CodeIsGo.com

Blog post by Emily Esposito for InVision in which she asked: how can you confidently prove the business value of good design?. McKinsey & Company was trying to change that with their October 2018 report highlighting “the most extensive and rigorous research undertaken anywhere to study the design actions that leaders can make to unlock business value.”

Report tracked the design practices of 300 publicly listed companies over a five-year period, interviewing senior business and design leaders. From the data, they uncovered 12 actions showing the greatest correlation with improved financial performance and grouped these actions into four broad themes.

The McKinsey Design Index (MDI), which rates companies by how strong they are at design and, more importantly, how that actually relates to real business value. It relies on four themes of good design.

The four clusters of design actions that make up the MDI offer proven design best practices that you can follow:

• Analytical leadership
• User experience
• Cross-functional talent
• Continuous iteration

Learn details in this engaging article!

Article by Michael Kassner about the facility offering realistic cybersecurity training modeled on the approach used by the military and first responders.

Militaries understand the importance of training in as realistic a manner as possible. It helps automate responses and find areas that need improving, and, most importantly, those involved walk away unscathed.

That realism is achieved by immersing people in simulated attacks. CTO of cybersecurity company root9B suggests that having trained personnel who think like adversaries is as important as the defensive technology in use. The people at IBM’s X-Force Command Center agree and work hard to create training conditions that are as realistic as possible.

IBM’s Cyber Range uses live malware, ransomware, and other real-world hacker tools culled from the dark web to deliver realistic cyberattack experiences. The facility features an air-gapped network of a fictitious corporation, used for simulated attacks, consisting of one petabyte of information, more than 3,000 users and a simulated version of the internet.

Caleb Barlow, vice president at IBM Security and his team have found that under duress those with military or emergency-services experience step up and supply the needed leadership. “Some kinds of leadership can be taught in a classroom, but the true test of leadership happens in the arena,” concludes Barlow. “Leaders thrive in tough situations, and every tough situation needs leaders.”

Read article to discover more. Great read!

Ricardo Cardin thoughts on Single Responsibility Principle (SRP). Single Responsibility Principle is one of the 5 principles defined in SOLID principles. It should help with readability, lose coupling and cohesion of your code. Ricardo considers it to be one of the most powerful among these principles, yet one of the most misleading.

In 2006, Robert C. Marting, a.k.a. Uncle Bob, collected inside the book Agile Principles, Patterns, And Practices in C# a series of articles that represent the basis of clean programming, through the principles also known as SOLID.

SRE - Every module or class should have responsibility over a single part of the functionality provided by the software, and that responsibility should be entirely encapsulated by the class.

Simpler definition: A class should have only one reason to change.

Given the above definition of the Single-Responsibility Principle, it is clear that there is no mathematical rigor to it. Every developer, using its own experience can give a different meaning to the word responsibility. The most common misunderstanding regarding responsibilities is which is the right grain to achieve.

Cohesion gives us a formal rule to apply when we are in doubt if a type owns more than one responsibility.

Author comes to conclusion that it is all about cohesion. Learn, what does he mean by that in this excellent article!

Folks from MariaDB wrote this article in which they collated 10 MySQL tuning tips for peak workloads. As we head into the holiday season and the start of a new year, now is a great time to ensure your database is ready for whatever comes its way.

Some advice in this article:

• InnoDB buffer pool size
• InnoDB log file size
• InnoDB log buffer size
• InnoDB log flush interval
• Thread cache size
• Temporary tables, tmp_table_size, and max_heap_table_size

… for the rest of information please read full article linked here. We also recommend watching the on-demand webinar on Readying Databases for Anything by MariaDB. Great advice!

Very interesting post by Raffaele Spazzoli published on OpenShift blog on topic of pod communication in multiple clusters. Istio, the upstream project for Red Hat OpenShift Mesh, has an interesting feature that allows you to extend the service mesh across multiple OpenShift clusters.

A pod in cluster A should be able to communicate with a pod in cluster B, assuming the pod in cluster A knows the IP address of the pod in cluster B.

The article focus on explaining the solution based on assumption that there was no direct connectivity between the nodes of the clusters involved in this design. If you don’t have that constraint, other potentially simpler designs become possible (for example ip over ip tunneling).

The article then explains in great deal:

• Tunnel design
• Encrypted tunnel design
• Routing packets
• Installation using Ansible playbook

You will also find explanatory schemas and links to further reading in the article.

Author thinks that the technology still needs to mature in this space and over time it will become much easier to implement these types of designs.

And do not forget that you can test OpenShift with free starter tier. Nicely done!

Rainer Hahnekamp wrote this blog post about object-oriented programming (OOP) in JavaScript. It is aimed at students with no prior knowledge in OOP.

The author briefly explains programming paradigms. He also notes that OOP is based on real-world objects lets anyone read your code and understand what’s going on.

The article contains information on:

• The Object-Oriented paradigm
• Object as centerpiece
• Class as template
• What is encapsulation
• What is inheritance

You will find three different programming paradigms used to create JavaScript applications. They are Prototype-Based Programming, Object-Oriented Programming and Functional-Oriented Programming.

There are many links to further resources in the article. Example code for ES6 is also provided which will help you to get better understanding of OOP paradimg. Cool!

Detailed article by Almir Bijedic and Florian Rappl about setting up Node.js with SSL/TLS. Let’s Encrypt works beautifully, and having an SSL-secured site is easier than ever.

In the article, they work through a practical example of how to add a Let’s Encrypt-generated certificate to Express.js server.

But protecting our sites and apps with HTTPS isn’t enough. We should also demand encrypted connections from the servers we’re talking to. You will see that possibilities exist to activate the SSL/TLS layer even if it wouldn’t be enabled by default.

They explain how typical layers stack from website running in the browser perspective looks, talk about resources and performance of the web server with enables HTTP/2.

The article touches these topics:

• Basic HTTPS communication
• HTTPS in Node.js
• How to generate certificates
• HSTS web security policy mechanism
• HSTS is a web security policy mechanism

… and more. In 2018 and beyond, there’s no excuse to dismiss HTTPS. Well written!

Andre Arko blog post about dealing with logs for very busy web application behind RubyGems.org. A single day of request logs was usually around 500 gigabytes on disk. They tried few hosted logging products, but at their volume they can typically only offer a retention measured in hours. The only thing they could think of to do with the full log firehose was to run it through gzip -9 and then drop it in AWS S3.

Every day, they generated about 500 files that are 85MB on disk (compressed), and contain about a million streaming JSON objects that take up 1GB when uncompressed.

They tried to retrieve advanced statistics using AWS Glue, Python for Spark, running directly against the S3 bucket of logs. This proved to be expensive solution. At about $1,000 a month.

Then they tried Rust. It turns out serde, the Rust JSON library, is super fast. It tries very hard to not allocate, and it can deserialize the (uncompressed) 1GB of JSON into Rust structs in 2 seconds flat. And finally they stumbled upon Rust parallel iteration library, Rayon.

rust-aws-lambda, is a crate that lets your Rust program run on AWS Lambda by pretending to be a Go binary

Read, how they come up with inventive solution and used rust-aws-lambda, a crate that lets your Rust program run on AWS Lambda by pretending to be a Go binary. As a nice bonus for their use case, it’s only a few clicks to have AWS run a Lambda as a callback every time a new file is added to an S3 bucket.

And the cost? 500 log files, parsing 500GB of logs per day using AWS free tier! The code repository is aslo included in the article. Perfect!

Post by JetRuby Agency about enhancing your mobile app with machine learning. You will find out what machine learning is and understand the way it changed our life. CoreML is a framework that was presented by Apple in 2017.

CoreML allows simplifying the integration of machine learning models in applications ecosystem.

Based on CoreML were implemented various products of the company including Siri, QuickType, Camera and so on. CoreML contributed to developing “clever” features.

This framework is based on the native technologies, such as Accelerate and Metal. Since it allows giving full play to the hardware of a device, performance becomes better and battery’s life longer.

This technology allows iOS 11 apps to run machine learning models locally on your device. Basically, this allows using such features as images recognition, analysis of the text/sounds without using any Internet connection.

Learn more in this introduction into machine learning with CoreML. Example code and screen grabs of developed mobile app could be also found in the article!

Nick Shadrin of NGINX, Inc. wrote this article about TLS and Nodejs apps support in NGINX Unit. NGINX Unit is a dynamic web and application server, designed to run applications in multiple languages. Unit is lightweight, polyglot, and dynamically configured via API.

Application connectivity today requires proper and rapid configuration and reconfiguration.

In this post author covers the configuration of TLS certificates and Node.js applications in detail. Security and encryption is a must for every production application.

NGINX Unit is configured on the fly, without relying on static configuration files and requiring process reloads. Now all apps, including Go and Node.js, can be deployed into a larger production environment faster, more safely, and with no downtime.

With NGINX Unit, you can add, change, and remove certificates without reloading application processes. Detailed configuration is included. Read more, to learn about this lightweight application server from NGINX.