November 14, 2011 § 1 Comment
Database performance is always something that has fascinated me. Not on a admin level, but from the point of view of a developer. Even with a stock database setup there are things that a developer can do to help optimize access. If you do any middle or backend web development you will be familiar with running queries against a database. You will also be familiar with how adding indexes on the commonly queried columns of your tables can increase performance. But it turns out, that not all indexes are created the same.
I have been working with the InnoDB storage engine of MySQL in a Ruby on Rails web development for a while now. Over the years I began to noticed something but was never able to figure out what was causing it . When ever I would queries tables using the id column, The queries would return much faster than when I queried against some other indexed column, even if that column was an indexed integer. For those not familiar with Rails conventions, every table is created with an integer column, id, that has the table’s primary index placed on it. It is auto-incrementing so every row has a unique value, a requirement of it being a primary key. Now the InnoDB constructs the primary key in a special way, using a clustered index. What this means is that the primary key index points directly to the page the row data resides on either on disk or in memory. Non-clustered, or secondary indexes, point to the primary key instead of the row data. This little bit of indirection cause the secondary indexes to be slower than a look up on the primary key.
It’s always satisfying figuring out the reasons behind behavior you do not initially understand.
For some more information you can check out the MySQL Reference Manual. This investigation was prompted by an answer to a question I posted on Stackoverflow about partial indexes and the group by operation.
November 10, 2011 § Leave a Comment
When developing code, there are somethings that you should leave to the experts. Encryption is one of them. When I wrote my encrypted cookies and encrypted cookie sessions gems, one of the the things I didn’t want to do was write any sort of encryption routines. Luckily ActiveSupport has some help in the way of ActiveSupport::MessageEncryptor. It’s used much like ActiveSupport::MessageVerifier which is used for signed cookies in Rails. People much smarter than me have put these pieces together, so it just makes sense to use them. Almost nothing good can come from trying to do this stuff yourself. Here are some examples of a verifier and encryptor being used.
> secret = ActiveSupport::SecureRandom.hex(10) => "379af645b8dcce20b607" > verifier = ActiveSupport::MessageVerifier.new(secret) => #<ActiveSupport::MessageVerifier:0x00000103d7ce50 @secret="379af645b8dcce20b607", @digest="SHA1"> > signed_message = verifier.generate("sign this!") => "BAhJIg9zaWduIHRoaXMhBjoGRVQ=--af1e810b074b1abd6d9dcd775f71b1fafa53c218" # this is "<base 64 encoded and serialized string>--<digest of string>" > verifier.verify(signed_message) => "sign this!" > verifier.verify(signed_message + "alittleextraontheend") ActiveSupport::MessageVerifier::InvalidSignature > verifier.verify("alittleextraatthebeginning" + signed_message) ActiveSupport::MessageVerifier::InvalidSignature
> secret = ActiveSupport::SecureRandom.hex(20) => "c1578de6ec2e1789940729dc9d97b335fc7df588" > encryptor = ActiveSupport::MessageEncryptor.new(secret) => #<ActiveSupport::MessageEncryptor:0x000001295337c8 @secret="c1578de6ec2e1789940729dc9d97b335fc7df588", @cipher="aes-256-cbc"> > encrypted_message = encryptor.encrypt_and_sign("Nothing to see here...") => "BAhJIl9YbDZkK0czS3o0ZkI0Yml6K05uYzgzM05meDJjWWU4QWh0YzdFeFFrbC85b3BocHFORWtRWXdDVWIxaW45TEQ5LS1yVkxGTURJYzFWb2pva0UrVkkwTkFnPT0GOgZFRg==--e61e02a818960d66c7865f5624fad63b1564283f" > encryptor.decrypt_and_verify(encrypted_message) => "Nothing to see here..."
If your secret is too short you’ll get a OpenSSL::Cipher::CipherError. Make sure your secret is at least 32 bytes. Using ActiveSupport::SecureRandom.hex(16) should satisfy this requirement, but obviously longer is better. You can also pass in a :digest => <digest> option as a second argument to both initializers to specify a different algorithm to use.
One of my thoughts is to submit these two gems into Rails so that people don’t make the mistake of trying to roll their own encryption systems for cookies. We’ll see how it goes.
November 7, 2011 § Leave a Comment
Earlier this year I got the itch to start doing some open source stuff. I hadn’t done anything of the sort before, so I didn’t really have any idea where to begin. There have definitely been some bumps along the way, but I think that I have made some progress. Looking back on my progress I identified a few milestones I hit along the way. They weren’t obvious at the time, and I certainly can’t say that I meant to achieve each one, but I can clearly see them now. Each one helped me a little more on my way to being an open source contributor. Each one also elicited different thoughts and feelings. Now in no particular order and mostly for me to remember what I was thinking…
First Repository Uploaded to GitHub
I signed up for GitHub back at the end of 2008. I forked a few repos here and there just because there was a button to do it. I didn’t really know anything about git and didn’t do anything with repos I had forked. I didn’t actually upload a repo of my own until the end of March 2011. I had been working with subdomains in Rails 3 and experimenting with the new cookie jar chaining. I found a use case for adding another cookie jar that assigned the domain of the cookie. I abstracted it out, gave a poor project name and put it up on GitHub. [tld-cookies]
It was a bit nerve-racking putting something you have made out there for whole world to see. I am sure artists feel the same way when they show their paintings or writing to the general public. I had no expectations that people would look at it or care about it, but still it was out there for people to scoff at if they saw fit to. Nervous as I was, I felt something that I wasn’t expecting… liberation. Even if no one ever used my code, I was now a contributing member of the open source community. It felt great.
Two more repos went up almost immediately.
First Gem Published
When I pushed my first repos, the code was more or less in it’s finalized state, so the gem(s) followed quickly behind. I remember having my RubyGems.org dashboard up all day watching the those first downloads trickle in. I quickly realized that the first dozen or so were mirrors downloading all the new and updated gems. Not going to lie, was a little sad when I realized that. That first gem still sits at 50 downloads, probably because of it’s bad name, but some of the other ones have a few hundred downloads.
It’s awesome. Some of my peers, not my coworkers, are using my code. Building things that people use is awesome, whether it’s a website or a library. As a software developer, I get a thrill when websites I work on get traction and usage. Building successful businesses is my end goal, but with that being said, I get a very different and more personal thrill when I see some of my code being used by other developers. It is a type of validation of your technical skills and it feels great.
First Gist Uploaded
We are a rails shop at work. One of the things that I was getting annoyed with when dealing with debug statements was where to print these statements out to. Do I print them to the log file or to standard out? The log file is the obvious choice, but if you are working in the console, then using
puts so you don’t have to switch terminal windows might be preferable. I spent some time and came up with a useful little function. I realized that this might be useful to others so I put it up on GitHub as a gist, and called it a day. Looking back, this was really the first time I just casually threw something out there that I thought might be interesting, but wasn’t a fully functioning library.
First Issue Filed Against Me
Then came the bugs… I had my first GitHub issue opened against me about two months after I published my first gems. Now here is the funny thing, I got excited. Like watching the downloads trickle in on RubyGems.org, someone opening a bug against you means they care enough about what you are doing to want/need it to work right. Obviously I want it to work as well, but I know that I am bound to let bugs slip through. When someone took the time to report a bug and identify the potential source of the problem, I knew that I was doing something right. Well, something was wrong but the situation was right… right? [bug]
First Issue Filed Against Me Fixed
Fixing the issue and pushing out a new version was satisfying. I had the satisfaction of knowing that I cared enough about a little side project and the people using it to fix the issues and rerelease the gem.
Dealing With Future Compatibility
When I first pushed out my encrypted-cookie-store gem it was Rails 3.0 only. I figured I’d update it when 3.1 was released because I wasn’t expecting people to really care that much about it. Turns out I was mistaken. Not long after it was pushed out I got a request to add 3.1 compatibility. Well, one of my customers was asking for it and I was going to have to do it sooner or later, so I fired up rvm and got to work on figuring out what changed between 3.0 and 3.1. It wasn’t that big of a deal, but having different methods defined based on the which gems are installed seems like a less than ideal way to go about things. Thus concluded my first attempt at programing against an unreleased version of a project.
First Pull Request for One of My Projects
Now having someone open an issue against you and pointing you in the direction of the problem is nice and all, but having someone open a pull request against your project because they liked/needed it enough to fix the issue themselves, that is an awesome feeling. My little sparse matrix library was getting some love from across the Atlantic. Couldn’t have been happier.
First Issue Opened Against Another Project
Almost as scary as putting your own code out there is opening an issue against a well established project like Rails. You keep asking yourself, “Am I doing something wrong?” or “Do I just not understand what is going on?” I mean, what if your issue is just a result of you being stupid and not knowing what you are doing? These guys are busy and don’t really need to deal with bugs that probably aren’t actually bugs. So you run every test case you can think of, and then some that have nothing to do with your issue, you know, just in case. Then you hope that everyone is nice to the newbie. PS – They were.
First Pull Request to Another Project
It made me even more nervous to offer up a fix. Opening that Pull Request was nerve racking. I was patching one of the most used methods in ActiveRecord, so I obviously didn’t want to mess up. My pull request went through a couple of iterations, mostly on my test cases, but was finally accepted and merged into master 11 days after I opened the initial issue. Once again everyone was great and very helpful.
And then the blog started. I won’t lie to you, the last bit of motivation I needed to finally get this blog up and running was bit of selfishness. I realized that I needed some way to let people know about the stuff I had put out there that might be useful to them. This obvious thought happened when I came across a blog of someone working on a similar problem with encrypted cookies saying that they were thinking about packing it up and submitting it to rails. Since I liked the way I was doing it better, I figured I needed something other than the GitHub page as a way to promote it. Since then I have started writing on more topics than just the gems I have written. A blog, when properly utilized, is much more than just an advertising platform for your own code.
Being Asked to Contribute to a Project
The most recent development in my open source career is being asked to contribute to SciRuby. They liked the work I was doing on a sparse matrix library I was working on, and asked if they could include it in their offerings. Obviously I was ecstatic. Then I started thinking about the state of the code and how much work was left to do on it. Then I started worrying. It is very much still in an alpha/incomplete state. But now that I know that I have some people that are interested in it, I should be able to get working on it some more. Get that math side of my education some more use.
I have come a long way with my contributions to the open source community. From using to creating to contributing, each of these milestones has been a new challenge and a new experience. This isn’t a how to get a start in OSS, but it a list of things that you can look at for next steps when you are stuck and want to get more involved. It’s easy and most people will be excited that you want to help or are offering something up they can use. Even if you don’t want to write something, use OSS. That is your true first step.
November 1, 2011 § Leave a Comment
One doesn’t go through the process of starting a new ruby gem all that often. Even if you have published a few, it is easy to forget how get one started. So here, for my benefit as much as anyone else’s, is a quick easy way to get a gem started and hosted on GitHub.
On the command line navigate to the directory you want to use to work on your different gems.
> cd ~/Projects/gems
I like using bundler, so this is what I do:
> bundle gem <gem name> create <gem name>/Gemfile create <gem name>/Rakefile create <gem name>/.gitignore create <gem name>/.gemspec create <gem name>/lib/<gem name>.rb create <gem name>/lib/<gem name>/version.rb
It will create a directory for you with the gem name and initialize a git repo for you with everything already staged to be committed. Now you need to create a new repo on GitHub. It’s pretty straight forward, so I’ll let GitHub’s on screen instructions take it from there. My only suggestion would be to make the project name the same as your gem name to avoid confusion.
Note: If you use dashes “-” instead of underscores “_” in your gem name, bundler will treat them as module hierarchies and build folders to accomodate.
Now cd into your new gem’s directory.
> cd <gem name>
Hook the git repo up with GitHub. The link should be shown on the empty repo’s main page. Just copy that.
> git remote add origin firstname.lastname@example.org:<GitHub username>/<GitHub Project Name>.git
Now commit your skeleton. Everything is already staged for you.
> git commit -m "Initial commit"
Now push it out to GitHub
> git push origin master
And just like that you are ready to start working on your new ruby gem. You’ll also want to remember the following commands:
> rake build # build <gem name>-<version> into pkg directory > rake install # build and install <gem name>-<version> on local machine > rake release # tags the repo with the version number and pushes new version out to RubyGems.org
Google will be able to tell you more about filling out the .gemspec file than I can. This is just to get you up and running.