Developing at Scale

developing
at
scale

View Slide

cjoudrey @

View Slide

View Slide

Scale?

View Slide

View Slide

employee count
275
550
825
1100
2011 2012 2013 2014 2015

View Slide

Journey of a new dev

View Slide

✓ quick & easy setup 
✓ reproducible 
✓ production-like
Dev environments

View Slide

pre 2012 — README.md with lots of Bash snippets
circa 2013 — Vagrant with shared Chef cookbooks
circa 2012 — GitHub's Boxen (Puppet recipes on local)
future — ?
Dev environments

View Slide

~ $ git clone [email protected]:Shopify/vagrant.git 
~ $ cd vagrant && vagrant up 
~/vagrant $ vagrant ssh
(vagrant) ~ $ git clone [email protected]:Shopify/shopify.git 
(vagrant) ~ $ cd shopify && script/setup
(vagrant) ~/shopify $ script/server

View Slide

~ $ git clone [email protected]:Shopify/vagrant.git 
~ $ cd vagrant && vagrant up 
~/vagrant $ vagrant ssh
(vagrant) ~ $ git clone [email protected]:Shopify/shopify.git 
(vagrant) ~ $ cd shopify && script/setup
(vagrant) ~/shopify $ script/server
✓ quick & easy setup 
✓ reproducible 
✓ production-like

View Slide

http://localhost:3000

View Slide

https://shop1.myshopify.com

View Slide

/etc/hosts
:3000
http://
Rails.env.development?

View Slide

https://shop1.myshopify.io
~ $ whois myshopify.io
Domain : myshopify.io
Status : Live
Expiry : 2016-12-16
~ $ openssl s_client -connect myshopify.io:443
CONNECTED(00000003)
depth=1 /C=US/O=DigiCert Inc/...

View Slide

Code

View Slide

Feature flags
class Shop < ActiveRecord::Base
include HasFeatureFlags
end
shop.flags.enabled?('free_ssl') # false
shop.flags.enable('free_ssl') 
shop.flags.enabled?('free_ssl') # true
FeatureRollout.enable('test_feature', 50)
shop.features.enabled?('test_feature') # true
shop2.features.enabled?('test_feature') # false

View Slide

A/B Tests
Verdict::Experiment.define :my_experiment do
# Block returns true if the subject
# is qualified to participate.
qualify { |subject, context| ... }
groups do
group :blue_button, 50
group :control, 50
end
storage Verdict::Storage::MemoryStorage.new
end
github.com/shopify/verdict

View Slide

A/B Tests
case Verdict[:my_experiment].switch(checkout)
when :blue_button
# ...
when :control
# ...
else
# unqualified subjects
end
github.com/shopify/verdict

View Slide

Secrets
I don’t even know where to start.

View Slide

Secrets
circa 2014 —
Secrets stored in encrypted data bags in Chef.
Devs pinged Ops to get secrets added/changed.
Hard to trace changes to secrets.
Hard to make changes.

View Slide

Secrets
circa 2014 —
Secrets stored in encrypted data bags in Chef.
Devs pinged Ops to get secrets added/changed.
Hard to trace changes to secrets.
tl;dr — It was pretty painful!

View Slide

Secrets — EJSON
github.com/shopify/ejson
now —
Secrets can be safely stored in app source.
Anyone has access to change/add secrets.
Only production servers can decrypt secrets.
Secrets change synchronously with app source.

View Slide

Secrets — EJSON
now —
Secrets can be safely stored in app source.
Anyone has access to change/add secrets.
Only production servers can decrypt secrets.
Secrets change synchronously with app source.
tl;dr — A lot better!

View Slide

Secrets — EJSON
$ ejson keygen
Public Key:
6623423a9492e68e12eeb1c705888aebdcc0080af7e594fc402b
eb24cce9d14f
Private Key:
75b80b4a693156eb435f4ed2fe397e583f461f09fd99ec2bd1bd
ef0a56cf6e64

View Slide

Secrets — EJSON
$ cat secrets.production.ejson
{
"_public_key": "6623423...",
"database_password": "1234password"
}

View Slide

Secrets — EJSON
$ ejson encrypt secrets.production.ejson
{
"_public_key": "6623423...",
"database_password": "EJ[1:WGj...]"
}

View Slide

Secrets — EJSON
{
"_public_key": "6623423...",
"database_password": "EJ[1:WGj...]",
"some_new_password": "something secret"
}
$ ejson encrypt secrets.production.ejson

View Slide

View Slide

Code reviews
✓ learn from peers 
✓ catch more bugs 
✓ code consistency

View Slide

View Slide

@shopify/checkout

View Slide

View Slide

Style Guides

View Slide

Style Guides
Can every language just have a "go fmt" so
we can stop arguing and get shit done.
Please, I'm begging you.

View Slide

github.com/bbatsov/rubocop

View Slide

RuboCop
$ rubocop test.rb
Inspecting 1 file
W
Offenses:
test.rb:1:5: C: Use snake_case for method names.
def badName
^^^^^^^
1 file inspected, 1 offense detected

View Slide

RuboCop
Fully configurable via .rubycop.yml
…because some things are personal.

View Slide

RuboCop
Style/StringLiterals:
Enabled: false
Style/IndentationWidth:
Width: 2

View Slide

RuboCop
$ rubocop --auto-correct test.rb
Inspecting 1 file
C
Offenses:
 
test.rb:2:1: C: [Corrected] Use 2 (not 0) spaces for indentation.
def badName 
test.rb:2:7: C: Use snake_case for method names.
def badName
^^^^^^^
1 file inspected, 2 offenses detected, 1 offense corrected

View Slide

View Slide

Policial
octokit = Octokit::Client.new(access_token: 'secret')
detective = Policial::Detective.new(octokit)
event = Policial::PullRequestEvent.new(webhook_payload)
detective.brief(event)
detective.investigate
detective.violations
github.com/volmer/policial

View Slide

Goal: Focus code reviews on logic,
design, architecture, the solution
itself and less on style.

View Slide

Shipping at scale
Locking • SSH access • Audit trail
Coordination • CI status

View Slide

pre 2013 — Ping #operations for a deploy (Capistrano)
circa 2014 — Shipit
circa 2013 — Rackspace's dreadnot
Shipping code at Shopify

View Slide

Shipit
github.com/shopify/shipit-engine

View Slide

View Slide

Measuring

View Slide

StatsD
github.com/etsy/statsd

View Slide

StatsD::Instrument
github.com/shopify/statsd-instrument

View Slide

Liquid::Template.extend StatsD::Instrument
Liquid::Template.statsd_measure :render,
'Liquid.Template.render'

View Slide

PaymentProcessingJob.statsd_count :perform,
'PaymentProcessingJob.processed'

View Slide

Developing at Scale

Developing at Scale

Christian Joudrey

More Decks by Christian Joudrey

Other Decks in Programming

Featured

Transcript