Joe Emison - 10X Product Development

14
10X Product Development Lessons Learned and Detailed Architectures from Building Two Serverless Applications @joeemison May 2016

Transcript of Joe Emison - 10X Product Development

Page 1: Joe Emison - 10X Product Development

10X Product DevelopmentLessons Learned and Detailed Architectures from Building Two Serverless Applications

@joeemisonMay 2016

Page 2: Joe Emison - 10X Product Development

Joe Emison @joeemison

ASSERTIONS

Product-market fit is paramount.

10X software developers do not exist.

10X product development does.

2

Page 3: Joe Emison - 10X Product Development

Joe Emison @joeemison

ASSERTIONS

• Spend development time on business-specific code

• Don’t make things people won’t use

• Don’t build things you can buy (rent)

• Stop regressions

• Maximize iterations with customers

• Big changes

• Frequent deploys

• Minimize dependences

• Don’t make developers wait (IT Ops, DBAs, Other Devs)

• Don’t make developers stop (incomplete specifications)

3

10X Product Development

Pick your development processes, staffing, and stack based on the above

Page 4: Joe Emison - 10X Product Development

Joe Emison @joeemison

COMMERCIAL SEARCH

• Zillow/Trulia/Realtor.com for Commercial Real Estate

• Demo: Search, Details, Find Broker, Login, Add Listing

4

https://www.commercialsearch.com/

Page 5: Joe Emison - 10X Product Development

Joe Emison @joeemison

COMMERCIAL SEARCH

5

https://www.commercialsearch.com/

Netlify- HTML

- CSS

- JS

Prerender.io

User BrowserAlgolia- Full Text Search

- Facet Search

- Geo Search

Auth Firebase

ETL / Queue Servers

Page 6: Joe Emison - 10X Product Development

Joe Emison @joeemison

COMMERCIAL SEARCH

• Launched in 4 months with 2 developers

• 13,307 lines of TypeScript

• 95%+ Developer Efficiency (developers deliver at estimates, few regressions)

• Conceptually: Microservices architecture, but we only wrote the core• If we were using ElasticSearch, we’d need a proxy middle tier between Angular and ES

• If we used a more traditional way of handling images (e.g., RoR with image-handling

libraries), we’d have another language and servers to support for availability (and have to

update for security)

• If we hosted our static assets on our own web server, we’d have those servers to support

for availability (and have to update for security)

6

https://www.commercialsearch.com/

Page 7: Joe Emison - 10X Product Development

Joe Emison @joeemison

LESSONS LEARNED / PAIN POINTS

• The Firebase dashboard has some limits with larger datasets (but API works fine)

• Developer learning curve from RDBMS to Firebase is non-trivial, but not insane

• Cloudinary configurations are non-obvious; need to use their (very good) support

• Algolia needs new dependent indices for each sort criteria/direction

7

Page 8: Joe Emison - 10X Product Development

Joe Emison @joeemison

PROPERTY TOUR PRO

• Tour Book (PDF, mobile web) generator for commercial

real estate brokers

• Demo: Login with LinkedIn, Add Property, View Amenities,

Crop Image, Export PDF

8

https://www.propertytourpro.com/

Page 9: Joe Emison - 10X Product Development

Joe Emison @joeemison

PROPERTY TOUR PRO

9

https://www.propertytourpro.com/

DocRaptor(PDF Generation)

User

Brower

Firebase

Auth0

Firebase Hosting- HTML

- CSS

- JS

Auth0 Webtask(simple secure JS code runner)

Page 10: Joe Emison - 10X Product Development

Joe Emison @joeemison

LESSONS LEARNED / PAIN POINTS

• Don’t use AngularFire – triple-binding just gets too slow

• CORS (and private API keys) means that you can’t hit third-party APIs

directly; use Webtask

• Auth0 is great, but documentation is frustrating

• DocRaptor doesn’t compress PDFs/images well, so you have to do that

through Cloudinary

10

Page 11: Joe Emison - 10X Product Development

Joe Emison @joeemison

WHY NOT AWS?

• AWS Serverless is about back-end processing, which we have largely outsourced• AWS Serverless is complicated: IAM + Cognito + API Gateway + Lambda

• Compare: Auth0 Webtask to Lambda + API Gateway + IAM + Cognito• Compare: Firebase to Lambda + API Gateway + IAM + Cognito + DynamoDB• Compare: Firebase Queues to Lambda + API Gateway + IAM + Cognito + SQS

• Serverless Framework, so many support libraries for Lambda are examples of what’s missing in the product

11

Page 12: Joe Emison - 10X Product Development

Joe Emison @joeemison

SECURITY

12

• Netlify

– Read-only assets (code for client)

• Algolia– Read-only based on API key shared with client

that has strict rate limits by session + IP

– Authenticated users could each have own API

key (but not implemented yet)

• Cloudinary– Images uploaded into moderated queue

(WebPurify human-driven moderation)

– Retrieval of images forced through watermarking

transformation

• Firebase– Advanced security rules evaluated as JavaScript

expressions; uses Firebase Auth

– Each listing has a set of users that can edit it

– User prefs only read / write by individual users

– Rate limits on retrieval

Page 13: Joe Emison - 10X Product Development

Joe Emison @joeemison

SECURITY

13

Page 14: Joe Emison - 10X Product Development

Joe Emison @joeemison

READ MORE / CONTACT ME

InformationWeek: http://j.mp/emisonIW

Network Computing: http://j.mp/emisonNC

The New Stack: http://j.mp/emisonTNS

14

@joeemison