In the age of multithreading, parallel processing, and non-blocking IO, you still get messages like this.

Recently had an interview with a company. At some point an SELinux question came up and while I didn't provide the best answer ever (I'm hardly familiar with SELinux and mentioned that as well beforehand so they knew), it was technically correct and the reaction of the interviewers was funny.

TI (technical interviewer): say your php script isn't executed and after a while you find out that SELinux is blocking php script execution, how can you fix that?
Me: setenforce 0...? (essentially disabling SELinux at all)
TI: disabling it entirely for getting php execution to work?! That doesn't sound like a good solu...
HRI (HR (non technical) interviewer, also present): *turns to TI* - but, would it solve the problem?
TI: 😐 well, yes, but... That's a bad thing to do so I wouldn't count is corre..
HRI: *still aiming towards TI* but you simply asked him for a way to solve the php execution issue, would his answer work? Regardless of whether it's the best or worst solution, would it be a solution which works?
TI: well... yes...
HRI: then he answered correctly I'd say, next!

(yes, I'm aware that my answer wasn't good as for security at all but it would have solved that problem which is what was asked)

Them: Root, you take too long to get tickets out. You only have a few simple ones. You really need to rebuild your reputation.

Also them: Hey, could you revisit this ticket? Could you help ____ with this other ticket? Hey Root, how do you do this? Root, someone had a suggestion on one of your tickets; could you implement that by EoD? Hey Root, i didn't read your ticket notes; how do you test it? Hey, could you revisit this ticket for the fourth time and remove some whitespace? Hey Root, someone has non-blocking code review comments you need to address before we can release the ticket. Hey Root, we want to expand that ticket scope by 5-6 times; still labeled a trivial feature though.

Also them: Super easy ticket for you. Make sure you talk with teams A, B, C, D, E and get their input on the ticket, talk with ____ and ____ and ____ about it, find a solution that makes them all happy and solves the problem too, then be sure to demo it with everyone afterward. Super easy; shouldn't take you more than a couple days. Oh, and half of them are on vacation.

Also them: Hey, that high-priority ticket you finished months ago that we ignored? Yeah, you need to rewrite it by tomorrow. Also, you need to demo it with our guy in India, who's also on vacation. Yes, tomorrow is the last day. (The next day:) You rewrote it, but weren't able to schedule the demo? Now you've missed the release! It's even later! This reflects very poorly on you.

Also them: Perfect is the enemy of good; be more like the seniors who release partially-broken code quickly.

Also them: Here's an non-trivial extreme edgecase you might not have covered. Oh, it would have taken too much time and that's why you didn't do it? Jeez, how can you release such incomplete code?

Also them: Yeah, that ticket sat in code review for five months because we didn't know it was high-priority, despite you telling us. It's still kinda your fault, though.

Also them: You need to analyze traffic data to find patterns and figure out why this problem is happening. I know you pushed the fix for it 8 months ago, and I said it was really solid, but the code is too complex so I won't release it. Yeah I know it's just a debounce with status polling and retrying. Too complex for me to understand. Figure out what the problem is, see if another company has this same problem, and how they fixed it.

-------------

Yep. I'm so terrible for not getting these tickets out, like wow. Worst dev ever. Much shame.

LF work, PST.

I'm trying to sign up for insurance benefits at work.

Step 1: Trying to find the website link -- it's non-existent. I don't know where I found it, but I saved it in keepassxc so I wouldn't have to search again. Time wasted: 30 minutes.

Step 2: Trying to log in. Ostensibly, this uses my work account. It does not. Time wasted: 10 minutes.

Step 3: Creating an account. Username and Password requirements are stupid, and the page doesn't show all of them. The username must be /[A-Za-z0-9]{8,60}/. The maximum password length is VARCHAR(20), and must include upper/lower case, number, special symbol, etc. and cannot include "password", repeated charcters, your username, etc. There is also a (required!) hint with /[A-Za-z0-9 ]{8,60}/ validation. Want to type a sentence? better not use any punctuation!

I find it hilarious that both my username and password hint can be three times longer than my actual password -- and can contain the password. Such brilliant security.

My typical username is less than 8 characters. All of my typical password formats are >25 characters. Trying to figure out memorable credentials and figuring out the hidden complexity/validation requirements for all of these and the hint... Time wasted: 30 minutes.

Step 4: Post-login. The website, post-login, does not work in firefox. I assumed it was one of my many ad/tracker/header/etc. blockers, and systematically disabled every one of them. After enabling ad and tracker networks, more and more of the site loaded, but it always failed. After disabling bloody everything, the site still refused to work. Why? It was fetching deeply-nested markup, plus styling and javascript, encoded in xml, via api. And that xml wasn't valid xml (missing root element). The failure wasn't due to blocking a vitally-important ad or tracker (as apparently they're all vital and the site chain-loads them off one another before loading content), it's due to shoddy development and lack of testing. Matches the rest of the site perfectly. Anyway, I eventually managed to get the site to load in Safari, of all browsers, on a different computer. Time wasted: 40 minutes.

Step 5: Contact info. After getting the site to work, I clicked the [Enroll] button. "Please allow about 10 minutes to enroll," it says. I'm up to an hour and 50 minutes by now. The first thing it asks for is contact info, such as email, phone, address, etc. It gives me a warning next to phone, saying I'm not set up for notifications yet. I think that's great. I select "change" next to the email, and try to give it my work email. There are two "preferred" radio buttons, one next to "Work email," one next to "Personal email" -- but there is only one textbox. Fine, I select the "Work" preferred button, sign up for a faux-personal tutanota email for work, and type it in. The site complains that I selected "Work" but only entered a personal email. Seriously serious. Out of curiosity, I select the "change" next to the phone number, and see that it gives me four options (home, work, cell, personal?), but only one set of inputs -- next to personal. Yep. That's amazing. Time spent: 10 minutes.

Step 6: Ranting. I started going through the benefits, realized it would take an hour+ to add dependents, research the various options, pick which benefits I want, etc. I'm already up to two hours by now, so instead I decided to stop and rant about how ridiculous this entire thing is. While typing this up, the site (unsurprisingly) automatically logged me out. Fine, I'll just log in again... and get an error saying my credentials are invalid. Okay... I very carefully type them in again. error: invalid credentials. sajfkasdjf.

Step 7 is going to be: Try to figure out how to log in again. Ugh.

"Please allow about 10 minutes" it said. Where's that facepalm emoji?

But like, seriously. How does someone even build a website THIS bad?

So I just noticed something.

When I am using my client when I am connected to LTE and not a good WiFi signal, the app hangs every time you want to vote on a post/comment because I didn’t make it non-blocking. This will be fixed in the next few days!

It’s amazing how experience degradation can be absolutely invisible depending on your connection.

Joined a startup which does webscraping. I never knew that webscraping can be so much monotonous. I feel like I am doing a damn support job. Apart from that websites keep blocking the scrapers, and that is another thing to be fixed. jesus christ, non devs keep asking for ETA about how long would it take to complete a certain task. Thanks to remote work, I have been burnt out every day, and have been working for 14+ hours everyday!!!!! God help me!

For all the hate that Java gets, this *not rant* is to appreciate the Spring Boot/Cloud & Netty for without them I would not be half as productive as I am at my job.

Just to highlight a few of these life savers:
- Spring security: many features but I will just mention robust authorization out of the box
- Netflix Feign & Hystrix: easy circuit breaking & fallback pattern.
- Spring Data: consistent data access patterns & out of the box functionality regardless of the data source: eg relational & document dbs, redis etc with managed offerings integrations as well. The abstraction here is something to marvel at.
- Spring Boot Actuator: Out of the box health checks that check all integrations: Db, Redis, Mail,Disk, RabbitMQ etc which are crucial for Kubernetes readiness/liveness health checks.
- Spring Cloud Stream: Another abstraction for the messaging layer that decouples application logic from the binder ie could be kafka, rabbitmq etc
- SpringFox Swagger - Fantastic swagger documentation integration that allows always up to date API docs via annotations that can be converted to a swagger.yml if need be.
- Last but not least - Netty: Implementing secure non-blocking network applications is not trivial. This framework has made it easier for us to implement a protocol server on top of UDP using Java & all the support that comes with Spring.

For these & many more am grateful for Java & the big big community of devs that love & support it.

Thank god there are (web) proxies.
The Turkish government is blocking access to many porn sites (which I find kind of ok - to make a barrier for the kids), but then again also German Streaming websites.
They are not blocking most German websites tho. Just the websites in the "illegal to non ethical" category (which I also find kind of OK), but it annoys me.

Programmer lesson #3
Always focus on a single task while coding...
If you encounter any non blocking bug or additional task add it in `Do-it-later` list...
If you don't...the bug or task might take majority of crucial time which you should actually utilise for the main task at hand...

My manager had someone else manage me for my whole time at the company so far. Nearly two years now. Anything I’d come to him with, he’d direct me to this other person.

Fair enough, dude’s really good and I learn a lot from him. I see why they trust him with so much. I think he’s a genius. I’ll never be that good. Embarrassed I’m only a few years his junior. Wonder why he’s okay with being a manager for employee pay. Don’t think about it much, normal corporate BS.

Well it got way more “normal” when his ass got laid off without notice. Feel terrible. Him and 70% of my branch’s full timers. Wonder how I got so lucky. Everyone’s gone. We barely have enough people to do a standup. They all had 5+ years on their belts minimum. Only the contractors are left.

Manager emergency meets with me. Tells me all his best staff are gone and I am now the only front end guy on the team. He tells me he is not confident in the fact I am responsible for all of the old guys work and he is worried. He thinks I can’t do it cause he thinks I suck. Fuck me man.

My manager is pissing himself realizing he has lost the only people keeping HIS job for him. He has no clue my skill level. He sees my PR’s take a bit longer to merge, yet doesn’t realize I asked that friend of mine who was managing me to critique my code a bit harder, mentorship if you will, so we’d often chat about how to make the code better or different ways of approaching problems from his brain, which I appreciated. He has seen non-blocking errors come through in our build pipelines, like a quota being reached for our kube cluster (some server BS idfk, all I know is I message this Chinese man on slack when I get this error and he refreshes the pods for me) which means we can only run a build 8x in one day before we are capped. Of all people, he should be aware of this error message and what is involved with fixing it but he sees it and nope, he reaches out to me (after the other guy had logged out already, of course) stating my merged code changes broke the build and reverts it before EOD. Next day, build works fine. He has the other guy review my PR and approve, goes on assuming he helped me fix my broken code.

Additionally, he’s been off the editor for so long this fool wouldn’t even pass an intro to JavaScript course if he tried. He doesn’t know what I’m doing because HE just doesn’t know what I’m doing. Fuck me twice man.

I feel awful.

The dude who got fired has been called in for pointless meetings TO REVIEW MY CODE still. Like a few a week since he was laid off. When I ask my manager to approve my proposals, or check to verify the sanity of something (lots of new stuff, considering I’m the new manager *coughs*) he tells me he will check with him and get back to me (doesn’t) or he tells me to literally email him myself, but not to make any changes until he signs off on them.

It’s crazy cause he still gets on me about the speed of stuff. Bro we got NOTHING coming from top down because we just fired the whole damn corp and you have me emailing an ex-employee to verify PATCH LEVEL CHANGES TO OUR FUCKING CODE.

GET ME OUT

A very long rant.. but I'm looking to share some experiences, maybe a different perspective.. huge changes at the company.

So my company is starting our microservices journey (we have a 359 retail websites at this moment)

First question was: What to build first?

The first thing we had to do was to decide what we wanted to build as our first microservice. We went looking for a microservice that can be used read only, consumers could easily implement without overhauling production software and is isolated from other processes.

We’ve ended up with building a catalog service as our first microservice. That catalog service provides consumers of the microservice information of our catalog and its most essential information about items in the catalog.

By starting with building the catalog service the team could focus on building the microservice without any time pressure. The initial functionalities of the catalog service were being created to replace existing functionality which were working fine.

Because we choose such an isolated functionality we were able to introduce the new catalog service into production step by step. Instead of replacing the search functionality of the webshops using a big-bang approach, we choose A/B split testing to measure our changes and gradually increase the load of the microservice.

Next step: Choosing a datastore

The search engine that was in production when we started this project was making user of Solr. Due to the use of Lucene it was performing very well as a search engine, but from engineering perspective it lacked some functionalities. It came short if you wanted to run it in a cluster environment, configuring it was hard and not user friendly and last but not least, development of Solr seemed to be grinded to a halt.

Elasticsearch started entering the scene as a competitor for Solr and brought interesting features. Still using Lucene, which we were happy with, it was build with clustering in mind and being provided out of the box. Managing Elasticsearch was easy since there are REST APIs for configuration and as a fallback there are YAML configurations available.

We decided to use Elasticsearch since it provides us the strengths and capabilities of Lucene with the added joy of easy configuration, clustering and a lively community driving the project.

Even bigger challenge? Which programming language will we use

The team responsible for developing this first microservice consists out of a group web developers. So when looking for a programming language for the microservice, we went searching for a language close to their hearts and expertise. At that time a typical web developer at least had knowledge of PHP and Javascript.

What we’ve noticed during researching various languages is that almost all actions done by the catalog service will boil down to the following paradigm:

- Execute a HTTP call to fetch some JSON

- Transform JSON to a desired output

- Respond with the transformed JSON

Actions that easily can be done in a parallel and asynchronous manner and mainly consists out of transforming JSON from the source to a desired output. The programming language used for the catalog service should hold strong qualifications for those kind of actions.

Another thing to notice is that some functionalities that will be built using the catalog service will result into a high level of concurrent requests. For example the type-ahead functionality will trigger several requests to the catalog service per usage of a user.

To us, PHP and .NET at that time weren’t sufficient enough to us for building the catalog service based on the requirements we’ve set. Eventually we’ve decided to use Node.js which is better suited for the things we are looking for as described earlier. Node.js provides a non-blocking I/O model and being event driven helps us developing a high performance microservice.

The leap to start programming Node.js is relatively small since it basically is Javascript. A language that is familiar for the developers around that time. While Node.js is displaying some new concepts it is relatively easy for a developer to start using it.

The beauty of microservices and the isolation it provides, is that you can choose the best tool for that particular microservice. Not all microservices will be developed using Node.js and Elasticsearch. All kinds of combinations might arise and this is what makes the microservices architecture so flexible.

Even when Node.js or Elasticsearch turns out to be a bad choice for the catalog service it is relatively easy to switch that choice for magic ‘X’ or component ‘Z’. By focussing on creating a solid API the components that are driving that API don’t matter that much. It should do what you ask of it and when it is lacking you just replace it.

Many more headaches to come later this year ;)

When hesitating on the difference between blocking and non-blocking, I just consider the example of a typical conversation with a customer.

i had to throw together a tool to periodically test a friend's network (plus on-demand if needed) as it keeps slowing to a crawl for no reason, i called it "netpoke" and it's retarded and i despise tkinter with all my heart but i needed non-blocking and timers and shit...

i'll prolly never release it as it's mostly heavily-modded copypaste SO garbage but y'know

Architecture for Java REST API going to build/port from existing NodeJS one.
So Spring Boot + *

Lots of concurrent requests and large MongoDB calls. Current APIs use like 4GB memory for each instance because they don't use stream/pipe the response. Hold all data in memory and then return it all at once to user.

And well we expect more load in the future, so want to do this the right way.

So my understanding since this morning, is there's the blocking? MongoClient, (find* returns List) and now a Reactive MongoClient which is very async and like JS promises. Based on Pub, Sub model.

But the downside of JS promises was callback hell.

So actually 2 questions.
1. For each request, the db call done using the same MongoClient/db connection such that if there are 2 requests one would block the other?
2. Reactive Mongo would be non-blocking by design so would be better to support streamed responses?

My search for a solution to mintty terminal compatibility seems to be coming to a close (thank god). I know now that having compatibility with cygwin doesn't make sense as far as I can see. Because it's about mintty not cygwin.

But now I have to figure out how to interface with mintty for setting the non-canonical flag and switching stdin to non blocking mode

Oh boy... It's getting closer!

!dev
I've finally been so agitated at G+ I need somewhere to just vent.
So for context. What I'm talking about is Google+, or more specifically, the Android app. The website is bad in its own way, but that's not here nor there. No opinions on the iOS version, as I simply REFUSE to touch iOS.

So anyways. The platform itself honestly is not bad. With competent developers behind it, and them actually listening to their dwindling fucking userbase, they could easily turn it into something successful, but the issue is that they just aren't
You see, it's almost like they change dev staff every 6 or so months. Why do I believe this? Because the GUI changes about that fucking often. They also have a history of forcing updates, but allowing you to use an older version, just horrifically slapping on a new and unwelcome skin. This isn't an isolated practice by any means, but it's by far the most prevalent here.

So, now a list of some of the issues the current version has:
-After about a week, the app becomes unstably slow, to the point of it taking about a minute to refresh your home feed, or an individual page.
-Searching is never good, always being slow and rarely giving you who you asked for.
-Transparency is non fucking existent. There isn't a development roadmap to speak of, and when something happens we get it second hand from staff in a "G+ help" community.

There is a solution for the first one, going and clearing the data/cache, but really, the end user shouldn't have to regularly do that. Not to mention the storage space Google apps IN GENERAL fucking take up. Why does Google Play Services regularly use 250MB? (For most people, this really isn't much. But when you only get to fucking use 4 GB of internal storage it's a giant fuck you.)

Bah, back to the topic at hand.
There isn't a good solution to searching, or for transparency at the moment.
The spam filter is awful as well. REGULARLY letting obvious spam pass, regularly blocking and filtering genuine users. It's real annoying that the Android app itself doesn't have support for seeing these flags outside of rooting through the settings a bit, but still. The web and iOS versions have this already.

Oh, it also completely lacks a dark mode like most Google apps for some fuckin reason.

That concludes my random 1:30 AM rant about something I have no ability to change, except hope in vain that someone who has the ability to change this forwards this to the developers of G+.

I need a better sleep schedule.

Splitting acceptance tests into categories of "blocking" and "non-blocking" just to allow CI to pass, is a waste of time and effort.