Wednesday, January 21, 2015

The cheatsheet on writing scalable web apps

  1. Scale horizontally (scale out): Separate system tiers on different environments: database, Solr, memcached, push, web/app servers. Separation helps in scaling up/down tiers individually.
  2. Use the cloud (Platform as a Service) right away that facilitates scaling out/up/down (Google AppEngine, Heroku, AWS Beanstalk, …
  3. Monitor usage on each tier to scale up/down in the correct time (e.g. NewRelic)
  4. Use push instead of server polling (Pusher)
  5. Don’t use filesystems for storage, unless it is a distributed filesystem (AWS S3)
  6. Don’t involve your app server in long requests/responses. Slow clients may block your server and cause longer request queues (depends on implementation). 
    • If you want to receive an upload get it through S3 with some work on the client side. 
    • If you want to send a huge response, either stream it using a streaming capability of your app server, or generate it using a background job that stores it finally on S3 and sends the direct link when done through the app using push or through email.
  7. Defer long tasks to background jobs (Resque, RabbitMQ, Ruby delayed jobs, …)
  8. Don’t clutter your app server memory with language bindings, use Apache Thrift or Google Protocol Buffers to communicate between different environments
  9. Use Apache Solr (Lucene over HTTP) to query large data even if you don’t have full text search, it can be used for scoping and faceting as well (think SQL WHERE and GROUP BY)
  10. Autoscale your web/app servers depending on traffic. Monitoring shows you traffic metrics and HireFire will autoscale your heroku dynos
  11. Use clients-side rendering (Javascript templates) to get rid of the rendering time on the server
  12. Use caching in different layers (memcached) to be nice on your servers
  13. Asset hosting, static assets (javascripts, stylesheets, html templates, images, …) have nothing to do with your app servers so host them somewhere else (CloudFront/S3)

Read more...

Monday, December 8, 2014

Check your Postgres database catalog integrity effortlessly in seconds

Regular database backups is something no one can afford missing. If your database is inconsistent backups won't be produced successfully. A quick search on pg_dump schema with oid does not exist reveals a lot are suffering and cannot produce any backups.

Going through the search results, people suggest manually scanning the system catalog tables to identify inconsistencies. This is a tedious process and requires a lot of knowledge about the catalog structure.

Fortunately, there is an open-source tool called pg_catcheck, which can detect these inconsistencies. However, it requires you to install Postgres from source and build the tool against its source tree, which may be tricky on some systems. In this blog, I will introduce a cloud-based solution to effortlessly run pg_catcheck, without any compilation, at no extra cost.
Cloud pg_catcheck is a heroku customized fork of the original repo. There are 2 main advantages to use it over the local one:


  1. No need to download, compile postgres or pg_catcheck from source.
  2. For postgres servers running on heroku (or any AWS-based servers), super fast running time because it runs on the same infrastructure of the database server, reducing the time to do the check from minutes to several seconds.
Fortunately, heroku gives free 750 dyno hours per month, so you will always do the checks for free, because there are no web dynos running.


How to use:

To check your own database, just clone this repo, deploy it to heroku, set database url and finally run the check:

 # setup: do this only once
git clone https://github.com/hammady/pg_catcheck.git
cd pg_catcheck
heroku create --buildpack https://github.com/ddollar/heroku-buildpack-multi.git
git push heroku master

# set the database url and run the check
heroku config:set DATABASE_URL=postgres://username:password@host:port/databasename
heroku run ./check

Before deploying, you need to create an account on heroku, if you don't already have one. 

Read more...

Tuesday, May 21, 2013

Remove the stupid onscreen keyboard input from an example banking website

The onscreen keyboard input is a security feature in many website, especially banking websites. It is only useful if you are accessing your account from a public machine (which is not a good practice anyway). On such computers, a spyware may be monitoring your keyboard strokes and will have access to your typed password. However, on your own computer, if you are vigilant enough, there is no such need for such keyboard.

Here are 2 userscripts that will enable the normal keyboard input for QIB banking website on the main and the transaction pages. You will need Tampermonkey to get them working on Google Chrome, or Greasemonkey for Firefox.

After installing the above browser extensions, just follow the following links and click on "Install" on the very top of the page. Once your browser shows the main and transaction pages, it will automatically enable the password fields so that you can freely type your passwords.

  1. Enable main page password field
  2. Enable transaction page password field
The script can be extended to work on any page by looking for read-only fields and enabling them, I will do this later inshaAllah :)


Read more...

Wednesday, April 3, 2013

[Linux/Mac] Always leave your trash occupied, but not full

Some people have a common "bad" practice of deleting items permanently as seeing the Trash (Recycle Bin for poor Windows users) non-empty provokes them! Rule of thumb: don't ever permanently delete your files, the trash is a great feature, so please use it! You never know when you will need those files again.

However, by time your trash size will grow up and take a lot of space of your storage. No, I won't ask you to empty it every now and then. The best practice is to only delete files that are older than a specific date, lets say 30 days.

To be short, this is a little bash script that will calculate the total trash size then deletes those old items and print again the new size:

victim=~/.Trash
echo Calculating $victim size...
echo $victim size: `du -sh $victim | cut -f1`
echo -n "Emptying $victim items older than 30 days, please be patient..."
find $victim -mtime +30d -exec rm -fr {} \; &> /dev/null
echo Done
echo Current $victim size: `du -sh $victim | cut -f1`

You can change the victim to ~/Downloads or whatsoever, you can also change the number of days to weeks or months or whatsoever. Use it at your own risk :) For your convenience I have created 2 scripts, one for Trash, the other for Downloads. Download them to your home and just execute them whenever you run out of space.
./empty-trash-older-than-30d.sh
./empty-downloads-older-than-30d.sh

Read more...

Thursday, June 2, 2011

الآن يمكنك الكتابة بالعربية على الأندرويد باستخدام لوحة مفاتيح آبل اللاسلكية

لقد كتبت تدوينة الأسبوع الماضي تتحدث عن كيفية إضافة اللغة العربية كلغة ثانية على لوحة مفاتيح آبل اللاسلكية لاستخدامها على هاتف الأندرويد. ولكني قد كتبتها باللغة الإنجليزية. وبعد مرور أسبوع تقريبا جاءت مبادرة المجلس الأعلى للاتصالات وتكنولوجيا المعلومات بدولة قطر لدعم المحتوى العربي على شبكة المعلومات. بالطبع لم تكن هذه هي المبادرة الأولى فقد نظم المجلس الأعلى مؤتمر كتكوم الذي كانت إحدى محاوره الرئيسية دعم المحتوى العربي على شبكة المعلومات.
وبعد تشجيعهم لي على موقع تويتر فلم أجد بدا من أن هذه التدوينة هي أولى تدوينة لكتابتها باللغة العربية لأنها تخدم لغتي الحبيبة العربية شكلا ومضمونا، وإليكم التدوينة.

إذا كنت محظوظا بما فيه الكفاية بتملك لوحة مفاتيح لاسلكية - بلوتوث وخاصة لوحة مفاتيح آبل اللاسلكية، إذًا فإنه من الممتع استخدامها للكتابة على هاتف الأندرويد خاصتك لكونها مريحة جدا في الكتابة. ولحسن الحظ أيضا، فهناك عدة تطبيقات على سوق تطبيقات أندرويد تتيح لك ذلك، أذكر منها بالأخص اثنين: BlueInput و BlueKeyboard JP.
هناك أيضا العديد من مقاطع الفيديو التي تشرح كيفية استخدام هذه البرامج منها على سبيل المثال هذا المقطع:



ربما لاحظت أن اللغات المدعومة في التطبيق السالف ذكره لا تشمل سوى الإنجليزية والألمانية واليابانية، أي أن العربية غير مدعومة. أما في التطبيق الثاني فالإنجليزية فقط هي المدعومة وحدها. وبما أني أكتب كثيرا على الهاتف بالعربية فكم تمنيت أن أكتب باستخدام لوحة المفاتيح لما وجدته من سهولة استخدامها وبالأخص في المؤتمرات والمحاضرات حين أريد كتابة ملاحظات أو إرسال تغريدات آنية. المهم فقد راسلت مطوري هذه التطبيقات وطلبت منهم إضافة العربية، ولكن أحدهم لم يرد مطلقا والآخر أخبرني أنهم بصدد طرح إصدار جديد من شأنه إضافة لغات جديدة حسب اختيار المستخدم. لم يسعني الانتظار وخصوصا أنهم لم يحددوا موعدا ثابتا.

بعد البحث في شكبة المعلومات والدراسة السريعة لتصميم وبناء نظام الأندرويد، فقد قررت أن أضف دعم العربية بنفسي. وبالفعل تم بحمد الله مرادي وأنشأت تحديث للأندرويد وهو ما يطلق عليه ROM Update
من شأنه إضافة اللغة العربية كلغة ثانية بحيث تعمل على أي تطبيق للوحة المفاتيح على كل تطبيقات الهاتف. وبما أن هذا التحديث يعدل في نظام التشغيل فيجب أن يكون جهازك مفتوح وهو ما يسمي بالروتنج أو Rooting.
هذا دليل جيد جدا للروتنج أنصح بالرجوع إليه إذا لم تكن قد فعلت بعد.

في الوقت الحالي هذا التحديث مصمم فقط لجهاز جوجل نكسس إس المحمل بنظام تشغيل معدل موداكو أو سيانوجنمود. ولكن لا يعني هذا أن بقية الأجهزة غير مدعومة وذلك لأني ليس عندي الوقت الكافي لحزم التحديث لجميع الأجهزة المتوفرة. إذا كنت مهتما، فقط اترك تعليق أدناه مع ذكر نوع جهازك ونظام تشغيله المعدل وسيسعدني عمل التحديث لجهازك.

للتحميل وكيفية التنصيب والاستخدام، راجع التدوينة السابقة.
هذا كل ما أردت كتابته، في انتظار تعليقاتكم ويسعدني مساعدتكم.
والسلام عليكم
حسام


Read more...

Thursday, May 26, 2011

[Android] Adding Arabic Layout for Bluetooth HID Keyboards

If you are lucky enough to have a bluetooth HID keyboard, like Apple Wireless Keyboard, then it would be ultimate fun to use it on your Android phone for convenient editing. Luckily as well, there are couple of Market apps that let you do this. The first is BlueInput and the other is BlueKeyboard JP. There are many tutorials explaining how you use these apps, here is one of them:


As you can see, only English, Dutch and Japanese layouts are supported. For the other app, only English is supported. As an Arabic speaker, I wished that I could use my keyboard to write in Arabic. I tried to contact the developer of BlueKeyboard JP but he never answered. He even didn't have much time to publish my comment on his website. I contacted Teksoft, the developers of BlueInput, but all what they have said is that they are gonna add more layouts soon.

After some readings in the Android OS architecture, I have developed a ROM update that will add the Arabic layout to ANY HID app you are using! Obviously, your device should be rooted.
A good guide for rooting Nexus S can be found here.

As of the moment, the update is available only for Nexus S running either Cyanogenmod7 or MoDaCo. Although, cooking an update for any device is darn easy, but I don't have much time to do this for all and every device on the market. If you are interested, please leave a comment below mentioning your device model and firmware, and I will cook the update for you.

Download (144 KB):
How to install:

Because you have a rooted device, you should be already having Clockworkmod recovery installed as your recovery manager (or a similar). Flash my update the same as you flash any update.
  1. Download the appropriate file from above and save it on your device sdcard.
  2. Reboot the device in the recovery mode (for Nexus S, hold the Power & Vol-up while switching on, and then select Recovery)
  3. Choose 'install zip for sdcard'
  4. Choose 'choose zip for sdcard'
  5. Select the update file you have saved in step 1
  6. Confirm install by selecting 'Yes - install blah blah...'
  7. Wait a couple of seconds and make sure no errors are displayed
  8. Now choose 'Go Back' and reboot your device normally
How to use:

  1. Assuming you have successfully connected your keyboard and can type in English, wherever you want to write in Arabic, just press the Alt key two times, that simple!
  2. To type again in English, just press the Alt key two times, again!
  3. When writing in Arabic, you can use the shift key to write alef hamza, Arabic comma, semicolon, diacritics (tashkeel) and everything you are used to write on your computer.
  4. You will also notice that digits are written in Hindi, so yes it is real Arabic keyboard :)
Note: in BlueKeyboard JP, there is a bug that will not let you switch to Arabic when the bottom ads are shown, to workaround this, just press 'Esc' on your keyboard for the ads to go away and then you can switch back and forth to/from Arabic.

Important: Don't use this update for devices having physical keyboards. Obviously this will modify their layout.

That's it for now, waiting to hear from you.

Read more...

Sunday, September 26, 2010

Securing apache Basic authentication

The easiest way to secure your apache webserver is using Basic authentication. Users wanting to access your webserver will be prompted to enter a username/password pair to do that. However, Basic authentication is not secure as it does not encrypt these credentials, nor the content itself. The solution comes in Digest authentication. This is how to migrate your server configuration from Basic to Digest authentication.

In Basic authentication, you create a passwords file (using htpasswd command) then configure apache as in the link above. To migrate to Digest authentication all you have to do is to:
  1. Use the command htdigest instead of htpasswd to create users
    htdigest -c /path/to/your/passwords/file "Authentication Realm" username
  2. Configure apache by adding the following:
    AuthType Digest
    AuthName "Authentication Realm"
    AuthUserFile /path/to/your/passwords/file
    Require valid-user

  3. If you have SELinux running, enable httpd to access the passwords file:
    setsebool -P httpd_enable_homedirs 1
  4. Restart apache:
    service httpd restart
Note: the apache user (usually apache) needs to have read access to the passwords file, apparently!

It is worth nothing that Digest authentication only encrypts your password, but not the content. Moreover, anyone sniffing on the packets, having the encrypted password, can use it directly to access your content. To overcome these issues, you have to put your content under SSL, but this is another story.



Read more...