Scaling with Single Sign On

I’ve been with Blue Motor Finance for eighteen months now. To give an idea of the size of the business it’s just reached 100 employees, has a sales team that covers all of the UK and has financed over £200m. As part of that journey we’ve invested heavily in SSO.

WHAT ARE THE BENEFITS OF SSO?

Blue like any consumer finance company has a lot of operational processes, these are supported and managed with a myriad of systems some built by us many more are services provided by third party vendors. At the last count there was over one hundred of these systems, they are all online and web based. Managing one hundred employees access to over 100 systems presents a challenge. Okta is one of several Identity providers (IDP) who offer a single sign on solution that integrates with 1000’s of online applications. It is effectively Lastpass for organisations. As our understanding of how Okta can speed up deployment has grown, we’ve made it a priority to use applications that support integration with it and more specifically offer Just In Time (JIT) provisioning. The big win with JIT provisioning is that in Okta we can decide which teams should have access to a particular app and the first time someone logs in their account will be setup automatically. For some applications a bit of additional admin is required but for many that is all there is to it.

oktascreenshot

IS SSO AN ENTERPRISE FEATURE?

I’ve noticed that many SaaS providers put SSO into their Enterprise pricing bundle. I don’t understand why they would restrict access to a feature that removes deployment friction and drives adoption. It would be far better to offer this in the free or low cost option to try win hearts and minds.

APP DIRECTORY

Okta has an app store where it lists all the applications it has already integrated with, this is useful if say, you need a learning management system of which there are 1000’s available because you save time by only evaluating the ones that are already integrated.

Okta reaches out to the bigger SaaS providers to try and build out of the box integrations. These are listed in the App directory so it’s easy to see how well an integration is supported.

MOBILE STRATEGY

Okta provide decent apps for both mobile and tablet, this has proved valuable to our sales team who are on the road visiting our dealers.

THE LAND OF MILK AND HONEY

It wouldn’t be fair to leave the impression that there are no problems, some SaaS vendors haven’t quite figured out SSO yet and their integrations are a bit clunky. We initially launched with Expensify’s SAML integration and had to abandon it as their mobile app had several issue’s. Any “new” technology is going to run into this, as long as the benefits out-way the cost it shouldn’t prevent you from adopting.

CHALLENGES

Asking teams to use Okta is asking them to change and learn. Initially you should expect push back but we’ve found that our teams have over time come to rely on and appreciate the functionality Okta offers. It is at it’s most effective with the systems we’ve developed internally. The tech team here have been able to build and deploy smaller more focused systems without any additional deployment overhead.

Naze32 Cleanflight Setup and gotchas

 

cleanflightNaze32Windows10

 

This is a quick post to highlight the gotchas I ran into setting up a Naze32 for the first time on a Windows 10 pc and using Cleanflight to flash the firmware.

  1. Install the drivers from the silicon labs website here
  2. Connect the Naze32 using a micro usb cable that can transmit data and power
  3. Open Device Manager and check that under the Ports (Com & Lpt) section you see: PortsScreenshot
  4. Make a note of the Com port (3 in my case)
  5. Using the chrome extensions site here  install cleanflight and launch it. Video
  6. If you have a brand new Naze32 board you will need to flash the firmware, watch this video. The gotcha is make sure you select the correct com port in cleanflight or the flash will fail.
  7. After you have successfully flashed the board you’ll be able to connect cleanflight to the naze32 and you should be able to see the image of a multirotor move as you move the board around.
  8. Calibrate the naze32 board then go and have fun.

Geckoboard + Pi3 = Wallboard

At Blue we’ve been using Geckoboard to power our office wallboards for about six months. We use them to track our business volumes and workflow queues. To begin with we were using the built-in browser that ships with Sony’s Android based TV’s. There are two major issues with this they only display for an hour then a screensaver appears and they run out of memory. Geckoboard advise against using these built-in browsers.

Bravia_All_apps

Interestingly Geckoboard have put the Rasberry Pi on “do not use list”, however, their article pre-dates the the arrival of the Pi3 which has a much more powerful processor and built in wifi.

What is our Pi made of?

If your pc is running windows you can use Windisk Imager + 7 Zip to extract the img file and write it to the micro SD card.

Configuration

The Ubuntu Mate helper has a Raspberry Pi section, inside there is a button that will resize your boot disk to make full use of the space on your SD card. Press this button.

To make your Pi operate as an always on dashboard you need to disable the screen saver and power saving. In Ubuntu Mate you can do this in System>Preferences>Look and Feel>Screensaver.

To make our Pi’s fill the screen on the Sony TV’s we had to disable overscan, this was done by editing the /boot/config.txt and un-commenting disable_overscan=1. After a reboot the pi filled the screen and the inch thick black border was gone.

Open up a terminal window and type:

sudo nano /boot/config.txt

Scroll down to below the video modes section where you should see the overscan section and simply un-comment the disable_overscan=1 setting.

If everything has worked you should have an awesome looking wallboard. We’ve found our Pi3’s to be very stable, the only intervention needed is down to Firefox needing to restart after an update. Sony TV’s have a feature that allows you to set them to go off and come on at specific times of day which is helpful for us.

Update:  

Do not use the Belkin PSU, whilst it is rated at 2.4 amps it is only able to provide 1.4 amps which is not sufficient when the Pi is working hard. It causes under voltage alerts and may affect stability. We are looking for an alternative.

2nd Update:

We’ve switched to using the official 2.5 amp Pi PSU. tThe Pi’s are more stable with the official PSU but they are still not stable enough for a wallboard. We were looking for 7 days of stable use but are getting only 2 days on average. We’re not really sure what the major cause of the instability is.

Final update:

We have started using the google chromebit ‘s to power our geckobard dashboards, they are not perfect but they are a lot more stable than the pi3. They are also quicker and easier to setup.

Setup to build C# project from the command line with Nuget package restore

For small solutions my preferred deployment method is via Github, i’m recording the details here for my own benefit.

  1. Create a new git repo and push up your code.
  2. On your test/live server clone the repo
    • git clone https://github.com/myaccount/myrepo
  3. Make sure nuget.exe is available in powershell/cmd line you can use chocolatey
    •  choco install nuget.commandline
  4. Restore nuget packages (if you’ve referenced any)
    • nuget restore MySolution.sln
  5. Build the solution
    • msbuild Mysolution.sln

New Development Rig – HP ProDesk 400 G1 SFF

I’ve just assembled a new developer rig, as I work in memory hungry Visual Studio I need 16Gb of RAM and an SSD. For a while I considered buying a mac book pro, which would’ve been  higher quality and better performing but it also would have cost £900 more.

 

images

I ended up buying an HP ProDesk 400 G1 SFF, it comes with Windows 7 professional installed, 4Gb of RAM, an i5 2 core 3.2ghz processor and a 500Gb hard drive. I bought it from Ebuyer for £230, which is a bargain.

240-pindimmddr3kit-2I added 16Gb (2x8Gb) of ram from Crucial costing £80.  Performing a memory upgrade is easy as it is a very simple case to work with no tools needed to open it and most of the peripherals can be removed without tools. Although you’ll need a torx screwdriver if you intend swapping out any of the disks. This youtube video shows you how to do most maintenance tasks.

I added a 1Tb Samsung SSD from ebuyer. The installation of this was a bit fiddly because HP have a propriety disk mounting system and I wasn’t able to find an HP SSD mounting kit. I ended up buying a 3.5″ => 2.5″ adaptor bracket and I removed the existing 3.5″ drive and installed the SSD, one tip if you do this is you might want to mount the bracket upside down to raise the ssd up as the clearance is a bit tight. The drive cost £280 which is more than the pc, but having 900Gb of fast storage is handy and worth the premium to me.

 

649929-695894-290

I used Acronis True image to clone the original drive on to the new SSD this was  a bit fiddly and the software costs £25 but it seems to have worked and it automatically resized the boot partition. I think it is possible to do this with the windows tools but it will be even more fiddly.

Total cost for the rig is £590 not including the cost of the Acronis software. I’ve been using it for about a week now and it’s very quiet and stable and it runs very cool so if it stays like that I’ll be very happy.

 

Is your mind open or closed?

If you ask a hundred people if they are open minded I’m confident they will all say yes, I was one of them but a couple of events recently have made me question how open minded I am. The first event was Gamergate if you didn’t already hear about this it is basically an argument between some male members of the gaming community and some feminist members of the gaming community. I don’t want to get any more specific than that. Before Gamergate I’m ashamed to admit that I had a very two dimensional understanding of feminism. I had concluded that feminists used to have a point but Emily Pankhurst sorted it all out by getting herself killed and now women had the vote and were pretty much the equal of men in society. I guess ignorance is bliss, it wasn’t until I heard John Siracusa’s advice to listen to the what the women in the Gamergate were actually saying that my mind started to open to the possibility that sexism existed in the male dominated culture of gaming. Now that I have listened it almost seems obvious that things would be like that and that their efforts to try and change the culture to make it a more positive place for women to work. As a result of Gamergate I now follow a lot more feminists on twitter and I try to listen carefully to what they are saying, and I try to keep an open mind because being a white male I’m not going to be able to relate to their experiences. Twitter is great for revisiting your long held beliefs, you can instantly find someone who will challenge your belief and if your lucky they will enlighten you along the way. On occasion I have had to admit that after one of these conversations that I cannot relate to what the other person is saying but I will keep an open mind on the subject. I’m not agreeing or disagreeing but need time to digest what they have said and to compare it to my own experiences.

Politics People Process

As a developer with fifteen years experience one of the things I regret most, is not paying attention earlier in my career to improving my soft skills. I think I was either lucky or unlucky depending on how you look at it, to have mostly worked in small companies with small teams that had great attitudes and relatively little in the way of office politics. That said I am ashamed of my attitude as a developer back then. I can only think that I was able to get away with my behaviour because we developers were a much sought after resource. So what was my attitude like? Well to put it bluntly it stank. I had very little patience or respect for the end users of the systems I built. I had very little respect for the other departments in the company and I didn’t value their contribution to the business. I was generally arrogant and would try and steam roller conversations with users about bugs. I was very reluctant to admit when I had made a mistake.
So do I consider myself a changed man? Well the honest answer is a bit, but I think there is still a lot of room for improvement. Over the last few years I have started to realise that the software development business is a people business, I have read books like the Mythical Man Month and Peopleware and they have struck a chord with me. Also for the first time in my career I have found myself in an environment where all is not well in the development team, this has prompted me to think about the path that lead our team to where it is now and the mistakes that were made along the way. One thing I have noticed is that my attitude greatly affects my bosses perception of me. If I let my workload get so large that it starts to get on top of me and I start to get stressed this makes me a very unpleasant person to have to work with. I have learnt that it is important to be honest with myself about how much work I can get done. I have found my bosses prefer it when I am straight with them about when I will finish a piece of work even if the date is later than they would like. I have seen many of my colleagues fail to communicate this and end up working all the hours god sends to meet the deadline or at the very last minute confess that they will need more time. Both of these two outcomes are not sustainable, if they keep working all the hours god sends they will either have a nervous breakdown and or their personal relationships will suffer. If they keep delivering late then eventually there bosses will lose faith in them. I think confidence has a part to play in this, having the confidence to look your manager in the eye and tell them it will take six weeks to complete a task when you know they want it done in three requires a certain level of confidence. In that type of situation I always remind myself that when this piece of work is done there will be another that follows and if I want to enjoy my job then it is up to me to communicate with my manager honestly about what I can sustainably get done. Occasionally there are special circumstances that mean you have to put in extra hours to get something done to a specific deadline, but be very careful to examine the reasons given for this and satisfy yourself that they are genuine. In my experience managers often are too quick to play the this is an emergency card.
This post was inspired by the adage that People trump process and politics trump people. As engineers we would often prefer to ignore these invisible forces but they can greatly impact our working lives so it will benefit us to divert some of our attention to them.

Scaling your development team

This post is a collection of my thoughts and observations on what happens when you try and grow your development team. I want to apologise in advance for the rambling nature of this post but I wanted to put my recollections into text, I plan on refining the post over the coming weeks. If anything is unclear please ask for clarification on twitter or via email you can find both on my home page. These observations are anecdotal and are based on two of the teams I worked in.
The first I’ll call Team A, grew slowly over the course of several years. It was lead by a strong architect who had a clear vision for the system that the team were building, initially there were three other developers of which I was one and all three had considerably less development experience than the team’s leader. The development methodology used was waterfall with a release every couple of months. Requirements gathering was done by a member of the team who would meet with the client to discuss their needs then a design meeting would follow with the whole team present, to discuss how those requirements might be delivered. All members of the team would give their input but the leader would have the final say on how the solution would be developed. The team were collocated so once development started informal meetings would occur often if one of the team became blocked implementing the agreed design, if needed the design could be altered quickly based on the new information that had been gleaned. Over time this team built up a large amount of domain knowledge and the system matured. Over the course of five years the team grew to seven members. The newer members of the team needed a lot of assistance from the original four members to learn how the system worked and to learn how to add new features to it. The system was the classic tightly coupled ball of mud and the various modules were usually integrated via the database using stored procedures a classic anti pattern. There was limited documentation to help new developers understand the system. The system did not have any automated tests and there were no QA’s on the team. Developers would test their own work and then demo it to the client, when the client signed it off then the code would be deployed for user acceptance testing which would be carried out by the client. If any problems were uncovered by the client a patch would be deployed and retested. When all problems had been resolved then the code would be released to production.

The second team initially consisted of six members, it did not have a formal leader and it was tasked with rewriting the existing in house platform. Two of the team members were from an outsourcing company and were based in a different country and spoke english as a second language. The system was designed around SOA principles. The team set itself the goal of building a distributed system based on messaging, using continuous integration with automated deployment and automated testing. None of the six team members had built a system like this before, so an external consultant was brought in for the first few weeks to help get them on the right track. The team had a lot of domain knowledge because they had built the platform that was to be replaced. During the first six months many decisions had to be made about tooling and processes often the discussions ran on for many days about the best way of accomplishing a particular task, the lack of a formal leader meant that progress was impeded until there was a consensus, sometimes the various team members would be obstinate and it would take a long time to reach a consensus often the business would have to get involved and broker an agreement. The original estimate by the team for how long they would need to create an MVP was six months, this proved to be on the low side. When six months had elapsed it was clear that they were not close to delivering the new platform. At this point the business was suffering because the key developers of the original platform were unavailable to maintain and extend it. A decision was made to move three of the key developers back to the existing platform team and to hire new developers to work on the new platform. A decision was also made to expand the team and open an overseas office to hire new developers based there. This plan was executed aggressively and fifty new team members were hired over the next twelve months approximately half based at the HQ and the rest at the overseas office. The new recruits were experienced developers but they did not have any domain knowledge. A decision was also made to hire an architect to lead the team, he was based in the overseas office, he had lots of experience building distributed systems but had not worked in this domain before. Next a decision was made to adopt Scrum, none of the team had experience of scrum so an agile coach was brought in to help get the team up to speed. During the twelve months a lot of code was written but it lacked cohesion the three remaining original team members were overwhelmed by the number of new team members they could not hope to spend enough time explaining design decisions and rationale for how the system was built. The system was still being designed in places so sometimes that information was not available. This resulted in a code base that lacked cohesiveness, as new developers joined the team they were unable to deduce from the existing code the correct way to implement a feature because existing features did not follow the same patterns and conventions. This created a real problem because these new team members were unable to ask experienced team members as their time was already oversubscribed.
Lessons learned.
Team A was tight knitted they were very stable and had a common understanding of the “right” way to implement new features. The environment around them was relatively stable so they did not have to repeatedly implement features in new unfamiliar domains. The codebase they created was tightly coupled this made it difficult for new developers to write code unless they were given lots of support from experienced team members and it also meant that it would take several years before they would feel confident working in the codebase, especially as they had no tests or documentation to help them. Thankfully the need to rapidly scale this team up did not occur because it would have been impossible.
Team B was distributed between two sites and grew very quickly from six to fifty developers and QA’s. It had continuous integration, it also built automated and manual testing. As the team grew the codebase became in-cohesive, developers were doing their best but had no real way to know if the code the wrote followed the correct conventions. There were very few developers on the team who had any domain knowledge. For the majority of the first eighteen months there was no outright leader who could make decisions if a consensus could not be reached via debate. The majority of the team were inexperienced with the chosen SOA architecture. The result was a system where the team had to continuously fight to push code and were constantly trying to figure out why the build was red. Build, test and deploy times started to increase and the code base became tightly coupled when testing and deploying, soon developers were unable to test locally as there desktops did not have enough resources to deploy the full system. Later on when these problems became obvious and the team started trying to split the code out into separate repos and also to formalise dependencies this process reduced productivity even further. The end result was it took four years to deliver the the project to production and the business was unable to do any significant innovation during this time. During this time there was a very real chance of management losing all faith in the development team and canning the project, thankfully this didn’t happen. The highly unproductive environment did cause developers to leave which had a negative impact on the team.

A few points to consider
– When creating a new system always ponder how quickly the business intends to create new products and enter new markets. Provide feedback to the managment about the readiness of the development team and codebase to undergo expansion. If you can make the management team understand what you will have to do to expand the team then hopefully they will factor that into their plans for global domination.
– Money can get you access to the best engineers but it will not help new developers gel any quicker.
– If you are contemplating a complete re-write then consider who will support and develop the existing system and who will write the new system, how will you migrate existing customers and how will you run both in parallel whilst you migrate. Will hard won domain knowledge be available in the new team. These are really hard problems to solve. Always consider evolution away from the existing platform to the new design, it will often be quicker, less disruptive to the business and less risky.
Final thoughts
As software developers we often focus our attention on the technical challenges after all these are the sort of problems we enjoy solving. If you are working in a small team of six or less then that will normally be fine. The moment you are faced with the challenge of growing beyond that number you should start spending a considerable percentage of your time thinking about how the team will function well and how you need to organise the codebase to ensure the developers can remain productive. If you fail to do this you’ll lose the chance to work on solving the technical problems and you likely not enjoy your job.

New Gadget: Folding bluetooth keyboard from EC Technology

EC_Tech_Foldable_Bluetooth_Keyboard_review_2

I’m typing this post on my latest tech investment, a folding bluetooth keyboard which is connected to my iphone 5s. The motivation for purchasing it was to see If I would write more blog posts on my daily commute if I was able touch type. This is day one so I will have to wait and see. First impressions are that the keyboard works really well and IOS seems to be very keyboard friendly. I’m a windows person so I miss ability to ctrl-c / ctrl-v to copy and paste* and selecting text is a bit weird at times. One benefit I noticed immediately was that the onscreen keyboard disappeared. This means I get roughly twice as much text on screen when I am editing a post. The action on the keys is nice and I estimate that I am able to type at about 70-80% of my desktop speed, I’m hopeful that this will creep up as I get used to the layout of the keys. This is a lot faster than I could type using the on screen keyboard. Some of the keys are in a non standard place, I struggled with the right-hand shift key and the backspace key but the other keys were fine. I touch type at about sixty words per minute, I guess the faster you are the more restrictive you might find this keyboard.
When the keyboard is folded away it is about same size as my wife’s iPhone 6 plus so it is not uber portable but it will just fit in the inside pocket of my jacket. It is quite lightweight weighing less than my iPhone 5s. I purchased mine on Amazon for thirty pounds which given the build quality and refinement of the design I think this represents good value especially as this is a niche product. One minor annoyance occurred when I was reviewing a post I had just written, after about a minute after I stopped typing the keyboard seemed to go to sleep and IOS popped the on screen keyboard up. This made me lose my place, it’s not that big a deal as tapping any key on the keyboard instantly wakes it up and the on screen keyboard disappears. Occasionally the keyboard loses connectivity with the phone but it normally reconnects within a second or two. I have installed the WordPress for iPhone app and this makes it very easy for me to create or edit posts on my phone.
* Update: I discovered that you can put this keyboard into IOS mode and then use can use the “Win” key as you would the “Cmd” key on an apple keyboard. This means to copy text [Win]+[c] works fine, google IOS keyboard shortcuts to get a complete list.

Podcasts in 2014

Podcastlogo

2014 seemed like a breakthrough year for podcasting, for me personally it was the first time I had to make a decision to unsubscribe to some podcasts because I had to admit that I was never going to have the time to listen to them. I spend three hours a day commuting to and from work so in a good week I can consume about fifteen hours of podcasts.
The quality of the audio and content in the shows available today is now every bit as good as the professional media and the topics are a lot more niche. One of my favourite tech podcasts is hosted by three software developers, Marco Arment, John Siracusa and Casey Liss. They put out a weekly show where they discuss current events in tech. They are very interested in the Apple ecosystem but cover anything that catches their attention. I think the reason I like their show (Accidental Tech Podcast) is that they usually have different points of view but are very respectful of each other, this leads to some fascinating discussions. I’m a developer so naturally I find the things they discuss interesting.
A podcast that I have recently subscribed to is the London Fintech Podcast, hosted by Mike Baliman as the show’s name suggests this is focused on the financial services sector. Mike interviews people who work in the industry and are doing innovative things. I met Mike Briefly at a NewFinance meetup on digital currencies and he is a very intelligent and nice guy.
If you are completely new to podcasts and just want to try out a few then you could do a lot worse than subscribe to some of the NPR shows. My favourites are This American Life, Planet Money, Radiolab, Serial and Invisibilia. These shows really set the bar high in terms of their production quality and content.
The last thing I wanted to mention was the sponsors, most but not all of the shows I subscribe to read a 2 minute sponsor message every half hour. I don’t have a problem with this because it costs money to distribute a podcast and the hosts dedicate a lot of time to putting out their show. I have no way of knowing if any of the shows I subscribe to make a profit but my sense is that if they do it is a small one and the motivation for creating a show is not money. My only gripe is that there is currently a lack of diversity in the sponsors so you end up hearing the same message a lot, I think this will naturally go away as more and more advertisers become aware of podcasts as a way to reach new customers.
Finally I’m very excited about 2015 as I’m sure there will be some great discussion and stories from the shows I subscribe to and also some new and interesting shows created.