bhonest

I have really made an effort to get into new web technologies. There is a lot of excitement around WebGL, CSS3, NativeClient, Dart, SPDY, WebP, WebSockets and all the other various crap that gets lumped in to the HTML5 umbrella. Javascript frameworks, CSS frameworks, languages that “compile” to or target a javascript runtime, mobile support, legacy browser support, Flash / Silverlight / Java, the video codec fiasco, etc… it is fucking exhausting. Then throw in a little SEO, WAI-ARIA, Speed Mania and Security Soup and you’ve got a headache before you’ve even began.

Of course you don’t need all of this or even most of it. OK fine, but what do you need? I don’t know. I suppose if you have a problem you just cannot solve maybe one of these can fix you right up. Or maybe these technologies will spark some creativity in you that will allow you to create something new and innovative that will save the world (or at least make it a bit better). Personally, I’m jaded on all of it. I was really excited about all of this stuff (OK maybe not SEO or WAI-ARIA) but now I realize it is a lot of baggage which stifles my ability to create real projects and not just single-platform, utopian “experiments”.

It is true that web technology is improving at a rapid pace and Google is certainly the single largest proponent. I just have to ask why? I’ve posted before about my gripes with HTML5 and I’ll say it again — if we had an open source flash runtime most of this shit would go away. You know Google isn’t afraid to put some serious resources around advancing the web and you know they are in bed with Adobe. Flash isn’t even a plugin to users of Chrome anymore. It comes bindled with the browser, it is updated automatically, it is kept in check with process isolation and sandboxing — just open source the runtime and every major browser, device manufacturer and software house will follow suit. Google (anyone really, but it seems Google is the only one with the balls to do it) can fix the major issues with Flash and then we can finally have a single platform that runs anywhere — the promise of Java realized.

I know it is pie-in-the-sky and maybe it is just too late at this point. I am just sick and tired of the “new web”.

UPDATE: I’m just sayin …

http://securitywatch.pcmag.com/google/288014-google-patches-flash-zero-day-bug-jumps-the-gun-on-adobe-again#fbid=TAYesuvQEwL

http://games.slashdot.org/story/11/05/06/033251/Sony-To-Offer-Free-Identity-Theft-Monitoring?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Sony is definitely getting some heat recently. I can’t say they don’t deserve it but at the same time I think they are being picked on a little. If this same thing happened at say Google, Apple, Amazon, etc… I don’t believe they would be getting so much heat. Surely they would be under the gun, but Sony is just getting beat up.

Here’s the thing. No software is perfect and huge companies like Sony have a really large attack surface (not an excuse, but a fact of life). It is almost inevitable that things like this will happen because human beings that work at these companies are capable of making mistakes. Does that make it OK? No of course not. However, if you are going to beat on Sony this badly you should also take a minute to think about Microsoft (Windows), Adobe (Flash & Reader) and Oracle (Java) because they are doing quite a bit of damage on a daily basis. I just kind of feel this mob mentality growing against Sony and that isn’t cool. Of course /. doesn’t show much love for the others mentioned above, but they have a special hatred for Sony recently. Give ‘em a break /. I’m not asking you to run out and buy their products, just take a breath and realize Sony is one of many companies that have had security breaches (yes, even Google). 

I’ll just admit it: I’ve become a pretty whole-hearted Apple fanboi. I’m not going to defend my position here because I’ve been on the other end of this argument and I know there is no way to convince a Linux geek that Mac stuff is worth the money or at least that it is actually decent.

Let me just say this: Apple stuff is definitely priced on the high side, it certainly locks you in for the long haul, it taunts you with new releases a couple of time a year, and it is very effective at separating you with your cash - and I don’t care. I was so close minded towards paying for software in the Windows world that I somehow forgot its OK to pay for stuff. I don’t mind paying for convenience, stability, or even just a pleasant experience with my computers. I know what you are thinking “you can get all that and more for free” - and you’re right. I am just not willing to work for it anymore. I’ve reached a point where I am sick of grinding away with OSS and I just want something that is simple, works as advertised, and is a joy to use. For that privilege I am willing to pay.

I’m not jumping ship from Linux on the server but I have just come the realization that somebody has got pay. Most of the really great OSS is funded by commercial entities (Ubuntu, Android, MySQL, Firefox / Chrome, OpenOffice, etc…). There are exceptions of course, but I believe most OSS is supported by paid developers and as a developer myself I am actually fine with this. In some ways I feel like I am supporting my own industry (wow it is getting deep in here - I know in my heart I’m just lining Steve’s pockets).

In any case, I’m a fanboi now and I’m OK with it.
If it is any consolation I still wouldn’t pay a dime for Windows software.

Wow, Google’s closure family of software is amazing. How did I miss it all this time??

It is a complete solution for building super fast, efficient, cross-platform web application front-ends. Don’t believe me? Load up just about any of Google’s web apps (docs, maps, gmail, sites, books, reader, blogger, calendar, photos) and tell me you aren’t impressed with the UI. All of these apps were at least partly written with the help of closure.

Closure consists mainly of 3 parts:

1. Compiler - a type checking, inlining, optimizing, externing, error checking machine that spits out fast, rock solid, compressed JS for a browser - not a human
2. Library - smart, fast, fairly comprehensive, cross-browser, backwards compatible, object-oriented lib which fails gracefully in all the right situations
3. Templating - the best solution I have ever seen for JS templating that works brilliantly with the library and compiler

These three tools are all nicely integrated (though they will all stand on their own if for some reason you don’t want to use them all). The compiler is probably the most interesting since it introduces new concepts which really don’t exist anywhere else is JS. Type checking and OO are brought to us in a meaningful way via the compiler and the closure library. How is it done? Via annotations and clever scoping of functions and variables. It sounds like voodoo, but check it out, it truly is amazing.

The templating tool is called soy and it will actually builds up JS templates or Java templates, your choice. It has it’s own tool which parses soy templates and turns them into code which you can easily pull in at compile time.

Did I mention deferred loading? Oh yeah, it kicks your lib’s ass because there is literally no bloat. You can chop up your compiled code into modules and the browser will only load what it needs when it needs it — all without any intervention. How about that for efficiency. If you’d rather keep network calls to a minimum you can compile everything into a single JS file that loads only the pieces of the closure lib you actually use.

In the end you spend a bit more time writing your JS code because all the annotations / namespaces / object orientation just require more typing. However, you have a guarantee that your code will be more readable, testable, re-usable, and efficient. for me it is an easy trade-off. 

The only thing I think is missing is CSS minification. However, the YUI compressor does a fine job at that and it is easy enough to fit into the closure workflow.

I still love me some jQuery but closure is just superior in almost every way. For any medium or large web project closure is the way to go.

In my ongoing attempt to rid myself of Java I have found myself using more and more python. I was searching for a web framework to help me along my way and I found what I think is the best balance of:

• Ease of use
• Flexibility
• Functionality
• Speed
• Scalability
• Support (i.e. community)

I went through all of the usual suspects (and a few not so usual):

• Django
• Zope
• Pylons
• TurboGears
• Werkzeug
• Flask
• Bottle

There are many others I read about but didn’t try: http://wiki.python.org/moin/WebFrameworks

I won’t list my complaints about each project cause it is all subjective and obviously they all have their benefits and diehard community of users. I’ll just say that IMHO none of them strike a good balance across all of the items I listed above.

I originally didn’t try web2py because of this conversation on HN. Some folks didn’t have nice things to say and I generally believe the HN community knows what they are talking about (I said generally). However, during my search I kept coming across this Massimo Di Pierro guy posting in favor of web2py. Turns out he wrote it, supports, and leads the community behind it. The more I dug in the more I respected this guy and his framework. He will defend his decisions when he believes he is in the right and will concede when he’s made a mistake or someone comes up with a better idea. Not to mention he is all over the web answering questions and helping the users of his software. So I decided to give it a shot with a real application.

At first I was put off by the toy feeling of the web2py admin console. As a serious developer I just want to dig into the code and get my hands dirty. A web-based editor with project creation wizards feels like something a real n00b would be after. None the less, I was determined to try it out because it really does have some compelling features compared to its peers. After spending some time with web2py I realized that the web interface is really just meant to lower the barrier to entry for newcomers and it isn’t all that integral to using the gluon framework (the core web2py stuff). I have to admit I do actually use the admin interface for looking at stack traces (web2py calls them tickets) and manually entering / deleting database contents.

I’m still no expert but I am sold on web2py. Paired with a little Linux, MySQL, Cherokee and uWSGI I am feeling pretty good about my new web development stack. It took me a long time to find a home in Linux, Apache, MySQL and Jetty but I feel pretty good leaving some of them behind now.

Don’t get me wrong, its cool. I just think real progress is going to continue to be painful for web developers and end users both. I’m not going to turn this into a gripe about browser compatibility issues. I just think there is a better way of progressing the web as a platform for RIA.

Some really smart and innovative people have found ways to squeeze every little bit of functionality out of the old specs. They’ve even managed to support most modern browsers and platforms. One of the first big applications I remember that really started to push the envelope was gmail. After gmail launched AJAX became a buzzword and everyone started jumping on the bandwagon. A few years later almost all new sites have some form of AJAX, JSON, etc… By and large this has been a good thing IMHO. GMail is still a pretty nice example of what a web based application can be if done properly. Think how far we’ve come since 2007 when gmail was released to the general public. AJAX, JSON, minification, numerous high quality, open source libs, CDN caching of popular libs, comet, compilation of other language down to JS, etc…

So with all this momentum why I am being so hard on the next generation of HTML5 and JS? Yes it solves or eases most of today’s problems but it doesn’t solve the fundamental problem of portability across different implementations on various platforms. It will take years before the proposed spec it widely adopted and implemented. Even then we’ll still have to account for the lowest common denominator (ahhem, IE6).

So what is the solution I like better than HTML5 / CSS3? An open source flash runtime. You can fight with Steve Jobs, Steve Ballmer or Larry Ellison about what they think is best and they’ll each give you something “better” than flash. They are all trying to replace flash’s existing functionality and they all have legitimate gripes with Adobe’s implementation. The problem isn’t with flash IMHO. It is Adobe’s rule over flash that causes so many problems. If Adobe would do something like Sun did with Java and open source the code for flash while still maintaining control over the steering of the language (and of course the trademark) the web would immediately start to progress.

Of course Java never did take over the web but it is clear that flash has already been adopted here. If Apple, Google, Microsoft, Mozilla, and anyone else could implement their own flash stack as they saw fit then we could all be focusing on UX and functionality instead of browser quirks. I know what you are thinking - aren’t we just trading non-compliant implementations of HTML5 for non-compliant implementations of flash? Not if it is done correctly (hence the reference to Java). Sun really did a pretty damn fine job of steering the Java community and keeping Java standard across platforms. At this point it is probably a pipe dream but open source flash would really light a fire under web development and really help consolidate UX across browsers, mobile devices, TV’s, etc… I’ve had my eye on the Lightspark project for a little while and they are making progress but for it to truly succeed I believe Adobe has to bite the bullet and commit themselves to an open source model for flash.

There I said it. I’m talking about version 8 of the chrome browser. Sure it is fast and I believe it is probably one of the safest browsers out there but that just isn’t enough for me. I’m a die hard firefox user because the browser is useful to me in many different ways. Chrome is innovating and trying to be useful, but it is still a long way off from firefox IMHO.

What does firefox have the chrome doesn’t?

• superior plugin architecture
• more mature plugins
• native xml handling
• memory leaks and stability issues :-)

OK, that last one was just to be fair. Like I said, chrome is innovating in a lot of interesting ways and I have no doubt that they will eventually get close to firefox’s usability but don’t forget that firefox 4 is due out pretty soon as well. I really wish Google would have stayed the course with firefox instead of creating their own browser. Just think how much better off we would all be if Google hadn’t created even more fragmentation in the browser space.

<attempt at=”optimism”>
I agree that choice is a good thing and its a swell driver for competition in innovation so maybe it will all work out for the best. In that spirit I will go ahead and reserve the right to change my opinion in the coming years but I don’t think I’ll need to do so any sooner than 2 or 3 years out (especially with firefox 4 coming soon).
</attempt>

Like most geeks I care A LOT about about scalability and high availability but I don’t actually have much of a need for it. I hate to admit it but most of the stuff I write just doesn’t need super speed, reliability and / or scalability. None the less, I am always searching for the perfect solution to my admittedly non-existent scalability problems. Why? Well I occasionally am required to meet a serious SLA (think five 9’s). Also, it is an interesting and hard problem to solve (NoSQL / CAP theorem / etc… rhetoric aside — we’re just talking about RDBMS’s here).

I’ve been searching for many years and I’ve yet to find that one perfect solution. For the most part I use MySQL and simple master -> slave replication with a heartbeat for failover in case of a failure. I’ve not had to deal with any unexpected failovers yet but I did force a failure once to upgrade the RAM and it worked pretty well. So I don’t lose sleep but still I want something better.

Recently there have been some really interesting advances in MySQL scalability and high availability. I’m really interested in three specific technologies:

1. RethinkDB - solves all your problems with a storage engine optimized for SSD’s
2. ScaleDB - solves all your problems with a shared storage engine
3. Clustrix - solves all your problems with scalable, blade-like hardware

I’ll spare you all the nitty gritty details of each solution but let’s just say they’ve all paired a new, proprietary storage engine with some sort of specialized hardware. They each have interesting ways to solve different problems and each has some potential drawbacks. I’m personally most interested in clustrix. They have some pretty serious claims on their site (http://www.clustrix.com/products/product-overview/). If these claims are even partly accurate then they could have a bright future. They also appear to be the only company with a solution that is actually ready to go. I couldn’t find any pricing information but I’d love to get my hands on one of these systems to play with.

For now my simple failover solution will have to do but as soon as my humble sites start getting web scale I’m going to check these guys out. I’ve also got my eye on PostgreSQL. They’ve recently added some interesting replication features but I still think the MySQL guys are further along in terms of HA / scalability for now. To be fair, all the solutions I’ve mentioned are proprietary solutions and Postgres’ stuff is all open source so it isn’t really apples to apples.

I’ll just start by saying I think Cherokee wins. I’ve searched high and low for performance benchmarks, security reports, SSL benchmarks, reliability problems, and overall ease of use. What I’ve found is this:

Lighttpd

• Lightty has historically had memory management problems leading to instability
• It does well with fast-cgi but for real breakneck speed you need native plugins
• It has several really nice plugins for specific use cases but development seems a little stale as they try to stabilize the core

Nginx

• It is tough to find many bad things to say about nginx but if there is one issue I have it is lack of documentation. There are plenty of samples out there but it seems like there is some secret club you have to join to get a thorough understanding.
• It doesn’t handle fast-cgi as well as lightty since it relies on the fcgi processes to manage themselves
• I think many people use it as a reverse proxy to handle greater loads, caching, security, etc… which is fine, but it also tells me it may not be the best all purpose web server out there.

Cherokee

• If I have one gripe about cherokee it is the config syntax. They really want you to use the built-in GUI which is not really a traditional *nix way of doing things. Nginx and lightty both do a better job of this.
• It is a little difficult to get up to speed understanding how the request chain works in cherokee but once you understand the flow it actually makes for a very powerful and flexible system.

There is no doubt that all three servers are fast, highly scalable, and good at different tasks. In my mind cherokee offers the best mix of performance, scalability, security, simplicity, and functionality. It will never be the swiss army knife that Apache surely is and it will never be as awesome at reverse proxying / caching as nginx. However, it is almost as good as the others and even better at other things.

I think you could make a case for the old “right tool for the job” argument but as I’ve mentioned recently: if you have one tool you really like and know really well, you will probably create a better application with it even if there is something else out there that might be better suited to your needs.

Check out cherokee. You may be surprised how nice it really is.

For years Java, PHP, and more recently Python have been my go-to languages. I’ve dabbled in C, Erlang, Perl, and a few others but whenever I had serious work to do it was usually Java I turned to. I’ve always been made to feel bad for succumbing the golden hammer theory but I just read something that made me feel somewhat liberated (scroll down to David Lee’s comment).

One of the things I’ve really come to love about Python is the “we’re all consenting adults” attitude with regards to the “correct” way of doing things. There is something to be said for simplicity and pragmatic design. <Insert your favorite language here> may not be all things to all people but if you are able to make something work with it then why not just go ahead and make it work? There is almost always going to be a method which is faster, smaller, more robust, more efficient, etc… However, if we all lived our lives like this then we would all write webapps in assembly and drive electric cars powered by seawater and sunshine.

Thanks David Lee. Perhaps now I will be able to spend a bit more time with my friends and family instead wasting my time over-engineering some superfluous app that will be forgotten in 3 weeks.