Wednesday, August 26, 2015

Why do I love IBM Bluemix

I had six Ruby on Rails web apps hosted on Heroku that I wanted to migrate to a more scalable and professional platform within my budget.

My first intention was to use my Bizspark account and deploy them to Microsoft Azure but, unfortunately, Azure Web Apps do not support Ruby on Rails yet. My attempt to deploy them in a single Linux Virtual Machine was painful and the performance very poor, so I decided to try IBM Bluemix.

After signing up for the 30-day trial, I started loving its engaging and intuitive UI, the simple pricing model and the amount of available services for a 1-year old cloud platform.

In less than one hour I had deployed my six web apps using Cloud Foundry CLI, migrated the PostgreSQL databases with the ElephantSQL add-on, and set up the custom domain and SSL certificates.

A tiny "Add Git" button introduced me to IBM Bluemix DevOps Services. This is simply mind-blowing! You are not only allowed to edit your code from the web interface. You can actually set up an entire continuous deployment pipeline, where you can make changes, run your tests and deploy it up to the production environment directly from your browser.

In addition, DevOps Services includes Rational Team Concert, a complete Agile project management tool where you and your team can organize the development effort and monitor the progress.

There is room for improvement in the deployment process. The process failed a few times with an unhelpful "failed to accept connections within health check timeout" error message which in my case was fixed by upgrading some gems or simply re-deploying.

In conclusion, I have tried many cloud solutions before (AWS, Azure, Heroku,...) and I believe IBM Bluemix is going to be my infrastructure partner for a long time.

How to schedule tasks in Ruby on Rails

There are some scenarios where we would like to set some actions to be performed at certain times of the day, or periodically. There is an easy way set up these cron jobs in Ruby on Rails with rufus-scheduler.



It does support four kinds of scheduling:
scheduler.in '10d' do
    # do something in 10 days
end
scheduler.at '2030/12/12 23:30:00' do
    # do something at a given point in time
end
scheduler.every '3h' do
    # do something every 3 hours
end
scheduler.cron '5 0 * * *' do
    # do something every day, five minutes after midnight
end
The integration is incredibly simple. Just create a new file task_scheduler.rb in your /config/initializers folder, include the gem rufus/scheduler and set up your task. In the example below, I am sending an HTTP GET request to Google every 2 minutes and print the status code.
# Required Gems
require 'rubygems'
require 'rufus/scheduler'
require 'net/https'
require 'uri'
# Initialize the scheduler
scheduler = Rufus::Scheduler.new
# Action to be performed every 2 minutes
scheduler.every("2m") do
    # Send a GET request to Google and print the response code
    uri = URI.parse("http://www.google.com")
    http = Net::HTTP.new(uri.host, uri.port)
    request = Net::HTTP::Get.new(uri.request_uri)
    response = http.request(request)
    puts response.code
end

Sunday, August 23, 2015

How to make an app start automatically on Ubuntu

Sometimes we found ourselves starting manually a set of apps or webservices everytime we reboot our Ubuntu instance. We can easily automate this process.


1) Open the configuration file with sudo vi /etc/rc.local
2) Add all the commands that you want to run. For example:
    cd /home/myuser
  rm *.tmp
    nohup java -jar /var/www/myapp/app.jar &
With nohup and the final & we force the jar file to run on background, creating the nohup.out log file.
3) Always end with exit 0
4) Save changes with :x and reboot the system. The commands that you have added should be run at start up.

Saturday, August 22, 2015

How to get your Azure Web App FTP credentials

In the new Microsoft Azure portal, when you create a new Web App, you might struggle to find your FTP user credentials. This is how you can find them.

1) Open portal.azure.com and browse to the Web App you want to access to.

2) Click on the "Get Publish..." button as per screenshot below. It will download an XML file.


3) Open that file with a text editor and you will find the publishUrl, userName and userPWD fields you need.


Why you should think twice before using biometrics

In the last decade we have seen how advances in biometric technologies have made it possible to identify individuals with their fingerprint, voice, iris or even brainwaves with very low failure rates.


I have no doubt that biometrics (something you are) will eventually replace passwords (something you know), which can be easily forgotten, guessed or deciphered with dictionary attacks. It is a fact, we are not good at choosing robust passwords and we reuse them all the time.

Unfortunately, it is not uncommon to hear from considered secure cloud services urging their users to change their passwords after a cyberattack. It is very annoying, but a new password should solve the problem.

But what if your biometric information is stolenMost of cloud services protect it the same way they do with passwords, i.e., the information is encrypted and stored in their servers. If after a cyberattack your fingerprint is deciphered, it could be used in order to access any other online service, and you can't simply change your fingerprint. If it is stolen once, it is stolen forever.

So the next time you are required to sign in with biometrics, ask your self how will your information be processed and protected.

A way to tackle this problem is by using Zero Knowledge Proof protocol (ZKP), that eliminates the transmission, storage and exposure of private user data during authentication. This way, biometric information never leaves the device, it is never transmitted or stored, so it simply cannot be stolen if the server is compromised.


* Disclaimer: I am CTO of Sedicii, a leading company in user authentication solutions, which uses ZKP-based patented technologies.