Karmona Pragmatic Blog

I have found this “old” movie we made back in 2002 during my work at Mercury to “educate” new employees on our code review procedure.

p.s. Raz Yalov was nominated for best supporting actor that year ;)

Enjoy…

************************************************************************

I have also copy-pasted the presentation transcript below…

• The Golden Rules of Code Review
  • Do a self-review first
  • Stick to the requirements
  • If you need to explain it, document it!
  • It’s about the code – not about you!
  • Unit testing
• Do a self-review first
  • Have you checked all extreme cases?
  • Is your solution KISS?
  • Is your code self-explanatory?
  • Check it as if it was written by someone else
  • Ask yourself the questions you think you are about to be asked…
• Keep It Simple Stupid…
• Stick to the requirements
  • Make sure all aspects of the requirements are filled
  • Make sure you have tested both trivial and extreme cases
  • Document all thoughts and limitations in the code
  • Reference the requirements documents from your code
  • I18N – make sure the code supports multilingual capability where needed
• Documentation
  • Document your files and your functions
  • Give informative comments
  • Explain the logic behind your decisions
  • If you did something that is not logical or intuitive, explain why
  • If you learned historical info while learning the code, document it (be creative :)
  • Follow a standard documentation format
  • When possible, use known design patterns and document the design pattern you chose
• Unit Testing
  • Make sure your unit test is part of the change
  • If you can’t automate the test, check-in a manual procedure to run it
  • Make sure all aspects of the requirements are covered by the tests
  • Document all the tests you wanted to do but couldn’t
  • Test the I18N behavior of your code
• The Code Review Life Cycle
  • “Self-review” your code
  • Schedule a code review
  • Schedule enough time for both people involved
  • When possible, schedule for a time during the morning
  • Split the review into a few sessions, if needed
  • Switch your mind to “listener” mode
  • Write down all comments
  • After the code review is done, apply the necessary fixes and schedule a second review if needed
  • Check-in your changes
• Code Review Tips
  • When you program, remember the last code review
  • If you disagree with the reviewer, invite a 3rd person to review and decide
  • In special cases, invite special guests to review your code
  • When change is small/simple/intuitive, do an “e-review” by mailing your change to the reviewer(s)
  • When self-reviewing, fix mistakes on the spot… :)

This is my recommended check-list for high level design review.

***********************************************************************
*** keep it simple and make sure it answers all the requirements ***
***********************************************************************

• Reverify your Requirements
  • Functional specification, use cases and requirements are clear and publicly documented
  • Technical Requirements
  • Performance requirements
  • Security requirements
  • Resources (CPU, Memory, Storage, IO) consumptions limits
  • Audit requirements
  • Out of scope – What does the component NOT do? What NOT support?
  • Future extendibility of the component (options for future extension, generic features etc.)
• High Level Design
  • Main components involved
  • Main Data flows
  • Components and sub-systems and how they relate to the component
  • Which sub-systems does it communicate with (e.g. Relation Façade)
  • Communication mechanisms (e.g. HTTP, WCF)
  • Which subsystems it is dependent on (e.g. Database, Gigaspaces) – What are the requirements?
  • Which sub-systems depend on it (e.g. App.) – What is the expectation?
• Architectural Strategy
  • High availability and load balancing
  • Error detection, fault and recovery
  • Logging and statistics gathering
  • Capacity limitation, planning & resource management:
    • Memory consumption and management policies
    • CPU usage management
    • IO requirements
    • Storage requirement
• Technical Assumptions
  • Limitations
  • Compromises
    • What does this design compromise? (Security, high availability, capacity, performance, quality…)
    • What are the engineering tradeoffs of this design, and why was the current design chosen?
  • Risks and weak points
• Operation
  • Backward compatibility
  • Logging and Monitoring
  • Administration issues
  • Deployment issues:
    • How to deploy (e.g. can it be part of the regular release package?)
    • Required downtime?
    • Deployment risks?
    • Rollback capability
• Testing strategy
  • What to focus on (80/20)
  • Functional test plan review
  • Deployment, environments, and setups
  • Fault and recovery
  • Load and capacity planning
• Execution plan (phases, timeline, milestones, critical path, dependencies etc.)

Please comment if you think I  forgot something…

Recently, I have encountered an interesting paper (2006) about Chubby – Google’s (Paxos based) distributed lock service.
I was especially amazed by the observations made on the Google engineering capabilities and mindset inside a “formal” research publication.

Although one can easily get into a cynical state of mind reading this paper… I feel that this “pragmatic view” which combines a deep architectural and algorithmic know-how with keen understanding of the social factor in software development is exactly the key to create legendary software.

Anyway, very well written – highly recommended reading…

*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***

“Our developers sometimes do not plan for high availability in the way one would wish. Often their systems start as prototypes with little load and loose availability guarantees; invariably the code has not been specially structured for use with a consensus protocol. As the service matures and gains clients, availability becomes more important; replication and primary election are then added to an existing design.”

“Developers are often unable to predict how their services will be used in the future, and how use will grow.  A module written by one team may be reused a year later by another team with disastrous results … Other developers may be less aware of the cost of an RPC.”

“Despite attempts at education, our developers regularly write loops that retry indefinitely when a file is not present, or poll a file by opening it and closing it repeatedly when one might expect they would open the file just once.”

“Developers rarely consider availability. We find that our developers rarely think about failure probabilities.“

“Developers also fail to appreciate the difference between a service being up, and that service being available to their applications.“

“Unfortunately, many developers chose to crash their applications on receiving [a failover] event, thus decreasing the availability of their systems substantially”

“You can always start a weekend experiment but you can never know how it will end”  (Moti Karmona, 2008 ;)

I was very curios and wanted to take the GAE for a quick test drive but the Google documentation have few inaccuracies and isn’t sufficient if it is your first Python encounter so I lost three hours of precious beauty sleep and compiled this blog-post-capsule for future generations.

How to setup your development environment to work with Google-App-Engine 

• Get yourself a GAE Account  
• Install Google App Engine SDK, Python and Eclipse.
• Install the PyDev Eclipse extension
  • Help –> Software Updates –> Available Software –> Add the http://pydev.sourceforge.net/updates site –> Install it –> Restart Eclipse
  • Configure Eclipse to use the Python interpreter by navigating to Window –> Preferences –> PyDev –> Interpreter –> Python –> New and select the location of python.exe on your system
• Create your first project
  • File –> New –> PyDev project and click next –> Name your project and make sure Python 2.5 is selected.  
  • Add necessary App Engine libraries to your project | Right click your Project folder –> Properties –> PyDev – PythonPath (see image below)
    • C:\Program Files\Google\google_appengine
    • C:\Program Files\Google\google_appengine\lib\django
    • C:\Program Files\Google\google_appengine\lib\webob
    • C:\Program Files\Google\google_appengine\lib\yaml\lib

• Create your project files (e.g. GAE examples)
  • app.yaml  
  • Your first python file 
• Test your Local application
  • Update your Run configuration (see image below)
    • Change the Main Module field to C:\Program Files\Google\google appengine\dev_appserver.py
    • On the Arguments tab, type in “${project_loc}/src” 
    • Name this configuration and click apply and click run.
  • Open http://localhost:8080 with your browser and enojoy your stupid app :)

• Upload your code to Google App Engine
  • Open a command prompt and navigate to your application directory.
  • Type appcfg.py –email=yourgmailaccount@gmail.com update src\ 
  • To publish code within Eclipse, open Run –> Run configurations and make a copy of your previous run configuration.  Change the Main Module to appcfg.py, and change the argument tab to –email=yourgmailaccount@gmail.com update ”${project_loc}/src”
  • Your code is now live! Test it by going to http://yourapp.appspot.com

Enjoy :)

P.S. More about the framework in future posts.

Yahoo have released the Y!OS (Yahoo Open Strategy) 1.0 platform.

This is a cool set of simple APIs that can give you access to everything you ever wanted in Y! but was afraid to ask for…

Yahoo! Social Platform (YSP)
// The Yahoo Social Platform is a set of RESTful APIs for Profiles, Connections, Updates, Contacts and Status.

Yahoo! Query Language (YQL)
// The Yahoo Query Language is a web service that functions much like SQL (see example below)

OAuth Authentication
// OAuth is the authentication and authorization standard Yahoo has decided to use when giving third parties access to Yahoo user data.

Yahoo! Applications Platform (YAP)
// Currently very limited and in a restricted sandbox.

________________________________

Example: How to use YQL APIs to access MyBlogLog profiles?

Simply ask for all the community members of MyBlogLog community with this YQL:

select * from mybloglog.members.find where community_id in (select id from mybloglog.community.find where name=”Karmona Pragmatic Blog”)

And once you have the IDs you can ask for my personal profile by:

select * from mybloglog.member where member_id =”2008070609482910″

Well… together with the existing BOSS API, this set of APIs is a powerful enablers to the Y! development network and I am sure some cool stuff are going to emerge from this innovative move…

Amazing!!!

________________________________

* You can have more YQL experiments using the YQL Console

** Boss Hack Day is coming to Tel-Aviv | November 6, 2008 @ Feature (!!!)

Chronicle of a Death Foretold = Waterfall Shmoterfall = Checkmate in 10 moves
* Note: I did see, participate and lead some successful waterfall projects (mainly due to some adoption of agile methodologies ;-) and this is my view of the projects which failed…

1. Release scoping start with marketing high-level-copy-paste-from-last-year-marketing-presentations MRD in ~1 month delay
2. 1 month of quick lets-write-all-the-features-we-can PRD – This is also the last time you hear from the product manager until the next milestone-demo-crisis.
3. High level design for a couple of weeks which sum-up to a Very Rough Time Guesstimate a.k.a. VeRTiGo
4. Release time-frame is set ~1 year ahead with the needed VeRTiGo “squeezing” and high level time-frame is determined:
   • 2 months of the waste above and last release leftover
   • 1-2 months of Planning (functional and technical design)
   • 4-5 months of Development – with ~3 Major Milestones
   • 3 months of QA & stabilization
   • 1 month of Project Buffer
5. Very soon the development teams are scattered like lonely wolfs – everyone for himself until the next integration or major milestones months away.
6. First milestone is ending with:
   • 20% of the content is really Done a.k.a. “Even a Blind Chicken Finds a Kernel of Corn Now and Then”
   • 50% is “done” with dirty bugy code, low quality, performance issues with missing or wrong functionality
   • 30% is just not ready
7. Developers and low level management remind themselves yet again to put more buffers…
8. The PMO suggest (in relax and trusting tone) to postpone the milestone or remove content.
9. Management doesn’t get in panic (they have seen it before ;-) and decide not to decide: “Let’s see if we can cut the drawback in the next Milestone” a.k.a. The classic do {} while(timeRemaining > Last Milestone)
10. Next milestone has much more content and the pressure builds up… until the last milestone blaming game which usually ends up with ~2 month delay and half of the planned content.

Checkmate

Before getting into the Java vs. Net battle lets start with some other options ;-)

If you like challenges then you must try the brainfuck language which was created by Urban Dominik Muller and noted for its extreme minimalism – 240 bytes compiler download here

e.g. you can easily print “Hello World!” and a newline to the screen with the line below:

++++++++++[>+++++++>++++++++++>+++>+<<<<-]>++.>+.+++++++..+++.>++.<<+++++++++++++++.>.+++.——.——–.>+.>.

If you favor comments then you might consider using CPL which was created out of a need for advance commenting features, not found in any other existing programming language (e.g. nested comments…) @ http://sourceforge.net/projects/c-p-l/So…

Without copy-pasting a word – I think the best references to the Java vs. Net debate are:

• http://www.oreillynet.com/pub/a/oreilly/java/news/farley_0800.html
• http://www.adtmag.com/print.aspx?id=10993
• & nothing like a good flammable Slashdot discussion to get under-the-hood of this debate…

…Personally, after many years of Java-Java; I really like .Net-ing for the past year… especially after watching Steve Balmer, “Developers dance” @ http://youtube.com/watch?v=NSIMeRtVebM