Author: stlplace

Categories
401k and Personal Finance

NerdWallet ipo

Reading Time: < 1 minute

感觉这个市场还是有些泡沫的. EV 就不说了:昨天傍晚🌆的时候开车时我的七岁小女儿说看到一个Tesla. I was thinking buy a share of $TSLA just now, but I changed to $F instead [呲牙] || Separately I noticed NerdWallet the personal finance / credit card 💳 bonus website went public last week. I worked in the credit card rewards space in the past and I used to get some sign on bonus. But the credit card bonus is a bit like snake oil. But it cannot compare to ev, green, esg, climate action and space x etc.

Btw, some engineering blogs from NerdWallet that I like.

VersionAlchemy: Tracking row changes with SQLAlchemy (VersionAlchemy at GitHub; also the original SQLAlchemy website. Note the former is based on the latter.)

Building a product platform at NerdWallet – Part 1

Building a product platform at NerdWallet – Part 2

Categories
Java Software development Technology

One set of source code – 12 factors app principle no. 1

Reading Time: 3 minutes

For 12 factor application the No. 1 principle is one source code base. Today I was thinking about this topic: one sets of source code for one app, and use configuration for language, region or other different settings for different customers. And this reminded me of some of the articles I read (such as this one: Building a versioned UI deploy system for fast, stable deploys and rollbacks, actually this one “Managing Customer Releases with Feature Flags instead of Branches“, both from Blend Labs, that’s why I was a bit confused 😐 ) and a few apps I worked on in last 3 or 4 years: note those apps include both monolithic, cloud native apps and somewhere in between.

At current place, I noticed one thing odd. We have different code bases for different locale (country) for one of our key apps: basically two sets of code (mostly identical) for apps for 2 countries. This seems to me not good architecture and a bit unusual. Without going into all the details and history (I was new to the team, and it’s also not good to point fingers anyway). So the direct cost I see now is to maintain two sets of code bases (very similar) and two apps: in other words thinking along the lines of the cost of developer, admin and infrastructure and so on.

On the contrast, at a former place I worked at, we have many white label customers, and we serve them on one set of code base and one set of apps (for the most part). All the differences between customers are addressed via System Maintenance (a web based configuration app). Web services for all the customers is running on one app on multiple servers (load balanced). The customer facing website is similar with one caveat: at one time we realized for one country the customer has traffic spikes from time to time, so that app for that country is put on dedicated “overflow” server: still the same code base with the difference in the configuration.

And at today’s world, we also increasingly hear more about multi tenant(s). The scenario I described above, as well as the medium article mentioned at the first paragraph, is along the same lines. And during Covid, at the former place I worked (a healthcare provider, to be more precise, the No. 2 US based hospital chain in terms of size), we developed a Covid screen app, for internal, as well as external customers (for example, Indiana Pacers). At the very beginning, we speed up the development by deploying the same code base to different org / spaces (essentially each customer has its own database). Later on we consolidated quite a bit, by changing the code to handle multiple customers (multi-tenant, if I may). In both cases, the source code is the same. The difference being in the early days, we used more resources because each customer has its own database, and its own app. And there is maintenance headache as well, for example, deployment and validation will take hours.

PS: one more thing. Once I did copy and paste of javascript code because I was not very good at javascript and I did not know how to do either inheritance or composition in js. The downside of doing this is also obvious: if there is bug in the code, we need to change it in 2 places. This is just a small example of why we don’t want to duplicate code.

PS 2: now I recall another company. This company is the No 1. medicaid provider in the nation, and has operations in probably 20 to 30 states in the US. Note medicaid is administrated by the stat, unlike medicare which is administrated by the federal government (CMS). I saw two issues one is re: code and another one is re: infrastructure. So because each state will have its own customization, what they did is they branch out code for each state (so basically a master branch and let’s say 20 branches for each of the state). On the infrastructure side, they scale up horizontally, so basically each state has its own database server (Oracle), and its own application server and so on (this is also dedicated by the source code). So this is their implementation of “multi-tenant”. Not very flexible to say the least. They also have a horrendous interview process and work culture too, which I won’t delve into.

Categories
Software development Technology

Raspberry Pi

Reading Time: 2 minutes

Downloaded Noobs image installer (imager_1.6.2) to Mac, unpack (or install) so that I have “Raspberry Pi Imager” on Mac, and then used it to create the bootable OS on the sd card using that software.

Burn the image for Raspberry Pi on Mac

After that insert the sd card to the appropriate slot on p3, also plugged in hdmi for monitor, and usb keyboard and mouse. Turn on the power (plug in the power adapter for iPhone with proper cable).

The Pi 3 in action, ports counter clockwise: power, hdmi (monitor), USB (2, mouse and keyboard)

Raspberry Pi Desktop first impression: I mainly used the web browser Chromium “Version 92.0.4515.98 (Official Build) Built on Raspbian , running on Raspbian 10 (32-bit)”, there is some lagging (keyboard, gmail and wordpress self host / post) compared to the MacBook, but still manageable. Keep in mind this pi 3 is probably selling for $30 or less nowadays. Btw, I tried a YouTube video (it’s the CNN Virginis moms switching from Biden to Youngkin story) in the browser too and it was a bit laggy in the beginning (video streaming?), but it worked well after couple minutes. This is pretty impressive.

Raspberry Pi Desktop

Obviously in order to use it as a desktop replacement, I would need to do some more tests. But I came across one post using pi 4 just now. Seems very promising there as well. Every Sunday morning my 2 daughters will take Chinese classes virtually via Zoom, and they uses my two personal macbooks. So in that duration I could use the pi 3. I noticed the temperature of the motherboard is not too hot either (no fans, no enclosure, just look like the picture 2 above).

Some other thoughts: there are tons of ideas regarding pi on internet. One idea is use it as home security. I will just need to dig more into it, and once I have more knowledge, I may purchase more Pi’s like my old friend Jeff Geerling (projects, blog) does. I don’t think I would be as prolific as he does. But I am just going to try.

References
Raspberry Pi OS – Raspberry Pi (Install Raspberry Pi OS using Raspberry Pi Imager)

Installing Raspbian with NOOBS – Introduction | Raspberry Pi Projects

How to set up and use a Raspberry Pi 3 with a Mac (I have a pi 3)

Categories
Life Life Tips

Mental health break

Reading Time: < 1 minute

Two more off days for the kids and teachers before thanksgiving holidays. Please note I still have 2 vacation days to cover it (also I WFH full time since March 2020 pandemic shutdown). Btw, I heard mental health break is getting popular among school districts (public schools), so there is peer pressure there. || The other day I heard from a podcast in which the author asked a bunch of billionaires (or millionaires, rich people, also with kids grown up): what’s your biggest regret? The answer is they wish they have spent more time with their kids when the kids were young. I can feel that: I think Sophia will let me hold her like a baby for at most one year or two. I enjoy every minute I spend with my kids: even if / when they consistently asks me “daddy, when will Roblox be back?” (the answer is I don’t know, as daddy don’t work for them…[捂脸])

Categories
Software development Technology Web

Roblox Outage

Reading Time: < 1 minute

(Update 4: 01-21-2022) Roblox published the root cause here.

(Update 3: 11-03-2021) I came across this website that shows nice stats for Roblox (I noticed downdetector only shows 24 hours history by default, not sure how to customize it). I vaguley recall I also see a github repo that can scan the roblox APIs, but I no longer see it when I tried to look through “roblox status” from twitter.

(Update 2: 10-31-2021) It appears the service is back as of 4:45 pm Pacific time, per Roblox status. Also the CEO blog post, and an article from Variety.

(Update 10-30-2021) Now I think that Roblox is likely hacked, unfortunately. The lack of transparency, as well as the length of outage are my main factors thinking they were hacked, btw. Now their official website says:

“We’re making things more awesome. Be back soon.”

Btw, I had a twitter thread going on this topic too.

(Original 10-29-2021) Roblox has a massive outage since yesterday, and it seems the impact is still going on as 11:35 pm US central 10-29-2021.

Downdetector :

What happens when Roblox is down?

Roblox status page

======

October 28, 2021 4:00PM PDT[Investigating] Many player experience are impacted.

stay tuned.

October 28, 2021 8:44PM PDT[Identified] We identify the root cause as internal system issue and work on the fix.

October 29, 2021 7:21AM PDT[Identified] We are actively working on recovery. Some users started to have limited access.

October 29, 2021 12:48PM PDT[Identified] The team continues active work on full site recovery.

======

Categories
Software development

GitHub 2FA and personal access token

Reading Time: < 1 minute

Even since I enabled the 2 factor authentication on GitHub, I am using the developer personal access token (PAT) for pushing the code.

The normal steps (please ignore the numbers in the beginning of each line):

  514  git remote remove origin
  515  git remote add origin https://my_developer_personal_access_token@github.com/major1xu/myNestEgg.git/
  516  git remote -v
  517  git push
  518  git push --set-upstream origin master

This works for both the public and private repo. I’m thinking another way to do it is when using “git clone” to begin with, we use the PAT. I am going to try it next time. Note I created the repo in the GitHub website first.

Categories
Career Software development Technology

Hiring Right

Reading Time: 2 minutes

In a little over last year or so, I was involved in many technical interviews, and sometimes hiring decisions (one vote only, but a No vote is usually a No for the candidate). This is quite different from normal technical contributor’s job. But I learn something from this process too. I think overall I had two bad “Yes”, meaning I should have said “No”, but I said “Yes”. In one instance it was purely my unforced error, in another case the process went haywire.

Let me recall my mistake first. I was talking to candidate, and I noticed something unusual in the resume. Basically it appears the resume has some contradiction with what’s been said by the candidate. I have two colleagues on the phone, not sure if they saw it on video (likely not as I may not have video camera for the laptop then). But basically at that moment the candidate grabbed the resume back from me. I was stunned to say the least. I told my two colleagues No. But they somehow asked me to re-think. And they talked me into “give him an opportunity”. Things did not work out eventually, as the manager eventually let that person go as he has some personality issue.

The second bad “Yes”, was process oriented. Basically after we made “hire” decision after interview, I recall I have seen the resume. I searched email and found out that candidate was “no show twice” in last September (sept 2019). No show is a red flag. No show without explanation is even worse. Not matter how talented someone is, it’s very hard to overcome this kind of issues. My regret there is we did not have a process to flag a candidate in our system. I recall at my former workplace, due to some back and forth, one hiring manager said “enough”, let’s flag this person on our system. So basically we are unlikely to see this person again. In a way it’s a good thing, because as minimum it gives some warning: one can always over-ride computer, but computer has better memory than human beings in many occasions. This process would have helped, if we had one.

Last but not least, some interview advice from Joel Spolsky. Quote: You should always try to have at least six people interview each candidate that gets hired, including at least five who would be peers of that candidate (that is, other programmers, not managers). || (more quote) So: don’t listen to recruiters; don’t ask around about the person before you interview them; and never, ever talk to the other interviewers about the candidate until you’ve both made your decisions independently. That’s the scientific method. || I spend about 30 seconds telling the person who I am and how the interview will work. I always reassure candidates that we are interested in how they go about solving problems, not the actual answer.

Categories
Software development Technology

Java keytool

Reading Time: < 1 minuteKeytool

The Most Common Java Keytool Keystore Commands

import

  • keytool -import -trustcacerts -alias root -file Thawte.crt -keystore keystore.jks (or cacerts)

(keytool -keystore $CACERTS_STORE -storepass changeit -importcert -alias jfrog.root -file jfrog.root.cer -noprompt)

list

  • keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts

create

mulesoft

keytool -genkey -keyalg RSA -alias <key-alias> -keystore <keystore-name>.jks

sslshopper
keytool -genkey -keyalg RSA -alias mydomain -keystore keystore.jks  -keysize 2048

Install Spring STS on Mac

Drag the STS to the Application may not necessary, as it could not find the vFabric server (need to open the folder to let base_instance know)

Other setup for Maven (3.0.5)
home brew maven30 (stackoverflow thread)

Last but not least

Java dev blogs at Okta

Categories
Java Software development Technology

Database connection pool

Reading Time: < 1 minute

https://brandur.org/postgres-connections

https://news.ycombinator.com/item?id=18220906

https://github.com/brettwooldridge/HikariCP/wiki/About-Pool-Sizing

Categories
Software development Technology

GCP Data Fusion

Reading Time: < 1 minute

(Update 12-10-2020) Ran the DataFusionQuickstart from Data Fusion Hub. Need to make sure the compute@developer service account have the following roles:

BigQuery Admin
Cloud Data Fusion Runner
Dataproc Worker
Service Account User
Storage Admin

then the datafusion user service account still has “Service Account User” role (this is same as below). The big query and storage roles are needed because the pipeline uses both. When it runs successfully, at the end we will see “Pipeline ‘DataFusionQuickstart’ succeeded.”

(Original 10-26-2020) Tried running couple more pre-set pipelines from google. It took a while to run (don’t know why). More on permissions (IAMs): need to add “Dataproc Worker” role to “Compute Engine default service account”. Continue added Service Account User to “Cloud Data Fusion Service Account / Cloud Data Fusion API Service Agent”

Couple tutorials

Targeting campaign pipeline

Creating a reusable pipeline

Permission issue (note the exact error will depends on the setup of network as well, for example, this DF service account needs to have network access to run the pipeline, and it needs that role if applicable).

Cost: the developer edition for data fusion instance costs 35 cents per hour. The basic edition is 1.80 per hour but comes with first 120 hours free, this is 5 days free usage and recommended. Also, there is ways in GCP to set up budgets and alerts.