Just wondering….

I met someone at Startup Camp2 who was non-techincal but had an idea that required technical expertise.

She faced the typical problem of judging and evaluate software code in order to make sure the people she hired were:

• competent
• making progress

This is of course hard especially in the beginnings of a project when so much is really building infrastructure code and configurations, none of which involves ‘visible’ progress.

I whipped off a quick email in response that even after sleep I still rather like:

• Maintainability
• Performance

These are your 2 key metrics. Poorly written code fails in these two areas.

Maintainability

---

Commented Code

Look through the code. Do all large methods have well-written comments that *you* can understand. You may not understand all the details but if there are no comments or the English is poor, this is bad. Any other developer coming later is going to have a hard time understanding what the original developer was trying to do and will probably create bugs when adding new features.

Key point: The comment should talk about *why* not just *what* is being done. The developer must describe all convoluted (to you) code in a *written* comment. This comment should be understandable to you, the layperson, to a reasonable degree. Chances are very good that, if he/she cannot that:

• He is not quite certain himself what it does
• He probably has not thought through completely all the issues around this code.
• It has lots of bugs.

Be careful not to get lost in the weeds here. Have the developer take you through the high-level code, not the low-level stuff. Low-level stuff will distract you from seeing the bigger picture. You may want a friend developer who knows the language in question but be prepared to be able to fly solo on this after a few reviews.

Sample comment:
/**
 * Application State Object that tracks the current state of a flow. Holds any
 * state information related to a specific flow
 *
 * Each flow state has all the information to run the flow and re-enter it if
 * needed.
 *
 * defines an actively executing flow. Each FlowState has an attached
 * Flow which is the instantiated definition. This copy is made to avoid
 * problems with flow definitions changing while an instance of a flow is
 * active.
 */

Integration Tests/Unit Tests:

These are automated tests that anyone can run from the command line ( i.e. should not require bringing up a development environment.) You should be able to run a command line tool that reports number of tests run and the code coverage of those tests. These tests should include running something like selenium that will bring up a browser and run through your site.

Packaging

You should have a set of clear step by step instructions to get from a brand new machine to running the tests to bringing up the service. You need to be able to verify this yourself. Using only the directions only as written i.e. *no help from anyone* can you get the machine set up, source code downloaded from a source code repository**, compiled, and running? You should be able to type ‘http://localhost/’ and see your website.

[**Run away from any developer that doesn't understand source code repositories. They are your insurance that 3 months into development the developer's machine crashes and everything is gone.]

Can you bring up the development environment and start the product following the written directions by yourself? This avoids the possibility/probability that the developer’s machine is magically configured and only his machine is set up just so to build the product. Believe it or not, I have worked at large companies that are hair-pulling experiences because everything has to be magically configured to build the product.

Performance

---

How many people are going to hit your web server? What is the peak load going to be? What kind of response is the developer giving about issues like scalability?

Big issue here. Have the developer create jmeter tests that show how the server behaves under load. When running a jmeter test look at memory usage and CPU % on the server and that database. Ratchet up the number of jmeter users until the service just dies. Is that number acceptable? Look into making the service scalable using Amazon’s ec2 service. Ask questions about how much memory each logged in user takes. If each logged in user takes 1 megabyte of memory, you will only be able to have 300 or so users at a time/machine!

Any developer worth anything knows to use a database and well but they are not experts. Spend the money for a day or two of a database expert’s time. Have them take a look at the queries your service runs against the database. Have he/she do at least a little bit of tuning (this will be on-going process) but could easily allow the service to run 10x - 100x better.

So I struggled for hours trying to get apache to connect via the ajp13 worker to tomcat 5.5 We are using a Debian box on the production server. Could not make it happen…. until I set the worker to be ‘ajp13′.

Don’t understand what wierdness is going on but… I do know this. if my /etc/libapache-mod-jk/workers.properties file looks like this (comments removed):

workers.tomcat_home=/usr/share/tomcat5.5
workers.java_home=/usr/local/java
worker.list=ajp13
worker.ajp13.port=8009
worker.ajp13.host=localhost
worker.ajp13.type=ajp13
worker.ajp13.lbfactor=1
worker.loadbalancer.type=lb
worker.loadbalancer.balanced_workers=ajp13

Apache 2 talks very nicely with Tomcat 5.5.20

If it looks like this:

workers.tomcat_home=/usr/share/tomcat5.5
workers.java_home=/usr/local/java
worker.list=amplafi_ajp13
worker.amplafi_ajp13.port=8009
worker.amplafi_ajp13.host=localhost
worker.amplafi_ajp13.type=ajp13
worker.amplafi_ajp13.lbfactor=1
worker.loadbalancer.type=lb
worker.loadbalancer.balanced_workers=amplafi_ajp13

Everything is broken!

Does anyone have a clue here on why?

From:

The Oxford English Dictionary (OED) describes a McJob as “an unstimulating, low-paid job with few prospects, esp. one created by the expansion of the service sector.”

In the letter, the business leaders [Sir Digby Jones, the former head of the Confederation of British Industry (CBI), and David Frost, the director-general of the British Chamber of Commerce] say that they believed “this definition is out of date, out of touch with reality and most importantly is insulting to those hard-working, talented and committed people who serve the public every day in the UK.”

They said that the entry for “McJob” should be “changed to reflect a job that is stimulating, rewarding and offers genuine opportunities for career progression and skills that last a lifetime.”

Their letter coincided with a public relations push by the company to get the OED to change the definition — it is launching Thursday a public petition in restaurants and the Internet.

Oh, my gawd… Digby, David, you are so right! I want my daughters to aspire to working at McDonalds! How could I have wanted anything else?

BTW How come you aren’t complaining about the term ‘McMansions’ (term used for those massive houses on little lots)?

File this under “words that should be in the dictionary”. Rosemarie (4yrs-old) has this great word, “yestertime”. If yesterday means the day before today, then “yestertime” should exist and mean some time before yesterday.

What a great word!

According to this:

• 1 double stack train equals 280 trucks
• trains are 2-4x more fuel efficient than trucks on a ton-mile basis
• trains are 2-3 cleaner than trucks w.r.t NOx emissions on a ton-mile basis

Love the last line in this guest editorial in the April 16, 2007, U.S. News and World Report:

The attorney general has to be the rock of any administration. Gonzalas, alas, has been its marshmallow

Now the question I have … is where was the Report before? Its one thing to take a risk and take an unpopular stand. But right now, no spine is required to tell the truth about Gonzalas. Two years, ago we needed an editoral like this. Now its like ho-hum, join the crowd.

I ran across this article about IE’s ‘wonderful’ MIME sniffing. Take a look at this report. Apparently, Internet Explorer looks at the first 256 characters of the file requested. If IE thinks it looks like HTML, it interprets it as HTML! So if the first 256 chararacters have say

<script>run some evil cross-site scripting stuff.....</script>

IE is more than happy to aid-and-abet screwing over the user of IE. What I find really horrid is this:

Well, Microsoft thought different and implemented something they call MIME Type Detection. It means they use the first few hundred bytes of the data and try to guess what the content is. This is a nice idea and even mentioned in RFC 2616:

If and only if the media type is not given by a Content-Type field, the recipient MAY attempt to guess the media type via inspection of its content [...]

Unfortunately Microsoft got the order somehow tangled up: They ignore the sent type and do their guessing first.

Google avoids this problem by putting in the output Http header: Content-Disposition: attachment. This forces all browsers to download the content. Other services recode jpgs, ico’s and the like. But at the end of the day come on guys!