Joe Emison - 10X Product Development

Jun. 9, 2016

More Related Content

Similar to Joe Emison - 10X Product Development(20)


Joe Emison - 10X Product Development

  1. 10X Product Development Lessons Learned and Detailed Architectures from Building Two Serverless Applications @joeemison May 2016
  2. Joe Emison @joeemison ASSERTIONS Product-market fit is paramount. 10X software developers do not exist. 10X product development does. 2
  3. Joe Emison @joeemison ASSERTIONS • Spend development time on business-specific code • Don’t make things people won’t use • Don’t build things you can buy (rent) • Stop regressions • Maximize iterations with customers • Big changes • Frequent deploys • Minimize dependences • Don’t make developers wait (IT Ops, DBAs, Other Devs) • Don’t make developers stop (incomplete specifications) 3 10X Product Development Pick your development processes, staffing, and stack based on the above
  4. Joe Emison @joeemison COMMERCIAL SEARCH • Zillow/Trulia/ for Commercial Real Estate • Demo: Search, Details, Find Broker, Login, Add Listing 4
  5. Joe Emison @joeemison COMMERCIAL SEARCH 5 Netlify - HTML - CSS - JS User Browser Algolia - Full Text Search - Facet Search - Geo Search Auth Firebase ETL / Queue Servers
  6. Joe Emison @joeemison COMMERCIAL SEARCH • Launched in 4 months with 2 developers • 13,307 lines of TypeScript • 95%+ Developer Efficiency (developers deliver at estimates, few regressions) • Conceptually: Microservices architecture, but we only wrote the core • If we were using ElasticSearch, we’d need a proxy middle tier between Angular and ES • If we used a more traditional way of handling images (e.g., RoR with image-handling libraries), we’d have another language and servers to support for availability (and have to update for security) • If we hosted our static assets on our own web server, we’d have those servers to support for availability (and have to update for security) 6
  7. Joe Emison @joeemison LESSONS LEARNED / PAIN POINTS • The Firebase dashboard has some limits with larger datasets (but API works fine) • Developer learning curve from RDBMS to Firebase is non-trivial, but not insane • Cloudinary configurations are non-obvious; need to use their (very good) support • Algolia needs new dependent indices for each sort criteria/direction 7
  8. Joe Emison @joeemison PROPERTY TOUR PRO • Tour Book (PDF, mobile web) generator for commercial real estate brokers • Demo: Login with LinkedIn, Add Property, View Amenities, Crop Image, Export PDF 8
  9. Joe Emison @joeemison PROPERTY TOUR PRO 9 DocRaptor (PDF Generation) User Brower Firebase Auth0 Firebase Hosting - HTML - CSS - JS Auth0 Webtask (simple secure JS code runner)
  10. Joe Emison @joeemison LESSONS LEARNED / PAIN POINTS • Don’t use AngularFire – triple-binding just gets too slow • CORS (and private API keys) means that you can’t hit third-party APIs directly; use Webtask • Auth0 is great, but documentation is frustrating • DocRaptor doesn’t compress PDFs/images well, so you have to do that through Cloudinary 10
  11. Joe Emison @joeemison WHY NOT AWS? • AWS Serverless is about back-end processing, which we have largely outsourced • AWS Serverless is complicated: IAM + Cognito + API Gateway + Lambda • Compare: Auth0 Webtask to Lambda + API Gateway + IAM + Cognito • Compare: Firebase to Lambda + API Gateway + IAM + Cognito + DynamoDB • Compare: Firebase Queues to Lambda + API Gateway + IAM + Cognito + SQS • Serverless Framework, so many support libraries for Lambda are examples of what’s missing in the product 11
  12. Joe Emison @joeemison SECURITY 12 • Netlify – Read-only assets (code for client) • Algolia – Read-only based on API key shared with client that has strict rate limits by session + IP – Authenticated users could each have own API key (but not implemented yet) • Cloudinary – Images uploaded into moderated queue (WebPurify human-driven moderation) – Retrieval of images forced through watermarking transformation • Firebase – Advanced security rules evaluated as JavaScript expressions; uses Firebase Auth – Each listing has a set of users that can edit it – User prefs only read / write by individual users – Rate limits on retrieval
  13. Joe Emison @joeemison SECURITY 13
  14. Joe Emison @joeemison READ MORE / CONTACT ME InformationWeek: Network Computing: The New Stack: 14 @joeemison