.
- Build a DSL incrementally during short iterations. Gives you opportunity to refine, fill in gaps, and train whole team to use same language.
- Without a DSL, acceptance testing via the UI testing becomes brittle, as you end up specifying your tests at too low a level, (click button A, then check for result in cell B); rather than having a translation from acceptance tests in a higher DSL language to specific UI components.
- Consider prioritised tests – have a set of facesaving tests / smoke tests that always work, and ensure major things are still working (company phone number correct? Submit order button still work?). Acceptance tests can be thrown away if they have served their function of evolving the design / team understanding.
- The acceptance testing trio – Developers test for success – thus automated testing only tests happy flow – still need exploritory testing by someone with testing mindset; what happens if you do weird stuff? Tester must have domain knowledge. Business – what are should happen? Don’t let developers be forced to make up business rules?
- Ensure all layers of stack (tests, manuals, code, unit tests) use the same DSL language.
- How do you get workable acceptance tests – see Requirements Workshops book
- Short iterations – more focus, incremental specs, opportunity to discuss missing test examples.
- Key is having a ubiquitous language encoded as a DSL (domain specific language) – develops over time, enables automated accpetance tests,
- Sign off against acceptance tests (Green Pepper tool – capture & approve acceptance tests)
- Talk: The Yawning Gap of ?? doom – infoQ, Martin Fowler
- Avoid describing these activities as “testing” – people avoid because testing has low social status.
- Discussion around the difference between DDD; where we treat the concepts & actions as central; vs DB centrered design, where we’re thinking about the data as central, and UI centered design, where the screens are considered central.
- Concensus was that domain shouldn’t be tightly bound to the DB, or the UI.
- Ideas around passing DTO objects up to view (UI, webservices etc), andchange messages bad from view, indicating how the domain should be changed (rather than passing the whole DTO, where you don’t know what has changed).
- Defined as Dan North’s Given, When, Then
- Is it any difference from Acceptance testing? Only that it is better branding, because BDD doesn’t have the word “testing” in it; which prevents people being switched off hearing the word test when discussing specifications.
- BDD is writing failing acceptance testing first; before writing code.
- Unit testing is ensuring that the code is built right, but acceptance testing / BDD ensures that the right code is built.
- Toolset is still immature. Fitnesse .NET & Java tooling is most mature toolset. Many BDD tools (other than Ruby’s rSpec) have been started and abandoned (nBehave, nSpec etc)
- BDD is not about testing, its about communicating and automating the DSL. Be wary of implementing BDD in developer tools (e.g, nunit), which prevent other team members (business, customer, testers) from accessing them.
- Refactoring can break fitnesse tests, because it isn’t part of the code base.
- Executable specs (via acceptance tests) are the only way to ensure documentation / test suites are up to date & trustable
- Agile is about surfacing problems early (rather than hiding them until its too late to address them). So when writing acceptance tests up front is difficult; this is good, because you are raising the communication problems early.
- The real value is in building a shared understanding via acceptance criteria; rather than building automated regression test suite.
- Requirements workshops can degenerate into long boring meetings. To mitigate this problem
-
- Vitally important to have a Moderator – whoe’s role is to keeps it focused & moving along. Injects energy into the room. (BA’s often play this role soon)
- Stare test – disinterested; you’re talking to the wrong person.
- Requirements Workshops – idea’s for making the specification meetings less painful.
- Run requirements gathering as open space meetings – whoever comes is who should be making the decisions
