Another year with Rails already. The e-commerce project I’m leading has grown to 20kLOC with 1,400 tests maintained by an international team coordinated using Assembla. The biggest addition to our toolbox has been Airbrake and its seemingly unrelenting production bug reports. The other biggest challenge has been refactoring increasingly sophisticated factories to support the ever growing test suite. Our infrastructure has changed significantly also in the face of continuing growth, but that’s another story.
Refresh Miami – Bringing your ideas to life
Refresh Miami event ‘Bringing your ideas to life’ at Miami Science Museum sponsored by Wyncode. Auditorium packed to capacity, reportedly 300 attendees. First Refresh Miami event for roughly half the attendees: why not a higher proportion of returnees? Roughly one third with an idea or working on a product. Last month’s event was on funding and next month will be on launching once an MVP is complete. Presentations by Ellie Cachette of Koombea and Carlos Taborda of Webbynode and Gistia Labs. Koombea bootstrapped to sixty employees in a few years, Webbynode with $1M revenue in 2010, developed Stack Fu in stealth mode without appreciating it failed to address a significant problem.
Wyncode
Wyncode is a new developer boot camp teaching Ruby and JavaScript at LAB Miami with Juha Mikkola, Joanna and Ed Toro. Co-founder Juha Mikkola previously attended coding boot camp at Bitmaker Labs in Toronto. Coding boot camps are spreading rapidly as ‘disruptive’ education, relatively unregulated and more engaged with students and prospective employers. Expectations are that graduates will find starting positions around $60K in southern Florida; when I visited a SherlockTech recruiter was also present. Startup veteran Ed Toro will be presenting the lectures. Students will get to complete a working full-stack application, possibly a minimum viable product to show to investors or a prospective employer. Working at the LAB provides a start-up style working environment in a co-working space with full access to ongoing activities, and students will get a couple of weeks unallocated at the end of the course to work at the lab on their own.
FundingPost’s Miami VC and Angel Investing Conference
Two hours of networking and two hours of presentations, panels and pitches at the lavish offices of GreenbergTraurig on the 44th floor of the Wells Fargo Center downtown. Antonio Sifre making the case that Puerto Rico, like Miami, is an entrpreneurial gatway to Latin America. Xavier Gonzalez pitching the upcoming eMerge Americas conference first envisioned in the same location two years ago. Joanna Schwartz of EarlyShares introducing a crowd funding panel including principals of FundingWonder, FundedByDesign, GroundBreaker (real estate), CrowdSettlements (specialty finance) and CrowdCast. JOBS Act Title II legislation has made it much easier to solicit accredited investors, but the SEC rules for Title III have so far proven prohibitively complex. Title IV enabled intra-state crowd-funding and legislative lobbying has moved to the state level. Next a dozen two minute pitches from Papatel, Validus Solutions, Koemei, App Factory Mobile, Big Data Exchange, Strops Sports and others. Finally an investor panel including principals from New World Angels (south Florida), Tamiami Angel Fund (Naples), Caerus Ventures, and ARC Angel Fund (NY). Gust a popular alternative to FundingPost. Angels typically introduced through an established legal or accounting firm, looking for a large addressable market, team with a good background, traction and an exit plan. Due diligence often drags on for months, but if well organised a term sheet may be finalised in 30 days. Be prepared to pitch in two minutes at any time, make sure to communicate a venture name clearly, and follow up carefully.
A third year with Rails
This last year Ruby 2.0 has been released (Feb) and Rails 4.0 (Jun). I’ve embraced Sublime Text and git flow branching. Spork has been supplanted by Zeus. I’ve dabbled with OpenStruct, metaprogramming and AcitiveSupport::Concerns. New gems I’ve been learning include Enumerize, InheritedResources, Formtastic, Resque and Mechanize. I published a minor extension to the authorize-net gem and got hands on with CoffeeScript.
Refresh Miami ‘Founder Match Making’ Event
Well attended event last night hosted by Brian Breslin, filling the Storer auditorium at the Miami University Business School. Pitches for the upcoming Americas Venture Capital Conference at FIU and Lead305.org before a panel discussion including Ed Toro, Charles Irizari, Steve Repetti and Stewart Davis. Topics discussed:
- The best way of finding a tech co-founder is to attend tech community events. Tech leads, like investors, expect entrepreneurs to be able to articulate their ideas, for example with a two minute online video.
- Asking for an NDA too quickly is unlikely to be agreed to. Having an established relationship with a tech lead makes a less formal pitch more likely to be listened to.
- Ideas without the ability to execute are worth little, all sides should be looking for partners they believe can get things done: startups are much less forgiving than working in a larger corporate environment.
- Ultimately the goal is to find an idea that can be turned into a company, and find compatible partners that can raise funds, build a product and operate a business. Red flags include a lack of respect and too much ignorance of the technology that the business is built on.
- Tech leads may not be strong at negotiation but they will typically value equity at 25-50% of it’s current valuation when calculating their total compensation. Tech lead’s equity should be vested over time in case they fail to execute.
- Capital in Southern Florida can be a problem as 90% of the wealth is from real estate development and not very tech savvy. Nonetheless individuals can be found through networking.
A second year with Rails
My second year with Rails has been increasingly team oriented, using online collaboration tools like GitHub, PivotalTracker, Atlassian BitBucket, CodeBaseHQ and Assembla. Even though I was productive with Windows for a year on a one person project I’ve now joined my colleagues in using OS X with RVM. My use of TDD has continued with adoption of Cucumber, RSpec, FactoryGirl and Spork, and for better or worse I am now using MySQL more than PostgreSQL.
The past year has seen the release of Ruby 1.9.3 (October) and Rails 3.1 (August) and 3.2 (January). Ruby 1.8.7 has been scheduled for no further support after June 2013.
W3 Total Cache vs. WP Super Cache
Two of the most popular Word Press performance plugins are W3 Total Cache (W3TC) and WP Super Cache (WPSC). W3TC provides a collection of different features including page caching, minification, database object caching and transparent CDN integration, whereas WPSC focuses specifically at caching generated HTML. W3TC has integration with CloudFlare, provided by DreamHost, but DreamHost’s default install of WordPress includes WPSC instead, reportedly because W3TC consumes more memory, at a premium in a shared hosting environment.
To see what worked best for my current site I started by running LoadImpact against my unoptimized site:
Time to generate the HTML text is awful.
Next I enabled W3TC and applied what I thought were reasonable settings. The result of a second load test was not what I expected:
Although overall average load times were reduced slightly they were also more erratic, some page loads occurring faster, and others much slower. At least time to generate HTML is improved.
Next I disabled W3TC and tried WPSC with the recommended defaults:
Although there are hints of a performance drop with more users the page load performance is consistently better. The impact on HTML generation is dramatic. For now I think I’m going to stick with WPSC and look for other ways to optimize my CSS load times.
Testing ssl_requirement with pound
ssl_requirement is a Rails gem by DHH to declaratively redirect requests to SSL. It is useful, for example, to ensure all access to a checkout page is secure. SSL encryption, however, is usually handled by a webserver such as Nginx or Apache, and these are not typically used in Rails test mode. It appears most developers simply disable SSL redirects during testing, but this allows certain defects such as correct handling of flash messages to go undetected. To test SSL redirects I’ve started using a lightweight, secure reverse proxy called pound. The pound configuration file can be kept to a bare minimum to forward requests from port 8443 to 3000 and encrypt the response:
ListenHTTPS
Address 127.0.0.1
Port 8443
Cert "pound.pem"
AddHeader "X_FORWARDED_PROTO: https"
Service
BackEnd
Address 127.0.0.1
Port 3000
End
End
End
To run pound:
pound -vf ./pound.conf
Apache, Unicorn & SSL
Having used Apache with Mongrel, Thin and Passenger, I’ve now moved on to Unicorn. Setting up Apache on Ubuntu to proxy to Unicorn requires the following installation commands:
apt-get install apache2 -y apt-get install libapache2-mod-proxy-html libxml2-dev -y a2enmod headers a2enmod proxy a2enmod proxy_http a2enmod proxy_balancer a2enmod rewrite a2enmod ssl /etc/init.d/apache2 restart
With these modules in place a virtual host can be configured something like this:
<VirtualHost *:80>
ServerName myhost.example.com
DocumentRoot /opt/example/app/public
RewriteEngine On
# Redirect all non-static requests to unicorn
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ balancer://unicornservers%{REQUEST_URI} [P,QSA,L]
<Proxy balancer://unicornservers>
Allow from any
BalancerMember http://127.0.0.1:8080
</Proxy>
</VirtualHost>
<VirtualHost *:443>
ServerName myhost.example.com
DocumentRoot /opt/example/app/public
RewriteEngine On
# Redirect all non-static requests to unicorn
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ balancer://unicornservers%{REQUEST_URI} [P,QSA,L]
RequestHeader set X-Forwarded-Proto "https"
<Proxy balancer://unicornservers>
Allow from any
BalancerMember http://127.0.0.1:8080
</Proxy>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/ssl.crt
SSLCertificateKeyFile /etc/apache2/ssl/ssl.key
</VirtualHost>
mod_headers and the RequestHeader directive are useful if the Rails app is using ssl_requirement.