Web design, development and other random things

January’s Book – It’s Not Rocket Science

The first book in my drive to read a book per month in 2013 was finished in plenty of time. Well, January 30th. And I think I gave myself a pretty easy ride for my first outing. It’s Not Rocket Science by Ben Miller is nice, easy going, popular science book, which really managed to strike a balance between fun and sciencey (for me anyway).

The book is prefaced with a note aimed at members of the potential readership who are, perhaps, less science-literate. Its aim is to reassure them that the book will be gentle and still of interest to those who aren’t familiar with the subjects at hand. I read this as a potential dumbing down of the subject matter, so proceeded with a slight amount of worry.

Thankfully my worries were ill-founded. The book skips around covering loads of content in enough detail to be interesting and engaging, without making your (or at least my) head hurt.

Topics covered included physics, astronomy, baking (!!), evolution, spending enough time on each subject without going into tedious detail. It covers some of the pertinent historical figures and key moments in the history of the sciences.

While I found the book enjoyable, I do wonder whether it achieved the goal of bringing science to the less well informed. I can’t imagine anyone who didn’t have a grounding and ongoing interest in these subjects anyway picking up this book and finding it fun. Not that that really bothers me.

Creating a Linux VPN server for iOS devices

Ever since I got my first iDevice, the iPhone 4, just over two years ago, I’ve been periodically looking at the VPN options contained in iOS. There are the usual PPTP and IPSec options, along with a Cisco logo, implying some kind of tie-in. Without a dedicated VPN access device, I was looking to use my existing linux server (Specifically, CentOS 6 on an AWS EC2 instance) for this purpose.

The reason I’ve looked into it “periodically” is that each time I’ve tried, I’ve failed to get anything working. Invariably I’ve turned to some form of pptp(d), but always hit a brick wall/got bored/had to move on to something else.

So I was quite intrigued to stumble upon an article a few days ago, entitled VPN With Amazon EC2 or Saving Your Phone From Promiscuity. I hadn’t come across this article before in my searches, and what was more interesting was that it was written specifically with and EC2-based server in mind, although I’m sure it would work on the vast majority of distros with only a little tweaking. I wasn’t even looking at VPNs when I found this, but it was too good an opportunity to pass up. Best of all, most of the commands/instructions given were just copy-and-paste echos to config files.

Within a few minutes I had the VPN up and running first time. Great!

I was aware that PPTP wasn’t the most secure of VPNs, which, to me, kind of defeats the purpose. A quick search found an interesting article – A death blow for PPTP – which detailed a service called CloudCracker, where, for $200 and a bit of work, the VPN keys could be cracked. Granted, it looked like a lot of work, and it went over my head completely, but if someone’s done it and documented it, it’s not really good enough for day-to-day security.

Looking at some of the alternatives, OpenVPN popped up. Open source version you can compile, or pre built binaries or machine images with license fees and a nice admin GUI. Up to 2 connections on for free on the licensed versions. Seemed OK. It wasn’t advertised as obviously IPSec or PPTP, so assumed it was some proprietary underlying technology.

I found an accompanying app on the iTunes store, and the screenshots indicated you used the app to set up the VPN, but it pulled up the “VPN” symbol in the iOS taskbar, indicating (to me at least), that it actually integrates with the VPN system within iOS. A quick look on the Apple developer forums, revealed something very interesting.

It turns out this app was released only a few days before I found it. It seems to make use of a private VPN API, and apps that have used it before have been turned down by Apple. Once configured within the app (simply by downloading the .ovpn file created when configuring OpenVPN on the server), it works seamlessly. It can be turned on and off by the VPN setting in iOS, but if you go into the VPN configuration, it tells you that the settings are managed by an app.

The only non-default setting I needed to specify on the OpenVPN server was in the User Permissions section, allowing the user to access 0.0.0.0/0 through the VPN. Apart formt hat, it was straight out of the box!

So having been trying to get a VPN working on my iPhone for two years, albeit on and off, I managed to set up two in the space of a couple of hours, the second of which I’m extremely happy with. If I’d done this a mere week earlier, the OpenVPN version would have been a non-starter thank to lack of iOS support, but it’s great that Apple have taken a step forward in allowing this kind of integration.

Data Gathering 2

In the last post in this series we had a brief introduction to some of the monitoring going on in our live Magento environment. I’ll look a bit more at the Google Analytics and the process to make this a more useful tool.

Magento hooks into GA as standard – simply adding a your tracking ID and turning it on in the backend will give set you off. And as it’s an ecommerce platform, it does all the ecommerce reporting too, giving GA access to your conversion rates, etc.

Better Page Speed Tracking

There are a few things we can do to make this a bit more useful. We’re primarily interested in site performance – ie, speed. GA does track this for you, but only on a random sample of 1% of the pages. This isn’t great, as it means you need a long time to get some truly representative data. Thankfully they offer the ability to increase this up to a maximum of 10%, simply by inserting this snippet into your tracking code:

_gaq.push(['_setSiteSpeedSampleRate',10]);

So now we’re getting more data about site speed. I’ve refrained from providing any metrics so far, but the site in question receives an average of 11,000 page views per day. So getting a daily sample of 1,100 speed reports (10%) as opposed to the default 110 makes a big difference.

Tracking Page Sources

These pages are all served up by two app servers based in the Uk Rackspace cloud, with a load balancer in front. The next thing we want to do is:

  • Make sure that pages are being distributed evenly between the two servers
  • Check both servers offer the same response time

We can do this through custom reporting and custom variables in GA.

//code to add hostname to GA
$gaHostname = gethostname();
if($gaHostname): ?>
    <!-- START CUSTOM GA VAR CODE -->
    <script>
    _gaq.push(['_setCustomVar', 1, 'Server Hostname', '<?php= $gaHostname; ?>', 3);
    </script>
    <!-- END CUSTOM GA VAR CODE -->
<?php endif;

We can then add a custom report in GA to show the page response time and page load time, filtered by each app server. The response time tells us how long it took the server to return the page, and load time tells us the total time for the page to load. Obviously we can do some simple maths to work out how long the page took to render, subtracting the response time from the load time. Once we've got some page speed data with the custom vars set, we'll be able to make sure both app servers are performing equally. We can also check the load balancer is evenly distributing page requests (OK, technically sessions) between the app servers.

Tracking Varnish

Although Varnish isn't in place yet on the server. We're going to set up tracking for it in advance. This is going to be done by adding a cookie through the vcl config file in the vcl_deliver section:

if (obj.hits > 0){
    set resp.http.Set-Cookie = "varnish_hm=HIT;path=/;";
}else{
    set resp.http.Set-Cookie = "varnish_hm=MISS;path=/;";
}

This can then be subsequently used by GA, in conjunction with jQuery and the jquery.cookie plugin:

varnishCookie = $JQ.cookie('varnish_hm');
if(varnishCookie != null) $JQ.removeCookie('varnish_hm');
_gaq.push(['_setCustomVar', 2, 'Varnish Stats', ((varnishCookie == null) ? 'None' : varnishCookie), 3]);

From this we’ll get a good idea of what percentage cache hits we’re getting.

Next time, we’ll take a look into a new tool in our box, New Relic. It features a JS plugin, much like GA, for real user monitoring (RUM) and a php plugin to pull out all sorts of info form the server. The focus here is very much on data gathering for performance as opposed to site statistics, and it will show us why GA doesn’t quite give us the whole picture.

New year Resolutions

  • Read more books
  • Exercise more, leading to…
  • Sprint distance triathlon this Summer
  • Blog more
  • Work more
  • Get something on the iOS App store
  • Go gliding
  • Eat better, leading to…
  • Lose more weight (14.5st currently, down from 16st earlier this year) and/or gain muscle mass

We’ll review in 12 months to see how well I managed to do!

twitter followers