Octopus Deploy – Variables & Variable Sets

DevOps is a relatively new space in the software engineering world. There are a smattering of tools to aid in the automation of application deployments, but precious little guidance with respect to patterns and practices for using the new tools. As a guy who loves leaning on principles this lack of attention to best practices leaves me feeling a bit uncomfortable. Since I’m leading a migration to Octopus Deploy, I thought I would share some of the decisions we’ve made.

This series of posts is an attempt to start a conversation about best practices. I want to be clear: We have not been applying these ideas long enough to know what all of the ramifications are. Your mileage may vary.

Posts in this series
1. Environments
2. Roles
3. Variables & Variable Sets

Variables & Variable Sets

Octopus Deploy allows you to modify your application’s configuration through the use of variables. You can define variables at the project level, or share variable values between projects through variable sets. If you have relatively little sharing of variables between projects you will likely prefer to create variables at the project level. My team manages over 50 different applications. Many of them are web services designed to support SOA. The net impact is that we have a lot of shared variables and for this reason we define variables exclusively through variable sets. This saves us time hunting for where a given variable is defined.

We use 2 kinds of variable sets
1. Global
2. Role based

Global variable sets define values that might be required across the company irrespective of any particular application, or that are more easily managed together. For example, we wish to capture metadata about environments. Octopus itself does not have a facility for tagging environments with arbitrary metadata. To satisfy this goal we created a variable set called “environment” in which we create variables to indicate values such as “owner” and “abbr”. We use these values to compose the values of other variables such as dns addresses or email addresses.

We also have some environments for which we do not create dns addresses for the sites. In these environments we need to install web applications with alternate ports. We keep a variable sets to define the port number we use for web applications in these environments since they must be unique across the web server.

The number of global variable sets should be as small as possible.

Role based variable sets are variables defined for the specific roles they target. If we have a role called heroes-iis we will also have a variable set called heroes-iis. Since we create roles on a per-deployed-application basis, this helps us keep roles, projects, and variable sets linked. If heroes-iis as web service end points, this variable set may be included in some other project that depends on those end points.

Naming Conventions

It is important to have naming conventions for your variables. I highly recommend prefixing all variables in a variable set with the name of the variable set to avoid potential naming collisions. For example, If I have a variable set called heroes-iis it will have variables with names like:

heroes-iis.application-pool.name
heroes-iis.application-pool.password

Define a Standard Structure for Similar Variable Sets

Once you get the rhythm of installing applications with Octopus, you will discover that similar kinds of applications have similar variable definition needs. You can save yourself a lot of time and Chrome tabs by establishing a variable set template that you use when creating a variable set for each kind of application you deploy. Here is our variable set template for web applications being deployed to iis:

Variable Set Name	Segment	Field	Variable Name	Notes
name-iis	application-pool	name	name-iis.application-pool.name	The name of the application pool
		username	name-iis.application-pool.username	the username the application pool runs under
		password	name-iis.application-pool.password	the password the application pool runs under
	host		name.host	This corresponds to the site name as registered in IIS. It does not include the protocol (http://, https://). It should be blank if the site is being deployed into an environment without a dns entry.
	site-name		name.site-name	This will be just the name of the web application in environments that do not have a dns entry. If the environment has a dns entry, it should resolve the host property.
	site-root		name.site-root	This is the url root for the site. It should include the protocol (http://, https://) as well as the port, and any additional routing information.
	endpoints	endpoint-name	name.endpoints.endpoint-name	A web service may expose one or more endpoints. These should have unique names. Their values should be defined with reference to the host and port variables.
	connection-strings	cs-name	name.connection-strings.cs-name	The name of the connection string in the config file.

Scope

Octopus Deploy allows you to scope variables by environment, role, or channel (as of 3.3). The scoping rules are as follows:

(environment1 OR environment2 OR ...) AND (role1 OR role2 OR ...) AND (channel1 OR channel2 OR ...)

I recommend that you scope variable values as broadly as possible. Use composed variable values where you can to minimize the number of variable values you have to maintain. For example:

<br />heroes-iis.connection-strings.heroes-db => "Server=#{environment.sql-server.url}; Database=#{heroes-db.database-name};"
heroes-db.database-name => #{HEROES_}#{environment.name}
environment.sql-server.url => http://sql-server.#{environment.name}.com

By using a composed variable value I don’t need to scope the connection string variable itself. Instead, I can confine scoping to environment.name and satisfy the resolution of all of the descendant variables. This minimizes the number of variables I have to actively maintain as new environments are created.

Posted on June 28, 2016, 5:46 pm By crmckenzie

No comments yet Categories: Uncategorized Tags: Deployment, DevOps, Octopus Deploy, Patterns & Practices

Octopus Deploy – Roles

Posts in this series
1. Environments
2. Roles
3. Variables & Variable Sets

Roles

When you add machines into Octopus, you must specify environments and roles for that machine. For our purposes, environments were pretty easy to define. Roles however took some work. Here are the kinds of roles we defined.

Operating Systems

Example: windows, linux

This is pretty easy. We started with Linux and Windows for this type of role. I can see a day when we may need to additionally specify ubuntu-14 or 2k8-r2. In the meantime, YAGNI.

Environment Types

Example: dev, uat, integration, staging, prod, support

Our environment naming convention for developer environments is dev-{first initial}{last name}. For uat environments it’s uat-{team}. There is only one of each integration, staging, production, and support environments. There are certain variables that are defined consistently across all dev environments but may differ in uat environments. For this reason we are applying the environment type as a role across all machines in the relevant environments.

Commands

Example: hero-db.migrator

This is a standalone role. There will only be one machine in each environment that will have this role. It’s purpose is to execute commands on some resource in the enviornment that should not be run multiple times or concurrently. A good example of this is an Entity Framework database migration. We choose one machine in an environment that database migrations can be run from.

Applications

Example: webapp-iis, topshelf-service

Each deployable application has its own role. Not every application gets installed on every machine in an environment. We use the -iis affix for applications installed into IIS regardless of whether they’re sites or web services. We use the -service affix for Windows Services. We do this because we sometimes have a family of applications that have the same name but target a different kind of application.

Posted on June 26, 2016, 12:09 pm By crmckenzie

1 comment Categories: Uncategorized Tags: Deployment, DevOps, Octopus Deploy, Patterns & Practices

Octopus Deploy – Environments

Posts in this series
1. Environments
2. Roles
3. Variables & Variable Sets

Our Default Lifecycle

Before I begin, I should give you some background on our development ecosystem. Our Octopus Lifecycle looks like this:

dev => uat => integration => staging => prod => support

The Environments

Name	Convention	Purpose	Notes
dev	dev-{first initial}{last name}	The primary purpose of these environments is to test the deployment tooling itself.	We have 15 or so individual developer environments. Each developer gets their own environment with 2 servers (1 Linux, 1 Windows) and all of our 60 or so proprietary applications installed to it.
uat	uat-{team}	These environments are used by teams to test their work.	We have 10 or so User Acceptance Testing environments. These are a little bit more fleshed out in terms of hardware. There are multiple web servers behind load balancers. The machines are beefier. These enviornments are usually owned by a single team, though they may sometimes be shared.
integration	N/A	Dress rehearsal by Development for releases	The integration environment is much closer to production. When multiple teams are releasing their software during the same release window, integration gives us a rehearsal environment to make sure all of the work done by the various teams will work well together.
staging	N/A	Dress rehearsal by Support for releases	Staging is exactly like integration except that it is not owned by the Development department. We have a team of people who are responsible for executing releases. This is their environment to verify that the steps development gave them will work.
prod	N/A	Business Use	Prod is not managed by the deployment engineering team. We build the button that pushes to prod, but we do not push it.
support	N/A	Rehearsal environment for support solutions	Support is a post-production environment that mirrors production. It allows support personnel to test and verify support tasks in a non-prod environment prior to running them in production.

Posted on June 26, 2016, 12:08 pm By crmckenzie

3 comments Categories: Uncategorized Tags: Deployment, DevOps, Octopus Deploy, Patterns & Practices

KCDC – The Best Conference I’d Never Heard Of

When I started following @OctopusDeploy on twitter in preparation for adopting it for Redacted Financial Services Inc., I saw that they were sending representatives to the Kansas City Developer’s Conference (@kc_dc, #kcdc16). I looked up the conference and saw that @jeffreypalermo was going to be there as well. Excited, I reached out to @darrencauthon to see if he would be there too. When I got the confirmation, I’d made up my mind to go.

Living in the Northwest, I’d never heard of this conference. I’m super glad I came. There 1600 people at the conference. The topics’ focus are a little .NET centric but range toward the philosophical as well as the technical. In addition to .NET, there are presentations on R, Ruby, Javascript, leadership, etc.. The keynote encouraged attendees to learn more deeply about something they’re already doing and also learn something completely new.

This is exactly what I was wishing for in a conference. I’ve enjoyed the opportunity to talk with the gentlemen at @OctopusDeploy. I was impressed by the quality of Jeffrey Palermo’s talk about Continuous Delivery. I greatly enjoyed hearing about new technologies such as Semantic UI. I was fascinated by the differences between Angular, Ember, Knockout, and ReactJS. I’m now very interesting in trying out React.

The highlight was meeting Darren Cauthon in person after 5 years of being twitter friends. Darren & I are kindred spirits in that we both believe in TDD and strive for quality, well-crafted code. We both have backgrounds in .NET and experience with Ruby (though his experience with Ruby is far superior to mine).

I’ll come to this conference again–perhaps as a speaker next time.

Posted on June 25, 2016, 9:19 am By crmckenzie

No comments yet Categories: Uncategorized

Deployment Pattern: Service Health API

I’m in the midst of setting Redacted Financial Services Inc. up to use Octopus Deploy. An issue we’ve had with automated deployments in the past is that the tooling reports that everything is okay, but later we find out the software is misconfigured for the environment it’s installed in. To resolve this problem we’ve started including a service health api into our deployed web services & sites. At the end of any deployment we can issue a GET to the api and have the site tell us whether or not it is at least configured in such a way that it can access its dependent databases and services. Anything other than a 200 and we fail the deployment. We are also handing this api call off to Nagios for monitoring.

The code sample below demonstrates the implementation of this api. We deliver as a code-based add-in using our internal nuget feed. It includes health checks for Sql Server, Couchbase, Rabbit MQ, and standard REST services. This code is longish and we’ll probably open source it after we’ve had a chance to bake it. If you try it out let me know how it works for you.

public class ServiceHealthStatus { public string Type { get; set; } public string Status { get; set; } public string[] Messages { get; set; } public string Name { get; set; } public string Data { get; set; } } public class ServiceHealthController : ApiController { // GET api/ServiceHealth [Route("api/v1/ServiceHealth")] [ResponseType(typeof(ServiceHealthStatus))] public IHttpActionResult Get() { var health = GetServiceHealth().ToArray(); if (health.Any(row => row.Status.ToLower() != "up")) { var response = Request.CreateResponse(HttpStatusCode.ExpectationFailed, health); return ResponseMessage(response); } return Ok(health); } private IEnumerable<ServiceHealthStatus> GetServiceHealth() { var results = new List<ServiceHealthStatus>(); var viewModel = new AboutViewModel(); try { // these foreach blocks are deliberately NOT LINQ-ified so that // if an exception occurs we'll still have the first items from each // collection in the results list. // var connectionStringHealth = GetConnectionStringHealth(viewModel); foreach (var result in connectionStringHealth) { results.Add(result); } var serviceEndpointHealth = GetServiceEndpointHealth(viewModel); foreach (var result in serviceEndpointHealth) { results.Add(result); } var rabbitHealth = GetRabbitHealth(viewModel); foreach (var result in rabbitHealth) { results.Add(result); } var couchbaseHealth = GetCouchbaseHealth(viewModel); foreach (var result in couchbaseHealth) { results.Add(result); } } catch (Exception e) { results.Add(new ServiceHealthStatus() { Type = "Unknown", Status = "error", Messages = new[] {e.Message}, Name = "Exception", }); } return results; } private IEnumerable<ServiceHealthStatus> GetCouchbaseHealth(AboutViewModel viewModel) { foreach (var url in viewModel.Couchbase.Servers.Urls) { var healthStatusType = "Couchbase"; var name = "Couchbase"; yield return GetServiceHealthStatusForUrl(url, name, healthStatusType); } } private IEnumerable<ServiceHealthStatus> GetRabbitHealth(AboutViewModel viewModel) { foreach (var url in viewModel.Rabbit.Urls) { var healthStatusType = "Rabbit"; var name = "Rabbit"; var httpGetUrl = url.Replace("amqp", "http").Replace("5672", "15672"); // use the web client port yield return GetServiceHealthStatusForUrl(httpGetUrl, name, healthStatusType); } } private static IEnumerable<ServiceHealthStatus> GetServiceEndpointHealth(AboutViewModel viewModel) { foreach (var endpoint in viewModel.ServiceEndpoints) { var healthStatusType = "Service"; var url = endpoint.Link; var name = endpoint.Name; yield return GetServiceHealthStatusForUrl(url, name, healthStatusType); } } private static ServiceHealthStatus GetServiceHealthStatusForUrl(string url, string name, string healthStatusType) { Exception exception = null; HttpResponseMessage response = null; try { var uri = new Uri(url, UriKind.Absolute); var client = new HttpClient(); response = client.GetAsync(uri).Result; } catch (Exception e) { exception = e; } var status = (exception == null && response != null && response.StatusCode == HttpStatusCode.OK) ? "up" : "down"; var messages = new List<string>(); if (response != null && response.StatusCode != HttpStatusCode.Accepted) { var content = response.Content.ReadAsStringAsync().Result; messages.Add(content); } while (exception != null) { messages.Add(exception.Message); exception = exception.InnerException; } return new ServiceHealthStatus() { Name = name, Data = url, Status = status, Type = healthStatusType, Messages = messages.ToArray(), }; } private static IEnumerable<ServiceHealthStatus> GetConnectionStringHealth(AboutViewModel viewModel) { foreach (var connectionString in viewModel.ConnectionStrings.Cast<ConnectionStringSettings>()) { Exception exception = null; var str = connectionString.ConnectionString.Replace("Connect Timeout=30", "Connect Timeout=5"); using (var connection = new SqlConnection(str)) { try { connection.Open(); } catch (Exception e) { exception = e; } var status = (exception == null) ? "up" : "down"; var messages = (exception == null) ? new string[] {} : new string[] {exception.Message}; yield return new ServiceHealthStatus() { Type = "Database", Name = connectionString.Name, Data = connectionString.ConnectionString, Status = status, Messages = messages }; } } } } // Comment out the line below if your project does not use Couchbase. #define Couchbase #if Couchbase // If this line is giving you a compilation error because your app // does not use Couchbase, // Comment out the Couchbase preprocessor directive at the top of this file. using Couchbase.Configuration.Client.Providers; #endif public class AboutViewModel { private static ICollection<KeyValuePair<string, string>> GetApplicationConfigurationValues(string sectionName) { var section = (NameValueCollection)ConfigurationManager.GetSection(sectionName); if (section != null) return section.AllKeys.Select(key => new KeyValuePair<string, string>(key, section[key])).ToList(); Debug.WriteLine("Unable to find '{0}' section in configuration file.", sectionName); return new List<KeyValuePair<string, string>>(); } private ServiceEndpointViewModel MapServiceEndpoint(KeyValuePair<string, string> s) { return new ServiceEndpointViewModel() { Name = s.Key, Location = s.Value, Link = this.GetDocumentationUrl(s.Value) }; } private string GetDocumentationUrl(string value) { if (string.IsNullOrWhiteSpace(value) || value.EndsWith(".svc") || !Uri.IsWellFormedUriString(value, UriKind.Absolute)) return value; return string.Format("http://{0}/swagger", new Uri(value).Host); } private static AuthorizationConfigurationViewModel MapAuthorization(KeyValuePair<string, string> s) { string str = string.IsNullOrWhiteSpace(s.Value) ? "{None Defined}" : s.Value; return new AuthorizationConfigurationViewModel() { Name = s.Key, Groups = str }; } private List<LoggerConfigurationViewModel> GetLoggingConfiguration() { var allRepositories = LogManager.GetAllRepositories(); var loggers = allRepositories .SelectMany(r => r.GetCurrentLoggers() .Cast<Logger>()) .Where(l => l.Appenders.Cast<IAppender>().Any()) .Select(l => this.MapLogger(l)) .ToList() ; var loggersFromHierarchies = allRepositories .Cast<Hierarchy>() .Where(h => h.Root != null) .Select(h => this.MapLogger(h.Root, "Root")) .ToList() ; loggers.AddRange(loggersFromHierarchies); return loggers; } private LoggerConfigurationViewModel MapLogger(Logger l, string name = null) { return new LoggerConfigurationViewModel() { Name = name ?? l.Name, LoggingLevel = l.EffectiveLevel.DisplayName, Appenders = this.MapAppenderCollection(l.Appenders) }; } private List<LogAppenderConfigurationViewModel> MapAppenderCollection(AppenderCollection appenderCollection) { return appenderCollection.Cast<AppenderSkeleton>().Select(this.MapAppender).ToList(); } private LogAppenderConfigurationViewModel MapAppender(AppenderSkeleton a) { return new LogAppenderConfigurationViewModel() { Name = a.Name, Type = a.GetType().FullName, LayoutName = a.Layout.GetType().FullName, Properties = GetProperties(a), LayoutProperties = GetProperties(a.Layout) }; } private static Dictionary<string, object> GetProperties<T>(T item) { Type type = item.GetType(); PropertyInfo[] properties = type.GetProperties(); Func<PropertyInfo, object> elementSelector = p => type.GetProperty(p.Name).GetValue((object)(T)item); return properties.ToDictionary(p => p.Name, elementSelector); } public AboutViewModel() { ApplicationName = this.GetType().Assembly.GetName().Name; AppSettings = ConfigurationManager.AppSettings; ConnectionStrings = ConfigurationManager.ConnectionStrings; Assemblies = AssemblyViewModel.FromAssembly(Assembly.GetExecutingAssembly()); ServiceEndpoints = GetApplicationConfigurationValues("service.addresses").Select(this.MapServiceEndpoint).ToList(); Authorizations = GetApplicationConfigurationValues("authorization").Select(MapAuthorization).ToList(); LoggingConfiguration = GetLoggingConfiguration(); Rabbit = RabbitViewModel.From(GetApplicationConfigurationValues("rabbit")); Couchbase = CouchbaseConfigurationViewModel.FromAssembly(Assembly.GetExecutingAssembly()); } public string ApplicationName { get; set; } public string ApplicationSetName { get; set; } public IEnumerable<AssemblyViewModel> Assemblies { get; set; } public IEnumerable<ServiceEndpointViewModel> ServiceEndpoints { get; set; } public IEnumerable<AuthorizationConfigurationViewModel> Authorizations { get; set; } public IEnumerable<LoggerConfigurationViewModel> LoggingConfiguration { get; set; } public NameValueCollection AppSettings { get; set; } public ConnectionStringSettingsCollection ConnectionStrings { get; set; } public RabbitViewModel Rabbit { get; set; } public CouchbaseConfigurationViewModel Couchbase { get; set; } } public class AssemblyViewModel { public static IEnumerable<AssemblyViewModel> FromAssembly(Assembly assembly) { var dependentAssemblies = GetDependentAssemblies(assembly); var viewModels = dependentAssemblies .Select(a => new AssemblyViewModel { AssemblyName = a.Name, AssemblyVersion = a.Version.ToString() }) .OrderBy(a => a.AssemblyName); return viewModels; } private static IEnumerable<AssemblyName> GetDependentAssemblies(Assembly assembly) { var list = new List<AssemblyName>(); var codebase = new Uri(assembly.CodeBase); var binPath = codebase.LocalPath; var binFolder = Path.GetDirectoryName(binPath); if (binFolder != null) { var files = Directory.GetFiles(binFolder, "*.dll"); list.AddRange(files.Select(Assembly.LoadFrom).Select(a => a.GetName())); } return list; } public string AssemblyName { get; set; } public string AssemblyVersion { get; set; } } public class AuthorizationConfigurationViewModel { public string Name { get; set; } public string Groups { get; set; } } public class LoggerConfigurationViewModel { public string Name { get; set; } public string LoggingLevel { get; set; } public List<LogAppenderConfigurationViewModel> Appenders { get; set; } } public class LogAppenderConfigurationViewModel { public string Name { get; set; } public string Type { get; set; } public string LayoutName { get; set; } public Dictionary<string, object> Properties { get; set; } public Dictionary<string, object> LayoutProperties { get; set; } } public class RabbitViewModel { public RabbitViewModel() { Urls = new string[] { }; } public string[] Urls { get; set; } public static RabbitViewModel From(ICollection<KeyValuePair<string, string>> rabbitSection) { const string key = "RabbitMqServerUrl"; if (!rabbitSection.Any(row => row.Key == key)) { return new RabbitViewModel(); } var rawValue = rabbitSection.First(row => row.Key == key).Value; if (string.IsNullOrWhiteSpace(rawValue)) { return new RabbitViewModel(); } var urls = rawValue .Split('|') .Select(row => row.Trim()) .Select(row => { var expression = @"amqp:\/\/\w+:"; if (Regex.IsMatch(row, expression)) { var match = Regex.Match(row, expression); var startOfPassword = match.Length; var endOfPassword = row.IndexOf("@"); var charArray = row.ToCharArray(); for (var i = startOfPassword; i < endOfPassword; i++) { charArray[i] = '*'; } var result = new string(charArray); return result; } return row; }) .ToArray() ; return new RabbitViewModel() { Urls = urls, }; } } public class ServiceEndpointViewModel { public string Name { get; set; } public string Location { get; set; } public string Link { get; set; } } [XmlRoot(ElementName = "couchbase")] public class CouchbaseConfigurationViewModel { public CouchbaseConfigurationViewModel() { Buckets = new List<CouchbaseBucketViewModel>(); ConnectionPool = new CouchbaseConnectionPoolViewModel(); Servers = new CouchbaseServersViewModel() { Urls = new List<string>(), }; } [XmlAttribute("useSsl")] public bool UseSsl { get; set; } [XmlElement("servers")] public CouchbaseServersViewModel Servers { get; set; } public List<CouchbaseBucketViewModel> Buckets { get; set; } #if Couchbase public static CouchbaseConnectionPoolViewModel Create(ConnectionPoolElement element) { return new CouchbaseConnectionPoolViewModel() { Name = element.Name, MaxSize = element.MaxSize, MinSize = element.MinSize, SendTimeout = element.SendTimeout, }; } public static CouchbaseBucketViewModel Create(BucketElement row) { return new CouchbaseBucketViewModel() { UseSsl = row.UseSsl, OperationLifespan = row.OperationLifespan, Name = row.Name, ConnectionPool = Create(row.ConnectionPool), ObserveTimeout = row.ObserveTimeout, ObserveInterval = row.ObserveInterval, UseEnhancedDurability = row.UseEnhancedDurability, }; } #endif public static CouchbaseConfigurationViewModel FromAssembly(Assembly assembly) { #if Couchbase var section = ConfigurationManager.GetSection("couchbase") as CouchbaseClientSection; var servers = section.Servers .Cast<UriElement>() .Select(row => { return row.Uri.OriginalString; }) .ToList() ; var buckets = section.Buckets .Cast<BucketElement>() .Select(Create) .ToList(); var result = new CouchbaseConfigurationViewModel() { ConnectionPool = Create(section.ConnectionPool), Servers = new CouchbaseServersViewModel() { Urls = servers, }, Buckets = buckets, UseSsl = section.UseSsl, ApiPort = section.ApiPort, DirectPort = section.DirectPort, EnableConfigHeartBeat = section.EnableConfigHeartBeat, EnableOperationTiming = section.EnableOperationTiming, EnableTcpKeepAlives = section.EnableTcpKeepAlives, Expect100Continue = section.Expect100Continue }; return result; #else return new CouchbaseConfigurationViewModel(); #endif } public bool Expect100Continue { get; set; } public bool EnableTcpKeepAlives { get; set; } public bool EnableOperationTiming { get; set; } public bool EnableConfigHeartBeat { get; set; } public int DirectPort { get; set; } public int ApiPort { get; set; } public CouchbaseConnectionPoolViewModel ConnectionPool { get; set; } } public class CouchbaseBucketViewModel { [XmlAttribute("name")] public string Name { get; set; } [XmlAttribute("useSsl")] public bool UseSsl { get; set; } [XmlAttribute("password")] public string Password { get; set; } [XmlAttribute("openLifespan")] public uint? OperationLifespan { get; set; } [XmlElement("connectionPool")] public CouchbaseConnectionPoolViewModel ConnectionPool { get; set; } public int ObserveTimeout { get; set; } public int ObserveInterval { get; set; } public bool UseEnhancedDurability { get; set; } } public class CouchbaseConnectionPoolViewModel { public string Name { get; set; } public long MaxSize { get; set; } public long MinSize { get; set; } public long SendTimeout { get; set; } } public class CouchbaseServersViewModel { public string Bucket { get; set; } public string BucketPassword { get; set; } public List<string> Urls { get; set; } }

Posted on June 13, 2016, 6:03 pm By crmckenzie

No comments yet Categories: Uncategorized

Status Report on my Software Engineering Intership

In the time since I first wrote about my software engineering internship program I’ve gotten a bit more organized and had some new observations and insights. The philosophy behind the program is the same, but I can now better discuss the practical implementation, side-effects, and ROI. If you are interested in starting your own program, you should definitely read my first post on the topic as it covers the strategic elements in greater detail.

Return on Investment

Running the internship has costs. They are:

~15% of the mentor’s salary
~5% of the coach’s salary
The intern’s salary
The cost of equipment
The cost of a Pluralsight License
The cost of Clean Code and The Pragmatic Programmer

How do we justify this to the business? How is the program cost-effective?

After the bootcamp phase of the program the interns can usually write test-driven code with a level of quality approaching that of any other software engineer. We give them projects to work on that would not otherwise be approved. They “fill in the gaps” solving problems for our development organization.

Here are some of the projects they’ve worked on:

GitBack – a console application used to backup all of your git repos to disk
- It’s open source. Feel free to use it and/or enhance it.
A web application portal to host prototypes of tools and reports needed by the business that don’t neatly fit into any existing application.
A web application to report on our hardware eco-system–which machines are used for what in which environments?
A web application to scrub and provision sql server databases into non-production environments for testing purposes

The other major way we benefit as a department is that we get the opportunity to work with people while they’re starting out. We train them to build software our way. We get to know their warts, and they ours. When we have open positions, we prefer to offer them to people we know. We have had 2 direct hires of college students out of our internship program. When they come to work for us, they already know they like our environment. That may not sound like a lot but it can add up fast when you consider recruiter fees.

But wait! There’s more!

Alternative Career Path

After I’d been running the program for a year or so, something interesting happened: We had a member of another department request to go through our internship program. He wanted to effect a career-change into Software Engineering. Since we already had the program in place, we were able to accomodate him. Before he had even finished the program, we had another member of our organization request the same thing. We are able to provide an alternative career path to our organization and the development department benefits.

As of this moment we have hired:

2 interns out of college
2 career changes out of our internal organization
1 career change from outside our organization

That’s roughly 20% of our development organization.

Further, we have made the program available to people in other departments whose jobs require that they write code even though they’re not software engineers. It is my hope that this will result in higher quality code across the rest of our organization as well, though that remains to be seen.

Curriculum

The curriculum of the program has remained largely unchanged since I first wrote about it. However, I’ve found that I can make it largely self-serve for the first 4-6 weeks by organizing it as a sequence. This reduces the amount of time I need to spend mentoring the intern. Of course, once they get started on their real project my investment will be greater.

Here is the updated curriculum:

Clean Code
1. Read chapters 1-9 before the refactoring your homework exercise.
Setup your dev machine (we have powershell scripts for this).
Learn about Github & Branching
1. trygit
Refactor your own school homework exercises to improve the readability of your code
1. you are practicing what you have learned in Clean Code
Movies Tutorial – build an ASP .NET MVC web application
watch ASP .NET MVC 4 Fundamentals
1. Sections 1 & 2
2. The purpose here is to learn in detail what you did in the Movies Tutorial
watch MVC5 Fundamentals
1. Identity & Security
2. Bootstrap
3. Web Api 2
4. Entity Framework 6
Music Store Tutorial – build another ASP .NET MVC web application
1. You should see that you are much faster this time around.
2. You should understand the “why” in the steps of the tutorial.
Nerd Dinner Tutorial – here’s another version updated for EF4
1. These tutorials are out of date. To complete the project you will likely have to switch between them.
2. Use EF Code first instead of what’s in the tutorial for data access.
3. Stop when the tutorial tells you to import MicrosoftAjax.js.
  1. Chris will give you his speech on why this file is historically important and why we’re not going to use it.
  2. You’ll use jquery instead.
Pair on the Bowling Game Kata
Implement Fizz Buzz on your own using TDD.
Learn about Dependency Injection
1. Watch Dependency Injection On Ramp
2. Read Dependency Injection Patterns
Introduce Fakes, Stubs, and Mocks using this PluralSight video on Rhino Mocks
Practice using Mocks and Stubs using this exercise
Get started on your first real project!

Posted on May 30, 2016, 9:07 am By crmckenzie

No comments yet Categories: Uncategorized Tags: Internships

TIL: How to break a Windows Server with a “

The Context

I’m working on bringing Octopus Deploy into our company. We have a good number of TopShelf services. Octopus Deploy does not directly support installing Topshelf services so I’m creating the functionality in a Step Template. While attempting to install my service I got the command-line arguments slightly wrong. Instead of deploying a service called MyService I deployed a service called "MyService". The services manager on the target server recognized the service, but neither the Powershell function Get-Services nor sc.exe could find it. I was eventually able to get a reference to the service using Get-WmiObject Win32_Service -Name "MyService". I tried calling the delete method on this service and it did not succeed.

I was stuck. I can’t uninstall the service because none of the built-in tools recognize it.

I had no choice but to kill the server and rebuild it. It’s a good thing that we’re trying to treat servers like cattle and not pets.

Posted on May 26, 2016, 2:24 pm By crmckenzie

No comments yet Categories: Uncategorized Tags: Octopus, TopShelf, Windows, Windows Services

Deferred Technical Debt is Just Bad Design

Technical Debt is a metaphor to describe software rot. The idea is that each time software engineers take shortcuts in the code they incur “debt” in the code base. Each time future engineers must read and/or modify the indebted code, they pay “interest” on the debt in the form of longer project times and increased risk of defects due to unreadable code.

Some argue, and I’m one of them, that sometimes it is necessary to incur technical debt for the sake of speed. In a personal example I had a feature that was required to be implemented inside a week. My team estimated the work at 2 weeks. This was unacceptable due to an externally imposed deadline. The team offered a hacky solution to the problem that resulted in a quick turnaround. We offered the solution on the condition that we would immediately be given the 2 weeks to correct the design flaw. Agreement was reached and we released the feature in 1 week. We finished the feature in 3 weeks.

When you take on technical debt, you don’t reduce the cost of the feature–you increase it. You take on the work of the hacky solution and the work of reworking the hacky solution.

The reason we were able to reach this agreement is that our product owner and our team all understood that bad code is more expensive. We deliberately wrote bad code for the sake of instant gratification and then we immediately paid the full price for good, tested code.

We’ll fix it later

My colleague @jrolstad likes to say

Technical Debt is the lie we tell ourselves that we’ll come back and fix it later.

This is a phenomenon widely observed by many software engineers. We complain that the software is rotting and are promised an opportunity to “fix it later,” but “later” never seems to come.

What is always coming but never arrives? Tomorrow

— Children’s joke

Your code is your design

There’s an antipathy toward useless documentation in the Agile community, especially documentation about what code does. “The best documentation of the code is the code.”

When it comes to the design of their software, many developers make the mistake of thinking of the system in terms of their aspirations for the code base. The design of the system is always its current state. If you take a policy of accumulating technical debt in your code base then your actual design is a mess–not the gleaming structure of rationality you imagine it will be when you fix the technical debt… later.

What can we do?

If your organization has a legitimate need to take on technical debt, we can insist that the work to repair the debt be placed on the work calendar immediately. Most of the time the “business value” of getting a feature delivered fast is an attempt to pretend that a feature doesn’t cost as much as it does.

As a software engineering professional, we should not pretend that features do not cost what they do. We should not lie to the business, nor help them lie to themselves.

Estimation

These ideas have an implication with respect to estimation. If you owned a home and wanted to add a room on the second floor, how would you react if your contractor said “Well, these beams are rotted. We can probably build the room without replacing the beams, but your house may collapse in ten years. What do you want to do?” If you are anything like me, you would be appalled that the contractor even offered the option. The fact that the beams are rotted requires that they be replaced. This is not optional. The problem is not “solved” by building a room on rotted beams that will collapse in 10 years. It is not solved even if we know we are going to sell the house in 5 years (I’m looking at you startups).

The engineer should not offer to build the room on rotted beams. We should not offer or suggest alternatives to the business that result in the accumulation of technical debt. We should be honest with ourselves and with our employers about the real cost of the work they have requested.

But what if there’s a legitimate reason?

Is it always wrong to accrue technical debt? I don’t think so. As I stated earlier, I believe it can be acceptable to take some short-term shortcuts to get a solution out fast. However, this should be anomalous and the resultant mess should be cleaned up immediately following the achievement of the business goal. It needs to be understood by all parties that the shortcut costs more, not less.

How do I sell this to the business?

This is a complex topic and I don’t have all the answers. I have some answers and some promising leads.

First, stop presenting hacky alternatives in your estimate. Look at the code and honestly assess what it will take to alter it correctly. What is it going to take to add appropriate tests where they are missing? To clean the code so it will tolerate the change? To make the change? To repair an architectural deficiency? Estimate and present your estimate confidently and do not offer hacky options. If the business wants to negotiate, ask which features they would like to drop from the project. Do not offer to take engineering shortcuts.

Another tactic you can take is to measure estimates vs. technical debt in the code. You’ll have to start collecting some data for this approach and it will take some time. You’ll need:

Project estimates
How long the projects actually took
Cyclomatic complexity for the affected code.

You’ll want to relate the accuracy of estimates to complexity. You should see that estimation accuracy decreases as complexity increases. For extra points, you can look at actual project estimates for similar features in code bases with different complexities. You should see that that more complex code bases are harder to maintain–even from an estimation perspective–than their simpler counterparts. You can use this information to put teeth into the claim that unclean code costs the company money.

I’d love to hear any other ideas you might have in the comments!

Posted on May 11, 2016, 9:21 am By crmckenzie

No comments yet Categories: Uncategorized

Nobody is Complaining

Sometimes we fall into the trap of thinking that since no one is complaining about our work then everyone must be happy with it. This is a dangerous mode of thought because our customers may not in fact be happy with our work, and because it inhibits us from improving ourselves. Getting accurate customer feedback about our performance is critical if we are to continually improve.

A Personal Example

At Redacted Financial I have some resource needs that are slow to be filled. There’s a process in place to make sure you get the right resources, but budgetary constraints mean that resource needs must be demonstrated before they are doled out. This makes sense to a degree but:

Budgets are there to keep you from being irresponsible. They should not keep you from being smart. 
--Chris McKenzie

Yes, I’m quoting myself–but I really like that formulation :). The process to get more resources is just painful enough that my team members are averse to going through it. Our team has similar needs across the board so iterating through the approval process for each member of the team strikes me as wasteful. I’d rather identify a baseline for all of my team members and start each person with those resources. When I proposed this idea I was told:

We have resources allocated in wildly different ways and nobody is complaining. Clearly there is no standard baseline for your team.
--The Gatekeeper

I thought this attitude was interesting. In the mind of this engineer, “nobody is complaining” is equivalent to “everybody has what they need.” Sometimes as engineers we operate on the assumption that everyone complains if something is bothering them.

This is false. Marketers have known this for years. That’s why they spend so much time and effort to get you to fill out customer satisfaction surveys. Sometimes the most valuable information you can mine for is “where am I failing?” Marketers know that for every person who is vocal about there complaints, there are hundreds they will never hear from.

How can you find out if your customers are happy?

Let me ask a different question first: “Who are your customers?” There are different people who are impacted by your work. They are all stakeholders, but not every stakeholder is your customer. If you can’t look at your stakeholders and clearly identify your primary customer, consider using a Responsibility Assignment Matrix.

I found it useful in a recent project to use the RASCI matrix which is defined as follows:

Responsible – This is you in our example
Accountable – This is your customer. This is who you are accountable to. This isn’t your boss (necessarily). This is the person who will use the end-product of your work. It’s to enable them in their goals that you are doing yours.
Support – These are stakeholders who will support you in your efforts, but who do not directly consume the end-product of your work.
Consulted – These are stakeholders who should be consulted about your work. They may need to approve some aspect of what you’re doing, or they may have important insight about how you should go about your job.
Informed – These are stakeholders who should be informed about your work and/or your progress.

These matrices are often used to facilitate the repair of organizational disfunction, but they are also useful simply to clarify the roles & responsibilities of all of the stakeholders in your personal work ecosystem.

Once you’ve identified your primary customer, the simplest way to find out if they are happy with your work is… ask them. Face-to-face conversations are nice where possible. If you are lucky enough to be able to have a face-to-face conversation with your customers, try to adopt an attitude that is open to criticism. Don’t interrupt what they’re saying with explanations or excuses–even if you disagree with what they’re saying or if you think they’re wrong about something. There will be time for responding later. For now, your task is to listen and gather as much information about their assumptions and agendas.

Some customers will be confrontation-averse so a face-to-face conversation may not yield honest results. As mentioned before, surveys might be useful. An anonymous comment box (or anonymized email account) could work. It’s on you to figure out how to mine the information.

What do I do with customer feedback once I get it?

It may be hard to get the information. It may also be hard to hear it. You should take some time to reflect on the feedback before you respond, especially if it’s negative. Try to distance yourself from any initial emotional reaction so that you can consider more than just what the feedback says about you and your work. What is the underlying agenda your customer is trying to achieve? Are you helping or hindering that agenda? Are they lacking any key pieces of information? Are there other easy solutions to their problems?

When your customer gives you feedback, the worst thing you can do is not respond to it. If you fail to respond to feedback–positive or negative–you send the message that you do not value it. If you don’t value the feedback, it shows you don’t value your customer. You should respond to feedback even if you’re not sure you can do anything to address their underlyng complaint.

In our recent town hall, it was expressed that working on project teams instead of product teams isn’t ideal from the perspective of collective code-ownership. The response was “The Business doesn’t want to work that way.” We are not resourced to have product teams for the 50 or so applications we manage. Business priorities shift and sometimes require all of our resources to concentrate on a few applications at a time. This wasn’t happy news for our development teams, but it is understandable. My point is even if you can’t do anything to address the critical feedback due to issues beyond your control, you can respond to the feedback by explaining the other constraints to your customer.

The response to the town hall was overwhelmingly positive. Sometimes, it is enough for your customer to hear a good reason why it’s hard to accomodate their needs to reduce their frustration.

Posted on May 2, 2016, 5:49 pm By crmckenzie

No comments yet Categories: Uncategorized

Development Organization Town Hall

This week at Redacted Financial we had a “town hall” style meeting that included the entire software engineering organization. The meeting was run lean coffee style. No work-related topic was off limits. Our director made himself available for 2 hours to answer any questions about why our organization is run the way it is.

We discussed:

Why we have a separate project management group.
The rationale behind our work-from-home policy.
Why we tend toward project teams rather than product teams.
How we can address technical debt & product direction using project teams.
Why our teams are sized the way they are.
Maintenance and dissemenation of current best practices, standards, and guidelines for different kinds of softare.

This meeting is similar to a retrospective at the end of a project or sprint. It is different in that there are things that we can’t change because they are constraints imposed on us by the business, but understanding where those lines are and what we can change was valuable to everyone. One of the things that we are changing is our work-from-home policy. Those who advocated for a more liberal policy are involved in a small team working with the Director to write up a new policy.

Our Director offered to have a version of this meeting annually. The team immediately objected “We should have this meeting quarterly!” So we are. We’re going to allocate 1hr per quarter for this style of meeting.

The value-add as I see it is that the team can be involved in changing how their organization works within the larger enterprise. Where there are barriers, the team can be informed about what they are and why they’re there. For those who feel strongly that a given barrier shouldn’t be there, they can direct their attention to problem-solving how to remove the barrier while still accomplishing the business objectives that caused the barrier to be erected in the first place. A side-effect of empowering team members to make change is that it reduces the amount of work management has to do to identify opportunities for change and push the through.

The town hall meeting was a very positive experience for our team. I wonder if anyone else has done anything similar and what their results have been.

Posted on April 23, 2016, 12:15 pm By crmckenzie

1 comment Categories: Uncategorized

Variables & Variable Sets

Naming Conventions

Define a Standard Structure for Similar Variable Sets

Scope

Roles

Operating Systems

Environment Types

Commands

Applications

Our Default Lifecycle

The Environments

Return on Investment

Alternative Career Path

Curriculum

The Context

We’ll fix it later

Your code is your design

What can we do?

Estimation

But what if there’s a legitimate reason?

How do I sell this to the business?

A Personal Example

How can you find out if your customers are happy?

What do I do with customer feedback once I get it?

Previous Page · Next Page

Chris McKenzie

Personal Links

Verified Services

Recent Posts

Tags

Archives